Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Windows 7: Laptop friert oftmals ein

Windows 7: Laptop friert oftmals ein


Plagegeister aller Art und deren Bekämpfung: Windows 7: Laptop friert oftmals ein

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 2 1 2
Alt 19.12.2016, 16:25   #1
Divitius
 
Windows 7: Laptop friert oftmals ein - Standard

Windows 7: Laptop friert oftmals ein


Hallo liebes TB

Nachdem ihr damals meiner Mutter geholfen habt und ich selber Versage hoffe ich das ihr mir Weiterhelfen könnt.

Mein problem ist folgendes: Mein Win 7 Laptop(32bit) hat seit ca 3 Wochen nun immer häufiger das Gefühl einfrieren zu müssen. Dabei ist es egal ob ich im Internet surfe oder ein Spiel spiele. Wenn er Lust hat, friert er dann ein. Da half für mich meist immer 5 Minuten warten, oder gar den laptop komplett auszumachen, da sich einfach nichts mehr getan hat.

Ich habe regelmäßig Updates gezogen, halte Jeden Freitag meinen Scan mit dem Malwarebytes und dem Security Essentials von Microsoft. Nur am 11.12 gab es einen Fund, zu vor jedoch nie. Daher hoffe ich das ihr mir behilflich sein könnt den Fehler bei meinem laptop zu finden.

Dabei mein Fundlog des Malwarebytes.

MFG Div

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 10.12.2016
Suchlaufzeit: 18:03
Protokolldatei: Scan.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.12.10.06
Rootkit-Datenbank: v2016.11.20.01
Lizenz: Premium-Version
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: flkr2104

Suchlauftyp: Benutzerdefinierter Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 513996
Abgelaufene Zeit: 6 Std., 49 Min., 29 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Tiefer Rootkit-Suchlauf: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 5
PUP.Optional.PlusHD, C:\Windows\System32\DriverStore\FileRepository\msgplusdriver.inf_x86_neutral_ba3eb3fc7c1cf303\i386\MsgPlusDriver.sys, In Quarantäne, [b7f717ce801afd393cc2657adf2449b7], 
PUP.Optional.PlusHD, C:\Program Files\Yuna Software\Messenger Plus!\MsgPlusDriver\amd64\MsgPlusDriver.sys, In Quarantäne, [634bb2335b3f2c0ab34b07d86f9430d0], 
PUP.Optional.PlusHD, C:\Program Files\Yuna Software\Messenger Plus!\MsgPlusDriver\i386\MsgPlusDriver.sys, In Quarantäne, [6f3f17ce74267abc23db11ce0ef52fd1], 
PUP.Optional.PlusHD, C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusDriver\amd64\MsgPlusDriver.sys, In Quarantäne, [822c667f5347b284c836de01a261d52b], 
PUP.Optional.PlusHD, C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusDriver\i386\MsgPlusDriver.sys, In Quarantäne, [dbd3e10462383df90af48a559a692fd1], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Alt 19.12.2016, 18:41   #2
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Windows 7: Laptop friert oftmals ein - Standard

Windows 7: Laptop friert oftmals ein




Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.



Los geht's:

Schritt 1


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________
Alt 19.12.2016, 20:47   #3
Divitius
 
Windows 7: Laptop friert oftmals ein - Standard

Windows 7: Laptop friert oftmals ein


So, dann die FRST


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-12-2016
Ran by flkr2104 (administrator) on UNGOEB-U1260RT5 (19-12-2016 20:34:19)
Running from C:\Users\flkr2104\Desktop
Loaded Profiles: flkr2104 (Available Profiles: flkr2104 & Administrator & DefaultAppPool)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) Language: Norsk, bokmål (Norge)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Windows\Runservice.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\OfficeScan Client\NTRtScan.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Trend Micro Inc.) C:\Program Files\Trend Micro\OfficeScan Client\TmListen.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\OfficeScan Client\PccNTMon.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Akamai Technologies, Inc.) C:\Users\flkr2104\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Akamai Technologies, Inc.) C:\Users\flkr2104\AppData\Local\Akamai\netsession_win.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\OfficeScan Client\TmProxy.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\BM\TMBMSRV.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\OfficeScan Client\TmPfw.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [QLBController] => C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe [318520 2011-05-13] (Hewlett-Packard Company)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [OfficeScanNT Monitor] => C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe [1533720 2013-11-20] (Trend Micro Inc.)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1002984 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2444016 2013-10-30] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [1667164 2000-01-01] (IDT, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoAutorun] 1
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\Run: [Akamai NetSession Interface] => C:\Users\flkr2104\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6775512 2016-06-10] (Piriform Ltd)
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {020048ac-b58c-11e6-9e05-68a3c484513c} - E:\Autorun.exe
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {1788b050-b8af-11e6-9092-68a3c484513c} - E:\setup.exe
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {2bf59e40-ca7f-11e1-8c9d-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {45cf754d-af17-11e5-83e2-68a3c484513c} - E:\setup.exe
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {5a673a96-e715-11e4-83ac-68a3c484513c} - E:\Setup.exe
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {5a673a9a-e715-11e4-83ac-68a3c484513c} - F:\RunGame.exe
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {8973e3ae-fe4c-11e4-a044-68a3c484513c} - E:\AutoRun.exe
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {a055b961-4b69-11e6-9d5e-68a3c484513c} - F:\Autorun.exe
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {b2286f40-32fb-11e1-bea2-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {dec291b3-db35-11e4-a209-68a3c484513c} - E:\Autorun.exe
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {ff282818-2118-11e3-b096-68a3c484513c} - E:\PCSTART.exe
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\flkr2104\AppData\Local\MEGAsync\ShellExtX32.dll [2016-12-17] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\flkr2104\AppData\Local\MEGAsync\ShellExtX32.dll [2016-12-17] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\flkr2104\AppData\Local\MEGAsync\ShellExtX32.dll [2016-12-17] ()
Startup: C:\Users\flkr2104\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-12-17]
ShortcutTarget: MEGAsync.lnk -> C:\Users\flkr2104\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2F6908F7-5324-4907-AB61-36D8C47D8549}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{F3075377-C443-41F3-883B-A8B479B982D7}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{FA72C645-2B03-425E-AAB6-80878F656836}: [DhcpNameServer] 192.168.8.1 192.168.8.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1113328611-58381748-87005590-109325\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1113328611-58381748-87005590-109325\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.oppland.no
HKU\S-1-5-21-1113328611-58381748-87005590-109325\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/
URLSearchHook: HKU\S-1-5-21-1113328611-58381748-87005590-109325 - (No Name) - {37483b40-c254-4a72-bda4-22ee90182c1e} -  No File
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-1113328611-58381748-87005590-109325 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKU\S-1-5-21-1113328611-58381748-87005590-109325 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\OfficeScan Client\TmIEPlg.dll [2013-07-01] (Trend Micro Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-10-20] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-20] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1113328611-58381748-87005590-109325 -> No Name - {37483B40-C254-4A72-BDA4-22EE90182C1E} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\OfficeScan Client\TmIEPlg.dll [2013-07-01] (Trend Micro Inc.)

FireFox:
========
FF DefaultProfile: 8wvhcelo.default
FF ProfilePath: C:\Users\flkr2104\AppData\Roaming\Mozilla\SeaMonkey\Profiles\8wvhcelo.default [2016-12-19]
FF Extension: (DOM Inspector) - C:\Users\flkr2104\AppData\Roaming\Mozilla\SeaMonkey\Profiles\8wvhcelo.default\Extensions\inspector@mozilla.org [2016-05-08]
FF Extension: (ChatZilla) - C:\Users\flkr2104\AppData\Roaming\Mozilla\SeaMonkey\Profiles\8wvhcelo.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2015-12-06]
FF ProfilePath: C:\Users\flkr2104\AppData\Roaming\Mozilla\Firefox\Profiles\5azmg5ch.default-1466284182788 [2016-12-19]
FF Homepage: Mozilla\Firefox\Profiles\5azmg5ch.default-1466284182788 -> hxxps://www.google.de/
FF Extension: (YouTube Download Plus) - C:\Users\flkr2104\AppData\Roaming\Mozilla\Firefox\Profiles\5azmg5ch.default-1466284182788\Extensions\addon@ytdownloader.info.xpi [2016-09-03]
FF Extension: (MEGA) - C:\Users\flkr2104\AppData\Roaming\Mozilla\Firefox\Profiles\5azmg5ch.default-1466284182788\Extensions\firefox@mega.co.nz.xpi [2016-12-08]
FF Extension: (WebSocket Monitor) - C:\Users\flkr2104\AppData\Roaming\Mozilla\Firefox\Profiles\5azmg5ch.default-1466284182788\Extensions\websocketmonitor@getfirebug.com.xpi [2016-09-28]
FF Extension: (Adblock Plus) - C:\Users\flkr2104\AppData\Roaming\Mozilla\Firefox\Profiles\5azmg5ch.default-1466284182788\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF HKLM\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\OfficeScan Client\FirefoxExtension
FF Extension: (Trend Micro NSC Firefox Extension) - C:\Program Files\Trend Micro\OfficeScan Client\FirefoxExtension [2016-11-04] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-13] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-20] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-09-27] ()
FF Plugin: @raidcall.com/RCplugin -> C:\Users\flkr2104\AppData\LocalLow\raidcall\plugins\webplugin.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files\Veetle\plugins\npVeetle.dll [2012-01-14] (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files\Veetle\Player\npvlc.dll [2012-01-14] (Veetle Inc)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1113328611-58381748-87005590-109325: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\flkr2104\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-28] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1113328611-58381748-87005590-109325: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-09-27] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2016-10-29]

Chrome: 
=======
CHR DefaultProfile: Default
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\55.0.2883.87\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\55.0.2883.87\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\55.0.2883.87\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll => No File
CHR Plugin: (vShare.tv plug-in) - C:\Users\flkr2104\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll => No File
CHR Plugin: (vShare.tv plug-in) - C:\Program Files\Mozilla Firefox\plugins\npvsharetvplg.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll => No File
CHR Plugin: (Java(TM) Platform SE 6 U24) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll => No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll ()
CHR Plugin: (Veetle TV Player) - C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
CHR Plugin: (Veetle TV Core) - C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll => No File
CHR Plugin: (Unity Player) - C:\Users\flkr2104\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Raidcall plugin) - C:\Users\flkr2104\AppData\LocalLow\raidcall\plugins\webplugin.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File
CHR Profile: C:\Users\flkr2104\AppData\Local\Google\Chrome\User Data\Default [2016-12-19]
CHR Extension: (Adblock Plus) - C:\Users\flkr2104\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\flkr2104\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\flkr2104\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-17]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <no Path/update_url>
CHR HKLM\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\flkr2104\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2013-10-17]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-10-04] (BitRaider, LLC)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279024 2014-01-30] (Intel Corporation)
R2 hpHotkeyMonitor; C:\Program Files\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [317496 2011-05-13] (Hewlett-Packard Company)
R3 ICCS; C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752 2012-04-24] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [461024 2012-03-07] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-04-10] (Intel Corporation)
R2 LicCtrlService; C:\Windows\runservice.exe [2560 2012-07-04] () [File not signed]
S4 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239184 2014-02-15] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [103696 2016-11-14] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280864 2016-11-14] (Microsoft Corporation)
S3 npggsvc; C:\Windows\system32\GameMon.des [5150552 2013-03-19] (INCA Internet Co., Ltd.)
R2 ntrtscan; C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe [2320640 2013-11-16] (Trend Micro Inc.)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2119688 2016-12-12] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files\Origin\OriginWebHelperService.exe [2180624 2016-12-12] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2015-03-21] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [307282 2000-01-01] (IDT, Inc.) [File not signed]
R3 TMBMServer; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [345112 2013-10-23] (Trend Micro Inc.)
R2 tmlisten; C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe [2272488 2013-12-17] (Trend Micro Inc.)
R3 TmPfw; C:\Program Files\Trend Micro\OfficeScan Client\TmPfw.exe [497272 2011-04-15] (Trend Micro Inc.)
R3 TmProxy; C:\Program Files\Trend Micro\OfficeScan Client\TmProxy.exe [689176 2013-07-01] (Trend Micro Inc.)
R2 vcsFPService; C:\Windows\system32\vcsFPService.exe [2762032 2011-03-24] (Validity Sensors, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 BRSptSvc; "C:\ProgramData\BitRaider\BRSptSvc.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [83872 2016-08-27] ()
S3 BRDriver_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver.sys [66824 2016-10-15] (BitRaider)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [26168 2015-12-31] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [40504 2016-07-18] (Disc Soft Ltd)
S3 dtscsi; C:\Windows\System32\Drivers\dtscsi.sys [223128 2013-02-26] (DT Soft Ltd.) [File not signed]
R2 giveio; C:\Windows\system32\giveio.sys [5248 1996-04-03] () [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2016-08-27] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [46080 2011-11-10] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [252808 2016-08-25] (Microsoft Corporation)
R1 MpKsla9e728b5; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{04995F5A-3B11-494D-9F87-43DC52814C96}\MpKsla9e728b5.sys [39168 2016-12-19] (Microsoft Corporation)
R1 MpKslfc08889b; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{04995F5A-3B11-494D-9F87-43DC52814C96}\MpKslfc08889b.sys [39168 2016-12-19] (Microsoft Corporation)
R3 netr28; C:\Windows\System32\DRIVERS\netr28.sys [2075792 2014-12-10] (MediaTek Inc.)
S4 secdrv; C:\Windows\system32\Drivers\secdrv.sys [11973 2016-07-23] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [2484552 2015-07-16] (Sonix Tech. Co., Ltd.)
R2 speedfan; C:\Windows\system32\speedfan.sys [24184 2012-12-29] (Almico Software)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324152 2016-07-18] (Duplex Secure Ltd.)
R1 SSHDRV85; C:\Windows\system32\drivers\SSHDRV85.sys [78848 2013-12-29] () [File not signed]
R2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [75600 2013-08-29] (Trend Micro Inc.)
R2 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [263072 2013-09-02] (Trend Micro Inc.)
R2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [62704 2013-08-29] (Trend Micro Inc.)
R2 TmFilter; C:\Program Files\Trend Micro\OfficeScan Client\TmXPFlt.sys [294152 2015-07-02] (Trend Micro Inc.)
R1 TmLwf; C:\Windows\System32\DRIVERS\tmlwf.sys [146232 2012-06-21] (Trend Micro Inc.)
R2 TmPreFilter; C:\Program Files\Trend Micro\OfficeScan Client\TmPreFlt.sys [38152 2015-07-02] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [90712 2013-06-18] (Trend Micro Inc.)
R2 tmWfp; C:\Windows\System32\DRIVERS\tmwfp.sys [282936 2012-06-21] (Trend Micro Inc.)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2014-07-28] (Apple, Inc.) [File not signed]
R2 VSApiNt; C:\Program Files\Trend Micro\OfficeScan Client\VSApiNt.sys [1608744 2015-07-02] (Trend Micro Inc.)
S3 xnacc; C:\Windows\System32\DRIVERS\xnacc.sys [465408 2009-07-14] (Microsoft Corporation)
S3 BRDriver; \??\C:\ProgramData\BitRaider\BRDriver.sys [X]
S3 BTMCOM; System32\Drivers\btmcom.sys [X]
S3 BTMUSB; System32\Drivers\btmusb.sys [X]
S3 cleanhlp; \??\C:\EEK\bin\cleanhlp32.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 vtany; \??\C:\Windows\vtany.sys [X]
S3 XDva404; \??\C:\Windows\system32\XDva404.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-19 20:34 - 2016-12-19 20:36 - 00025938 _____ C:\Users\flkr2104\Desktop\FRST.txt
2016-12-19 20:33 - 2016-12-19 20:34 - 00000000 ____D C:\FRST
2016-12-19 20:32 - 2016-12-19 20:32 - 01762304 _____ (Farbar) C:\Users\flkr2104\Desktop\FRST.exe
2016-12-19 16:17 - 2016-12-19 16:19 - 00002071 _____ C:\Users\flkr2104\Desktop\Scan.txt
2016-12-18 15:48 - 2016-12-18 16:28 - 00000000 ____D C:\Users\flkr2104\Documents\FUSSBALL MANAGER 16-17
2016-12-18 15:48 - 2016-12-18 15:48 - 00001169 _____ C:\Users\flkr2104\Desktop\FM17 Editor.lnk
2016-12-18 15:48 - 2016-12-18 15:48 - 00001159 _____ C:\Users\flkr2104\Desktop\FIFA Manager  17.lnk
2016-12-18 15:48 - 2016-12-18 15:48 - 00001149 _____ C:\Users\flkr2104\Desktop\FM17 Auflösung.lnk
2016-12-18 15:26 - 2016-12-18 15:26 - 00000000 ____D C:\Users\flkr2104\Documents\FUSSBALL MANAGER 13
2016-12-18 14:26 - 2016-12-18 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FUSSBALL MANAGER 13
2016-12-17 22:10 - 2016-12-17 22:10 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-12-16 20:49 - 2016-12-16 20:49 - 00000000 ____D C:\Users\flkr2104\Downloads\FC Basel
2016-12-13 16:53 - 2016-12-13 16:53 - 00191002 _____ C:\Users\flkr2104\Downloads\2016-11-24--Uebersichtsplan-Linie-10-via-Kauslund.pdf
2016-12-12 09:35 - 2016-12-12 09:35 - 00000000 ____D C:\AeriaGames
2016-12-12 09:03 - 2016-12-12 09:03 - 00000000 ____D C:\ProgramData\Aeria Games
2016-12-12 09:01 - 2016-12-12 09:01 - 00001952 _____ C:\Users\Public\Desktop\Aeria Ignite.lnk
2016-12-12 09:01 - 2016-12-12 09:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
2016-12-12 09:01 - 2016-12-12 09:01 - 00000000 ____D C:\Program Files\Aeria Games
2016-12-12 08:59 - 2016-12-12 08:59 - 00000000 ____D C:\Users\flkr2104\AppData\Roaming\Aeria Games & Entertainment
2016-12-12 08:49 - 2016-12-18 13:48 - 00000000 ____D C:\Program Files\Origin Games
2016-12-10 15:44 - 2016-09-12 21:54 - 00067816 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-12-10 15:44 - 2016-09-12 21:49 - 01017856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-12-10 15:44 - 2016-09-09 16:53 - 01406976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-12-10 15:44 - 2016-09-09 16:53 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-12-10 15:44 - 2016-09-09 16:53 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-12-10 15:44 - 2016-09-09 16:53 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-12-10 15:44 - 2016-09-09 16:53 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-12-10 15:44 - 2016-09-09 16:53 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-12-10 15:44 - 2016-09-09 16:53 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-12-10 15:43 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-12-10 15:43 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-12-10 15:43 - 2016-10-11 16:24 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-12-10 15:43 - 2016-10-11 16:24 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-12-10 15:43 - 2016-10-11 16:21 - 01310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 01062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-12-10 15:43 - 2016-10-11 15:55 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-12-10 15:43 - 2016-10-11 15:55 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-12-10 15:43 - 2016-10-11 15:55 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-12-10 15:43 - 2016-10-11 15:55 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-12-10 15:43 - 2016-10-11 15:53 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-12-10 15:43 - 2016-10-11 15:51 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-12-10 15:43 - 2016-10-11 15:51 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-10 15:43 - 2016-10-11 15:51 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-10 15:43 - 2016-10-11 15:51 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-10 15:43 - 2016-10-11 15:50 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-12-10 15:43 - 2016-10-11 15:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-12-10 15:43 - 2016-10-11 15:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-12-10 15:43 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\system32\locale.nls
2016-12-10 15:43 - 2016-10-08 14:05 - 00534600 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-12-10 15:43 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-10 15:43 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-12-10 15:42 - 2016-10-11 16:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-12-10 15:42 - 2016-10-11 16:18 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-12-10 15:42 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-12-10 15:42 - 2016-10-11 16:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-12-10 15:42 - 2016-10-11 16:18 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-12-10 15:42 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-12-10 15:42 - 2016-10-11 16:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-12-10 15:42 - 2016-10-11 16:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-12-10 15:42 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-12-10 15:42 - 2016-10-11 15:55 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-12-10 15:42 - 2016-10-11 15:50 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-12-10 15:42 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-12-10 15:42 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-12-10 15:40 - 2016-11-02 16:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-12-10 15:40 - 2016-11-02 16:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-12-10 15:40 - 2016-11-02 16:16 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-12-10 15:40 - 2016-11-02 16:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-12-10 15:40 - 2016-11-02 15:53 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-12-10 15:40 - 2016-10-28 04:14 - 00346320 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-12-10 15:40 - 2016-10-27 16:05 - 20304896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-10 15:40 - 2016-10-27 15:16 - 00689664 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-12-10 15:40 - 2016-10-25 15:54 - 02399744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-10 15:40 - 2016-10-22 18:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-12-10 15:40 - 2016-10-22 18:53 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-12-10 15:40 - 2016-10-22 18:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-12-10 15:40 - 2016-10-22 18:36 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-12-10 15:40 - 2016-10-22 18:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-10 15:40 - 2016-10-22 18:35 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-12-10 15:40 - 2016-10-22 18:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-12-10 15:40 - 2016-10-22 18:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-10 15:40 - 2016-10-22 18:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-12-10 15:40 - 2016-10-22 18:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-12-10 15:40 - 2016-10-22 18:22 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-12-10 15:40 - 2016-10-22 18:21 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-10 15:40 - 2016-10-22 18:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-12-10 15:40 - 2016-10-22 18:21 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-12-10 15:40 - 2016-10-22 18:20 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-12-10 15:40 - 2016-10-22 18:13 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-10 15:40 - 2016-10-22 18:09 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-12-10 15:40 - 2016-10-22 18:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-10 15:40 - 2016-10-22 18:03 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-12-10 15:40 - 2016-10-22 17:59 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-12-10 15:40 - 2016-10-22 17:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-10 15:40 - 2016-10-22 17:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-10 15:40 - 2016-10-22 17:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-12-10 15:40 - 2016-10-22 17:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-12-10 15:40 - 2016-10-22 17:45 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-10 15:40 - 2016-10-22 17:44 - 04608000 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-10 15:40 - 2016-10-22 17:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-10 15:40 - 2016-10-22 17:43 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-12-10 15:40 - 2016-10-22 17:30 - 13654016 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-10 15:40 - 2016-10-22 17:12 - 02444800 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-10 15:40 - 2016-10-22 17:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-10 15:40 - 2016-10-22 17:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-10 15:40 - 2016-10-15 16:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-12-10 15:40 - 2016-10-15 16:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-12-10 15:40 - 2016-10-11 16:24 - 00250600 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-12-10 15:40 - 2016-10-11 16:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-12-10 15:40 - 2016-10-11 16:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-12-10 15:40 - 2016-10-11 16:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-12-10 15:40 - 2016-10-11 16:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-12-10 15:40 - 2016-10-11 16:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-12-10 15:40 - 2016-10-11 16:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-12-10 15:40 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-12-10 15:40 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-12-10 15:40 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-12-10 15:40 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-12-10 15:40 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-12-10 15:40 - 2016-10-11 16:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-12-10 15:40 - 2016-10-11 14:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-12-10 15:40 - 2016-10-07 16:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-12-10 15:40 - 2016-10-07 16:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-12-10 15:40 - 2016-10-07 16:12 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2016-12-10 15:40 - 2016-10-07 16:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-12-10 15:40 - 2016-10-05 15:50 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-12-10 15:40 - 2016-09-15 15:51 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-12-10 15:40 - 2016-09-13 16:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-12-10 15:40 - 2016-09-12 21:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-12-10 15:40 - 2016-09-12 20:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-12-10 15:40 - 2016-09-12 20:08 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-12-10 15:40 - 2016-09-09 19:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-12-10 15:40 - 2016-09-08 21:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-12-10 15:40 - 2016-09-08 21:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-12-10 15:40 - 2016-09-08 15:49 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-12-10 15:40 - 2016-09-08 15:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-12-10 15:40 - 2016-08-21 14:05 - 00935424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-12-03 12:00 - 2016-11-15 21:44 - 00014299 _____ C:\Users\flkr2104\Downloads\Saison 3.xlsx
2016-12-03 12:00 - 2016-11-13 11:59 - 00012272 _____ C:\Users\flkr2104\Downloads\MeinUmfeld.xlsx
2016-11-19 10:48 - 2016-12-19 18:43 - 00000000 ____D C:\Users\flkr2104\AppData\LocalLow\Mozilla

