Trojaner-Board - Sehr langsamer Programmstart

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - Sehr langsamer Programmstart (https://www.trojaner-board.de/156209-sehr-langsamer-programmstart.html)

masin

07.07.2014 19:43

Sehr langsamer Programmstart

Seit einiger Zeit werden einige Programme, besonders aber Thunderbird, immer langsamer beim Start, stellen teilweise gar keine Verbindung mit dem Server her.
"Normale" Internet-Verbindungen (über Browser) laufen mit akzeptabler normaler Geschwindigkeit.
Alle Hinweise des Thunderbird-Supportforums für derartige Fälle wurden befolgt (Löschung der Indexdatei und deren Neuaufbau usw.) wurden erfolglos probiert.
Mehrfache Komplett-De- und Neuinstallation brachte keinerlei Hilfe.
Da ich auf einem zweiten Rechner im gleichen Netz überhaupt keine Probleme habe (habe zur Sicherheit auch dort das Programm mal deinstalliert und neu installiert - fast in Sekundenschnelle waar es getan), habe ich die Befürchtung, dass mein Rechner auf irgendeine Weise infiziert ist und bin dankbar für jede Hilfe.
Die Dateien (defogger_disable.txt habe ich nicht gefunden, wurde evtl. nicht erstellt?) einschließlich einer von GData generierten Datei wie folgt:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by HDS (administrator) on HDS-NEU2 on 07-07-2014 18:41:42
Running from E:\Downloads\trojanerboard
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
() C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files (x86)\AntiBrowserSpy\SocialBlock_ProxyCheck.exe
() C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe
() C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
() C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
() C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe
(freenet.de GmbH) C:\Program Files (x86)\freenetMail Dateimanager\DBDDsktDrvTrayApp.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519408 2013-07-18] (Acronis)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8067616 2009-08-18] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-05-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1756792 2014-05-20] (G Data Software AG)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2014-01-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104616 2013-10-10] (Acronis International GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Photo Downloader] => C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe [67488 2007-09-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [freenet.de Dateimanager Taskleistensymbol] => C:\Program Files (x86)\freenetMail Dateimanager\DBDDsktDrvTrayApp.exe [142336 2009-01-22] (freenet.de GmbH)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1477405295-139641872-1139874065-1005\...\Run: [dradio-RecorderTimer] => C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe [41472 2012-04-03] ()
HKU\S-1-5-21-1477405295-139641872-1139874065-1005\...\Run: [] => [X]
HKU\S-1-5-21-1477405295-139641872-1139874065-1005\...\MountPoints2: {0eb18823-749a-11e3-9f74-806e6f6e6963} - F:\Autoplay.exe -auto
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
ShellIconOverlayIdentifiers: AcronisSyncError -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: AcronisSyncInProgress -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: AcronisSyncOk -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()
BootExecute: autocheck autochk * auto_reactivate \\?\Volume{0eb18820-749a-11e3-9f74-806e6f6e6963}\bootwiz\asrm.bin

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: localhost:8088
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope {71CA019B-6980-4703-BBEF-AAA0CC218409} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM - {71CA019B-6980-4703-BBEF-AAA0CC218409} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {71CA019B-6980-4703-BBEF-AAA0CC218409} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: PrintEco - {BEB54677-E12F-44E7-AC7E-48241B866B5F} - C:\Program Files (x86)\PrintEco\PrintEco Office\adxloader64.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: PrintEco - {BEB54677-E12F-44E7-AC7E-48241B866B5F} - C:\Program Files (x86)\PrintEco\PrintEco Office\adxloader.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 google-analytics.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default
FF DefaultSearchEngine: Wikipedia (de)
FF SelectedSearchEngine: Wikipedia (de)
FF Homepage: about:home
FF NetworkProxy: "ftp", "87.250.52.230"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "http", "87.250.52.230"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "87.250.52.230"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "87.250.52.230"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @phonostar.de/phonostar - C:\Program Files (x86)\dradio-Recorder\npphonostarDetectNP.dll No File
FF SearchPlugin: C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\searchplugins\wikipdia-fr.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: FRITZ!Box AddOn - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\fb_add_on@avm.de [2014-01-04]
FF Extension: Nokia Maps 3D browser plugin - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\maps@ovi.com [2014-01-04]
FF Extension: WOT - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-01-12]
FF Extension: DownloadHelper - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-26]
FF Extension: anonymoX - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\client@anonymox.net.xpi [2014-01-04]
FF Extension: Preispilot - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\extension@preispilot.com.xpi [2014-01-04]
FF Extension: CleanTube - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\jid0-Oh6YfHwkh8Cb1Y4efKhBukwKfB0@jetpack.xpi [2014-01-04]
FF Extension: Safe Preview - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\safepreview@everhelper.me.xpi [2014-01-07]
FF Extension: Stealthy - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\stealthyextension@gmail.com.xpi [2014-01-04]
FF Extension: Webutation - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{15fe27f3-e5ab-2d59-4c5c-dadc7945bdbd}.xpi [2014-01-07]
FF Extension: Google Analytics Opt-out Browser Add-on - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2014-01-04]
FF Extension: NoScript - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-03-01]
FF Extension: Youtube Converter MP3 - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{a3a5c777-f583-4fef-9380-ab4add1bc2a5}.xpi [2014-01-04]
FF Extension: Go To Google - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{BCC877E7-7F3F-4632-8338-DAEE4475DE35}.xpi [2014-01-04]
FF Extension: Adblock Plus - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-04]
FF Extension: Fox!Box - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi [2014-01-04]
FF Extension: QuickJava - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2014-01-04]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-01-04]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-01-16]
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-01-16]
FF HKLM-x32\...\Firefox\Extensions: [jid0-1wPBLrijxGVkIUhu0kFYq6ZaWzA@jetpack] - C:\Program Files (x86)\AntiBrowserSpy\Addons\Firefox
FF Extension: AntiBrowserSpy - SocialBlocker - C:\Program Files (x86)\AntiBrowserSpy\Addons\Firefox [2014-02-25]
FF HKLM-x32\...\Firefox\Extensions: [firefox@printecosoftware.com] - C:\Program Files (x86)\PrintEco\PrintEco Office\firefox@printecosoftware.com.xpi
FF Extension: PrintEco - C:\Program Files (x86)\PrintEco\PrintEco Office\firefox@printecosoftware.com.xpi [2014-03-17]