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-19 19:50 - 2012-04-03 08:46 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-19 16:18 - 2009-07-14 05:34 - 00032224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-19 16:18 - 2009-07-14 05:34 - 00032224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-19 16:14 - 2014-12-08 23:37 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-19 16:08 - 2012-07-04 00:17 - 00002689 ___SH C:\Windows\system32\mmf.sys
2016-12-19 16:08 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-19 15:50 - 2016-08-24 08:18 - 00000000 ____D C:\Program Files\Steam
2016-12-19 15:50 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-12-19 15:02 - 2012-01-14 21:49 - 00000000 ____D C:\Users\flkr2104\AppData\Roaming\Skype
2016-12-19 14:16 - 2010-11-21 00:42 - 00661468 _____ C:\Windows\system32\perfh014.dat
2016-12-19 14:16 - 2010-11-21 00:42 - 00153528 _____ C:\Windows\system32\perfc014.dat
2016-12-19 14:16 - 2010-11-20 22:01 - 01808420 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-18 15:36 - 2016-08-25 17:44 - 00000000 ____D C:\Users\flkr2104\Documents\MEGAsync Downloads
2016-12-18 15:27 - 2014-09-19 22:39 - 00000000 ____D C:\ProgramData\Origin
2016-12-18 15:26 - 2016-09-10 18:56 - 00000000 ____D C:\Users\flkr2104\AppData\Roaming\Origin
2016-12-18 14:26 - 2009-07-14 05:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-12-17 21:31 - 2012-08-11 18:35 - 00000132 _____ C:\Users\flkr2104\AppData\Roaming\Adobe PNG Format CS5 Prefs
2016-12-15 21:41 - 2012-07-19 15:19 - 00002101 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-15 16:41 - 2012-05-04 20:57 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-12-14 17:27 - 2016-11-18 18:14 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-12-14 16:28 - 2013-12-28 23:17 - 00000000 ____D C:\Users\flkr2104\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-12-13 21:50 - 2012-04-03 08:46 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-12-13 21:50 - 2011-09-15 07:55 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-12-13 21:50 - 2011-08-02 09:22 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-13 15:38 - 2012-05-16 20:09 - 00183112 _____ C:\Windows\system32\PnkBstrB.exe
2016-12-13 15:38 - 2012-05-16 20:09 - 00183112 _____ C:\Windows\system32\PnkBstrB.ex0
2016-12-13 15:38 - 2012-05-16 20:09 - 00138184 _____ C:\Windows\system32\Drivers\PnkBstrK.sys
2016-12-12 09:54 - 2016-06-17 23:23 - 00000000 ____D C:\Users\flkr2104\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2016-12-12 09:01 - 2012-09-12 17:53 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin
2016-12-12 08:45 - 2016-09-10 18:46 - 00000000 ____D C:\Program Files\Origin
2016-12-10 16:58 - 2011-09-22 20:10 - 00000000 ____D C:\Program Files\GIMP-2.0
2016-12-10 16:58 - 2011-08-24 10:03 - 00000000 ____D C:\Users\flkr2104
2016-12-10 16:31 - 2009-07-14 05:33 - 00543848 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-10 16:28 - 2014-12-26 03:45 - 00000000 ____D C:\Windows\system32\appraiser
2016-12-10 16:28 - 2014-04-24 15:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-12-10 16:21 - 2013-03-16 19:22 - 00002083 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-12-10 16:21 - 2013-03-16 19:22 - 00001912 _____ C:\Windows\epplauncher.mif
2016-12-10 16:20 - 2013-09-06 11:43 - 00000000 ____D C:\Windows\system32\MRT
2016-12-10 16:20 - 2013-03-16 19:22 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-12-10 16:02 - 2011-10-11 22:28 - 138444440 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-03 23:00 - 2011-08-08 10:23 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-12-03 20:19 - 2012-01-25 14:32 - 00330240 _____ (Trend Micro Inc.) C:\Windows\RegBootClean.exe
2016-12-02 21:26 - 2012-03-21 13:00 - 00000000 ____D C:\Windows\system32\directx
2016-12-02 21:23 - 2012-03-21 13:00 - 00000000 ___HD C:\Windows\msdownld.tmp
2016-11-25 14:39 - 2015-10-12 11:25 - 00000000 ___HD C:\Program Files\Common Files\EAInstaller
2016-11-23 20:40 - 2016-02-17 22:03 - 00000000 ___RD C:\Program Files\Skype
2016-11-23 20:40 - 2012-01-14 21:49 - 00000000 ____D C:\ProgramData\Skype

==================== Files in the root of some directories =======

2012-09-15 19:30 - 2012-09-14 07:30 - 0000044 ____H () C:\Program Files\e1697bb7.tmp
2012-06-09 10:39 - 2007-12-01 16:22 - 0315392 _____ () C:\Program Files\GMLMatting.8bf
2012-06-09 10:39 - 2012-06-09 10:39 - 0000053 _____ () C:\Program Files\GMLMatting.ini
2014-08-17 13:05 - 2014-08-17 13:15 - 6010880 _____ () C:\Program Files\GUT1FAF.tmp
2014-10-03 23:16 - 2014-10-03 23:16 - 0000132 _____ () C:\Users\flkr2104\AppData\Roaming\Adobe BMP Format CS5 Prefs
2012-08-11 18:35 - 2016-12-17 21:31 - 0000132 _____ () C:\Users\flkr2104\AppData\Roaming\Adobe PNG Format CS5 Prefs
2012-08-15 19:00 - 2015-06-05 23:37 - 0000132 _____ () C:\Users\flkr2104\AppData\Roaming\Adobe Targa Format CS5 Prefs
2014-06-11 22:30 - 2014-06-11 22:30 - 0000097 _____ () C:\Users\flkr2104\AppData\Roaming\LauncherSettings_live.cfg
2012-05-16 20:09 - 2016-09-03 14:40 - 0022328 _____ () C:\Users\flkr2104\AppData\Roaming\PnkBstrK.sys
2012-05-26 18:28 - 2012-05-26 18:28 - 0003584 _____ () C:\Users\flkr2104\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-27 16:02 - 2013-10-27 16:02 - 0000058 _____ () C:\Users\flkr2104\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2012-06-07 19:00 - 2012-06-07 19:00 - 0000096 _____ () C:\Users\flkr2104\AppData\Local\fusioncache.dat
2013-10-23 22:20 - 2013-10-23 22:20 - 0007605 _____ () C:\Users\flkr2104\AppData\Local\Resmon.ResmonCfg
2015-07-28 12:49 - 2015-07-28 12:49 - 0000000 _____ () C:\Users\flkr2104\AppData\Local\{43D810FD-CDEE-452B-9007-907ECB224905}
2015-06-07 13:10 - 2015-06-07 13:10 - 0000000 _____ () C:\Users\flkr2104\AppData\Local\{51A80C3A-0B9D-45B6-8F1E-3DE9E66F8091}
2015-06-15 12:07 - 2015-06-15 12:07 - 0000000 _____ () C:\Users\flkr2104\AppData\Local\{7B741A37-DC76-4B3B-B7D5-3526204848E8}
2016-07-28 17:08 - 2016-07-28 17:08 - 0000000 _____ () C:\Users\flkr2104\AppData\Local\{B2881FF6-5740-48F7-870C-65A198F1BB07}
2015-11-28 14:50 - 2015-11-28 14:50 - 0000000 _____ () C:\Users\flkr2104\AppData\Local\{C6B3C03C-64C9-4B05-BA05-6DF46EDEA189}
2012-06-09 10:44 - 2007-12-01 16:22 - 0315392 _____ () C:\ProgramData\GMLMatting.8bf
2012-06-09 10:44 - 2012-06-09 10:44 - 0000053 _____ () C:\ProgramData\GMLMatting.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-12-10 15:04

==================== End of FRST.txt ============================
--- --- ---



und die Addition

[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x86) Version: 17-12-2016
Ran by flkr2104 (19-12-2016 20:37:05)
Running from C:\Users\flkr2104\Desktop
Microsoft Windows 7 Professional  Service Pack 1 (X86) (2011-08-02 07:11:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1890919210-445268223-3708981845-500 - Administrator - Enabled) => C:\Users\Administrator
ASPNET (S-1-5-21-1890919210-445268223-3708981845-1002 - Administrator - Enabled)
FKone (S-1-5-21-1890919210-445268223-3708981845-1003 - Administrator - Enabled)
Gjest (S-1-5-21-1890919210-445268223-3708981845-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Trend Micro OfficeScan Antivirus (Enabled - Up to date) {5D349EF8-873B-C657-917F-F1D93E101A7C}
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Trend Micro OfficeScan Anti-spyware (Enabled - Up to date) {E6557F1C-A101-C9D9-ABCF-CAAB459750C1}
FW: Trend Micro Personal Firewall (Enabled) {49A8346C-6900-54B6-B1B3-5F678736DDE9}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.3.0.3650 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
Aeria Ignite (HKLM\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (32-Bit) (HKLM\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D9F3D66A-9885-4DDD-A800-9DDF488359A1}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
BitRaider Streaming Client (HKLM\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
EAX4 Unified Redist (HKLM\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Echo of Soul (HKLM\...\Echo of Soul) (Version:  - )
FUSSBALL MANAGER 13 (HKLM\...\{80AF0300-866F-400F-A350-D53E3C3E34E0}) (Version: 1.0.4.0 - Electronic Arts)
fx-9860G Manager PLUS (HKLM\...\{F5F8D7F9-8879-439E-8292-3386CD7BF06D}) (Version:  - )
Google Chrome (HKLM\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden
HP HotKey Support (HKLM\...\{931AED5E-545A-4802-B5CF-DD3B2086235F}) (Version: 4.0.18.1 - Hewlett-Packard Company)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6433.0 - IDT)
iFinger (HKLM\...\{A1CA0B3B-CFDB-440D-87C5-3F0EFED61731}) (Version: 4.0.4 - iFinger LTD)
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.10.1464 - Intel Corporation)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{B62DB971-5B1E-4EAF-86DC-09B4D3A322D2}) (Version: 12.5.3.17 - Apple Inc.)
Java 8 Update 111 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MEGAsync (HKLM\...\MEGAsync) (Version:  - Mega Limited)
Messenger Plus! 5 (HKLM\...\Messenger Plus!) (Version: 5.50.0.761 - Yuna Software)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (norsk språkpakke) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1044) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM\...\Mobile Broadband HL Service) (Version: 22.001.25.00.03 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 50.1.0 (x86 de) (HKLM\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA PhysX (HKLM\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)
OpenAL (HKLM\...\OpenAL) (Version:  - )
OpenOffice.org 3.2 (HKLM\...\{4F33D156-BF58-4BDB-A8CE-74123C7142C0}) (Version: 3.2.9502 - OpenOffice.org)
Origin (HKLM\...\Origin) (Version: 10.3.3.1921 - Electronic Arts, Inc.)
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Ralink RT3592 802.11a/b/g/n 2x2 WiFi Adapter (HKLM\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 3.01.18.0 - Ralink)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype™ 7.30 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )
Språkpakke for Microsoft Visual Studio 2010 Tools for Office Runtime (x86) – NOR (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - NOR) (Version: 10.0.50903 - Microsoft Corporation)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
STRIKE NX GAMEPAD (HKLM\...\{DEC7CD2E-2BB5-40C3-9592-078F646F7E6C}) (Version: 1.00.0000 - speedlink)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.8 - Synaptics Incorporated)
System Requirements Lab CYRI (HKLM\...\{6C8C4577-8E15-4C63-96ED-D40F2072FF74}) (Version: 6.0.19.0 - Husdawg, LLC)
System Requirements Lab for Intel (HKLM\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Text-To-Speech-Runtime (HKLM\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Trend Micro OfficeScan Client (HKLM\...\OfficeScanNT) (Version: 10.6.5162 - Trend Micro)
Unity Web Player (HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Validity Fingerprint Sensor Driver (HKLM\...\{316430AA-68D4-4468-83FE-E5E088511C6C}) (Version: 4.3.126.0 - Validity Sensors, Inc.)
Veetle TV (HKLM\...\Veetle TV) (Version: 0.9.19 - Veetle, Inc)
Virtua Tennis 4 (Version: 1.0.0001.130 - Sega) Hidden
VoiceOver Kit (HKLM\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.01 beta 1 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.1 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{026371C0-1B7C-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{030B4A80-1B7C-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{030B4A81-1B7C-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{030B4A82-1B7C-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{0713E8A2-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{0713E8A8-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{0713E8D2-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{0713E8D8-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{079AA557-4A18-424A-8EEE-E39F0A8D41B9}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{1E216240-1B7D-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{1F6F8D20-1B7D-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{20DD1B9E-87C4-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{232E456A-87C3-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{2933BF90-7B36-11d2-B20E-00C04F983E60}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{2933BF91-7B36-11D2-B20E-00C04F983E60}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{2933BF94-7B36-11D2-B20E-00C04F983E60}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{3124C396-FB13-4836-A6AD-1317F1713688}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll ()
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{373984C9-B845-449B-91E7-45AC83036ADE}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{373FF7F0-EB8B-11CD-8820-08002B2F4F5A}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{373FF7F4-EB8B-11CD-8820-08002B2F4F5A}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{379E501F-B231-11D1-ADC1-00805FC752D8}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{38911D8E-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{38911D90-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{38911D92-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{3C4F3BE3-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{3C4F3BE5-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{3C4F3BE7-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{3D813DFE-6C91-4A4E-8F41-04346A841D9C}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{3E784A01-F3AE-4DC0-9354-9526B9370EBA}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\flkr2104\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{48123BC4-99D9-11D1-A6B3-00C04FD91555}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{4DD441AD-526D-4A77-9F1B-9841ED802FB0}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{550DDA30-0541-11D2-9CA9-0060B0EC3D39}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{586A6352-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{586A6353-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{586A6354-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{586A6355-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{586A6356-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{586A6357-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{586A6359-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{58DA8D8A-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{58DA8D8F-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{58DA8D93-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{58DA8D96-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{5ACBB955-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{5ACBB956-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{5ACBB957-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{5ACBB958-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{6027C2D4-FB28-11CD-8820-08002B2F4F5A}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{603C7E80-87C2-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{612A8624-0FB3-11CE-8747-524153480004}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{612A8628-0FB3-11CE-8747-524153480004}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{62823C20-41A3-11CE-9E8B-0020AF039CA3}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{6B7E638F-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{6B7E6393-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{6B7E63A3-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{7629CFA2-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{7629CFA4-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{7E3FCEA1-31B4-11D2-AE1F-0080C7337EA1}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{9ED94440-E5E8-101B-B9B5-444553540000}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{9ED94444-E5E8-101B-B9B5-444553540000}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{AFB40FFD-B609-40A3-9828-F88BBE11E4E3}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{AFBA6B42-5692-48EA-8141-DC517DCF0EF1}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{B09DE715-87C1-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{B66834C6-2E60-11CE-8748-524153480004}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{CFC399AF-D876-11D0-9C10-00C04FC99C8E}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{D2423620-51A0-11D2-9CAF-0060B0EC3D39}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F19-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F27-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F31-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F32-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F33-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F34-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F35-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F36-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F37-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F39-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F3F-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F40-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F41-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F6D90F11-9C73-11D3-B32E-00C04F990BB4}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F6D90F12-9C73-11D3-B32E-00C04F990BB4}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F6D90F14-9C73-11D3-B32E-00C04F990BB4}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F6D90F16-9C73-11D3-B32E-00C04F990BB4}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{FC220AD8-A72A-4EE8-926E-0B7AD152A020}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{FE38753A-44A3-11D1-B5B7-0000C09000C4}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {14A8A810-9A39-4BFF-88E2-3D717AB5C923} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-03] (Google Inc.)
Task: {1E1AE2DC-56D6-41AF-BD36-E6487C2E4E12} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {473587FE-EE87-4C19-AF1A-8595AA63BB03} - System32\Tasks\{0927203C-0EBF-4520-A815-F850E80C4F86} => pcalua.exe -a "C:\Program Files\Trend Micro\OfficeScan Client\NTRmv.exe"
Task: {493D7DCC-B857-42E1-A4EF-776613C5B2AA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd)
Task: {61BF19B3-147F-471D-A6A4-29015C250290} - System32\Tasks\{4E983F3D-CA62-4AB4-98AB-3C5DC4FF9BEC} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files\World_of_Tanks\WOTLauncher.exe"
Task: {7561775F-91C7-40C6-B5DC-7F8CEC91274F} - System32\Tasks\{D4026E0E-5843-4B01-80A7-75692F195F72} => Firefox.exe hxxp://www.skype.com/go/downloading?source=installer&amp;ver=6.22.0.107&amp;LastError=-9
Task: {7B9E3DBB-058A-414B-AE52-51944D3AFEA8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-13] (Adobe Systems Incorporated)
Task: {80E18999-C394-43F7-B3B0-D7803EE13670} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {9469D411-F484-4F74-8CD0-900744EC7ED0} - System32\Tasks\{A5FADF4A-2EB7-482D-BE9A-4F59DC50A02E} => Firefox.exe hxxp://www.skype.com/go/downloading?source=installer&amp;ver=7.3.0.101&amp;LastError=-9
Task: {A6EC187B-E82C-41DF-9D86-D01C0644F620} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-03] (Google Inc.)
Task: {C414EB96-2334-412C-9CBC-B7FA2116181D} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {C633C180-1ED1-4D11-9173-3C839FEFCDBA} - System32\Tasks\{015D73D5-7EF9-4344-9757-A8487F237BE9} => pcalua.exe -a "C:\Users\flkr2104\Downloads\fm bilder\FMC_2D_Spielerbilder_BorussiaDortmund.exe" -d "C:\Users\flkr2104\Downloads\fm bilder"
Task: {E6363805-31C2-441E-B0FE-A87A45036903} - System32\Tasks\{CA584D81-5E3F-4553-B31D-B85999D12BFD} => Firefox.exe hxxp://www.skype.com/go/downloading?source=installer&amp;ver=6.9.0.106&amp;LastError=-9
Task: {F492ED02-CF3A-4667-B829-C24B9F2D8F3F} - System32\Tasks\{06F9D0C9-EF0D-4815-8092-909961929903} => Firefox.exe hxxp://www.skype.com/go/downloading?source=installer&amp;ver=6.16.0.105&amp;LastError=-9
Task: {F5FBDC70-34C1-40BC-B7E2-D39723268801} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverToolkit Autorun.job => C:\Program Files\DriverToolkit\DriverToolkit.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-10-05 18:18 - 2016-10-05 18:18 - 00080184 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 18:18 - 2016-10-05 18:18 - 01041720 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-07-04 00:17 - 2012-07-04 00:17 - 00002560 _____ () C:\Windows\runservice.exe
2012-07-04 00:17 - 2013-12-14 20:03 - 00048640 _____ () C:\Windows\mmfs.dll
2015-05-20 14:13 - 2014-02-15 07:59 - 00239184 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2012-03-19 14:29 - 2011-04-01 10:53 - 00499712 _____ () C:\Program Files\Trend Micro\OfficeScan Client\sqlite3.dll
2012-05-16 20:09 - 2015-03-21 22:26 - 00075136 _____ () C:\Windows\system32\PnkBstrA.exe
2016-06-30 12:24 - 2016-12-17 22:17 - 00564736 _____ () C:\Users\flkr2104\AppData\Local\MEGAsync\ShellExtX32.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2011-08-02 10:19 - 2011-05-18 11:39 - 00140288 _____ () C:\Program Files\WinRAR\rarext.dll
2011-08-02 17:46 - 2011-03-26 07:28 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
2012-12-18 01:10 - 2012-03-28 22:18 - 01198872 _____ () C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1113328611-58381748-87005590-109325\Control Panel\Desktop\\Wallpaper -> C:\Users\flkr2104\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^Users^flkr2104^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: EADM => "C:\Program Files\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: OfficeScanNT Monitor => "C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{A622ABA6-3C92-41E6-B9A6-0180CB929627}] => C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E1F8A0D8-4BD6-4314-9E5F-09CFA6031C64}] => LPort=2869
FirewallRules: [{8E016B2D-F2B2-426E-8EFA-46C122E87942}] => LPort=1900
FirewallRules: [{4D7BDA48-417D-4349-A980-9CA19BEAB9E8}] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{931A377F-4D8D-4BBC-94E5-8D0F49139C46}] => C:\Program Files\Veetle\Player\VeetleNet.exe
FirewallRules: [TCP Query User{C964F64B-B4AF-422E-84E6-F447D39FF02F}C:\program files\internet explorer\iexplore.exe] => C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{C9A64660-BDEF-4E85-854C-1276BBF4AADE}C:\program files\internet explorer\iexplore.exe] => C:\program files\internet explorer\iexplore.exe
FirewallRules: [{5BB298CC-AA84-491D-80D0-7C095E61BA2C}] => LPort=56676
FirewallRules: [{89AC9ADD-DE5F-493A-BBBE-A09925FEEA86}] => LPort=56676
FirewallRules: [{E74843CA-D546-474B-BE2F-ECD88AF21AA3}] => LPort=56676
FirewallRules: [{3AF8905E-C8AE-4A8C-9333-FA4D6D943A83}] => LPort=56676
FirewallRules: [{3CEC8038-9CB9-492F-84BC-11FC042637BB}] => C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{797BF723-8A67-4836-928C-480FA8891719}] => C:\Program Files\Veetle\Player\VeetleNet.exe
FirewallRules: [{5AE9581D-14F3-4469-A752-53338A798640}] => C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{A0723582-6F2B-43F5-8262-ABD550D5C792}] => C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{3CBDDE4A-099C-4CE9-BC37-64F1FB39D9FA}] => C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{9CE865C3-BEB8-4C6B-8655-306C4F5F2AD0}] => C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{9247D1AC-E137-4A98-8136-5A6EE141EBFF}] => C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{D69662A4-66F6-4384-88FA-FDEE02C03A6F}C:\users\flkr2104\appdata\local\akamai\netsession_win.exe] => C:\users\flkr2104\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{EB93B812-9B9E-418E-A0E3-69C71D1D090E}C:\users\flkr2104\appdata\local\akamai\netsession_win.exe] => C:\users\flkr2104\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{BA336E0C-B36B-4607-8119-9BFE68EE3BDE}C:\users\flkr2104\appdata\local\akamai\netsession_win.exe] => C:\users\flkr2104\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{A820FB9D-B99E-4B28-8661-A19B8852A77C}C:\users\flkr2104\appdata\local\akamai\netsession_win.exe] => C:\users\flkr2104\appdata\local\akamai\netsession_win.exe
FirewallRules: [{47817B77-3C47-4FB4-B3D0-CCA335429855}] => C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{67463958-AB41-41AA-9083-8800F123498F}] => C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{A4F25796-4A90-4E82-A333-45F7CC95EC65}] => C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{984E4980-579B-47B0-BFE1-AF5D4A0C076A}] => C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{F551A992-3141-4D89-BA76-75760F62E27C}] => LPort=57403
FirewallRules: [{1F578E27-FD89-4030-B8EC-A0BC1C526524}] => LPort=57403
FirewallRules: [{5D60EDFF-EA05-4007-8412-DFDE253D4577}] => LPort=57403
FirewallRules: [{13938A1A-81AF-4BD0-AB69-BED62589111D}] => LPort=57403
FirewallRules: [{0092FC27-0457-4EDA-AAEA-D9FFE024C45A}] => C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [TCP Query User{02EA3E90-A44B-4F73-A943-FBD12A097465}C:\windows\system32\rundll32.exe] => C:\windows\system32\rundll32.exe
FirewallRules: [UDP Query User{62B8955A-39F2-4EF4-A52D-5A09535CE188}C:\windows\system32\rundll32.exe] => C:\windows\system32\rundll32.exe
FirewallRules: [{02FA5FC8-C781-4F53-938B-78F933EA2E88}] => C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{8F19AA17-5BB2-40B4-A6F5-E40042625635}] => C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{7460F63E-D470-46D0-A656-8819767A619D}] => C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{C7ADC506-CDA1-48A3-A2EF-F6FA057261AE}] => C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{920F7FF0-D99B-4849-82C5-8BE8022DFAAE}] => LPort=80
FirewallRules: [{60E8E997-E151-4751-80E6-B7543F835BC7}] => LPort=443
FirewallRules: [{4CC79DDF-748F-47B4-BDC8-0B762A261560}] => LPort=20010
FirewallRules: [{C172F8BB-B73C-4E08-8919-C35EF9EE9C34}] => LPort=3478
FirewallRules: [{14E92C44-7822-41B8-A131-80E1F848083D}] => LPort=7850
FirewallRules: [{AB3AC8DD-BDB1-45B5-9217-4881FC7A0875}] => LPort=27022
FirewallRules: [{6A9CD13A-43B6-4631-8C68-4306185C1193}] => LPort=6881
FirewallRules: [{C717E6BE-C28A-4CB5-8DF9-FC719540A912}] => LPort=33333
FirewallRules: [{84D841DF-161C-4421-84BC-EB7E15BAA88F}] => LPort=20443
FirewallRules: [{413383F3-2547-481F-B70D-DC44AC04E62A}] => LPort=8090
FirewallRules: [TCP Query User{2FFBB76F-F899-485B-B3F0-625F7D62F4A5}C:\windows\system32\rundll32.exe] => C:\windows\system32\rundll32.exe
FirewallRules: [UDP Query User{B6DDDBD7-6C94-4A40-88DE-428852CFE2F4}C:\windows\system32\rundll32.exe] => C:\windows\system32\rundll32.exe
FirewallRules: [{4EBA9F6A-0F8D-4F94-9942-73448314B269}] => C:\Program Files\Veetle\Player\VeetleNet.exe
FirewallRules: [{4A52C6EF-5F9A-4A0F-888F-D81C6E6E9574}] => LPort=7852
FirewallRules: [{1BE26DF6-7661-43CB-8FD0-EFDA92D6DA6F}] => LPort=7853
FirewallRules: [{93945317-811F-47F2-9275-7D616A23E298}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1B7149FF-BBBF-4BF9-B19E-7410DF052BE8}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{153DBC7E-36C7-46CE-BDE2-85C812DBCD70}C:\program files\mozilla firefox\firefox.exe] => C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{3B373DE7-9361-4BA1-91E1-5BE01708CDF9}C:\program files\mozilla firefox\firefox.exe] => C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{B8F2D49B-2EBB-4C21-B719-02BC8571FE1B}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{97D84C21-793F-4F11-8AB5-B9DC278676BF}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B1E225C5-BF6E-47D4-B298-B7BC88640849}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C9FE56FC-C4BB-48BF-B28B-33B6F773DCF8}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{EF400853-AAAB-49E3-8387-75161C9283ED}] => LPort=60426
FirewallRules: [{EAE60802-9EC3-4DEF-AF04-D462FD75ABA9}] => LPort=5000
FirewallRules: [{63159383-EF26-4123-BCED-CAC58630E62D}] => C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{0741EA6B-43DD-4047-BDC2-D52CD5E9A75B}] => C:\Program Files\Steam\Steam.exe
FirewallRules: [{AC6FF4E6-BF42-466C-AA44-0ED710FFD7D4}] => C:\Program Files\Steam\Steam.exe
FirewallRules: [{D778DEAD-F211-4901-82C5-1346DFC7AE9C}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{0F2DE732-315A-41A0-80C3-98255C8633AA}] => C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{AF54C738-61F5-4881-A6FD-8E55E03C30B6}] => C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{DCF6B2FB-B87E-4E0D-94C5-23304BCFE9C2}] => C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{7DE68FF8-65F1-45C5-99E0-41708996614D}] => C:\Program Files\Origin Games\FIFA Manager 13\Manager13.exe
FirewallRules: [{C29E0871-6BA7-4629-A635-8C7155D3D475}] => C:\Program Files\Origin Games\FIFA Manager 13\Manager13.exe
FirewallRules: [{7EFAD8E4-E8F2-4546-8CFD-B7C0ABAFC648}] => LPort=12345
FirewallRules: [{497A9934-D20E-4C19-B3A1-EC9D15588491}] => LPort=49197
FirewallRules: [{016B5484-A0F1-4807-B2A6-FC5C007CBC77}] => LPort=5000

==================== Restore Points =========================

18-12-2016 14:19:09 Installed DirectX
19-12-2016 14:28:13 Windows Update

==================== Faulty Device Manager Devices =============

Name: Messenger Plus! Virtual Camera
Description: Messenger Plus! Virtual Camera
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: YunaSoftware
Service: MsgPlusDriver
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: Messenger Plus! Virtual Camera
Description: Messenger Plus! Virtual Camera
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: YunaSoftware
Service: MsgPlusDriver
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/19/2016 04:11:16 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Kan ikke initialisere indeksen.

Detaljer:
	Innholdsindekskatalogen er skadet.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/19/2016 04:11:16 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kan ikke initialisere programmet.

Kontekst: Windows-program

Detaljer:
	Innholdsindekskatalogen er skadet.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/19/2016 04:11:16 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kan ikke initialisere Innsamler-objektet.

Kontekst: Windows-program, SystemIndex-katalog

Detaljer:
	Innholdsindekskatalogen er skadet.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/19/2016 04:11:16 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kan ikke initialisere plugin-modulen <Search.TripoliIndexer>.

Kontekst: Windows-program, SystemIndex-katalog

Detaljer:
	Elementet ble ikke funnet.  (HRESULT : 0x80070490) (0x80070490)

Error: (12/19/2016 04:11:13 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kan ikke initialisere plugin-modulen <Search.JetPropStore>.

Kontekst: Windows-program, SystemIndex-katalog

Detaljer:
	Innholdsindekskatalogen er skadet.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/19/2016 04:11:13 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Windows Search-tjenesten kan ikke laste egenskapslagerinformasjonen.

Kontekst: Windows-program, SystemIndex-katalog

Detaljer:
	Innholdsindeksdatabasen er skadet.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (12/19/2016 04:11:13 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search-tjenesten blir stoppet fordi det er et problem med indeksereren,The catalog is corrupt.

Detaljer:
	Innholdsindekskatalogen er skadet.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/19/2016 04:11:13 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Søketjenesten har oppdaget ødelagte datafiler i indeksen {id=4700}. Tjenesten vil forsøke å rette dette problemet automatisk ved å bygge indeksen på nytt.

Detaljer:
	Innholdsindekskatalogen er skadet.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/19/2016 04:11:13 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Windows Search-tjenesten kan ikke åpne Jet-egenskapslageret.

Detaljer:
	0x%08x (0xc0041800 - Innholdsindeksdatabasen er skadet.  (HRESULT : 0xc0041800))

Error: (12/19/2016 04:11:13 PM) (Source: ESENT) (EventID: 455) (User: )
Description: Windows (4944) Windows: Error -1811 occurred while opening logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0125E.log.


System errors:
=============
Error: (12/19/2016 08:09:08 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: Datamaskinen kan ikke sette opp en sikker økt med en 
domenekontroller i domene OPPLAND på grunn av følgende: 
Det er ingen tilgjengelige påloggingsservere som kan behandle påloggingsforespørselen.


Dette kan føre til godkjenningsproblemer. Kontroller at datamaskinen 
er koblet til nettverket. Hvis problemet vedvarer, 
kontakt domeneadministrator.



MER INFORMASJON

Hvis denne datamaskinen er domenekontroller for det angitte domenet,
setter den opp sikre økter for primærdomenets kontrolleremulator i det angitte 
domenet. Ellers setter denne datamaskinen opp den sikre økten for enhver domenekontroller
i det angitte domenet.

Error: (12/19/2016 05:38:40 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT-MYNDIGHET)
Description: Behandlingen av gruppepolicyen mislyktes på grunn av manglende nettverkstilkobling til en domenekontroller. Dette kan være en forbigående tilstand. En melding om at det er utført, genereres når maskinen kobles til domenekontrolleren og gruppepolicyen har blitt behandlet. Kontakt systemansvarlig hvis du ikke får en melding om at det er utført innen noen timer.

Error: (12/19/2016 04:11:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjenesten Windows Search kan ikke starte på grunn av følgende feil: 
Tjenesten svarte ikke på start- eller kontrollforespørselen innenfor tidsrammen.

Error: (12/19/2016 04:11:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Det oppstod et tidsavbrudd (30000 millisekunder) under venting på at tjenesten Windows Search skal koble til.

Error: (12/19/2016 04:11:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjenesten Windows Search kan ikke starte på grunn av følgende feil: 
Tjenesten svarte ikke på start- eller kontrollforespørselen innenfor tidsrammen.

Error: (12/19/2016 04:11:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Det oppstod et tidsavbrudd (30000 millisekunder) under venting på at tjenesten Windows Search skal koble til.

Error: (12/19/2016 04:11:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjenesten Windows Search kan ikke starte på grunn av følgende feil: 
Tjenesten svarte ikke på start- eller kontrollforespørselen innenfor tidsrammen.

Error: (12/19/2016 04:11:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Det oppstod et tidsavbrudd (30000 millisekunder) under venting på at tjenesten Windows Search skal koble til.

Error: (12/19/2016 04:11:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjenesten Windows Search kan ikke starte på grunn av følgende feil: 
Tjenesten svarte ikke på start- eller kontrollforespørselen innenfor tidsrammen.

Error: (12/19/2016 04:11:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Det oppstod et tidsavbrudd (30000 millisekunder) under venting på at tjenesten Windows Search skal koble til.


CodeIntegrity:
===================================
  Date: 2016-12-19 20:34:37.776
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-19 19:16:33.237
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-19 19:16:05.874
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-19 19:12:43.570
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-19 19:11:58.159
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-19 18:43:56.670
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-19 18:43:33.949
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-19 18:40:11.826
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-19 18:40:11.691
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-19 18:40:11.560
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Celeron(R) CPU B810 @ 1.60GHz
Percentage of memory in use: 63%
Total physical RAM: 3014.37 MB
Available physical RAM: 1114.34 MB
Total Virtual: 6027.06 MB
Available Virtual: 4081.83 MB

==================== Drives ================================

Drive c: (OSDisk) (Fixed) (Total:116.44 GB) (Free:41.35 GB) NTFS
Drive d: (Data) (Fixed) (Total:116.14 GB) (Free:33.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 108E484F)
Partition 1: (Not Active) - (Size=116.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=116.1 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=300 MB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
--- --- ---
__________________
Alt 20.12.2016, 12:59   #4
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Windows 7: Laptop friert oftmals ein - Standard

Windows 7: Laptop friert oftmals ein


Bitte mal alles vom TrendMicro deinstallieren. Viel zu viel Sicherheitssoftware...
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 20.12.2016, 13:47   #5
Divitius
 
Windows 7: Laptop friert oftmals ein - Standard

Windows 7: Laptop friert oftmals ein


Hallo,

ich würde dies gern tun, aber ich kenne das Passwort zum deinstallieren nicht. Dies war eine Software die damals die Schule installiert hatte. Ich glaube ein Adminpasswort müsste das sein, aber dieses verfüge ich leider nicht.


Alt 20.12.2016, 22:50   #6
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Windows 7: Laptop friert oftmals ein - Standard

Windows 7: Laptop friert oftmals ein


OK. Dann muss Microsoft Security Essentials runter...
__________________
--> Windows 7: Laptop friert oftmals ein

Alt 20.12.2016, 23:11   #7
Divitius
 
Windows 7: Laptop friert oftmals ein - Standard

Windows 7: Laptop friert oftmals ein


Dies wäre erledigt

Alt 20.12.2016, 23:19   #8
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Windows 7: Laptop friert oftmals ein - Standard

Windows 7: Laptop friert oftmals ein


OK...

Schritt 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 21.12.2016, 14:01   #9
Divitius
 
Windows 7: Laptop friert oftmals ein - Standard

Windows 7: Laptop friert oftmals ein


Bitte

Code:
ATTFilter
13:56:09.0583 0x0fd8  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
13:56:15.0516 0x0fd8  ============================================================
13:56:15.0516 0x0fd8  Current date / time: 2016/12/21 13:56:15.0516
13:56:15.0516 0x0fd8  SystemInfo:
13:56:15.0516 0x0fd8  
13:56:15.0516 0x0fd8  OS Version: 6.1.7601 ServicePack: 1.0
13:56:15.0516 0x0fd8  Product type: Workstation
13:56:15.0516 0x0fd8  ComputerName: UNGOEB-U1260RT5
13:56:15.0516 0x0fd8  UserName: flkr2104
13:56:15.0516 0x0fd8  Windows directory: C:\Windows
13:56:15.0516 0x0fd8  System windows directory: C:\Windows
13:56:15.0516 0x0fd8  Processor architecture: Intel x86
13:56:15.0516 0x0fd8  Number of processors: 2
13:56:15.0516 0x0fd8  Page size: 0x1000
13:56:15.0516 0x0fd8  Boot type: Normal boot
13:56:15.0516 0x0fd8  CodeIntegrityOptions = 0x00000000
13:56:15.0516 0x0fd8  ============================================================
13:56:17.0515 0x0fd8  KLMD registered as C:\Windows\system32\drivers\74812862.sys
13:56:17.0515 0x0fd8  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23572, osProperties = 0x0
13:56:18.0046 0x0fd8  System UUID: {4601A4C6-7290-A43C-2643-D792C0E1346C}
13:56:19.0068 0x0fd8  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:56:19.0068 0x0fd8  ============================================================
13:56:19.0068 0x0fd8  \Device\Harddisk0\DR0:
13:56:19.0068 0x0fd8  MBR partitions:
13:56:19.0068 0x0fd8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E2000
13:56:19.0068 0x0fd8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xE8E2800, BlocksNum 0xE847000
13:56:19.0068 0x0fd8  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1D129800, BlocksNum 0x96000
13:56:19.0068 0x0fd8  ============================================================
13:56:19.0088 0x0fd8  C: <-> \Device\Harddisk0\DR0\Partition1
13:56:19.0148 0x0fd8  D: <-> \Device\Harddisk0\DR0\Partition2
13:56:19.0148 0x0fd8  ============================================================
13:56:19.0148 0x0fd8  Initialize success
13:56:19.0148 0x0fd8  ============================================================
13:57:09.0420 0x1618  ============================================================
13:57:09.0420 0x1618  Scan started
13:57:09.0420 0x1618  Mode: Manual; SigCheck; TDLFS; 
13:57:09.0420 0x1618  ============================================================
13:57:09.0420 0x1618  KSN ping started
13:57:21.0685 0x1618  KSN ping finished: true
13:57:24.0355 0x1618  ================ Scan system memory ========================
13:57:24.0356 0x1618  System memory - ok
13:57:24.0357 0x1618  ================ Scan services =============================
13:57:24.0569 0x1618  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
13:57:24.0760 0x1618  1394ohci - ok
13:57:24.0810 0x1618  [ CC1F1D3D70DC13C2C281488D347D4415, 3AB1495F8982C727D02E9975E2E04203B918AFAA7B05B5E7FEB5142EB30D1998 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
13:57:24.0850 0x1618  Accelerometer - ok
13:57:24.0899 0x1618  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:57:24.0990 0x1618  ACPI - ok
13:57:25.0012 0x1618  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
13:57:25.0088 0x1618  AcpiPmi - ok
13:57:25.0208 0x1618  [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:57:25.0234 0x1618  AdobeARMservice - ok
13:57:25.0312 0x1618  [ B79750091FC0842182FE49D263791294, 32FC260A74C9C45CD1E8998523642C285866378FCD9478FEFD15A0CC42EC0E0B ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:57:25.0371 0x1618  AdobeFlashPlayerUpdateSvc - ok
13:57:25.0433 0x1618  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
13:57:25.0582 0x1618  adp94xx - ok
13:57:25.0611 0x1618  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys
13:57:25.0711 0x1618  adpahci - ok
13:57:25.0775 0x1618  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys
13:57:25.0848 0x1618  adpu320 - ok
13:57:25.0876 0x1618  [ 39AEAECE9F42407F176FE130D790BFBE, 19010DF87BDC1884268098CC04B4B15ECB710C94054A57157C0F9B7A795BDB28 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:57:25.0937 0x1618  AeLookupSvc - ok
13:57:26.0030 0x1618  [ 827DBC22C96EECF6D36A13162FABAFD3, EBBC04A6AD3BC83E3791569C1120BBBB59AF70512FA2CEB6A8BA2A257F3F6C32 ] AESTFilters     C:\Program Files\IDT\WDM\aestsrv.exe
13:57:26.0060 0x1618  AESTFilters - ok
13:57:26.0111 0x1618  [ 93B49FA857F7036A4EFF32371F6E7391, B9B2867D9A80E7F028E9D7C6ABCB9EC5198ACE28CEE101C5A846666B356B2843 ] AFD             C:\Windows\system32\drivers\afd.sys
13:57:26.0257 0x1618  AFD - ok
13:57:26.0291 0x1618  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
13:57:26.0356 0x1618  agp440 - ok
13:57:26.0392 0x1618  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
13:57:26.0473 0x1618  aic78xx - ok
13:57:26.0512 0x1618  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
13:57:26.0624 0x1618  ALG - ok
13:57:26.0661 0x1618  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:57:26.0703 0x1618  aliide - ok
13:57:26.0736 0x1618  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
13:57:26.0790 0x1618  amdagp - ok
13:57:26.0808 0x1618  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
13:57:26.0850 0x1618  amdide - ok
13:57:26.0863 0x1618  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
13:57:26.0936 0x1618  AmdK8 - ok
13:57:26.0960 0x1618  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
13:57:27.0026 0x1618  AmdPPM - ok
13:57:27.0056 0x1618  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:57:27.0119 0x1618  amdsata - ok
13:57:27.0161 0x1618  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
13:57:27.0281 0x1618  amdsbs - ok
13:57:27.0288 0x1618  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:57:27.0338 0x1618  amdxata - ok
13:57:27.0436 0x1618  [ D1AF38FBAC0DC7E6D796B0ED01707EE0, FAFD2C36594A1628293E7623C8CAB2D47EDF8C6C0E18CC2FB37F9A6CA1F0E57C ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
13:57:27.0510 0x1618  AppHostSvc - ok
13:57:27.0540 0x1618  [ 873F0162D10893E3DF34FA2AC604E6EA, 79655CDB125DBA14DDA01E45A2F8E185788081A3DF8D9E7A6A167C9F0D5C3F62 ] AppID           C:\Windows\system32\drivers\appid.sys
13:57:27.0614 0x1618  AppID - ok
13:57:27.0657 0x1618  [ E10F22695EAC1689DED6A9A45D6C352A, 15B10D2E4AB88DE729905E9E4DD24E812163AD45806713E3883E701723D44E3A ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:57:27.0720 0x1618  AppIDSvc - ok
13:57:27.0750 0x1618  [ 7AE586A76A171B915F7BE478C7542138, B7CDA2DE9C1E3F8997FE3F7D93288C61C9199FA87D24AF541851B8AFBB584D13 ] Appinfo         C:\Windows\System32\appinfo.dll
13:57:27.0821 0x1618  Appinfo - ok
13:57:27.0881 0x1618  [ 82812A27B150D765D03B0074A8257259, C463B96F9AA8CC777AE06807D406014C39B327D29DB98F4F26B5BC90D3F4E2E4 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:57:27.0901 0x1618  Apple Mobile Device - ok
13:57:27.0942 0x1618  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
13:57:28.0008 0x1618  AppMgmt - ok
13:57:28.0048 0x1618  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\drivers\arc.sys
13:57:28.0106 0x1618  arc - ok
13:57:28.0122 0x1618  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:57:28.0173 0x1618  arcsas - ok
13:57:28.0313 0x1618  [ 753F1E09345D7B2C06B9999EA8F9AAB1, C5A53052EE78FA8DC199C77F63654F5F850C111A7DC2B056E09A7D6C2F5B2BCD ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
13:57:28.0351 0x1618  aspnet_state - ok
13:57:28.0412 0x1618  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:57:28.0586 0x1618  AsyncMac - ok
13:57:28.0616 0x1618  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
13:57:28.0636 0x1618  atapi - ok
13:57:28.0686 0x1618  [ 547F07839F71A4357A5E503646CAC2B0, 05FF433B76D5DB40C073F84565D037436DA94B85ABFF1FC84F1468F6EB19C03D ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
13:57:28.0771 0x1618  atksgt - ok
13:57:28.0822 0x1618  [ 4F1E405154D2E68E6ACC3FE07DE02E93, 83FAB4E92B87E8C46BF39DD7556D2F7DCE0AD1E4C9C09ED12C428B82FAD03BDE ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:57:28.0924 0x1618  AudioEndpointBuilder - ok
13:57:28.0947 0x1618  [ 4F1E405154D2E68E6ACC3FE07DE02E93, 83FAB4E92B87E8C46BF39DD7556D2F7DCE0AD1E4C9C09ED12C428B82FAD03BDE ] Audiosrv        C:\Windows\System32\Audiosrv.dll
13:57:28.0991 0x1618  Audiosrv - ok
13:57:29.0024 0x1618  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:57:29.0095 0x1618  AxInstSV - ok
13:57:29.0145 0x1618  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
13:57:29.0306 0x1618  b06bdrv - ok
13:57:29.0340 0x1618  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
13:57:29.0444 0x1618  b57nd60x - ok
13:57:29.0475 0x1618  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
13:57:29.0538 0x1618  BDESVC - ok
13:57:29.0559 0x1618  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:57:29.0643 0x1618  Beep - ok
13:57:29.0705 0x1618  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
13:57:30.0071 0x1618  BFE - ok
13:57:30.0111 0x1618  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
13:57:30.0317 0x1618  BITS - ok
13:57:30.0337 0x1618  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:57:30.0415 0x1618  blbdrive - ok
13:57:30.0479 0x1618  [ 5EA9C80F18CBC393EA7D9A2991DED4B5, 7E5EB1CE44FEBE93686174058D51581FA00BDFF0EBB84BD74BC08F6386019253 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:57:30.0509 0x1618  Bonjour Service - ok
13:57:30.0542 0x1618  [ 28AF7D4427868B7CE4C00CAB1864C7F6, AAE5303878AF0F7AA18069A8FCD99639EBC34622B456AF86C5E4F27858196E06 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:57:30.0633 0x1618  bowser - ok
13:57:30.0693 0x1618  BRDriver - ok
13:57:30.0743 0x1618  [ 0C4D83F01A5D3A1EF88945AB70F2BB7A, 413542C46C8BCDF3802FF9F98CEC22A0A82A961DFE438CA6C2AE89F7480FFF5E ] BRDriver_1_3_3_E02B25FC C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver.sys
13:57:30.0805 0x1618  BRDriver_1_3_3_E02B25FC - ok
13:57:30.0829 0x1618  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
13:57:30.0888 0x1618  BrFiltLo - ok
13:57:30.0928 0x1618  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
13:57:31.0018 0x1618  BrFiltUp - ok
13:57:31.0152 0x1618  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
13:57:31.0306 0x1618  Browser - ok
13:57:31.0338 0x1618  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:57:31.0458 0x1618  Brserid - ok
13:57:31.0488 0x1618  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:57:31.0565 0x1618  BrSerWdm - ok
13:57:31.0619 0x1618  [ 448917845F097FCE9D4554C3D2001EF3, BDCBEC01579D7CF28963E4E13CDC5B26E4B69CA24FA2CC4D6E24CAE0DDBCB3FE ] BRSptStub       C:\ProgramData\BitRaider\BRSptStub.exe
13:57:31.0773 0x1618  BRSptStub - ok
13:57:31.0821 0x1618  BRSptSvc - ok
13:57:31.0850 0x1618  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:57:31.0917 0x1618  BrUsbMdm - ok
13:57:31.0932 0x1618  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:57:31.0980 0x1618  BrUsbSer - ok
13:57:32.0021 0x1618  [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
13:57:32.0114 0x1618  BthEnum - ok
13:57:32.0146 0x1618  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
13:57:32.0327 0x1618  BTHMODEM - ok
13:57:32.0353 0x1618  [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
13:57:32.0454 0x1618  BthPan - ok
13:57:32.0494 0x1618  [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
13:57:32.0597 0x1618  BTHPORT - ok
13:57:32.0653 0x1618  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
13:57:32.0715 0x1618  bthserv - ok
13:57:32.0734 0x1618  [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
13:57:32.0785 0x1618  BTHUSB - ok
13:57:32.0805 0x1618  BTMCOM - ok
13:57:32.0815 0x1618  BTMUSB - ok
13:57:32.0864 0x1618  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:57:32.0932 0x1618  cdfs - ok
13:57:32.0972 0x1618  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:57:33.0042 0x1618  cdrom - ok
13:57:33.0062 0x1618  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:57:33.0142 0x1618  CertPropSvc - ok
13:57:33.0172 0x1618  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys
13:57:33.0232 0x1618  circlass - ok
13:57:33.0252 0x1618  cleanhlp - ok
13:57:33.0292 0x1618  [ 56F817905DB79573D95E84DC407B1204, 509D6B8032523B7A5C7B695DEE07F1B74E28534E1B15831F98A7ACD2B374556B ] CLFS            C:\Windows\system32\CLFS.sys
13:57:33.0386 0x1618  CLFS - ok
13:57:33.0444 0x1618  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:57:33.0496 0x1618  clr_optimization_v2.0.50727_32 - ok
13:57:33.0549 0x1618  [ 3CB2944297E7A762F9665A63D7876A3C, 696B8D5FD1DC5E662072CBF1C7CD6270B56643802783013C22848E1BB697625D ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:57:33.0567 0x1618  clr_optimization_v4.0.30319_32 - ok
13:57:33.0607 0x1618  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:57:33.0657 0x1618  CmBatt - ok
13:57:33.0686 0x1618  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:57:33.0717 0x1618  cmdide - ok
13:57:33.0773 0x1618  [ AEC572F808592750F4C0880CFF94EEA5, 51B85CE1779D45A813CD33B527F418992A9494C1F0A190C59EB091A0E683F427 ] CNG             C:\Windows\system32\Drivers\cng.sys
13:57:33.0866 0x1618  CNG - ok
13:57:33.0888 0x1618  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
13:57:33.0931 0x1618  Compbatt - ok
13:57:33.0963 0x1618  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
13:57:34.0014 0x1618  CompositeBus - ok
13:57:34.0024 0x1618  COMSysApp - ok
13:57:34.0097 0x1618  [ 9189813A43642487E70D73D848824B2C, D984BBEABB3797BC2B7401BC60968824597F9DF2B83BF51F5ACE15F1B31F24BD ] cphs            C:\Windows\system32\IntelCpHeciSvc.exe
13:57:34.0197 0x1618  cphs - ok
13:57:34.0279 0x1618  [ D01F685F8B4598D144B0CCE9FF95D8D5, A68EF814CDBD7291DEF4745FE14D5080041BD3275AB12629C7811506AF2B8E17 ] cpudrv          C:\Program Files\SystemRequirementsLab\cpudrv.sys
13:57:34.0297 0x1618  cpudrv - ok
13:57:34.0311 0x1618  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
13:57:34.0351 0x1618  crcdisk - ok
13:57:34.0391 0x1618  [ 348B3A4DD922F590EB39DB231F7AEE4D, 62341BBB263E8E72436FE008E2645692712C2143964D67CE38D58F47F5DEA8B1 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:57:34.0475 0x1618  CryptSvc - ok
13:57:34.0512 0x1618  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
13:57:34.0635 0x1618  CSC - ok
13:57:34.0675 0x1618  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
13:57:34.0775 0x1618  CscService - ok
13:57:34.0835 0x1618  [ 1F54F58D7FA2B3442084E32CDE5E309E, F0D8124E7C9ADC88BD8C53646F2499CDB3D2105DA7C4D28F3D26F313859B3D32 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:57:34.0895 0x1618  DcomLaunch - ok
13:57:34.0955 0x1618  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
13:57:35.0086 0x1618  defragsvc - ok
13:57:35.0124 0x1618  [ EA9DBD76CE9254C77BAAB4339DD4C4FB, ECEE6EB8CFE1BD20BC7B6ED29A1624DDC3E22A37A56BA43B9B14E37D4003B72D ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:57:35.0216 0x1618  DfsC - ok
13:57:35.0256 0x1618  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:57:35.0364 0x1618  Dhcp - ok
13:57:35.0469 0x1618  [ 58F9BFBAE3C25D1A349DF0C6ECE8F9DF, FF1CFC9B323BCE2CFC06F9B2A98A29396832134FD61A570C1971A7240899E526 ] DiagTrack       C:\Windows\system32\diagtrack.dll
13:57:35.0684 0x1618  DiagTrack - ok
13:57:35.0715 0x1618  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
13:57:35.0798 0x1618  discache - ok
13:57:35.0828 0x1618  [ B7B470F163002A0D0E381EE45834BF6B, 5B5E204341A6B1689C3F8717C41782B1A077A026F8B19DA3DE08CA44AB1D95B2 ] Disk            C:\Windows\system32\drivers\disk.sys
13:57:35.0883 0x1618  Disk - ok
13:57:35.0908 0x1618  [ 2A958EF85DB1B61FFCA65044FA4BCE9E, C83511685EE1CE85A5ADF9B5BE96C375A521601F66024BDC3EE044C0B6E85D69 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
13:57:36.0010 0x1618  dmvsc - ok
13:57:36.0047 0x1618  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:57:36.0131 0x1618  Dnscache - ok
13:57:36.0164 0x1618  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:57:36.0321 0x1618  dot3svc - ok
13:57:36.0432 0x1618  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
13:57:36.0544 0x1618  DPS - ok
13:57:36.0585 0x1618  [ A3F684B866A7D89AE396276CE7AFD416, 1E4C034B7B106FA403B13842A199D88A33B492A577B58CDDAE0B4706266B9565 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:57:36.0652 0x1618  drmkaud - ok
13:57:36.0676 0x1618  [ 8A32FF671D452D36CC7421171B78F939, E06CB58E561FA4B8E76763EE3D4443298906D661C4E63BAFA33103BAAB22AB9B ] dtlitescsibus   C:\Windows\system32\DRIVERS\dtlitescsibus.sys
13:57:36.0727 0x1618  dtlitescsibus - ok
13:57:36.0754 0x1618  [ 0098B71A5D28FEAF321B4AC4549765D9, FE81E958261DDFA70559B7D8238527CE54C4C3D9D7AC8E0C796070E2705D18DA ] dtliteusbbus    C:\Windows\system32\DRIVERS\dtliteusbbus.sys
13:57:36.0804 0x1618  dtliteusbbus - ok
13:57:36.0884 0x1618  [ 6461E57BB51A848AAE26F52427B7CF9E, A5730998362CB5C3A7B288A3DCD02E3165ACBBB98AB39F7A0FE2029D946EA95D ] dtscsi          C:\Windows\System32\Drivers\dtscsi.sys
13:57:36.0971 0x1618  dtscsi - detected UnsignedFile.Multi.Generic ( 1 )
13:57:37.0222 0x1618  Detect skipped due to KSN trusted
13:57:37.0222 0x1618  dtscsi - ok
13:57:37.0288 0x1618  [ 4B21D102E49E9D44C478D6766A7FCBE5, 7CEEBCF81EE23876F039ED1222020D6F45FE6B3A5CE3BB93DDA3B8BBEAA15E47 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:57:37.0438 0x1618  DXGKrnl - ok
13:57:37.0468 0x1618  EagleXNt - ok
13:57:37.0503 0x1618  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
13:57:37.0597 0x1618  EapHost - ok
13:57:37.0802 0x1618  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
13:57:38.0236 0x1618  ebdrv - ok
13:57:38.0263 0x1618  [ CD3B239873248431ACEFBDBE5827524A, 68A6A2B018B3F277B7D640DA18EAA4552F0C10ABDB4704B170271A8DB7BD4622 ] EFS             C:\Windows\System32\lsass.exe
13:57:38.0370 0x1618  EFS - ok
13:57:38.0425 0x1618  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:57:38.0561 0x1618  ehRecvr - ok
13:57:38.0576 0x1618  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
13:57:38.0675 0x1618  ehSched - ok
13:57:38.0724 0x1618  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
13:57:38.0833 0x1618  elxstor - ok
13:57:38.0858 0x1618  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:57:38.0930 0x1618  ErrDev - ok
13:57:38.0972 0x1618  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
13:57:39.0146 0x1618  EventSystem - ok
13:57:39.0167 0x1618  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
13:57:39.0306 0x1618  exfat - ok
13:57:39.0332 0x1618  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:57:39.0509 0x1618  fastfat - ok
13:57:39.0572 0x1618  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
13:57:39.0750 0x1618  Fax - ok
13:57:39.0776 0x1618  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\drivers\fdc.sys
13:57:39.0853 0x1618  fdc - ok
13:57:39.0877 0x1618  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
13:57:39.0961 0x1618  fdPHost - ok
13:57:39.0981 0x1618  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:57:40.0061 0x1618  FDResPub - ok
13:57:40.0071 0x1618  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:57:40.0144 0x1618  FileInfo - ok
13:57:40.0169 0x1618  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:57:40.0293 0x1618  Filetrace - ok
13:57:40.0315 0x1618  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
13:57:40.0385 0x1618  flpydisk - ok
13:57:40.0409 0x1618  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:57:40.0483 0x1618  FltMgr - ok
13:57:40.0552 0x1618  [ DF15E8426D02C15422EBFF28BA83F03A, 51BEB315B0E5114906684FB3F460FA7BEA326C1B589C5C35D29795A7C13AB4FB ] FontCache       C:\Windows\system32\FntCache.dll
13:57:40.0723 0x1618  FontCache - ok
13:57:40.0785 0x1618  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:57:40.0851 0x1618  FontCache3.0.0.0 - ok
13:57:40.0878 0x1618  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:57:40.0927 0x1618  FsDepends - ok
13:57:40.0952 0x1618  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:57:41.0059 0x1618  Fs_Rec - ok
13:57:41.0105 0x1618  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:57:41.0190 0x1618  fvevol - ok
13:57:41.0222 0x1618  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:57:41.0285 0x1618  gagp30kx - ok
13:57:41.0313 0x1618  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:57:41.0359 0x1618  GEARAspiWDM - ok
13:57:41.0413 0x1618  [ 77EBF3E9386DAA51551AF429052D88D0, 94C3294BB9E14B07448734AE65B37801D3FF15BEC987D182A929A017FEF7B276 ] giveio          C:\Windows\system32\giveio.sys
13:57:41.0488 0x1618  giveio - detected UnsignedFile.Multi.Generic ( 1 )
13:57:41.0766 0x1618  Detect skipped due to KSN trusted
13:57:41.0766 0x1618  giveio - ok
13:57:41.0811 0x1618  [ 8DA745095F6B73BB5B8266BF773DA1FA, 3EA614A9B8D4F61704A8754B014C8F6AC60551435BC4D9F2E761955905DA89F3 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:57:41.0925 0x1618  gpsvc - ok
13:57:42.0002 0x1618  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
13:57:42.0022 0x1618  gupdate - ok
13:57:42.0042 0x1618  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
13:57:42.0063 0x1618  gupdatem - ok
13:57:42.0103 0x1618  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:57:42.0167 0x1618  hcw85cir - ok
13:57:42.0184 0x1618  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:57:42.0271 0x1618  HDAudBus - ok
13:57:42.0311 0x1618  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
13:57:42.0411 0x1618  HidBatt - ok
13:57:42.0431 0x1618  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\drivers\hidbth.sys
13:57:42.0523 0x1618  HidBth - ok
13:57:42.0553 0x1618  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\drivers\hidir.sys
13:57:42.0627 0x1618  HidIr - ok
13:57:42.0647 0x1618  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
13:57:42.0727 0x1618  hidserv - ok
13:57:42.0767 0x1618  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:57:42.0857 0x1618  HidUsb - ok
13:57:42.0897 0x1618  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:57:42.0977 0x1618  hkmsvc - ok
13:57:42.0997 0x1618  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:57:43.0083 0x1618  HomeGroupListener - ok
13:57:43.0108 0x1618  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:57:43.0278 0x1618  HomeGroupProvider - ok
13:57:43.0528 0x1618  [ BCC4A8B2E2E902F52E7F2E7D8E125765, 4253DEABF5E4613E42BFC921BF4E2DD5BDF80A640250F41BDA7DD2711A6BA8A1 ] HPDrvMntSvc.exe C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
13:57:43.0569 0x1618  HPDrvMntSvc.exe - ok
13:57:43.0672 0x1618  [ 4EF10B866C62ABBEAF7511CDD05A19BE, B758DCB9CD8C7E6ED4DEFB666A94B0F749CB86964D2CA9004DF94C5E321F5151 ] hpdskflt        C:\Windows\system32\drivers\hpdskflt.sys
13:57:43.0680 0x1618  hpdskflt - ok
13:57:43.0900 0x1618  [ 9DCFDDECC54FC813E7C0C8EDF6E99E1C, 3BCCF8835224B6FF81794BF34277917BBDFE24CA6A575CAFCD55979C39B6BF3D ] hpHotkeyMonitor C:\Program Files\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
13:57:43.0920 0x1618  hpHotkeyMonitor - ok
13:57:43.0992 0x1618  [ EE9F88368739554DCCA142AE0214BCB1, 1D48FE1A0D633E998F382C3FC3455FCF7E6CF73EE1B624BEEEC8F82EF45003D6 ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
13:57:44.0052 0x1618  HpqKbFiltr - ok
13:57:44.0114 0x1618  [ EC9739A46F1F83C6E52A7A4697F44A65, CF4E93D3E8CA607DDEF87C6996F6C7326316144A61C1B4F83EA1B4B2F9BDC69B ] hpqwmiex        C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
13:57:44.0162 0x1618  hpqwmiex - ok
13:57:44.0204 0x1618  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:57:44.0266 0x1618  HpSAMD - ok
13:57:44.0306 0x1618  [ C0BEB56ED79B59B7B33D0AA6C38A0BA6, 8A21DB7B51BF533CBA08640498C132560641244B9218C483E2053502DF88313D ] hpsrv           C:\Windows\system32\Hpservice.exe
13:57:44.0356 0x1618  hpsrv - ok
13:57:44.0408 0x1618  [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:57:44.0620 0x1618  HTTP - ok
13:57:44.0650 0x1618  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:57:44.0700 0x1618  hwpolicy - ok
13:57:44.0747 0x1618  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:57:44.0882 0x1618  i8042prt - ok
13:57:45.0002 0x1618  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:57:45.0146 0x1618  iaStorV - ok
13:57:45.0316 0x1618  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
13:57:45.0356 0x1618  ICCS - ok
13:57:45.0466 0x1618  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:57:45.0767 0x1618  idsvc - ok
13:57:45.0797 0x1618  IEEtwCollectorService - ok
13:57:46.0027 0x1618  [ C520DD440B57DBD54A4FD1838058879A, 6A81772290C21721603892E66104E33FFAA5B7B03323036B7D46DA4EB4D70E37 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
13:57:46.0397 0x1618  igfx - ok
13:57:46.0427 0x1618  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\drivers\iirsp.sys
13:57:46.0478 0x1618  iirsp - ok
13:57:46.0539 0x1618  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
13:57:46.0631 0x1618  IKEEXT - ok
13:57:46.0681 0x1618  [ 6A6E1B319A47FA7AF2AE6B6815AE9854, 812C9BFBB8207137A3CED5E24B36BCAAA26EFBD66E18CAEE36E23CE6D6B858F8 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
13:57:46.0791 0x1618  IntcDAud - ok
13:57:46.0911 0x1618  [ CD0943496A57B1DCDBDDA588FA432A2F, 107DE411A0827137A81D96BE53400C0DACD4A8DDB57C00B12AF62E2A6A4DDF3C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
13:57:46.0951 0x1618  Intel(R) Capability Licensing Service Interface - ok
13:57:47.0013 0x1618  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
13:57:47.0053 0x1618  intelide - ok
13:57:47.0095 0x1618  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:57:47.0165 0x1618  intelppm - ok
13:57:47.0185 0x1618  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:57:47.0255 0x1618  IPBusEnum - ok
13:57:47.0285 0x1618  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:57:47.0385 0x1618  IpFilterDriver - ok
13:57:47.0455 0x1618  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:57:47.0555 0x1618  iphlpsvc - ok
13:57:47.0587 0x1618  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
13:57:47.0697 0x1618  IPMIDRV - ok
13:57:47.0717 0x1618  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:57:47.0807 0x1618  IPNAT - ok
13:57:47.0897 0x1618  [ ABC734A5AF3D65DA23E0333EF775E6BE, E093C53230D22D337EAF4CA6FE29B625CDB746D4D8901553430F14FDB85CC98F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:57:47.0937 0x1618  iPod Service - ok
13:57:47.0967 0x1618  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:57:48.0027 0x1618  IRENUM - ok
13:57:48.0037 0x1618  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:57:48.0091 0x1618  isapnp - ok
13:57:48.0129 0x1618  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
13:57:48.0229 0x1618  iScsiPrt - ok
13:57:48.0309 0x1618  [ 23D375DFE73C2DE7C2A76C6C705D6D96, 3AA0AC46BE33E885AB91364199C031E87334FE9B422AF3FC7AC74B0E9CDB93D1 ] jhi_service     C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
13:57:48.0349 0x1618  jhi_service - ok
13:57:48.0399 0x1618  [ 5C2F34F60AAEC9DB4DAA973915CBAEDC, 34B4E5A097477C0E2BE475980B4A516DCB5895040E7C2A827EC10AB2B5DEBC93 ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
13:57:48.0469 0x1618  JMCR - ok
13:57:48.0519 0x1618  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:57:48.0571 0x1618  kbdclass - ok
13:57:48.0600 0x1618  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:57:48.0692 0x1618  kbdhid - ok
13:57:48.0702 0x1618  [ CD3B239873248431ACEFBDBE5827524A, 68A6A2B018B3F277B7D640DA18EAA4552F0C10ABDB4704B170271A8DB7BD4622 ] KeyIso          C:\Windows\system32\lsass.exe
13:57:48.0752 0x1618  KeyIso - ok
13:57:48.0787 0x1618  [ 64285B5EF4DC58C71B81BD946BCCA1D7, AEB6FAD269606149956033EE6FB8999EABA04EDBD1B53F2844072A38470AEE88 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:57:48.0837 0x1618  KSecDD - ok
13:57:48.0867 0x1618  [ BA8668FF7A452E271A36ABBB60FA08E0, 9E4163D0C82F981EBFFADA42DF73AE0B69B0CA249A9288594E6470BAD207529A ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:57:48.0937 0x1618  KSecPkg - ok
13:57:48.0967 0x1618  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:57:49.0080 0x1618  KtmRm - ok
13:57:49.0100 0x1618  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:57:49.0214 0x1618  LanmanServer - ok
13:57:49.0234 0x1618  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:57:49.0322 0x1618  LanmanWorkstation - ok
13:57:49.0352 0x1618  [ 29FAB5363138F6E322F4CD780ED9D337, 39AE6E21D116AEC9EA65632F3325E848FFBEC6169A88ADC4814639F97A290D91 ] LicCtrlService  C:\Windows\runservice.exe
13:57:49.0412 0x1618  LicCtrlService - detected UnsignedFile.Multi.Generic ( 1 )
13:57:49.0677 0x1618  Detect skipped due to KSN trusted
13:57:49.0677 0x1618  LicCtrlService - ok
13:57:49.0717 0x1618  [ F8A7212D0864EF5E9185FB95E6623F4D, 277EAA06BD3D1CB31E6CD7B9ECD3A4B7D4AB7A369DB5FFF04EC7D749DF26E3D2 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
13:57:49.0757 0x1618  lirsgt - ok
13:57:49.0787 0x1618  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:57:49.0869 0x1618  lltdio - ok
13:57:49.0899 0x1618  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:57:50.0001 0x1618  lltdsvc - ok
13:57:50.0022 0x1618  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:57:50.0093 0x1618  lmhosts - ok
13:57:50.0163 0x1618  [ 1536D1C328E1B32E962DDBCEA70C74A6, B1690DEA89C8BFF432FB19535A1E216F8321FDB952794EF395231FA057ECBAA0 ] LMS             C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:57:50.0183 0x1618  LMS - ok
13:57:50.0243 0x1618  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
13:57:50.0324 0x1618  LSI_FC - ok
13:57:50.0355 0x1618  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:57:50.0417 0x1618  LSI_SAS - ok
13:57:50.0437 0x1618  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
13:57:50.0487 0x1618  LSI_SAS2 - ok
13:57:50.0507 0x1618  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
13:57:50.0572 0x1618  LSI_SCSI - ok
13:57:50.0602 0x1618  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
13:57:50.0702 0x1618  luafv - ok
13:57:50.0732 0x1618  [ A1D52DB330E18B5A7A718D31D950CA87, D3BE0C13EB0001841B0BA3B401783C0CDA247023BAF8351EBDDB48264AB2E20C ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
13:57:50.0772 0x1618  MBAMProtector - ok
13:57:50.0902 0x1618  [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler   C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
13:57:50.0982 0x1618  MBAMScheduler - ok
13:57:51.0077 0x1618  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
13:57:51.0137 0x1618  MBAMService - ok
13:57:51.0177 0x1618  [ 66DDF98174707CBADBCA6BBABDA1231C, 18B4D1FB27CAF2A360A0B0803015F5D88A7DE9A8BCEAFD2FB769554DDC4505F2 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
13:57:51.0227 0x1618  MBAMWebAccessControl - ok
13:57:51.0257 0x1618  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:57:51.0317 0x1618  Mcx2Svc - ok
13:57:51.0347 0x1618  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\drivers\megasas.sys
13:57:51.0387 0x1618  megasas - ok
13:57:51.0427 0x1618  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
13:57:51.0520 0x1618  MegaSR - ok
13:57:51.0547 0x1618  [ 240D715CFE4FB8F4CDA76F6863E62334, B410C88F0D4749AB843E03BB8BA215A8E3F291404C1B68824A5963A2381188FB ] MEI             C:\Windows\system32\DRIVERS\HECI.sys
13:57:51.0727 0x1618  MEI - ok
13:57:51.0926 0x1618  Microsoft SharePoint Workspace Audit Service - ok
13:57:51.0948 0x1618  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
13:57:52.0031 0x1618  MMCSS - ok
13:57:52.0098 0x1618  [ C36ED33F9AFC5A9772E6C6A9E5B4D183, DFA5075FFAC29E8AAD05A7CED9F6D339C434801D5FF7418B6C4DA3240AAD8E2D ] Mobile Broadband HL Service C:\ProgramData\MobileBrServ\mbbservice.exe
13:57:52.0131 0x1618  Mobile Broadband HL Service - ok
13:57:52.0148 0x1618  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
13:57:52.0233 0x1618  Modem - ok
13:57:52.0269 0x1618  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:57:52.0325 0x1618  monitor - ok
13:57:52.0342 0x1618  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:57:52.0392 0x1618  mouclass - ok
13:57:52.0402 0x1618  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:57:52.0468 0x1618  mouhid - ok
13:57:52.0488 0x1618  [ D1BDF813C9FE5ED53134EDF360927735, 0FC422513A9C98C32A90C7C5B2635DA6104C6425A2E2A8746B110A07AFB1B539 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:57:52.0588 0x1618  mountmgr - ok
13:57:52.0613 0x1618  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:57:52.0676 0x1618  mpio - ok
13:57:52.0700 0x1618  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:57:52.0789 0x1618  mpsdrv - ok
13:57:52.0930 0x1618  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:57:53.0085 0x1618  MpsSvc - ok
13:57:53.0150 0x1618  [ 06AC0310138E4B2C35AF7344D18BC686, FCDB6CC851EC47F92FFF764717A44FF5D5D0E179C215B3C6E77FB9BEA4DE1908 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:57:53.0249 0x1618  MRxDAV - ok
13:57:53.0280 0x1618  [ 661FCC2CC72EC1F42D7AA29972E57E24, 6D4F84249EF83E82E5F3B4526415D61C26D87F76D7A209BB71373B89CE18662D ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:57:53.0350 0x1618  mrxsmb - ok
13:57:53.0377 0x1618  [ D5CC6F07B6491E8DAC8E701185DDF506, 22A77A56BF8A0C239A29DE09F23137F9451D0614AD015AB9E3D7AF2816C7DEBB ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:57:53.0477 0x1618  mrxsmb10 - ok
13:57:53.0497 0x1618  [ 06BF94F9E8D74CE0BC1B8660D37969F8, 7E583024FF71A290655566A9704A943D2CD240F1AEB3C07ADB41E97299DB0958 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:57:53.0585 0x1618  mrxsmb20 - ok
13:57:53.0625 0x1618  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:57:53.0710 0x1618  msahci - ok
13:57:53.0740 0x1618  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:57:53.0798 0x1618  msdsm - ok
13:57:53.0838 0x1618  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
13:57:53.0925 0x1618  MSDTC - ok
13:57:53.0948 0x1618  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:57:54.0015 0x1618  Msfs - ok
13:57:54.0035 0x1618  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:57:54.0095 0x1618  mshidkmdf - ok
13:57:54.0115 0x1618  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:57:54.0155 0x1618  msisadrv - ok
13:57:54.0196 0x1618  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:57:54.0292 0x1618  MSiSCSI - ok
13:57:54.0297 0x1618  msiserver - ok
13:57:54.0333 0x1618  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:57:54.0406 0x1618  MSKSSRV - ok
13:57:54.0424 0x1618  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:57:54.0474 0x1618  MSPCLOCK - ok
13:57:54.0493 0x1618  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:57:54.0543 0x1618  MSPQM - ok
13:57:54.0577 0x1618  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:57:54.0640 0x1618  MsRPC - ok
13:57:54.0670 0x1618  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:57:54.0713 0x1618  mssmbios - ok
13:57:54.0743 0x1618  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:57:54.0813 0x1618  MSTEE - ok
13:57:54.0832 0x1618  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
13:57:54.0896 0x1618  MTConfig - ok
13:57:54.0919 0x1618  [ E7EB93F16956C1BE56CB9B865802F696, 823185D58EDDD9ADF7662EF122A2035E076F2EF42586B3735A07F9215C72D5E1 ] Mup             C:\Windows\system32\Drivers\mup.sys
13:57:54.0982 0x1618  Mup - ok
13:57:55.0022 0x1618  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
13:57:55.0089 0x1618  napagent - ok
13:57:55.0137 0x1618  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:57:55.0248 0x1618  NativeWifiP - ok
13:57:55.0298 0x1618  [ 9804FB2E46077F2977552347DFCA7E05, A34B703462C6998AB2B3EA6389F4B89616CDC257D44C400C92663E6FB4A8F196 ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:57:55.0434 0x1618  NDIS - ok
13:57:55.0459 0x1618  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:57:55.0533 0x1618  NdisCap - ok
13:57:55.0555 0x1618  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:57:55.0624 0x1618  NdisTapi - ok
13:57:55.0640 0x1618  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:57:55.0709 0x1618  Ndisuio - ok
13:57:55.0735 0x1618  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:57:55.0838 0x1618  NdisWan - ok
13:57:55.0863 0x1618  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:57:55.0951 0x1618  NDProxy - ok
13:57:55.0967 0x1618  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:57:56.0047 0x1618  NetBIOS - ok
13:57:56.0067 0x1618  [ A00996C9BFEF29A93B9F21DBE1DC502D, A97982CBBC2E240B0CD884ED3ED5D11B207DA8E7BEF73DCEA44E16E1CD84222F ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:57:56.0161 0x1618  NetBT - ok
13:57:56.0175 0x1618  [ CD3B239873248431ACEFBDBE5827524A, 68A6A2B018B3F277B7D640DA18EAA4552F0C10ABDB4704B170271A8DB7BD4622 ] Netlogon        C:\Windows\system32\lsass.exe
13:57:56.0193 0x1618  Netlogon - ok
13:57:56.0223 0x1618  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
13:57:56.0333 0x1618  Netman - ok
13:57:56.0353 0x1618  [ AC8B816873227930B391B40C6EC4835E, FCAB6E9254AF10536D1D2A2E08C24A21D30516BC64BDBE7E529C618E8CCCB5BA ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:57:56.0383 0x1618  NetMsmqActivator - ok
13:57:56.0391 0x1618  [ AC8B816873227930B391B40C6EC4835E, FCAB6E9254AF10536D1D2A2E08C24A21D30516BC64BDBE7E529C618E8CCCB5BA ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:57:56.0411 0x1618  NetPipeActivator - ok
13:57:56.0431 0x1618  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
13:57:56.0489 0x1618  netprofm - ok
13:57:56.0612 0x1618  [ B0BFAAF4C780C19D2B78531FC6AEE10C, 7193E6CD5BC66EBE1F293A26E669D0700DEFE592F46C6D65A9BE93C8C7FA1067 ] netr28          C:\Windows\system32\DRIVERS\netr28.sys
13:57:56.0818 0x1618  netr28 - ok
13:57:56.0848 0x1618  [ AC8B816873227930B391B40C6EC4835E, FCAB6E9254AF10536D1D2A2E08C24A21D30516BC64BDBE7E529C618E8CCCB5BA ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:57:56.0868 0x1618  NetTcpActivator - ok
13:57:56.0878 0x1618  [ AC8B816873227930B391B40C6EC4835E, FCAB6E9254AF10536D1D2A2E08C24A21D30516BC64BDBE7E529C618E8CCCB5BA ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:57:56.0910 0x1618  NetTcpPortSharing - ok
13:57:56.0985 0x1618  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
13:57:57.0067 0x1618  nfrd960 - ok
13:57:57.0195 0x1618  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:57:57.0237 0x1618  NlaSvc - ok
13:57:57.0257 0x1618  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:57:57.0344 0x1618  Npfs - ok
13:57:57.0372 0x1618  npggsvc - ok
13:57:57.0392 0x1618  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
13:57:57.0453 0x1618  nsi - ok
13:57:57.0483 0x1618  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:57:57.0565 0x1618  nsiproxy - ok
13:57:57.0644 0x1618  [ 978E7A2E4BF4E8E70D0776EF0D9E97FB, B6C82BB9B3025FD2D37B6AB6FA9C2944F8B3020CD4588BE464CE73A992B7FF00 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:57:57.0820 0x1618  Ntfs - ok
13:57:57.0971 0x1618  [ FF9BAFC84105D51F66BAD6463A77952A, 11EC4484DD717672774B81F5D35286553DDE8B78F0A0DCFB6D6E20B9083E45DF ] ntrtscan        C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
13:57:58.0092 0x1618  ntrtscan - ok
13:57:58.0115 0x1618  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
13:57:58.0174 0x1618  Null - ok
13:57:58.0194 0x1618  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:57:58.0266 0x1618  nvraid - ok
13:57:58.0301 0x1618  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:57:58.0321 0x1618  nvstor - ok
13:57:58.0344 0x1618  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:57:58.0402 0x1618  nv_agp - ok
13:57:58.0422 0x1618  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:57:58.0492 0x1618  ohci1394 - ok
13:57:58.0667 0x1618  [ AD851D818F399DD946A9C17AB2156F22, 4A541E7A3A3164581BFB9080DE0976E18F6DD00E39458EBBCBD3B2445708BEB5 ] Origin Client Service C:\Program Files\Origin\OriginClientService.exe
13:57:58.0788 0x1618  Origin Client Service - ok
13:57:58.0964 0x1618  [ 788363C87EBD90AC1EAD2DC5A9A40759, B565663B459414C5C9F81451D9A127D62CDF605BC2A9E686F74A2E4FD44A9B43 ] Origin Web Helper Service C:\Program Files\Origin\OriginWebHelperService.exe
13:57:59.0086 0x1618  Origin Web Helper Service - ok
13:57:59.0147 0x1618  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:57:59.0174 0x1618  ose - ok
13:57:59.0417 0x1618  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:57:59.0637 0x1618  osppsvc - ok
13:57:59.0684 0x1618  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:57:59.0758 0x1618  p2pimsvc - ok
13:57:59.0796 0x1618  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
13:57:59.0878 0x1618  p2psvc - ok
13:57:59.0902 0x1618  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\drivers\parport.sys
13:57:59.0955 0x1618  Parport - ok
13:57:59.0985 0x1618  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:58:00.0035 0x1618  partmgr - ok
13:58:00.0045 0x1618  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
13:58:00.0095 0x1618  Parvdm - ok
13:58:00.0125 0x1618  [ 84752B402BF64CCDDF11816FEDF12DB4, 184DDFCEEE8C5B492415270FC640B8D584B3D79E7BADCE4DE7CDD74CC8C60130 ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:58:00.0190 0x1618  PcaSvc - ok
13:58:00.0218 0x1618  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
13:58:00.0282 0x1618  pci - ok
13:58:00.0324 0x1618  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
13:58:00.0362 0x1618  pciide - ok
13:58:00.0392 0x1618  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:58:00.0469 0x1618  pcmcia - ok
13:58:00.0479 0x1618  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:58:00.0540 0x1618  pcw - ok
13:58:00.0591 0x1618  [ 0C941A3F148B4228867908F98F394461, 6D5F575F2E796C5EA8F9F3F96F9ACD935E274210A105C9365102B448E9AE2031 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:58:00.0700 0x1618  PEAUTH - ok
13:58:00.0772 0x1618  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
13:58:00.0887 0x1618  PeerDistSvc - ok
13:58:00.0969 0x1618  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
13:58:01.0124 0x1618  pla - ok
13:58:01.0164 0x1618  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:58:01.0241 0x1618  PlugPlay - ok
13:58:01.0287 0x1618  [ 3A2BDD76E7D2A5F40A7174793D1BA794, 029EE2C2F71AEC7906600EEC4F855DC5648C1ECF53F11426079B04591F24D067 ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
13:58:01.0351 0x1618  PnkBstrA - ok
13:58:01.0371 0x1618  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:58:01.0443 0x1618  PNRPAutoReg - ok
13:58:01.0453 0x1618  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:58:01.0496 0x1618  PNRPsvc - ok
13:58:01.0538 0x1618  [ 896D916DE06F5502D301E8C4DC442AE8, 7B5C5FA075BA680B990A0A78A690CF2DE04EF7EB1457781E38D0EE4A95CEFDCA ] Point32         C:\Windows\system32\DRIVERS\point32.sys
13:58:01.0577 0x1618  Point32 - ok
13:58:01.0620 0x1618  [ A2FEA7E16D8D056D2FF1EE93F9C73FB1, 6BC8C1B37274B50573F3DAC043DBD9B29B93F527290392842CD94910014D0C74 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:58:01.0697 0x1618  PolicyAgent - ok
13:58:01.0729 0x1618  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
13:58:01.0829 0x1618  Power - ok
13:58:01.0846 0x1618  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:58:01.0937 0x1618  PptpMiniport - ok
13:58:01.0956 0x1618  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\drivers\processr.sys
13:58:02.0016 0x1618  Processor - ok
13:58:02.0046 0x1618  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:58:02.0113 0x1618  ProfSvc - ok
13:58:02.0133 0x1618  [ CD3B239873248431ACEFBDBE5827524A, 68A6A2B018B3F277B7D640DA18EAA4552F0C10ABDB4704B170271A8DB7BD4622 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:58:02.0163 0x1618  ProtectedStorage - ok
13:58:02.0183 0x1618  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:58:02.0340 0x1618  Psched - ok
13:58:02.0471 0x1618  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
13:58:02.0655 0x1618  ql2300 - ok
13:58:02.0691 0x1618  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
13:58:02.0751 0x1618  ql40xx - ok
13:58:02.0786 0x1618  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
13:58:02.0869 0x1618  QWAVE - ok
13:58:02.0880 0x1618  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:58:02.0948 0x1618  QWAVEdrv - ok
13:58:02.0958 0x1618  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:58:03.0035 0x1618  RasAcd - ok
13:58:03.0051 0x1618  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:58:03.0135 0x1618  RasAgileVpn - ok
13:58:03.0155 0x1618  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
13:58:03.0245 0x1618  RasAuto - ok
13:58:03.0276 0x1618  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:58:03.0355 0x1618  Rasl2tp - ok
13:58:03.0375 0x1618  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
13:58:03.0467 0x1618  RasMan - ok
13:58:03.0477 0x1618  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:58:03.0581 0x1618  RasPppoe - ok
13:58:03.0591 0x1618  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:58:03.0709 0x1618  RasSstp - ok
13:58:03.0743 0x1618  [ B15D1178AD7AA2D4F32E88B68C7E2DA2, 0FC3137F28548B7A25F7F6837FC5984547BE49E9D92399B2B78D1919EC95FD73 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:58:03.0850 0x1618  rdbss - ok
13:58:03.0870 0x1618  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
13:58:03.0928 0x1618  rdpbus - ok
13:58:03.0939 0x1618  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:58:04.0001 0x1618  RDPCDD - ok
13:58:04.0033 0x1618  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
13:58:04.0101 0x1618  RDPDR - ok
13:58:04.0137 0x1618  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:58:04.0199 0x1618  RDPENCDD - ok
13:58:04.0229 0x1618  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:58:04.0297 0x1618  RDPREFMP - ok
13:58:04.0355 0x1618  [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:58:04.0394 0x1618  RdpVideoMiniport - ok
13:58:04.0434 0x1618  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:58:04.0525 0x1618  RDPWD - ok
13:58:04.0570 0x1618  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:58:04.0646 0x1618  rdyboost - ok
13:58:04.0688 0x1618  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:58:04.0770 0x1618  RemoteAccess - ok
13:58:04.0798 0x1618  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:58:04.0889 0x1618  RemoteRegistry - ok
13:58:04.0919 0x1618  [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
13:58:04.0999 0x1618  RFCOMM - ok
13:58:05.0008 0x1618  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:58:05.0092 0x1618  RpcEptMapper - ok
13:58:05.0117 0x1618  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
13:58:05.0159 0x1618  RpcLocator - ok
13:58:05.0189 0x1618  [ 1F54F58D7FA2B3442084E32CDE5E309E, F0D8124E7C9ADC88BD8C53646F2499CDB3D2105DA7C4D28F3D26F313859B3D32 ] RpcSs           C:\Windows\system32\rpcss.dll
13:58:05.0236 0x1618  RpcSs - ok
13:58:05.0266 0x1618  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:58:05.0356 0x1618  rspndr - ok
13:58:05.0428 0x1618  [ 5283B9A27FF230F2FF70D92451FF409A, B8BAC70E1DE4485C79CA7B47D4DCFE0223CECEA8ED75CE4F128D47051F95FE5D ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
13:58:05.0531 0x1618  RTL8167 - ok
13:58:05.0566 0x1618  [ A492CEE016B50FBA6A127589A525BF96, A345196547243C213A5F2ABE341F472F2BCFD9FDA94BA60C4D6203E48607DD53 ] RTLE8023xp      C:\Windows\system32\DRIVERS\Rtenicxp.sys
13:58:05.0648 0x1618  RTLE8023xp - ok
13:58:05.0671 0x1618  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
13:58:05.0721 0x1618  s3cap - ok
13:58:05.0742 0x1618  [ CD3B239873248431ACEFBDBE5827524A, 68A6A2B018B3F277B7D640DA18EAA4552F0C10ABDB4704B170271A8DB7BD4622 ] SamSs           C:\Windows\system32\lsass.exe
13:58:05.0774 0x1618  SamSs - ok
13:58:05.0814 0x1618  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:58:05.0879 0x1618  sbp2port - ok
13:58:05.0908 0x1618  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:58:06.0001 0x1618  SCardSvr - ok
13:58:06.0011 0x1618  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:58:06.0091 0x1618  scfilter - ok
13:58:06.0158 0x1618  [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule        C:\Windows\system32\schedsvc.dll
13:58:06.0268 0x1618  Schedule - ok
13:58:06.0289 0x1618  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:58:06.0329 0x1618  SCPolicySvc - ok
13:58:06.0364 0x1618  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:58:06.0439 0x1618  SDRSVC - ok
13:58:06.0479 0x1618  [ 72DFFA33F8ED1C847075EEE2C1E790EE, 9449F4E725103E61809A75DD3370F222DD84E066A874E2CF9485EDFA19CCF858 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:58:06.0526 0x1618  secdrv - detected UnsignedFile.Multi.Generic ( 1 )
13:58:06.0704 0x1618  Detect skipped due to KSN trusted
13:58:06.0704 0x1618  secdrv - ok
13:58:06.0726 0x1618  [ 38CBFFED5FC39CDFE6B4014401ED2629, 7BA730E2EDB8387190E45DA2F475BFE42AB3B12319DE088BD8E9F59227EDA4DD ] seclogon        C:\Windows\system32\seclogon.dll
13:58:06.0801 0x1618  seclogon - ok
13:58:06.0833 0x1618  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
13:58:06.0917 0x1618  SENS - ok
13:58:06.0927 0x1618  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:58:06.0985 0x1618  SensrSvc - ok
13:58:07.0015 0x1618  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\drivers\serenum.sys
13:58:07.0054 0x1618  Serenum - ok
13:58:07.0074 0x1618  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\drivers\serial.sys
13:58:07.0144 0x1618  Serial - ok
13:58:07.0154 0x1618  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys
13:58:07.0215 0x1618  sermouse - ok
13:58:07.0251 0x1618  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
13:58:07.0549 0x1618  SessionEnv - ok
13:58:07.0564 0x1618  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:58:07.0609 0x1618  sffdisk - ok
13:58:07.0637 0x1618  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:58:07.0685 0x1618  sffp_mmc - ok
13:58:07.0704 0x1618  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:58:07.0777 0x1618  sffp_sd - ok
13:58:07.0792 0x1618  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
13:58:07.0902 0x1618  sfloppy - ok
13:58:07.0940 0x1618  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:58:08.0054 0x1618  SharedAccess - ok
13:58:08.0089 0x1618  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:58:08.0189 0x1618  ShellHWDetection - ok
13:58:08.0203 0x1618  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
13:58:08.0263 0x1618  sisagp - ok
13:58:08.0296 0x1618  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
13:58:08.0336 0x1618  SiSRaid2 - ok
13:58:08.0360 0x1618  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:58:08.0406 0x1618  SiSRaid4 - ok
13:58:08.0471 0x1618  [ F3AAB7DF6408431C762D8721B68F46E4, 56ED764AA660955B8B06322703D086B3A52106625A83CCAF195B08BCBDEDA88F ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
13:58:08.0493 0x1618  SkypeUpdate - ok
13:58:08.0523 0x1618  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:58:08.0604 0x1618  Smb - ok
13:58:08.0652 0x1618  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:58:08.0735 0x1618  SNMPTRAP - ok
13:58:08.0864 0x1618  [ AA0D91A77B14447F4ABACEA4E42C44AD, 25C4C8F94C4D76614B576AC0831E56D4BC2E1BA1394396A37F3FAF467DCD465C ] SNP2UVC         C:\Windows\system32\DRIVERS\snp2uvc.sys
13:58:09.0061 0x1618  SNP2UVC - ok
13:58:09.0105 0x1618  [ DC8D2952FB6FFBAEC67BD1B93A34DF11, 0BD1523A68900B80ED1BCCB967643525CCA55D4FF4622D0128913690E6BB619E ] speedfan        C:\Windows\system32\speedfan.sys
13:58:09.0141 0x1618  speedfan - ok
13:58:09.0161 0x1618  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:58:09.0214 0x1618  spldr - ok
13:58:09.0238 0x1618  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
13:58:09.0348 0x1618  Spooler - ok
13:58:09.0513 0x1618  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
13:58:09.0689 0x1618  sppsvc - ok
13:58:09.0709 0x1618  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:58:09.0803 0x1618  sppuinotify - ok
13:58:09.0856 0x1618  [ F7C7CCA6B6B60AC336DC15F15524FCCE, B3EDB0B2AE7D6A6E547D190052A163F924A6382B404C4E0B8F17D2C355B455D7 ] sptd            C:\Windows\System32\Drivers\sptd.sys
13:58:09.0886 0x1618  sptd - ok
13:58:09.0916 0x1618  [ D86EA722F3337AA3F0253B6E359E6796, BA4C2DF629CBECFA1C1D589FFA6AEF8C5853C427B6B007793FD432B4AA8DA593 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:58:10.0052 0x1618  srv - ok
13:58:10.0074 0x1618  [ 1931823AC05967E5F79B791E9FFC2398, 255E6278F476F1D488199B0AD2004C3860CC74971AC3C0AB4B1DB4E42B329E94 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:58:10.0174 0x1618  srv2 - ok
13:58:10.0184 0x1618  [ 50A2FC7B0408F15B77E056076BBB6252, 801AD15B4CDFC09EE4909B7180A5CE562D54D4F08A9C0B7D9CA067ADC42A6C9D ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:58:10.0260 0x1618  srvnet - ok
13:58:10.0291 0x1618  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:58:10.0391 0x1618  SSDPSRV - ok
13:58:10.0457 0x1618  [ F0BE373861A3F34CFAB55C1B7CE1FEB5, 0FEFD1F28C80CCAC83A181ED68B5DBEE9DF102676167153977F2205B688289B4 ] SSHDRV85        C:\Windows\system32\drivers\SSHDRV85.sys
13:58:11.0090 0x1618  SSHDRV85 - detected UnsignedFile.Multi.Generic ( 1 )
13:58:11.0538 0x1618  SSHDRV85 ( UnsignedFile.Multi.Generic ) - warning
13:58:11.0761 0x1618  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:58:11.0861 0x1618  SstpSvc - ok
13:58:11.0939 0x1618  [ BB4C6ABDE2E8034680FB3A77414B55CC, 40925CDC5FF6BB8FF6CBB1BB955313A7A65D69DBDA798A4453ED4D86ABC5E9A3 ] STacSV          C:\Program Files\IDT\WDM\STacSV.exe
13:58:11.0967 0x1618  STacSV - detected UnsignedFile.Multi.Generic ( 1 )
13:58:12.0205 0x1618  Detect skipped due to KSN trusted
13:58:12.0205 0x1618  STacSV - ok
13:58:12.0295 0x1618  [ 0A3544D7E9AF7D8C991C904339157EDC, 1E1DE4D808AE1174B0CB37E93EBADFC98FEBCD70D612CFE393DDA513581CD123 ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
13:58:12.0345 0x1618  Steam Client Service - ok
13:58:12.0379 0x1618  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys
13:58:12.0418 0x1618  stexstor - ok
13:58:12.0458 0x1618  [ E2E776F435B7D0691C6FDF4B66D4032C, 1AE6D78AC811E7D976D0BFE7040ACA9FB5D33AB59AD45FEE869287CF0A4F9854 ] STHDA           C:\Windows\system32\DRIVERS\stwrt.sys
13:58:12.0654 0x1618  STHDA - ok
13:58:12.0698 0x1618  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
13:58:12.0791 0x1618  StiSvc - ok
13:58:12.0803 0x1618  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
13:58:12.0843 0x1618  storflt - ok
13:58:12.0873 0x1618  [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
13:58:12.0920 0x1618  StorSvc - ok
13:58:12.0960 0x1618  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
13:58:13.0005 0x1618  storvsc - ok
13:58:13.0020 0x1618  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:58:13.0050 0x1618  swenum - ok
13:58:13.0090 0x1618  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
13:58:13.0187 0x1618  swprv - ok
13:58:13.0257 0x1618  [ 456BE69261F91148BE1E00AD1F11C08B, 1C049698920C28D74437BC16666EADE9EEB97F56D68E3DD678E49D23A78D4E77 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
13:58:13.0354 0x1618  SynTP - ok
13:58:13.0425 0x1618  [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain         C:\Windows\system32\sysmain.dll
13:58:13.0563 0x1618  SysMain - ok
13:58:13.0581 0x1618  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
13:58:13.0651 0x1618  TabletInputService - ok
13:58:13.0669 0x1618  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:58:13.0770 0x1618  TapiSrv - ok
13:58:13.0846 0x1618  [ C7E41209132B9CF084CCEA8593F61328, 441E44C3C4803FA9304111E58AE7A2927EEB6584CEC9CBF81DC508E73A99033E ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:58:13.0999 0x1618  Tcpip - ok
13:58:14.0064 0x1618  [ C7E41209132B9CF084CCEA8593F61328, 441E44C3C4803FA9304111E58AE7A2927EEB6584CEC9CBF81DC508E73A99033E ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:58:14.0130 0x1618  TCPIP6 - ok
13:58:14.0150 0x1618  [ A4BF8BE9D1F7D563C7868AC7B2561545, E3C2FFE53373E5255DC388E0C81CCE965E432EFAF52C85B5B3B3918815114073 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:58:14.0209 0x1618  tcpipreg - ok
13:58:14.0249 0x1618  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:58:14.0302 0x1618  TDPIPE - ok
13:58:14.0326 0x1618  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:58:14.0382 0x1618  TDTCP - ok
13:58:14.0416 0x1618  [ BB8817D0508DD5EA69C770C8DEF5AB67, C55671524EEF6E16BBCC92556E83FD1D6457E707EA9330FC1CDD28FB11D99B77 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:58:14.0489 0x1618  tdx - ok
13:58:14.0510 0x1618  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:58:14.0553 0x1618  TermDD - ok
13:58:14.0609 0x1618  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
13:58:14.0714 0x1618  TermService - ok
13:58:14.0734 0x1618  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
13:58:14.0802 0x1618  Themes - ok
13:58:14.0823 0x1618  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
13:58:14.0859 0x1618  THREADORDER - ok
13:58:14.0909 0x1618  [ 7B8E49D03ECE5CAC523C8D56DB61C845, 36D156DB5E14ABA5B836223BA32247F5AB3AF1BED7B7D3C48585E0C7DCE7BCE4 ] tmactmon        C:\Windows\system32\DRIVERS\tmactmon.sys
13:58:14.0954 0x1618  tmactmon - ok
13:58:14.0994 0x1618  [ DAA41DD0FEA2999F95A93CD660E479F8, AF56BEDE0D61977A4826644AE50DCE6A0D61488B907AF5CB36DE1189F9569EB7 ] TMBMServer      C:\Program Files\Trend Micro\BM\TMBMSRV.exe
13:58:15.0029 0x1618  TMBMServer - ok
13:58:15.0041 0x1618  [ 4C6D311E0B13C4F469F717DB4AB4D0E7, 80A59CA71FC20961CCAFC0686051E86AE4AFBBD4578CB26AD4570B9207651085 ] tmcomm          C:\Windows\system32\DRIVERS\tmcomm.sys
13:58:15.0115 0x1618  tmcomm - ok
13:58:15.0122 0x1618  [ 8BE895EC50E6F0B6167671405581B414, 05AD08DDB073583C52CBCF6A5CCE4A9FE23C45B70B000D434000428599239624 ] tmevtmgr        C:\Windows\system32\DRIVERS\tmevtmgr.sys
13:58:15.0161 0x1618  tmevtmgr - ok
13:58:15.0201 0x1618  [ 97A567392A48211BD2FD37807702D911, 0FB41B503870D26E12E5F9D6123156A0290589B430274920DA88B163B70235D5 ] TmFilter        C:\Program Files\Trend Micro\OfficeScan Client\TmXPFlt.sys
13:58:15.0230 0x1618  TmFilter - ok
13:58:15.0339 0x1618  [ 9AB412E52D57ADFA0A906B4FD8BD3055, 1E47432C2214AA8DAB985844BA23DB7EC3ECE8C2AE27A4D521001524DE3683D1 ] tmlisten        C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
13:58:15.0450 0x1618  tmlisten - ok
13:58:15.0488 0x1618  [ 7697034EBCE2528796DF5D7C55B52CC8, AA915A7DC07AF3422288B6E26FA2F9E30F0FF7CEBF45B5BCD8E3C101257F5621 ] TmLwf           C:\Windows\system32\DRIVERS\tmlwf.sys
13:58:15.0546 0x1618  TmLwf - ok
13:58:15.0595 0x1618  [ 141FF68169F065D2038C56821F742D8B, 06A76A9F1D4342350D9F670C8D6FE6D10337C14327C23CD4777502C1A0D1FF7A ] TmPfw           C:\Program Files\Trend Micro\OfficeScan Client\TmPfw.exe
13:58:15.0625 0x1618  TmPfw - ok
13:58:15.0646 0x1618  [ F6E50E46697F232F667C426C936A4047, 391AC0CDA1A74C743C00279406F15063F8C58977BB2FD447F5BF25916DD79E85 ] TmPreFilter     C:\Program Files\Trend Micro\OfficeScan Client\TmPreFlt.sys
13:58:15.0663 0x1618  TmPreFilter - ok
13:58:15.0700 0x1618  [ D9940A1D80833008A3195D44C5B72379, F00AB8F353F5E8C8757FF4F5C5047B360BD667D9AC82A79F6399163A3910B4F2 ] TmProxy         C:\Program Files\Trend Micro\OfficeScan Client\TmProxy.exe
13:58:15.0739 0x1618  TmProxy - ok
13:58:15.0767 0x1618  [ E70EB577845B05DB02779A150E4A92E7, F51CD7820CEA980FBF19290CA2354AF09C95DF0FEE565EE22E6CE73030B057D8 ] tmtdi           C:\Windows\system32\DRIVERS\tmtdi.sys
13:58:15.0806 0x1618  tmtdi - ok
13:58:15.0849 0x1618  [ A56279BBA7AD6F78FB7C9E5B75EB562C, E15263C3850DBDBDA371F500ADAEAEAD49ADFB265497D1B43EA2883B9CC94568 ] tmWfp           C:\Windows\system32\DRIVERS\tmwfp.sys
13:58:15.0972 0x1618  tmWfp - ok
13:58:16.0006 0x1618  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
13:58:16.0093 0x1618  TrkWks - ok
13:58:16.0133 0x1618  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:58:16.0253 0x1618  TrustedInstaller - ok
13:58:16.0291 0x1618  [ B89F89A2308E9569A1022A50F78C5506, 375C4A11F78A1335269657012DC57093C6E1A7B1460094B0C265179409F01554 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:58:16.0340 0x1618  tssecsrv - ok
13:58:16.0360 0x1618  [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:58:16.0421 0x1618  TsUsbFlt - ok
13:58:16.0451 0x1618  [ 57C527AF84748B5C2F5178C499C0B81F, 2FF1F25BA16F8984E9F2CE4DE663F261BAF267EDF10D466A52BB211C567F763C ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
13:58:16.0511 0x1618  TsUsbGD - ok
13:58:16.0551 0x1618  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:58:16.0642 0x1618  tunnel - ok
13:58:16.0662 0x1618  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:58:16.0723 0x1618  uagp35 - ok
13:58:16.0749 0x1618  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:58:16.0862 0x1618  udfs - ok
13:58:16.0899 0x1618  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:58:16.0969 0x1618  UI0Detect - ok
13:58:17.0010 0x1618  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:58:17.0060 0x1618  uliagpkx - ok
13:58:17.0082 0x1618  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:58:17.0130 0x1618  umbus - ok
13:58:17.0150 0x1618  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\drivers\umpass.sys
13:58:17.0190 0x1618  UmPass - ok
13:58:17.0219 0x1618  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
13:58:17.0287 0x1618  UmRdpService - ok
13:58:17.0367 0x1618  [ 3D9D81B434031EB92744AFB329D6E4F1, 93ED1C7487F001011C7AA81759C9CDCE0267E8C16D7467B9E8426CC503240210 ] UNS             C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:58:17.0418 0x1618  UNS - ok
13:58:17.0448 0x1618  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
13:58:17.0555 0x1618  upnphost - ok
13:58:17.0588 0x1618  [ EC1C23779BB41A8B2AB2AA6FCE308BDE, D027A2B472CAE97AECB16F69BE52E06CB61E1C61AE196C22662050B711C1C72D ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
13:58:17.0656 0x1618  USBAAPL - detected UnsignedFile.Multi.Generic ( 1 )
13:58:17.0825 0x1618  Detect skipped due to KSN trusted
13:58:17.0825 0x1618  USBAAPL - ok
13:58:17.0859 0x1618  [ 325A69967CC7B4BFB170F5636143A94A, E0341360827B9B3E244F24D0BC01D3B3C0CC97E232A361960849F799A16AD540 ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
13:58:17.0932 0x1618  usbccgp - ok
13:58:17.0965 0x1618  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:58:18.0022 0x1618  usbcir - ok
13:58:18.0032 0x1618  [ 5D57798CAE5A0DD0B8F61C52B8E7C3D1, 5097997508E1406AD5B018C5006D82F8BFC7B157C6CAF1B4D80C7D6DB722A77A ] usbehci         C:\Windows\system32\drivers\usbehci.sys
13:58:18.0097 0x1618  usbehci - ok
13:58:18.0136 0x1618  [ 3835ECC1E928042F92D7AA1963D40523, 60237CB8C3F935544006621255FFD53C9E09C0AF4741D0C50968CB4D647336D5 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
13:58:18.0232 0x1618  usbhub - ok
13:58:18.0252 0x1618  [ 81E1E90305A4C7A13BADC5DFA22ABA37, 9EF3F5CD2FCF22A5BCC668778C8340D8C80719E9B43FB6C4484BFC98280B8BD9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
13:58:18.0309 0x1618  usbohci - ok
13:58:18.0329 0x1618  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
13:58:18.0389 0x1618  usbprint - ok
13:58:18.0409 0x1618  [ 144DA53294922A84FFAA3D90B1453745, A8DC6B534E4526E2226CF6C9D53A4B6B251D2F23728E41737063D24024C5266F ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:58:18.0484 0x1618  USBSTOR - ok
13:58:18.0510 0x1618  [ B4A1789BE90403D9549EF9DBAD37A429, 1F590F8DE0081953B944A076FFEB5FF3BCF7E2BEE4ABD97236A29C00B9242163 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
13:58:18.0576 0x1618  usbuhci - ok
13:58:18.0610 0x1618  [ AF77716205C97E902E6C5B78DECE2CCA, ED99EABED1C7F323EE2A76413E2B260F8EE1D76FDF1E60EE35136D060E756735 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
13:58:18.0662 0x1618  usb_rndisx - ok
13:58:18.0693 0x1618  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
13:58:18.0747 0x1618  UxSms - ok
13:58:18.0768 0x1618  [ CD3B239873248431ACEFBDBE5827524A, 68A6A2B018B3F277B7D640DA18EAA4552F0C10ABDB4704B170271A8DB7BD4622 ] VaultSvc        C:\Windows\system32\lsass.exe
13:58:18.0806 0x1618  VaultSvc - ok
13:58:18.0857 0x1618  [ C2D1B1671F9C1C66E0DF1B5D2DC87616, 577E0EC66E6D751B6521E7E35D8102CE0EC1A9B006B64BEFB75A5D0A15DC5370 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
13:58:18.0933 0x1618  VClone - ok
13:58:19.0054 0x1618  [ 60CF5CBC7F5349E1400B6554E0F040A7, AC4058F903205B0F1AB34C62704AEE8107817B84D1C42A919C6BA8874956257D ] vcsFPService    C:\Windows\system32\vcsFPService.exe
13:58:19.0197 0x1618  vcsFPService - ok
13:58:19.0228 0x1618  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:58:19.0277 0x1618  vdrvroot - ok
13:58:19.0315 0x1618  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
13:58:19.0445 0x1618  vds - ok
13:58:19.0471 0x1618  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:58:19.0531 0x1618  vga - ok
13:58:19.0547 0x1618  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:58:19.0631 0x1618  VgaSave - ok
13:58:19.0657 0x1618  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
13:58:19.0735 0x1618  vhdmp - ok
13:58:19.0762 0x1618  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
13:58:19.0812 0x1618  viaagp - ok
13:58:19.0840 0x1618  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
13:58:19.0892 0x1618  ViaC7 - ok
13:58:19.0928 0x1618  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:58:19.0977 0x1618  viaide - ok
13:58:19.0993 0x1618  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
13:58:20.0053 0x1618  vmbus - ok
13:58:20.0083 0x1618  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
13:58:20.0152 0x1618  VMBusHID - ok
13:58:20.0163 0x1618  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:58:20.0258 0x1618  volmgr - ok
13:58:20.0279 0x1618  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:58:20.0372 0x1618  volmgrx - ok
13:58:20.0390 0x1618  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:58:20.0482 0x1618  volsnap - ok
13:58:20.0561 0x1618  [ 994354C06FC4C23912728C22D0B86356, A51EFD28E1CE51F60AA1319F22510D89D07EAFA2FD21B06B02DB12CD8AA1E871 ] VSApiNt         C:\Program Files\Trend Micro\OfficeScan Client\VSApiNt.sys
13:58:20.0641 0x1618  VSApiNt - ok
13:58:20.0691 0x1618  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:58:20.0741 0x1618  vsmraid - ok
13:58:20.0814 0x1618  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
13:58:20.0986 0x1618  VSS - ok
13:58:21.0138 0x1618  vtany - ok
13:58:21.0168 0x1618  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
13:58:21.0287 0x1618  vwifibus - ok
13:58:21.0307 0x1618  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:58:21.0632 0x1618  vwififlt - ok
13:58:21.0664 0x1618  [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
13:58:21.0695 0x1618  vwifimp - ok
13:58:21.0718 0x1618  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
13:58:21.0837 0x1618  W32Time - ok
13:58:21.0937 0x1618  [ 57C8C20BFA5BEF6BD851EBAC67A8CED0, D5968069D934400A46B9FF92ECA9D7660BDC30C6909BA588AD49F7656246EE98 ] W3SVC           C:\Windows\system32\inetsrv\iisw3adm.dll
13:58:22.0039 0x1618  W3SVC - ok
13:58:22.0059 0x1618  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
13:58:22.0119 0x1618  WacomPen - ok
13:58:22.0142 0x1618  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:58:22.0228 0x1618  WANARP - ok
13:58:22.0234 0x1618  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:58:22.0288 0x1618  Wanarpv6 - ok
13:58:22.0345 0x1618  [ 57C8C20BFA5BEF6BD851EBAC67A8CED0, D5968069D934400A46B9FF92ECA9D7660BDC30C6909BA588AD49F7656246EE98 ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
13:58:22.0388 0x1618  WAS - ok
13:58:22.0510 0x1618  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
13:58:22.0733 0x1618  WatAdminSvc - ok
13:58:22.0806 0x1618  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
13:58:23.0004 0x1618  wbengine - ok
13:58:23.0045 0x1618  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:58:23.0151 0x1618  WbioSrvc - ok
13:58:23.0183 0x1618  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:58:23.0306 0x1618  wcncsvc - ok
13:58:23.0319 0x1618  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:58:23.0396 0x1618  WcsPlugInService - ok
13:58:23.0428 0x1618  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys
13:58:23.0486 0x1618  Wd - ok
13:58:23.0540 0x1618  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:58:23.0874 0x1618  Wdf01000 - ok
13:58:23.0905 0x1618  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:58:24.0006 0x1618  WdiServiceHost - ok
13:58:24.0013 0x1618  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:58:24.0057 0x1618  WdiSystemHost - ok
13:58:24.0095 0x1618  [ DC54D7A40B6E18E5C7F592F836D163FF, 436AF3B94EAE6CBD2516A63235AE1D6EC4F1FCAA0F974A9672BB5AB2A846BB2C ] WebClient       C:\Windows\System32\webclnt.dll
13:58:24.0205 0x1618  WebClient - ok
13:58:24.0236 0x1618  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:58:24.0346 0x1618  Wecsvc - ok
13:58:24.0362 0x1618  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:58:24.0425 0x1618  wercplsupport - ok
13:58:24.0437 0x1618  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
13:58:24.0520 0x1618  WerSvc - ok
13:58:24.0540 0x1618  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:58:24.0612 0x1618  WfpLwf - ok
13:58:24.0628 0x1618  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:58:24.0660 0x1618  WIMMount - ok
13:58:24.0750 0x1618  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
13:58:24.0851 0x1618  WinDefend - ok
13:58:24.0861 0x1618  WinHttpAutoProxySvc - ok
13:58:24.0901 0x1618  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:58:24.0981 0x1618  Winmgmt - ok
13:58:25.0051 0x1618  [ 8949A93520F7008C3B7AD320A0EEA267, F77C6BF73B300347FEB3D02C7A1F98807546D95E10E499D385B7F00D1366CC59 ] WinRM           C:\Windows\system32\WsmSvc.dll
13:58:25.0385 0x1618  WinRM - ok
13:58:25.0430 0x1618  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
13:58:25.0498 0x1618  WinUsb - ok
13:58:25.0548 0x1618  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:58:25.0675 0x1618  Wlansvc - ok
13:58:25.0795 0x1618  [ FB01D4AE207B9EFDBABFC55DC95C7E31, E0EFDBBE0BAC275230C8C1A053948C21BCF20B99B92E50939E95FFB9DC87F6BA ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:58:25.0885 0x1618  wlidsvc - ok
13:58:25.0915 0x1618  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
13:58:25.0965 0x1618  WmiAcpi - ok
13:58:25.0995 0x1618  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:58:26.0075 0x1618  wmiApSrv - ok
13:58:26.0165 0x1618  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
13:58:26.0296 0x1618  WMPNetworkSvc - ok
13:58:26.0317 0x1618  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:58:26.0357 0x1618  WPCSvc - ok
13:58:26.0367 0x1618  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:58:26.0427 0x1618  WPDBusEnum - ok
13:58:26.0447 0x1618  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:58:26.0517 0x1618  ws2ifsl - ok
13:58:26.0517 0x1618  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
13:58:26.0588 0x1618  wscsvc - ok
13:58:26.0592 0x1618  WSearch - ok
13:58:26.0697 0x1618  [ FAC7617DD8A8CCCBBB9D36C39AFA5ABE, 64BB658523F4610B6D092BD390D24307F0A545ABA5C78B5DB50B7AA9E65C6A51 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:58:26.0877 0x1618  wuauserv - ok
13:58:26.0907 0x1618  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:58:26.0967 0x1618  WudfPf - ok
13:58:26.0997 0x1618  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:58:27.0067 0x1618  WUDFRd - ok
13:58:27.0087 0x1618  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:58:27.0167 0x1618  wudfsvc - ok
13:58:27.0197 0x1618  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:58:27.0277 0x1618  WwanSvc - ok
13:58:27.0277 0x1618  XDva404 - ok
13:58:27.0287 0x1618  xhunter1 - ok
13:58:27.0337 0x1618  [ CE0C846127D6ABB1E2A22E59682B2527, 9FDDECDC964A2E0AD306C68E1CF6B8B77388BBD0EC7642B61EE03273381777F7 ] xnacc           C:\Windows\system32\DRIVERS\xnacc.sys
13:58:27.0459 0x1618  xnacc - ok
13:58:27.0489 0x1618  [ C26C68BCBAC1F33F890C226769759209, 15FCBDF391C68D440A61512CF236C328A540DBC155D252FB7E97E14D0E99AA40 ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
13:58:27.0551 0x1618  xusb21 - ok
13:58:27.0588 0x1618  ================ Scan global ===============================
13:58:27.0605 0x1618  [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll
13:58:27.0649 0x1618  [ 090FF4D4A003291D7579A81089D06981, 2713E190F10A96E977C0BA5D38D89E8D123F7CB7D0180CFC0A4073EC42EDB2DB ] C:\Windows\system32\winsrv.dll
13:58:27.0709 0x1618  [ 090FF4D4A003291D7579A81089D06981, 2713E190F10A96E977C0BA5D38D89E8D123F7CB7D0180CFC0A4073EC42EDB2DB ] C:\Windows\system32\winsrv.dll
13:58:27.0749 0x1618  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
13:58:27.0799 0x1618  [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
13:58:27.0889 0x1618  [ Global ] - ok
13:58:27.0889 0x1618  ================ Scan MBR ==================================
13:58:27.0899 0x1618  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:58:28.0179 0x1618  \Device\Harddisk0\DR0 - ok
13:58:28.0179 0x1618  ================ Scan VBR ==================================
13:58:28.0179 0x1618  [ FA9E8AC6AF30A837F4BC1839E8626C77 ] \Device\Harddisk0\DR0\Partition1
13:58:28.0179 0x1618  \Device\Harddisk0\DR0\Partition1 - ok
13:58:28.0189 0x1618  [ 72163DE070982ABD068E7869F3001FD3 ] \Device\Harddisk0\DR0\Partition2
13:58:28.0189 0x1618  \Device\Harddisk0\DR0\Partition2 - ok
13:58:28.0189 0x1618  [ EEEFC098432D460E8F997B89B44B7F19 ] \Device\Harddisk0\DR0\Partition3
13:58:28.0189 0x1618  \Device\Harddisk0\DR0\Partition3 - ok
13:58:28.0199 0x1618  ================ Scan generic autorun ======================
13:58:28.0259 0x1618  [ F4ACFDF73D22071793A677CEE93EA8FA, EB50F2513A314576E810970513601C88603FC14C0C13F7B1A493E1F4F3CCEC6E ] C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
13:58:28.0289 0x1618  QLBController - ok
13:58:28.0339 0x1618  [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe
13:58:28.0369 0x1618  BCSSync - ok
13:58:28.0449 0x1618  [ 1E7184C8F7A52AD3A2184178540ACC98, 41264A7B4157B3A219D1AE6C6D14134E89C6F726ECF6E847E2FB9C4F0A325ED2 ] C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe
13:58:28.0532 0x1618  OfficeScanNT Monitor - ok
13:58:28.0631 0x1618  [ E774F875819DEE4A312A921A88F779FE, 793AE0F4C6173EAABC6A0B533735984ECFAFF7715D5BA8F0CF3F467660DFFC1B ] c:\Program Files\Microsoft IntelliPoint\ipoint.exe
13:58:28.0721 0x1618  IntelliPoint - ok
13:58:28.0741 0x1618  [ 6A509389A59C15C1954D2D026CE5F05A, B3D06EB6C75E4951406EB824AAA7F49FF6FB896D3D24031A4B6E156907A2FDCC ] C:\Windows\system32\igfxtray.exe
13:58:28.0761 0x1618  IgfxTray - ok
13:58:28.0791 0x1618  [ 17BCDA9369D7E6A2770A56D0E2418285, 00368CAA08834E33239F3AA99294210F254048CBDCD34A29A5DD7B0E3979ED7C ] C:\Windows\system32\hkcmd.exe
13:58:28.0811 0x1618  HotKeysCmds - ok
13:58:28.0831 0x1618  [ 819D6AE35E535B4E0FE6FC91D8E39DE9, AA5C443687F771B62AB8A28E72DEEE6030FA7248914B07BC85A8CADDC62F1032 ] C:\Windows\system32\igfxpers.exe
13:58:28.0851 0x1618  Persistence - ok
13:58:28.0991 0x1618  [ D8BEBD7AC47303792A2CE0819DB4BD16, 89BFF46B96DB6DDC370DBEAB67DD5B2FD4BB9DD1D5596DA6F62311FA01A45D92 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
13:58:29.0101 0x1618  SynTPEnh - ok
13:58:29.0211 0x1618  [ 2A4EA4C20FA9C6896EB51BD3A81BB1DD, 91CCE465710E789988BFC4C8F7269F1E274BCDF6069E08034E0C8C6C2DE4F498 ] C:\Program Files\IDT\WDM\sttray.exe
13:58:29.0281 0x1618  SysTrayApp - detected UnsignedFile.Multi.Generic ( 1 )
13:58:39.0288 0x1618  SysTrayApp ( UnsignedFile.Multi.Generic ) - warning
13:58:39.0288 0x1618  Force sending object to P2P due to detect: C:\Program Files\IDT\WDM\sttray.exe
13:58:40.0592 0x1618  Object send P2P result: true
13:58:40.0919 0x1618  [ 5153C06FC9D4D094D1A785545928B134, 0037C935722663F9EF028F841DE222FC6418E9D60939AB60C965807E67A458DC ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
13:58:40.0957 0x1618  SunJavaUpdateSched - ok
13:58:41.0025 0x1618  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
13:58:41.0092 0x1618  Sidebar - ok
13:58:41.0122 0x1618  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
13:58:41.0212 0x1618  mctadmin - ok
13:58:41.0262 0x1618  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
13:58:41.0329 0x1618  Sidebar - ok
13:58:41.0329 0x1618  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
13:58:41.0359 0x1618  mctadmin - ok
13:58:41.0676 0x1618  [ F2AD1B265908797F8A5E21E0312F2F25, 2A6A612F7D52D297385C43E77AD0CD37B28F33ED2AF89098F5E66B812B838A52 ] C:\Users\flkr2104\AppData\Local\Akamai\netsession_win.exe
13:58:41.0884 0x1618  Akamai NetSession Interface - ok
13:58:42.0209 0x1618  [ BA90221541E206773C2662083B72ED5E, F862280E221D047C009C162AA485C57A79CA88BD6E97228B657B6F0DB3AC44AD ] C:\Program Files\CCleaner\CCleaner.exe
13:58:42.0582 0x1618  CCleaner Monitoring - ok
13:58:42.0654 0x1618  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
13:58:42.0712 0x1618  Sidebar - ok
13:58:42.0732 0x1618  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
13:58:42.0772 0x1618  mctadmin - ok
13:58:42.0774 0x1618  Waiting for KSN requests completion. In queue: 9
13:58:43.0794 0x1618  AV detected via SS2: Trend Micro OfficeScan Antivirus, C:\Program Files\Trend Micro\OfficeScan Client\Pccntmon.exe ( 10.6.0.5372 ), 0x41000 ( enabled : updated )
13:58:43.0795 0x1618  FW detected via SS2: Trend Micro Personal Firewall,  (  ), 0x41010 ( enabled )
13:58:43.0978 0x1618  ============================================================
13:58:43.0978 0x1618  Scan finished
13:58:43.0978 0x1618  ============================================================
13:58:43.0988 0x102c  Detected object count: 2
13:58:43.0988 0x102c  Actual detected object count: 2
13:59:40.0283 0x102c  SSHDRV85 ( UnsignedFile.Multi.Generic ) - skipped by user
13:59:40.0284 0x102c  SSHDRV85 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:59:40.0285 0x102c  SysTrayApp ( UnsignedFile.Multi.Generic ) - skipped by user
13:59:40.0285 0x102c  SysTrayApp ( UnsignedFile.Multi.Generic ) - User select action: Skip

Alt 21.12.2016, 18:35   #10
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Windows 7: Laptop friert oftmals ein - Standard

Windows 7: Laptop friert oftmals ein


Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Jetzt bitte Suchscan durchführen:

Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 22.12.2016, 17:56   #11
Divitius
 
Windows 7: Laptop friert oftmals ein - Standard

Windows 7: Laptop friert oftmals ein


So da bin ich wieder

ADWCleaner

Code:
ATTFilter
# AdwCleaner v6.041 - Bericht erstellt am 21/12/2016 um 19:18:18
# Aktualisiert am 16/12/2016 von Malwarebytes
# Datenbank : 2016-12-21.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X86)
# Benutzername : flkr2104 - UNGOEB-U1260RT5
# Gestartet von : C:\Users\flkr2104\Desktop\AdwCleaner_6.041.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Users\flkr2104\Documents\messenger plus! for skype
[-] Ordner gelöscht: C:\ProgramData\Trymedia
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\Trymedia
[-] Ordner gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\messenger plus! for skype
[-] Ordner gelöscht: C:\Program Files\yuna software


***** [ Dateien ] *****

[-] Datei gelöscht: C:\END
[-] Datei gelöscht: C:\Windows\system32\ComputerUpdaterLM.ocx
[-] Datei gelöscht: C:\Windows\system32\CUUpdateComponent.ocx


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****

[-] Aufgabe gelöscht: DRIVERTOOLKIT AUTORUN


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\ComputerUpdater Service
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{82443621-A29A-473E-8335-F5C958A7A4CA}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C}
[-] Schlüssel gelöscht: HKU\S-1-5-21-1113328611-58381748-87005590-109325\Software\vShare.tv
[-] Schlüssel gelöscht: HKU\S-1-5-21-1113328611-58381748-87005590-109325\Software\yuna software
[-] Schlüssel gelöscht: HKU\S-1-5-21-1113328611-58381748-87005590-109325\Software\AppDataLow\Software\Mail.Ru
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1113328611-58381748-87005590-109325\Software\bbrs_002.tb
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\vShare.tv
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\yuna software
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\AppDataLow\Software\Mail.Ru
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Trymedia Systems
[-] Schlüssel gelöscht: HKLM\SOFTWARE\yuna software
[-] Wert gelöscht: HKU\S-1-5-21-1113328611-58381748-87005590-109325\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[#] Wert mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Google\Chrome\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg


***** [ Browser ] *****

[-] [C:\Users\flkr2104\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gelöscht: www.plusnetwork.com


*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [3181 Bytes] - [21/12/2016 19:18:18]
C:\AdwCleaner\AdwCleaner[S0].txt - [3143 Bytes] - [21/12/2016 19:16:04]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [3327 Bytes] ##########

und ESET

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=88613eba26b7fc429606eaa52c0d4740
# end=init
# utc_time=2016-12-21 06:26:18
# local_time=2016-12-21 07:26:18 (+0100, Vest-Europa (normaltid))
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 31812
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=88613eba26b7fc429606eaa52c0d4740
# end=updated
# utc_time=2016-12-21 06:33:49
# local_time=2016-12-21 07:33:49 (+0100, Vest-Europa (normaltid))
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=88613eba26b7fc429606eaa52c0d4740
# end=restart
# utc_time=2016-12-21 09:53:40
# local_time=2016-12-21 10:53:40 (+0100, Vest-Europa (normaltid))
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 32632 233988410 0 0
# scanned=238926
# found=2
# cleaned=0
# scan_time=11989
sh=013705749E298AE16E29EF893E238E57063AA47D ft=1 fh=45f98596765756d6 vn="Variante von Win32/MessengerPlus.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\ewzlisjiodgfzkdgxtjyfbqkddslvmzg\Messenger Plus! for Skype\Settings\Settings.exe"
sh=C75D645E200CCFC65A334FD202664D494CDA461A ft=1 fh=6f35bd8bd276a456 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\flkr2104\AppData\Local\Temp\Tc3PN+Lb.exe.part"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=88613eba26b7fc429606eaa52c0d4740
# end=init
# utc_time=2016-12-22 01:02:27
# local_time=2016-12-22 02:02:27 (+0100, Vest-Europa (normaltid))
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 31822
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=88613eba26b7fc429606eaa52c0d4740
# end=updated
# utc_time=2016-12-22 01:03:23
# local_time=2016-12-22 02:03:23 (+0100, Vest-Europa (normaltid))
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=88613eba26b7fc429606eaa52c0d4740
# engine=31822
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-12-22 01:05:32
# local_time=2016-12-22 02:05:32 (+0100, Vest-Europa (normaltid))
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 66834 234043123 0 0
# scanned=2412
# found=1
# cleaned=0
# scan_time=128
sh=013705749E298AE16E29EF893E238E57063AA47D ft=1 fh=45f98596765756d6 vn="Variante von Win32/MessengerPlus.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\ewzlisjiodgfzkdgxtjyfbqkddslvmzg\Messenger Plus! for Skype\Settings\Settings.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=88613eba26b7fc429606eaa52c0d4740
# end=init
# utc_time=2016-12-22 01:32:27
# local_time=2016-12-22 02:32:27 (+0100, Vest-Europa (normaltid))
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 31822
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=88613eba26b7fc429606eaa52c0d4740
# end=updated
# utc_time=2016-12-22 01:32:43
# local_time=2016-12-22 02:32:43 (+0100, Vest-Europa (normaltid))
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=88613eba26b7fc429606eaa52c0d4740
# engine=31822
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-12-22 04:49:52
# local_time=2016-12-22 05:49:52 (+0100, Vest-Europa (normaltid))
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 83894 234056583 0 0
# scanned=246685
# found=2
# cleaned=0
# scan_time=11828
sh=013705749E298AE16E29EF893E238E57063AA47D ft=1 fh=45f98596765756d6 vn="Variante von Win32/MessengerPlus.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\ewzlisjiodgfzkdgxtjyfbqkddslvmzg\Messenger Plus! for Skype\Settings\Settings.exe"
sh=C75D645E200CCFC65A334FD202664D494CDA461A ft=1 fh=6f35bd8bd276a456 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\flkr2104\AppData\Local\Temp\Tc3PN+Lb.exe.part"

Alt 22.12.2016, 23:13   #12
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Windows 7: Laptop friert oftmals ein - Standard

Windows 7: Laptop friert oftmals ein


Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 23.12.2016, 11:23   #13
Divitius
 
Windows 7: Laptop friert oftmals ein - Standard

Windows 7: Laptop friert oftmals ein


Hallo,

Also der Laptop läuft ohne zu hängen aktuell. Wenn ich fragen darf, hast du eine grobe Ahnung woran es lag?

Lg

Alt 23.12.2016, 21:50   #14
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Windows 7: Laptop friert oftmals ein - Standard

Windows 7: Laptop friert oftmals ein


War halt auch Müll drauf...

Bitte nochmals frische Logs:

Schritt 1



Bitte starte FRST erneut, markiere auch die checkbox und drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 23.12.2016, 22:23   #15
Divitius
 
Windows 7: Laptop friert oftmals ein - Standard

Windows 7: Laptop friert oftmals ein


Alles klar, hier die beiden

FRST


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-12-2016
Ran by flkr2104 (administrator) on UNGOEB-U1260RT5 (23-12-2016 22:14:45)
Running from C:\Users\flkr2104\Desktop
Loaded Profiles: flkr2104 (Available Profiles: flkr2104 & Administrator & DefaultAppPool)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) Language: Norsk, bokmål (Norge)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Windows\Runservice.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\OfficeScan Client\NTRtScan.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Trend Micro Inc.) C:\Program Files\Trend Micro\OfficeScan Client\TmListen.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\OfficeScan Client\TmProxy.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\OfficeScan Client\PccNTMon.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Akamai Technologies, Inc.) C:\Users\flkr2104\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\flkr2104\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\BM\TMBMSRV.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\OfficeScan Client\TmPfw.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [QLBController] => C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe [318520 2011-05-13] (Hewlett-Packard Company)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [OfficeScanNT Monitor] => C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe [1533720 2013-11-20] (Trend Micro Inc.)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2444016 2013-10-30] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [1667164 2000-01-01] (IDT, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoAutorun] 1
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\Run: [Akamai NetSession Interface] => C:\Users\flkr2104\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6775512 2016-06-10] (Piriform Ltd)
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {020048ac-b58c-11e6-9e05-68a3c484513c} - E:\Autorun.exe
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {1788b050-b8af-11e6-9092-68a3c484513c} - E:\setup.exe
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {2bf59e40-ca7f-11e1-8c9d-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {45cf754d-af17-11e5-83e2-68a3c484513c} - E:\setup.exe
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {5a673a96-e715-11e4-83ac-68a3c484513c} - E:\Setup.exe
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {5a673a9a-e715-11e4-83ac-68a3c484513c} - F:\RunGame.exe
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {8973e3ae-fe4c-11e4-a044-68a3c484513c} - E:\AutoRun.exe
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {a055b961-4b69-11e6-9d5e-68a3c484513c} - F:\Autorun.exe
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {b2286f40-32fb-11e1-bea2-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {dec291b3-db35-11e4-a209-68a3c484513c} - E:\Autorun.exe
HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\MountPoints2: {ff282818-2118-11e3-b096-68a3c484513c} - E:\PCSTART.exe
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\flkr2104\AppData\Local\MEGAsync\ShellExtX32.dll [2016-12-17] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\flkr2104\AppData\Local\MEGAsync\ShellExtX32.dll [2016-12-17] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\flkr2104\AppData\Local\MEGAsync\ShellExtX32.dll [2016-12-17] ()
Startup: C:\Users\flkr2104\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-12-17]
ShortcutTarget: MEGAsync.lnk -> C:\Users\flkr2104\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2F6908F7-5324-4907-AB61-36D8C47D8549}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{F3075377-C443-41F3-883B-A8B479B982D7}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{FA72C645-2B03-425E-AAB6-80878F656836}: [DhcpNameServer] 192.168.8.1 192.168.8.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1113328611-58381748-87005590-109325\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1113328611-58381748-87005590-109325\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.oppland.no
HKU\S-1-5-21-1113328611-58381748-87005590-109325\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/
URLSearchHook: HKU\S-1-5-21-1113328611-58381748-87005590-109325 - (No Name) - {37483b40-c254-4a72-bda4-22ee90182c1e} -  No File
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-1113328611-58381748-87005590-109325 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKU\S-1-5-21-1113328611-58381748-87005590-109325 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\OfficeScan Client\TmIEPlg.dll [2013-07-01] (Trend Micro Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-10-20] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-20] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1113328611-58381748-87005590-109325 -> No Name - {37483B40-C254-4A72-BDA4-22EE90182C1E} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\OfficeScan Client\TmIEPlg.dll [2013-07-01] (Trend Micro Inc.)

FireFox:
========
FF DefaultProfile: 8wvhcelo.default
FF ProfilePath: C:\Users\flkr2104\AppData\Roaming\Mozilla\SeaMonkey\Profiles\8wvhcelo.default [2016-12-20]
FF Extension: (DOM Inspector) - C:\Users\flkr2104\AppData\Roaming\Mozilla\SeaMonkey\Profiles\8wvhcelo.default\Extensions\inspector@mozilla.org [2016-05-08]
FF Extension: (ChatZilla) - C:\Users\flkr2104\AppData\Roaming\Mozilla\SeaMonkey\Profiles\8wvhcelo.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2015-12-06]
FF ProfilePath: C:\Users\flkr2104\AppData\Roaming\Mozilla\Firefox\Profiles\5azmg5ch.default-1466284182788 [2016-12-22]
FF Homepage: Mozilla\Firefox\Profiles\5azmg5ch.default-1466284182788 -> hxxps://www.google.de/
FF Extension: (YouTube Download Plus) - C:\Users\flkr2104\AppData\Roaming\Mozilla\Firefox\Profiles\5azmg5ch.default-1466284182788\Extensions\addon@ytdownloader.info.xpi [2016-09-03]
FF Extension: (MEGA) - C:\Users\flkr2104\AppData\Roaming\Mozilla\Firefox\Profiles\5azmg5ch.default-1466284182788\Extensions\firefox@mega.co.nz.xpi [2016-12-08]
FF Extension: (WebSocket Monitor) - C:\Users\flkr2104\AppData\Roaming\Mozilla\Firefox\Profiles\5azmg5ch.default-1466284182788\Extensions\websocketmonitor@getfirebug.com.xpi [2016-09-28]
FF Extension: (Adblock Plus) - C:\Users\flkr2104\AppData\Roaming\Mozilla\Firefox\Profiles\5azmg5ch.default-1466284182788\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF HKLM\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\OfficeScan Client\FirefoxExtension
FF Extension: (Trend Micro NSC Firefox Extension) - C:\Program Files\Trend Micro\OfficeScan Client\FirefoxExtension [2016-11-04] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-13] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-20] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-09-27] ()
FF Plugin: @raidcall.com/RCplugin -> C:\Users\flkr2104\AppData\LocalLow\raidcall\plugins\webplugin.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files\Veetle\plugins\npVeetle.dll [2012-01-14] (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files\Veetle\Player\npvlc.dll [2012-01-14] (Veetle Inc)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1113328611-58381748-87005590-109325: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\flkr2104\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-28] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1113328611-58381748-87005590-109325: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-09-27] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2016-10-29]

Chrome: 
=======
CHR DefaultProfile: Default
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\55.0.2883.87\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\55.0.2883.87\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\55.0.2883.87\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll => No File
CHR Plugin: (vShare.tv plug-in) - C:\Users\flkr2104\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll => No File
CHR Plugin: (vShare.tv plug-in) - C:\Program Files\Mozilla Firefox\plugins\npvsharetvplg.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll => No File
CHR Plugin: (Java(TM) Platform SE 6 U24) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll => No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll ()
CHR Plugin: (Veetle TV Player) - C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
CHR Plugin: (Veetle TV Core) - C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll => No File
CHR Plugin: (Unity Player) - C:\Users\flkr2104\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Raidcall plugin) - C:\Users\flkr2104\AppData\LocalLow\raidcall\plugins\webplugin.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File
CHR Profile: C:\Users\flkr2104\AppData\Local\Google\Chrome\User Data\Default [2016-12-23]
CHR Extension: (Adblock Plus) - C:\Users\flkr2104\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\flkr2104\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\flkr2104\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-17]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <no Path/update_url>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-10-04] (BitRaider, LLC)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279024 2014-01-30] (Intel Corporation)
R2 hpHotkeyMonitor; C:\Program Files\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [317496 2011-05-13] (Hewlett-Packard Company)
R3 ICCS; C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752 2012-04-24] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [461024 2012-03-07] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-04-10] (Intel Corporation)
R2 LicCtrlService; C:\Windows\runservice.exe [2560 2012-07-04] () [File not signed]
S4 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239184 2014-02-15] ()
S3 npggsvc; C:\Windows\system32\GameMon.des [5150552 2013-03-19] (INCA Internet Co., Ltd.)
R2 ntrtscan; C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe [2320640 2013-11-16] (Trend Micro Inc.)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2119688 2016-12-12] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files\Origin\OriginWebHelperService.exe [2180624 2016-12-12] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2015-03-21] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [307282 2000-01-01] (IDT, Inc.) [File not signed]
R3 TMBMServer; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [345112 2013-10-23] (Trend Micro Inc.)
R2 tmlisten; C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe [2272488 2013-12-17] (Trend Micro Inc.)
R3 TmPfw; C:\Program Files\Trend Micro\OfficeScan Client\TmPfw.exe [497272 2011-04-15] (Trend Micro Inc.)
R3 TmProxy; C:\Program Files\Trend Micro\OfficeScan Client\TmProxy.exe [689176 2013-07-01] (Trend Micro Inc.)
R2 vcsFPService; C:\Windows\system32\vcsFPService.exe [2762032 2011-03-24] (Validity Sensors, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 BRSptSvc; "C:\ProgramData\BitRaider\BRSptSvc.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [83872 2016-08-27] ()
S3 BRDriver_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver.sys [66824 2016-10-15] (BitRaider)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [26168 2015-12-31] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [40504 2016-07-18] (Disc Soft Ltd)
S3 dtscsi; C:\Windows\System32\Drivers\dtscsi.sys [223128 2013-02-26] (DT Soft Ltd.) [File not signed]
S3 eapihdrv; C:\Windows\TEMP\ehdrv.sys [135760 2016-12-22] (ESET)
R2 giveio; C:\Windows\system32\giveio.sys [5248 1996-04-03] () [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2016-08-27] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [46080 2011-11-10] (Intel Corporation)
R3 netr28; C:\Windows\System32\DRIVERS\netr28.sys [2075792 2014-12-10] (MediaTek Inc.)
S4 secdrv; C:\Windows\system32\Drivers\secdrv.sys [11973 2016-07-23] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [2484552 2015-07-16] (Sonix Tech. Co., Ltd.)
R2 speedfan; C:\Windows\system32\speedfan.sys [24184 2012-12-29] (Almico Software)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324152 2016-07-18] (Duplex Secure Ltd.)
R1 SSHDRV85; C:\Windows\system32\drivers\SSHDRV85.sys [78848 2013-12-29] () [File not signed]
R2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [75600 2013-08-29] (Trend Micro Inc.)
R2 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [263072 2013-09-02] (Trend Micro Inc.)
R2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [62704 2013-08-29] (Trend Micro Inc.)
R2 TmFilter; C:\Program Files\Trend Micro\OfficeScan Client\TmXPFlt.sys [294152 2015-07-02] (Trend Micro Inc.)
R1 TmLwf; C:\Windows\System32\DRIVERS\tmlwf.sys [146232 2012-06-21] (Trend Micro Inc.)
R2 TmPreFilter; C:\Program Files\Trend Micro\OfficeScan Client\TmPreFlt.sys [38152 2015-07-02] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [90712 2013-06-18] (Trend Micro Inc.)
R2 tmWfp; C:\Windows\System32\DRIVERS\tmwfp.sys [282936 2012-06-21] (Trend Micro Inc.)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2014-07-28] (Apple, Inc.) [File not signed]
R2 VSApiNt; C:\Program Files\Trend Micro\OfficeScan Client\VSApiNt.sys [1608744 2015-07-02] (Trend Micro Inc.)
S3 xnacc; C:\Windows\System32\DRIVERS\xnacc.sys [465408 2009-07-14] (Microsoft Corporation)
S3 BRDriver; \??\C:\ProgramData\BitRaider\BRDriver.sys [X]
S3 BTMCOM; System32\Drivers\btmcom.sys [X]
S3 BTMUSB; System32\Drivers\btmusb.sys [X]
S3 cleanhlp; \??\C:\EEK\bin\cleanhlp32.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 vtany; \??\C:\Windows\vtany.sys [X]
S3 XDva404; \??\C:\Windows\system32\XDva404.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-23 22:14 - 2016-12-23 22:16 - 00025401 _____ C:\Users\flkr2104\Desktop\FRST.txt
2016-12-23 22:14 - 2016-12-23 22:14 - 00000000 ____D C:\Users\flkr2104\Desktop\FRST-OlderVersion
2016-12-21 19:25 - 2016-12-21 19:25 - 02870984 _____ (ESET) C:\Users\flkr2104\Desktop\esetsmartinstaller_deu.exe
2016-12-21 19:10 - 2016-12-21 19:18 - 00000000 ____D C:\AdwCleaner
2016-12-21 19:04 - 2016-12-21 19:05 - 03977168 _____ C:\Users\flkr2104\Desktop\AdwCleaner_6.041.exe
2016-12-21 13:56 - 2016-12-21 14:01 - 00230474 _____ C:\TDSSKiller.3.1.0.12_21.12.2016_13.56.09_log.txt
2016-12-21 13:55 - 2016-12-21 13:55 - 04747704 _____ (AO Kaspersky Lab) C:\Users\flkr2104\Desktop\tdsskiller.exe
2016-12-19 20:33 - 2016-12-23 22:14 - 00000000 ____D C:\FRST
2016-12-19 20:32 - 2016-12-23 22:14 - 01762816 _____ (Farbar) C:\Users\flkr2104\Desktop\FRST.exe
2016-12-19 16:17 - 2016-12-19 16:19 - 00002071 _____ C:\Users\flkr2104\Desktop\Scan.txt
2016-12-18 15:48 - 2016-12-18 16:28 - 00000000 ____D C:\Users\flkr2104\Documents\FUSSBALL MANAGER 16-17
2016-12-18 15:48 - 2016-12-18 15:48 - 00001169 _____ C:\Users\flkr2104\Desktop\FM17 Editor.lnk
2016-12-18 15:48 - 2016-12-18 15:48 - 00001159 _____ C:\Users\flkr2104\Desktop\FIFA Manager  17.lnk
2016-12-18 15:48 - 2016-12-18 15:48 - 00001149 _____ C:\Users\flkr2104\Desktop\FM17 Auflösung.lnk
2016-12-18 15:26 - 2016-12-18 15:26 - 00000000 ____D C:\Users\flkr2104\Documents\FUSSBALL MANAGER 13
2016-12-18 14:26 - 2016-12-18 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FUSSBALL MANAGER 13
2016-12-17 22:10 - 2016-12-17 22:10 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-12-16 20:49 - 2016-12-16 20:49 - 00000000 ____D C:\Users\flkr2104\Downloads\FC Basel
2016-12-13 16:53 - 2016-12-13 16:53 - 00191002 _____ C:\Users\flkr2104\Downloads\2016-11-24--Uebersichtsplan-Linie-10-via-Kauslund.pdf
2016-12-12 09:35 - 2016-12-12 09:35 - 00000000 ____D C:\AeriaGames
2016-12-12 09:03 - 2016-12-12 09:03 - 00000000 ____D C:\ProgramData\Aeria Games
2016-12-12 09:01 - 2016-12-12 09:01 - 00001952 _____ C:\Users\Public\Desktop\Aeria Ignite.lnk
2016-12-12 09:01 - 2016-12-12 09:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
2016-12-12 09:01 - 2016-12-12 09:01 - 00000000 ____D C:\Program Files\Aeria Games
2016-12-12 08:59 - 2016-12-12 08:59 - 00000000 ____D C:\Users\flkr2104\AppData\Roaming\Aeria Games & Entertainment
2016-12-12 08:49 - 2016-12-18 13:48 - 00000000 ____D C:\Program Files\Origin Games
2016-12-10 15:44 - 2016-09-12 21:54 - 00067816 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-12-10 15:44 - 2016-09-12 21:49 - 01017856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-12-10 15:44 - 2016-09-09 16:53 - 01406976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-12-10 15:44 - 2016-09-09 16:53 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-12-10 15:44 - 2016-09-09 16:53 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-12-10 15:44 - 2016-09-09 16:53 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-12-10 15:44 - 2016-09-09 16:53 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-12-10 15:44 - 2016-09-09 16:53 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-12-10 15:44 - 2016-09-09 16:53 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-12-10 15:43 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-12-10 15:43 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-12-10 15:43 - 2016-10-11 16:24 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-12-10 15:43 - 2016-10-11 16:24 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-12-10 15:43 - 2016-10-11 16:21 - 01310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 01062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-12-10 15:43 - 2016-10-11 16:18 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-12-10 15:43 - 2016-10-11 15:55 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-12-10 15:43 - 2016-10-11 15:55 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-12-10 15:43 - 2016-10-11 15:55 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-12-10 15:43 - 2016-10-11 15:55 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-12-10 15:43 - 2016-10-11 15:53 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-12-10 15:43 - 2016-10-11 15:51 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-12-10 15:43 - 2016-10-11 15:51 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-10 15:43 - 2016-10-11 15:51 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-10 15:43 - 2016-10-11 15:51 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-10 15:43 - 2016-10-11 15:50 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-12-10 15:43 - 2016-10-11 15:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-12-10 15:43 - 2016-10-11 15:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-12-10 15:43 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\system32\locale.nls
2016-12-10 15:43 - 2016-10-08 14:05 - 00534600 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-12-10 15:43 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-10 15:43 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-12-10 15:42 - 2016-10-11 16:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-12-10 15:42 - 2016-10-11 16:18 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-12-10 15:42 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-12-10 15:42 - 2016-10-11 16:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-12-10 15:42 - 2016-10-11 16:18 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-12-10 15:42 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-12-10 15:42 - 2016-10-11 16:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-12-10 15:42 - 2016-10-11 16:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-12-10 15:42 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-12-10 15:42 - 2016-10-11 15:55 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-12-10 15:42 - 2016-10-11 15:50 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-12-10 15:42 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-12-10 15:42 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-12-10 15:40 - 2016-11-02 16:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-12-10 15:40 - 2016-11-02 16:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-12-10 15:40 - 2016-11-02 16:16 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-12-10 15:40 - 2016-11-02 16:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-12-10 15:40 - 2016-11-02 15:53 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-12-10 15:40 - 2016-10-28 04:14 - 00346320 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-12-10 15:40 - 2016-10-27 16:05 - 20304896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-10 15:40 - 2016-10-27 15:16 - 00689664 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-12-10 15:40 - 2016-10-25 15:54 - 02399744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-10 15:40 - 2016-10-22 18:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-12-10 15:40 - 2016-10-22 18:53 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-12-10 15:40 - 2016-10-22 18:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-12-10 15:40 - 2016-10-22 18:36 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-12-10 15:40 - 2016-10-22 18:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-10 15:40 - 2016-10-22 18:35 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-12-10 15:40 - 2016-10-22 18:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-12-10 15:40 - 2016-10-22 18:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-10 15:40 - 2016-10-22 18:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-12-10 15:40 - 2016-10-22 18:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-12-10 15:40 - 2016-10-22 18:22 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-12-10 15:40 - 2016-10-22 18:21 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-10 15:40 - 2016-10-22 18:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-12-10 15:40 - 2016-10-22 18:21 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-12-10 15:40 - 2016-10-22 18:20 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-12-10 15:40 - 2016-10-22 18:13 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-10 15:40 - 2016-10-22 18:09 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-12-10 15:40 - 2016-10-22 18:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-10 15:40 - 2016-10-22 18:03 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-12-10 15:40 - 2016-10-22 17:59 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-12-10 15:40 - 2016-10-22 17:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-10 15:40 - 2016-10-22 17:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-10 15:40 - 2016-10-22 17:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-12-10 15:40 - 2016-10-22 17:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-12-10 15:40 - 2016-10-22 17:45 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-10 15:40 - 2016-10-22 17:44 - 04608000 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-10 15:40 - 2016-10-22 17:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-10 15:40 - 2016-10-22 17:43 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-12-10 15:40 - 2016-10-22 17:30 - 13654016 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-10 15:40 - 2016-10-22 17:12 - 02444800 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-10 15:40 - 2016-10-22 17:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-10 15:40 - 2016-10-22 17:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-10 15:40 - 2016-10-15 16:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-12-10 15:40 - 2016-10-15 16:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-12-10 15:40 - 2016-10-11 16:24 - 00250600 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-12-10 15:40 - 2016-10-11 16:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-12-10 15:40 - 2016-10-11 16:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-12-10 15:40 - 2016-10-11 16:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-12-10 15:40 - 2016-10-11 16:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-12-10 15:40 - 2016-10-11 16:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-12-10 15:40 - 2016-10-11 16:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-12-10 15:40 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-12-10 15:40 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-12-10 15:40 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-12-10 15:40 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-12-10 15:40 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-12-10 15:40 - 2016-10-11 16:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-12-10 15:40 - 2016-10-11 14:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-12-10 15:40 - 2016-10-07 16:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-12-10 15:40 - 2016-10-07 16:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-12-10 15:40 - 2016-10-07 16:12 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2016-12-10 15:40 - 2016-10-07 16:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-12-10 15:40 - 2016-10-05 15:50 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-12-10 15:40 - 2016-09-15 15:51 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-12-10 15:40 - 2016-09-13 16:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-12-10 15:40 - 2016-09-12 21:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-12-10 15:40 - 2016-09-12 20:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-12-10 15:40 - 2016-09-12 20:08 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-12-10 15:40 - 2016-09-09 19:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-12-10 15:40 - 2016-09-08 21:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-12-10 15:40 - 2016-09-08 21:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-12-10 15:40 - 2016-09-08 15:49 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-12-10 15:40 - 2016-09-08 15:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-12-10 15:40 - 2016-08-21 14:05 - 00935424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-12-03 12:00 - 2016-11-15 21:44 - 00014299 _____ C:\Users\flkr2104\Downloads\Saison 3.xlsx
2016-12-03 12:00 - 2016-11-13 11:59 - 00012272 _____ C:\Users\flkr2104\Downloads\MeinUmfeld.xlsx

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-23 21:50 - 2012-04-03 08:46 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-23 21:33 - 2010-11-21 00:42 - 00661468 _____ C:\Windows\system32\perfh014.dat
2016-12-23 21:33 - 2010-11-21 00:42 - 00153528 _____ C:\Windows\system32\perfc014.dat
2016-12-23 21:33 - 2010-11-20 22:01 - 01808420 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-23 21:33 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-12-23 21:27 - 2016-08-25 17:44 - 00000000 ____D C:\Users\flkr2104\Documents\MEGAsync Downloads
2016-12-23 17:14 - 2012-08-11 18:35 - 00000132 _____ C:\Users\flkr2104\AppData\Roaming\Adobe PNG Format CS5 Prefs
2016-12-23 13:00 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2016-12-23 12:29 - 2009-07-14 05:34 - 00032224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-23 12:29 - 2009-07-14 05:34 - 00032224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-23 12:18 - 2012-07-04 00:17 - 00002689 ___SH C:\Windows\system32\mmf.sys
2016-12-23 12:17 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-22 20:01 - 2012-01-14 21:49 - 00000000 ____D C:\Users\flkr2104\AppData\Roaming\Skype
2016-12-21 13:37 - 2016-11-18 18:14 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-12-20 23:10 - 2013-03-16 19:22 - 00001912 _____ C:\Windows\epplauncher.mif
2016-12-20 21:21 - 2012-05-04 20:57 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-12-20 21:20 - 2016-11-19 10:48 - 00000000 ____D C:\Users\flkr2104\AppData\LocalLow\Mozilla
2016-12-19 16:14 - 2014-12-08 23:37 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-19 15:50 - 2016-08-24 08:18 - 00000000 ____D C:\Program Files\Steam
2016-12-18 15:27 - 2014-09-19 22:39 - 00000000 ____D C:\ProgramData\Origin
2016-12-18 15:26 - 2016-09-10 18:56 - 00000000 ____D C:\Users\flkr2104\AppData\Roaming\Origin
2016-12-18 14:26 - 2009-07-14 05:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-12-15 21:41 - 2012-07-19 15:19 - 00002101 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-14 16:28 - 2013-12-28 23:17 - 00000000 ____D C:\Users\flkr2104\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-12-13 21:50 - 2012-04-03 08:46 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-12-13 21:50 - 2011-09-15 07:55 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-12-13 21:50 - 2011-08-02 09:22 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-13 15:38 - 2012-05-16 20:09 - 00183112 _____ C:\Windows\system32\PnkBstrB.exe
2016-12-13 15:38 - 2012-05-16 20:09 - 00183112 _____ C:\Windows\system32\PnkBstrB.ex0
2016-12-13 15:38 - 2012-05-16 20:09 - 00138184 _____ C:\Windows\system32\Drivers\PnkBstrK.sys
2016-12-12 09:54 - 2016-06-17 23:23 - 00000000 ____D C:\Users\flkr2104\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2016-12-12 09:01 - 2012-09-12 17:53 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin
2016-12-12 08:45 - 2016-09-10 18:46 - 00000000 ____D C:\Program Files\Origin
2016-12-10 16:58 - 2011-09-22 20:10 - 00000000 ____D C:\Program Files\GIMP-2.0
2016-12-10 16:58 - 2011-08-24 10:03 - 00000000 ____D C:\Users\flkr2104
2016-12-10 16:31 - 2009-07-14 05:33 - 00543848 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-10 16:28 - 2014-12-26 03:45 - 00000000 ____D C:\Windows\system32\appraiser
2016-12-10 16:28 - 2014-04-24 15:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-12-10 16:20 - 2013-09-06 11:43 - 00000000 ____D C:\Windows\system32\MRT
2016-12-10 16:02 - 2011-10-11 22:28 - 138444440 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-03 23:00 - 2011-08-08 10:23 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-12-03 20:19 - 2012-01-25 14:32 - 00330240 _____ (Trend Micro Inc.) C:\Windows\RegBootClean.exe
2016-12-02 21:26 - 2012-03-21 13:00 - 00000000 ____D C:\Windows\system32\directx
2016-12-02 21:23 - 2012-03-21 13:00 - 00000000 ___HD C:\Windows\msdownld.tmp
2016-11-25 14:39 - 2015-10-12 11:25 - 00000000 ___HD C:\Program Files\Common Files\EAInstaller
2016-11-23 20:40 - 2016-02-17 22:03 - 00000000 ___RD C:\Program Files\Skype
2016-11-23 20:40 - 2012-01-14 21:49 - 00000000 ____D C:\ProgramData\Skype

==================== Files in the root of some directories =======

2012-09-15 19:30 - 2012-09-14 07:30 - 0000044 ____H () C:\Program Files\e1697bb7.tmp
2012-06-09 10:39 - 2007-12-01 16:22 - 0315392 _____ () C:\Program Files\GMLMatting.8bf
2012-06-09 10:39 - 2012-06-09 10:39 - 0000053 _____ () C:\Program Files\GMLMatting.ini
2014-08-17 13:05 - 2014-08-17 13:15 - 6010880 _____ () C:\Program Files\GUT1FAF.tmp
2014-10-03 23:16 - 2014-10-03 23:16 - 0000132 _____ () C:\Users\flkr2104\AppData\Roaming\Adobe BMP Format CS5 Prefs
2012-08-11 18:35 - 2016-12-23 17:14 - 0000132 _____ () C:\Users\flkr2104\AppData\Roaming\Adobe PNG Format CS5 Prefs
2012-08-15 19:00 - 2015-06-05 23:37 - 0000132 _____ () C:\Users\flkr2104\AppData\Roaming\Adobe Targa Format CS5 Prefs
2014-06-11 22:30 - 2014-06-11 22:30 - 0000097 _____ () C:\Users\flkr2104\AppData\Roaming\LauncherSettings_live.cfg
2012-05-16 20:09 - 2016-09-03 14:40 - 0022328 _____ () C:\Users\flkr2104\AppData\Roaming\PnkBstrK.sys
2012-05-26 18:28 - 2012-05-26 18:28 - 0003584 _____ () C:\Users\flkr2104\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-27 16:02 - 2013-10-27 16:02 - 0000058 _____ () C:\Users\flkr2104\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2012-06-07 19:00 - 2012-06-07 19:00 - 0000096 _____ () C:\Users\flkr2104\AppData\Local\fusioncache.dat
2013-10-23 22:20 - 2013-10-23 22:20 - 0007605 _____ () C:\Users\flkr2104\AppData\Local\Resmon.ResmonCfg
2015-07-28 12:49 - 2015-07-28 12:49 - 0000000 _____ () C:\Users\flkr2104\AppData\Local\{43D810FD-CDEE-452B-9007-907ECB224905}
2015-06-07 13:10 - 2015-06-07 13:10 - 0000000 _____ () C:\Users\flkr2104\AppData\Local\{51A80C3A-0B9D-45B6-8F1E-3DE9E66F8091}
2015-06-15 12:07 - 2015-06-15 12:07 - 0000000 _____ () C:\Users\flkr2104\AppData\Local\{7B741A37-DC76-4B3B-B7D5-3526204848E8}
2016-07-28 17:08 - 2016-07-28 17:08 - 0000000 _____ () C:\Users\flkr2104\AppData\Local\{B2881FF6-5740-48F7-870C-65A198F1BB07}
2015-11-28 14:50 - 2015-11-28 14:50 - 0000000 _____ () C:\Users\flkr2104\AppData\Local\{C6B3C03C-64C9-4B05-BA05-6DF46EDEA189}
2012-06-09 10:44 - 2007-12-01 16:22 - 0315392 _____ () C:\ProgramData\GMLMatting.8bf
2012-06-09 10:44 - 2012-06-09 10:44 - 0000053 _____ () C:\ProgramData\GMLMatting.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-12-23 12:51

==================== End of FRST.txt ============================
--- --- ---



und Addition

[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x86) Version: 21-12-2016
Ran by flkr2104 (23-12-2016 22:17:14)
Running from C:\Users\flkr2104\Desktop
Microsoft Windows 7 Professional  Service Pack 1 (X86) (2011-08-02 07:11:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1890919210-445268223-3708981845-500 - Administrator - Enabled) => C:\Users\Administrator
ASPNET (S-1-5-21-1890919210-445268223-3708981845-1002 - Administrator - Enabled)
FKone (S-1-5-21-1890919210-445268223-3708981845-1003 - Administrator - Enabled)
Gjest (S-1-5-21-1890919210-445268223-3708981845-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Trend Micro OfficeScan Antivirus (Enabled - Up to date) {5D349EF8-873B-C657-917F-F1D93E101A7C}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Trend Micro OfficeScan Anti-spyware (Enabled - Up to date) {E6557F1C-A101-C9D9-ABCF-CAAB459750C1}
FW: Trend Micro Personal Firewall (Enabled) {49A8346C-6900-54B6-B1B3-5F678736DDE9}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.3.0.3650 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
Aeria Ignite (HKLM\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (32-Bit) (HKLM\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D9F3D66A-9885-4DDD-A800-9DDF488359A1}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
BitRaider Streaming Client (HKLM\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
EAX4 Unified Redist (HKLM\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Echo of Soul (HKLM\...\Echo of Soul) (Version:  - )
FUSSBALL MANAGER 13 (HKLM\...\{80AF0300-866F-400F-A350-D53E3C3E34E0}) (Version: 1.0.4.0 - Electronic Arts)
fx-9860G Manager PLUS (HKLM\...\{F5F8D7F9-8879-439E-8292-3386CD7BF06D}) (Version:  - )
Google Chrome (HKLM\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden
HP HotKey Support (HKLM\...\{931AED5E-545A-4802-B5CF-DD3B2086235F}) (Version: 4.0.18.1 - Hewlett-Packard Company)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6433.0 - IDT)
iFinger (HKLM\...\{A1CA0B3B-CFDB-440D-87C5-3F0EFED61731}) (Version: 4.0.4 - iFinger LTD)
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.10.1464 - Intel Corporation)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{B62DB971-5B1E-4EAF-86DC-09B4D3A322D2}) (Version: 12.5.3.17 - Apple Inc.)
Java 8 Update 111 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MEGAsync (HKLM\...\MEGAsync) (Version:  - Mega Limited)
Messenger Plus! 5 (HKLM\...\Messenger Plus!) (Version: 5.50.0.761 - Yuna Software)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (norsk språkpakke) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1044) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM\...\Mobile Broadband HL Service) (Version: 22.001.25.00.03 - Huawei Technologies Co.,Ltd)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA PhysX (HKLM\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)
OpenAL (HKLM\...\OpenAL) (Version:  - )
OpenOffice.org 3.2 (HKLM\...\{4F33D156-BF58-4BDB-A8CE-74123C7142C0}) (Version: 3.2.9502 - OpenOffice.org)
Origin (HKLM\...\Origin) (Version: 10.3.3.1921 - Electronic Arts, Inc.)
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Ralink RT3592 802.11a/b/g/n 2x2 WiFi Adapter (HKLM\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 3.01.18.0 - Ralink)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype™ 7.30 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )
Språkpakke for Microsoft Visual Studio 2010 Tools for Office Runtime (x86) – NOR (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - NOR) (Version: 10.0.50903 - Microsoft Corporation)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
STRIKE NX GAMEPAD (HKLM\...\{DEC7CD2E-2BB5-40C3-9592-078F646F7E6C}) (Version: 1.00.0000 - speedlink)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.8 - Synaptics Incorporated)
System Requirements Lab CYRI (HKLM\...\{6C8C4577-8E15-4C63-96ED-D40F2072FF74}) (Version: 6.0.19.0 - Husdawg, LLC)
System Requirements Lab for Intel (HKLM\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Text-To-Speech-Runtime (HKLM\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Trend Micro OfficeScan Client (HKLM\...\OfficeScanNT) (Version: 10.6.5162 - Trend Micro)
Unity Web Player (HKU\S-1-5-21-1113328611-58381748-87005590-109325\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Validity Fingerprint Sensor Driver (HKLM\...\{316430AA-68D4-4468-83FE-E5E088511C6C}) (Version: 4.3.126.0 - Validity Sensors, Inc.)
Veetle TV (HKLM\...\Veetle TV) (Version: 0.9.19 - Veetle, Inc)
Virtua Tennis 4 (Version: 1.0.0001.130 - Sega) Hidden
VoiceOver Kit (HKLM\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.01 beta 1 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.1 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{026371C0-1B7C-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{030B4A80-1B7C-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{030B4A81-1B7C-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{030B4A82-1B7C-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{0713E8A2-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{0713E8A8-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{0713E8D2-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{0713E8D8-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{079AA557-4A18-424A-8EEE-E39F0A8D41B9}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{1E216240-1B7D-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{1F6F8D20-1B7D-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{20DD1B9E-87C4-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{232E456A-87C3-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{2933BF90-7B36-11d2-B20E-00C04F983E60}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{2933BF91-7B36-11D2-B20E-00C04F983E60}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{2933BF94-7B36-11D2-B20E-00C04F983E60}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{3124C396-FB13-4836-A6AD-1317F1713688}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll ()
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{373984C9-B845-449B-91E7-45AC83036ADE}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{373FF7F0-EB8B-11CD-8820-08002B2F4F5A}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{373FF7F4-EB8B-11CD-8820-08002B2F4F5A}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{379E501F-B231-11D1-ADC1-00805FC752D8}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{38911D8E-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{38911D90-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{38911D92-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{3C4F3BE3-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{3C4F3BE5-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{3C4F3BE7-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{3D813DFE-6C91-4A4E-8F41-04346A841D9C}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{3E784A01-F3AE-4DC0-9354-9526B9370EBA}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\flkr2104\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{48123BC4-99D9-11D1-A6B3-00C04FD91555}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{4DD441AD-526D-4A77-9F1B-9841ED802FB0}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{550DDA30-0541-11D2-9CA9-0060B0EC3D39}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{586A6352-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{586A6353-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{586A6354-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{586A6355-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{586A6356-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{586A6357-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{586A6359-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{58DA8D8A-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{58DA8D8F-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{58DA8D93-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{58DA8D96-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{5ACBB955-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{5ACBB956-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{5ACBB957-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{5ACBB958-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{6027C2D4-FB28-11CD-8820-08002B2F4F5A}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{603C7E80-87C2-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{612A8624-0FB3-11CE-8747-524153480004}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{612A8628-0FB3-11CE-8747-524153480004}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{62823C20-41A3-11CE-9E8B-0020AF039CA3}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{6B7E638F-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{6B7E6393-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{6B7E63A3-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{7629CFA2-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{7629CFA4-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{7E3FCEA1-31B4-11D2-AE1F-0080C7337EA1}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{9ED94440-E5E8-101B-B9B5-444553540000}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{9ED94444-E5E8-101B-B9B5-444553540000}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{AFB40FFD-B609-40A3-9828-F88BBE11E4E3}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{AFBA6B42-5692-48EA-8141-DC517DCF0EF1}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{B09DE715-87C1-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{B66834C6-2E60-11CE-8748-524153480004}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{CFC399AF-D876-11D0-9C10-00C04FC99C8E}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{D2423620-51A0-11D2-9CAF-0060B0EC3D39}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{ED8C108E-4349-11D2-91A4-00C04F7969E8}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F19-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F27-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F31-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F32-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F33-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F34-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F35-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F36-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F37-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F39-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F3F-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F40-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F5078F41-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F6D90F11-9C73-11D3-B32E-00C04F990BB4}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F6D90F12-9C73-11D3-B32E-00C04F990BB4}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F6D90F14-9C73-11D3-B32E-00C04F990BB4}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F6D90F16-9C73-11D3-B32E-00C04F990BB4}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{FC220AD8-A72A-4EE8-926E-0B7AD152A020}\InprocServer32 -> C:\Windows\system32\msxml3.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1113328611-58381748-87005590-109325_Classes\CLSID\{FE38753A-44A3-11D1-B5B7-0000C09000C4}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {14A8A810-9A39-4BFF-88E2-3D717AB5C923} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-03] (Google Inc.)
Task: {1E1AE2DC-56D6-41AF-BD36-E6487C2E4E12} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {473587FE-EE87-4C19-AF1A-8595AA63BB03} - System32\Tasks\{0927203C-0EBF-4520-A815-F850E80C4F86} => pcalua.exe -a "C:\Program Files\Trend Micro\OfficeScan Client\NTRmv.exe"
Task: {493D7DCC-B857-42E1-A4EF-776613C5B2AA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd)
Task: {61BF19B3-147F-471D-A6A4-29015C250290} - System32\Tasks\{4E983F3D-CA62-4AB4-98AB-3C5DC4FF9BEC} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files\World_of_Tanks\WOTLauncher.exe"
Task: {7561775F-91C7-40C6-B5DC-7F8CEC91274F} - System32\Tasks\{D4026E0E-5843-4B01-80A7-75692F195F72} => Firefox.exe hxxp://www.skype.com/go/downloading?source=installer&amp;ver=6.22.0.107&amp;LastError=-9
Task: {7B9E3DBB-058A-414B-AE52-51944D3AFEA8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-13] (Adobe Systems Incorporated)
Task: {80E18999-C394-43F7-B3B0-D7803EE13670} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {9469D411-F484-4F74-8CD0-900744EC7ED0} - System32\Tasks\{A5FADF4A-2EB7-482D-BE9A-4F59DC50A02E} => Firefox.exe hxxp://www.skype.com/go/downloading?source=installer&amp;ver=7.3.0.101&amp;LastError=-9
Task: {A6EC187B-E82C-41DF-9D86-D01C0644F620} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-03] (Google Inc.)
Task: {C633C180-1ED1-4D11-9173-3C839FEFCDBA} - System32\Tasks\{015D73D5-7EF9-4344-9757-A8487F237BE9} => pcalua.exe -a "C:\Users\flkr2104\Downloads\fm bilder\FMC_2D_Spielerbilder_BorussiaDortmund.exe" -d "C:\Users\flkr2104\Downloads\fm bilder"
Task: {E6363805-31C2-441E-B0FE-A87A45036903} - System32\Tasks\{CA584D81-5E3F-4553-B31D-B85999D12BFD} => Firefox.exe hxxp://www.skype.com/go/downloading?source=installer&amp;ver=6.9.0.106&amp;LastError=-9
Task: {F492ED02-CF3A-4667-B829-C24B9F2D8F3F} - System32\Tasks\{06F9D0C9-EF0D-4815-8092-909961929903} => Firefox.exe hxxp://www.skype.com/go/downloading?source=installer&amp;ver=6.16.0.105&amp;LastError=-9
Task: {F5FBDC70-34C1-40BC-B7E2-D39723268801} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-10-05 18:18 - 2016-10-05 18:18 - 00080184 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 18:18 - 2016-10-05 18:18 - 01041720 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-07-04 00:17 - 2012-07-04 00:17 - 00002560 _____ () C:\Windows\runservice.exe
2012-07-04 00:17 - 2013-12-14 20:03 - 00048640 _____ () C:\Windows\mmfs.dll
2015-05-20 14:13 - 2014-02-15 07:59 - 00239184 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2012-03-19 14:29 - 2011-04-01 10:53 - 00499712 _____ () C:\Program Files\Trend Micro\OfficeScan Client\sqlite3.dll
2012-05-16 20:09 - 2015-03-21 22:26 - 00075136 _____ () C:\Windows\system32\PnkBstrA.exe
2016-06-30 12:24 - 2016-12-17 22:17 - 00564736 _____ () C:\Users\flkr2104\AppData\Local\MEGAsync\ShellExtX32.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2011-08-02 10:19 - 2011-05-18 11:39 - 00140288 _____ () C:\Program Files\WinRAR\rarext.dll
2011-08-02 17:46 - 2011-03-26 07:28 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
2012-12-18 01:10 - 2012-03-28 22:18 - 01198872 _____ () C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2016-12-15 21:41 - 2016-12-08 08:29 - 01829208 _____ () C:\Program Files\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-15 21:41 - 2016-12-08 08:29 - 00085848 _____ () C:\Program Files\Google\Chrome\Application\55.0.2883.87\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1113328611-58381748-87005590-109325\Control Panel\Desktop\\Wallpaper -> C:\Users\flkr2104\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^Users^flkr2104^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: EADM => "C:\Program Files\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: OfficeScanNT Monitor => "C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{A622ABA6-3C92-41E6-B9A6-0180CB929627}] => C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E1F8A0D8-4BD6-4314-9E5F-09CFA6031C64}] => LPort=2869
FirewallRules: [{8E016B2D-F2B2-426E-8EFA-46C122E87942}] => LPort=1900
FirewallRules: [{4D7BDA48-417D-4349-A980-9CA19BEAB9E8}] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{931A377F-4D8D-4BBC-94E5-8D0F49139C46}] => C:\Program Files\Veetle\Player\VeetleNet.exe
FirewallRules: [TCP Query User{C964F64B-B4AF-422E-84E6-F447D39FF02F}C:\program files\internet explorer\iexplore.exe] => C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{C9A64660-BDEF-4E85-854C-1276BBF4AADE}C:\program files\internet explorer\iexplore.exe] => C:\program files\internet explorer\iexplore.exe
FirewallRules: [{5BB298CC-AA84-491D-80D0-7C095E61BA2C}] => LPort=56676
FirewallRules: [{89AC9ADD-DE5F-493A-BBBE-A09925FEEA86}] => LPort=56676
FirewallRules: [{E74843CA-D546-474B-BE2F-ECD88AF21AA3}] => LPort=56676
FirewallRules: [{3AF8905E-C8AE-4A8C-9333-FA4D6D943A83}] => LPort=56676
FirewallRules: [{3CEC8038-9CB9-492F-84BC-11FC042637BB}] => C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{797BF723-8A67-4836-928C-480FA8891719}] => C:\Program Files\Veetle\Player\VeetleNet.exe
FirewallRules: [{5AE9581D-14F3-4469-A752-53338A798640}] => C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{A0723582-6F2B-43F5-8262-ABD550D5C792}] => C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{3CBDDE4A-099C-4CE9-BC37-64F1FB39D9FA}] => C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{9CE865C3-BEB8-4C6B-8655-306C4F5F2AD0}] => C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{9247D1AC-E137-4A98-8136-5A6EE141EBFF}] => C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{D69662A4-66F6-4384-88FA-FDEE02C03A6F}C:\users\flkr2104\appdata\local\akamai\netsession_win.exe] => C:\users\flkr2104\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{EB93B812-9B9E-418E-A0E3-69C71D1D090E}C:\users\flkr2104\appdata\local\akamai\netsession_win.exe] => C:\users\flkr2104\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{BA336E0C-B36B-4607-8119-9BFE68EE3BDE}C:\users\flkr2104\appdata\local\akamai\netsession_win.exe] => C:\users\flkr2104\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{A820FB9D-B99E-4B28-8661-A19B8852A77C}C:\users\flkr2104\appdata\local\akamai\netsession_win.exe] => C:\users\flkr2104\appdata\local\akamai\netsession_win.exe
FirewallRules: [{47817B77-3C47-4FB4-B3D0-CCA335429855}] => C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{67463958-AB41-41AA-9083-8800F123498F}] => C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{A4F25796-4A90-4E82-A333-45F7CC95EC65}] => C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{984E4980-579B-47B0-BFE1-AF5D4A0C076A}] => C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{F551A992-3141-4D89-BA76-75760F62E27C}] => LPort=57403
FirewallRules: [{1F578E27-FD89-4030-B8EC-A0BC1C526524}] => LPort=57403
FirewallRules: [{5D60EDFF-EA05-4007-8412-DFDE253D4577}] => LPort=57403
FirewallRules: [{13938A1A-81AF-4BD0-AB69-BED62589111D}] => LPort=57403
FirewallRules: [{0092FC27-0457-4EDA-AAEA-D9FFE024C45A}] => C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [TCP Query User{02EA3E90-A44B-4F73-A943-FBD12A097465}C:\windows\system32\rundll32.exe] => C:\windows\system32\rundll32.exe
FirewallRules: [UDP Query User{62B8955A-39F2-4EF4-A52D-5A09535CE188}C:\windows\system32\rundll32.exe] => C:\windows\system32\rundll32.exe
FirewallRules: [{02FA5FC8-C781-4F53-938B-78F933EA2E88}] => C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{8F19AA17-5BB2-40B4-A6F5-E40042625635}] => C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{7460F63E-D470-46D0-A656-8819767A619D}] => C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{C7ADC506-CDA1-48A3-A2EF-F6FA057261AE}] => C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{920F7FF0-D99B-4849-82C5-8BE8022DFAAE}] => LPort=80
FirewallRules: [{60E8E997-E151-4751-80E6-B7543F835BC7}] => LPort=443
FirewallRules: [{4CC79DDF-748F-47B4-BDC8-0B762A261560}] => LPort=20010
FirewallRules: [{C172F8BB-B73C-4E08-8919-C35EF9EE9C34}] => LPort=3478
FirewallRules: [{14E92C44-7822-41B8-A131-80E1F848083D}] => LPort=7850
FirewallRules: [{AB3AC8DD-BDB1-45B5-9217-4881FC7A0875}] => LPort=27022
FirewallRules: [{6A9CD13A-43B6-4631-8C68-4306185C1193}] => LPort=6881
FirewallRules: [{C717E6BE-C28A-4CB5-8DF9-FC719540A912}] => LPort=33333
FirewallRules: [{84D841DF-161C-4421-84BC-EB7E15BAA88F}] => LPort=20443
FirewallRules: [{413383F3-2547-481F-B70D-DC44AC04E62A}] => LPort=8090
FirewallRules: [TCP Query User{2FFBB76F-F899-485B-B3F0-625F7D62F4A5}C:\windows\system32\rundll32.exe] => C:\windows\system32\rundll32.exe
FirewallRules: [UDP Query User{B6DDDBD7-6C94-4A40-88DE-428852CFE2F4}C:\windows\system32\rundll32.exe] => C:\windows\system32\rundll32.exe
FirewallRules: [{4EBA9F6A-0F8D-4F94-9942-73448314B269}] => C:\Program Files\Veetle\Player\VeetleNet.exe
FirewallRules: [{4A52C6EF-5F9A-4A0F-888F-D81C6E6E9574}] => LPort=7852
FirewallRules: [{1BE26DF6-7661-43CB-8FD0-EFDA92D6DA6F}] => LPort=7853
FirewallRules: [{B8F2D49B-2EBB-4C21-B719-02BC8571FE1B}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{97D84C21-793F-4F11-8AB5-B9DC278676BF}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EF400853-AAAB-49E3-8387-75161C9283ED}] => LPort=60426
FirewallRules: [{EAE60802-9EC3-4DEF-AF04-D462FD75ABA9}] => LPort=5000
FirewallRules: [{63159383-EF26-4123-BCED-CAC58630E62D}] => C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{0741EA6B-43DD-4047-BDC2-D52CD5E9A75B}] => C:\Program Files\Steam\Steam.exe
FirewallRules: [{AC6FF4E6-BF42-466C-AA44-0ED710FFD7D4}] => C:\Program Files\Steam\Steam.exe
FirewallRules: [{D778DEAD-F211-4901-82C5-1346DFC7AE9C}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{0F2DE732-315A-41A0-80C3-98255C8633AA}] => C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{AF54C738-61F5-4881-A6FD-8E55E03C30B6}] => C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{DCF6B2FB-B87E-4E0D-94C5-23304BCFE9C2}] => C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{7DE68FF8-65F1-45C5-99E0-41708996614D}] => C:\Program Files\Origin Games\FIFA Manager 13\Manager13.exe
FirewallRules: [{C29E0871-6BA7-4629-A635-8C7155D3D475}] => C:\Program Files\Origin Games\FIFA Manager 13\Manager13.exe
FirewallRules: [{E3A21C6E-D9C6-4FEB-BB71-B515D4D68FB9}] => LPort=12345
FirewallRules: [{204EF0C2-5BDB-448E-BF9B-81CEB5B2C21F}] => LPort=49210
FirewallRules: [{EF4E3B63-763D-4155-8C90-3F26EFEB33E6}] => LPort=5000

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: Messenger Plus! Virtual Camera
Description: Messenger Plus! Virtual Camera
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: YunaSoftware
Service: MsgPlusDriver
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: Messenger Plus! Virtual Camera
Description: Messenger Plus! Virtual Camera
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: YunaSoftware
Service: MsgPlusDriver
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/23/2016 12:18:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/22/2016 01:59:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/21/2016 07:21:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/21/2016 01:39:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/20/2016 07:41:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/20/2016 07:35:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/20/2016 01:40:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/19/2016 04:11:16 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Kan ikke initialisere indeksen.

Detaljer:
	Innholdsindekskatalogen er skadet.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/19/2016 04:11:16 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kan ikke initialisere programmet.

Kontekst: Windows-program

Detaljer:
	Innholdsindekskatalogen er skadet.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/19/2016 04:11:16 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kan ikke initialisere Innsamler-objektet.

Kontekst: Windows-program, SystemIndex-katalog

Detaljer:
	Innholdsindekskatalogen er skadet.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (12/23/2016 08:18:48 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: Datamaskinen kan ikke sette opp en sikker økt med en 
domenekontroller i domene OPPLAND på grunn av følgende: 
Det er ingen tilgjengelige påloggingsservere som kan behandle påloggingsforespørselen.


Dette kan føre til godkjenningsproblemer. Kontroller at datamaskinen 
er koblet til nettverket. Hvis problemet vedvarer, 
kontakt domeneadministrator.



MER INFORMASJON

Hvis denne datamaskinen er domenekontroller for det angitte domenet,
setter den opp sikre økter for primærdomenets kontrolleremulator i det angitte 
domenet. Ellers setter denne datamaskinen opp den sikre økten for enhver domenekontroller
i det angitte domenet.

Error: (12/23/2016 04:18:25 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: Datamaskinen kan ikke sette opp en sikker økt med en 
domenekontroller i domene OPPLAND på grunn av følgende: 
Det er ingen tilgjengelige påloggingsservere som kan behandle påloggingsforespørselen.


Dette kan føre til godkjenningsproblemer. Kontroller at datamaskinen 
er koblet til nettverket. Hvis problemet vedvarer, 
kontakt domeneadministrator.



MER INFORMASJON

Hvis denne datamaskinen er domenekontroller for det angitte domenet,
setter den opp sikre økter for primærdomenets kontrolleremulator i det angitte 
domenet. Ellers setter denne datamaskinen opp den sikre økten for enhver domenekontroller
i det angitte domenet.

Error: (12/23/2016 01:18:12 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Skyggekopiene av volum C: ble avbrutt fordi skyggekopilageret ikke kunne vokse på grunn av en brukerdefinert grense.

Error: (12/23/2016 12:19:32 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: OPPLAND)
Description: Behandlingen av gruppepolicyen mislyktes på grunn av manglende nettverkstilkobling til en domenekontroller. Dette kan være en forbigående tilstand. En melding om at det er utført, genereres når maskinen kobles til domenekontrolleren og gruppepolicyen har blitt behandlet. Kontakt systemansvarlig hvis du ikke får en melding om at det er utført innen noen timer.

Error: (12/23/2016 12:18:43 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Følgende oppstarts- eller systemstartdriver(e) kan ikke lastes inn: 
cdrom

Error: (12/23/2016 12:18:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjenesten Origin Web Helper Service kan ikke starte på grunn av følgende feil: 
Tjenesten svarte ikke på start- eller kontrollforespørselen innenfor tidsrammen.

Error: (12/23/2016 12:18:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Det oppstod et tidsavbrudd (30000 millisekunder) under venting på at tjenesten Origin Web Helper Service skal koble til.

Error: (12/23/2016 12:18:04 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT-MYNDIGHET)
Description: Behandlingen av gruppepolicyen mislyktes på grunn av manglende nettverkstilkobling til en domenekontroller. Dette kan være en forbigående tilstand. En melding om at det er utført, genereres når maskinen kobles til domenekontrolleren og gruppepolicyen har blitt behandlet. Kontakt systemansvarlig hvis du ikke får en melding om at det er utført innen noen timer.

Error: (12/23/2016 12:17:59 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: Datamaskinen kan ikke sette opp en sikker økt med en 
domenekontroller i domene OPPLAND på grunn av følgende: 
Det er ingen tilgjengelige påloggingsservere som kan behandle påloggingsforespørselen.


Dette kan føre til godkjenningsproblemer. Kontroller at datamaskinen 
er koblet til nettverket. Hvis problemet vedvarer, 
kontakt domeneadministrator.



MER INFORMASJON

Hvis denne datamaskinen er domenekontroller for det angitte domenet,
setter den opp sikre økter for primærdomenets kontrolleremulator i det angitte 
domenet. Ellers setter denne datamaskinen opp den sikre økten for enhver domenekontroller
i det angitte domenet.

Error: (12/23/2016 12:25:11 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Serveren {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5} ble ikke registrert hos DCOM innen fristen for tidsavbrudd.


CodeIntegrity:
===================================
  Date: 2016-12-23 21:53:03.336
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-23 21:45:34.268
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-23 21:37:54.329
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-23 20:17:55.417
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-23 20:13:35.930
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-23 18:51:35.331
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-23 18:22:00.039
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-23 17:26:03.691
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-23 17:25:37.621
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-23 13:44:06.382
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\aestaren.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Celeron(R) CPU B810 @ 1.60GHz
Percentage of memory in use: 49%
Total physical RAM: 3014.37 MB
Available physical RAM: 1516.77 MB
Total Virtual: 6027.06 MB
Available Virtual: 4020.76 MB

==================== Drives ================================

Drive c: (OSDisk) (Fixed) (Total:116.44 GB) (Free:42.54 GB) NTFS
Drive d: (Data) (Fixed) (Total:116.14 GB) (Free:33.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 108E484F)
Partition 1: (Not Active) - (Size=116.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=116.1 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=300 MB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
--- --- ---
Antwort
Seite 1 von 2 1 2

Themen zu Windows 7: Laptop friert oftmals ein
amd, c:\windows, code, einfrieren, erkannt, fehler, folge, friert, fund, internet, laptop, malwarebytes, messenger, neu, problem, quarantäne, scan, security, software, system32, updates, websites, win, windows, windows 7


« Verdacht auf Trojaner | Telekom Abuse, Passwörter entwendet? »


Ähnliche Themen: Windows 7: Laptop friert oftmals ein


  1. Windows 8.1: Laptop ist extrem langsam geworden/friert hin und wieder ein
    Plagegeister aller Art und deren Bekämpfung - 16.12.2016 (15)
  2. Windows 7, 64 bit: Laptop friert immer wieder ein
    Log-Analyse und Auswertung - 20.06.2016 (26)
  3. Laptop sehr langsam und oftmals überlastet
    Plagegeister aller Art und deren Bekämpfung - 04.05.2016 (3)
  4. Laptop hat ständig hohe Auslastung und friert ein
    Plagegeister aller Art und deren Bekämpfung - 14.02.2016 (14)
  5. Windows 7: Laptop friert nach dem Hochfahren komplett ein
    Log-Analyse und Auswertung - 13.12.2015 (7)
  6. windows 7 laptop friert andauern ein
    Alles rund um Windows - 04.11.2015 (3)
  7. Laptop wird langsamer, CPU Auslastung oftmals ziemlich hoch und treibt den Lüfter in den Wahnsinn
    Plagegeister aller Art und deren Bekämpfung - 25.10.2015 (13)
  8. Windows 7: Bildschirm friert dauernd ein, Laptop sehr langsam.
    Log-Analyse und Auswertung - 28.02.2015 (27)
  9. HP Laptop friert alle 3-5 Minuten für 20 Sekunden ein
    Plagegeister aller Art und deren Bekämpfung - 19.01.2014 (15)
  10. Laptop Probleme - "Laptop stürzt ständig ab oder friert ein - wohl Virus :-("
    Mülltonne - 30.12.2013 (1)
  11. Laptop hängt sich auf / friert ein
    Plagegeister aller Art und deren Bekämpfung - 13.10.2013 (20)
  12. Laptop öffnet sofort den Windows Start Manager und friert dann ein
    Plagegeister aller Art und deren Bekämpfung - 30.09.2013 (1)
  13. Google leitet oftmals auf schädliche Seiten weiter ?
    Log-Analyse und Auswertung - 22.12.2010 (6)
  14. Oftmals keine Internetverbindung! + logfile
    Log-Analyse und Auswertung - 15.05.2010 (2)
  15. Laptop hängt sich auf/friert ein!
    Log-Analyse und Auswertung - 15.01.2010 (9)
  16. Laptop friert ein und CPU immer 100%
    Netzwerk und Hardware - 11.10.2009 (0)
  17. Laptop friert ein, Schädling?
    Plagegeister aller Art und deren Bekämpfung - 22.06.2009 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 7: Laptop friert oftmals ein - Hallo liebes TB Nachdem ihr damals meiner Mutter geholfen habt und ich selber Versage hoffe ich das ihr mir Weiterhelfen könnt. Mein problem ist folgendes: Mein Win 7 Laptop(32bit) hat - Windows 7: Laptop friert oftmals ein...
Archiv
Du betrachtest: Windows 7: Laptop friert oftmals ein auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130