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-01-06] (Adobe Systems) [File not signed]
R2 AdobeActiveFileMonitor6.0; C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] ()
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2250360 2014-05-27] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2683760 2014-05-20] (G Data Software AG)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-05-27] (Freemake) [File not signed]
S4 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-01-13] (Ellora Assets Corp.) [File not signed]
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3203392 2014-05-20] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700536 2014-05-20] (G Data Software AG)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-18] (Nero AG)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
R2 OS Selector; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2155848 2011-11-15] ()
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
S4 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S4 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S3 Mtpip000ode; No ImagePath

==================== Drivers (Whitelisted) ====================

R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2009-06-10] (AVM GmbH)
R3 FPCIBASE; C:\Windows\System32\DRIVERS\fpcibase.sys [899328 2009-06-10] (AVM Berlin)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [55808 2014-07-03] (G Data Software AG)
R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2014-07-03] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [142336 2014-07-03] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [64000 2014-07-03] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64000 2014-07-03] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2014-03-06] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [61440 2014-07-03] (G Data Software AG)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-28] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-01-04] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-01-04] (Acronis International GmbH)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-01-04] (Acronis International GmbH)
S3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0; \??\c:\program files\my dell\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-07-07 18:41 - 2014-07-07 18:41 - 00000000 ____D () C:\FRST
2014-07-07 18:36 - 2014-07-07 18:36 - 00000000 _____ () C:\Users\HDS\defogger_reenable
2014-07-07 15:11 - 2014-07-07 15:11 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Thunderbird
2014-07-07 13:11 - 2014-07-07 13:11 - 00002098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-07-07 13:11 - 2014-07-07 13:11 - 00002086 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-07-07 13:11 - 2014-07-07 13:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-07-07 12:38 - 2014-07-07 12:38 - 00000000 ____D () C:\Users\HDS\AppData\Local\Thunderbird
2014-07-03 08:56 - 2014-07-03 08:56 - 00000000 ____D () C:\Users\HDS\AppData\Local\G DATA
2014-07-03 08:41 - 2014-07-03 08:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreemakeVideoConverter
2014-07-02 11:05 - 2014-07-02 11:05 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2014-06-28 15:09 - 2014-07-03 16:49 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\DropboxMaster
2014-06-24 14:22 - 2014-06-24 14:22 - 00001132 _____ () C:\Users\Public\Desktop\freenetMail Dateimanager.lnk
2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\freenet
2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\freenetMail Dateimanager
2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\freenet
2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Program Files (x86)\freenetMail Dateimanager
2014-06-20 07:47 - 2014-06-20 07:47 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreeOCR
2014-06-20 07:44 - 2014-06-20 07:47 - 00000000 ____D () C:\FreeOCR
2014-06-20 07:44 - 2014-06-20 07:44 - 00000590 _____ () C:\Users\HDS\Desktop\FreeOCR.lnk
2014-06-20 07:44 - 2014-06-20 07:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOCR
2014-06-20 07:44 - 2007-03-10 10:11 - 02680320 _____ (HiComponents) C:\Windows\SysWOW64\ImageEnXLibrary.ocx
2014-06-20 07:43 - 2014-06-20 08:40 - 00000000 ____D () C:\Users\HDS\Documents\Add-in Express
2014-06-20 07:43 - 2014-06-20 07:43 - 00000000 ____D () C:\Program Files (x86)\PrintEco
2014-06-20 07:40 - 2014-06-20 07:41 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\InetStat
2014-06-18 16:12 - 2014-06-18 16:18 - 00000000 ____D () C:\Users\HDS\Documents\Fax
2014-06-18 09:46 - 2014-06-18 09:46 - 00003090 _____ () C:\Windows\System32\Tasks\{05AE3A2C-E679-448E-AB6E-97F7FFBF0FD5}
2014-06-17 12:09 - 2014-06-17 12:09 - 00001119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 6.0.lnk
2014-06-17 12:09 - 2014-06-17 12:09 - 00001107 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 6.0.lnk
2014-06-17 12:06 - 2014-06-17 12:06 - 01628920 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxsfs.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00547576 ____N (Sonic Solutions) C:\Windows\SysWOW64\px.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00510712 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxdrv.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00379640 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxwave.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00187128 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxmas.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00129784 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxafs.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00118520 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsi64.exe
2014-06-17 12:06 - 2014-06-17 12:06 - 00116472 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpyi64.exe
2014-06-17 12:06 - 2014-06-17 12:06 - 00072440 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxhpinst.exe
2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsa64.exe
2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpya64.exe
2014-06-17 12:06 - 2014-06-17 12:06 - 00052856 ____N (Sonic Solutions) C:\Windows\system32\Drivers\PxHlpa64.sys
2014-06-17 12:06 - 2014-06-17 12:06 - 00039672 ____N (Sonic Solutions) C:\Windows\SysWOW64\vxblock.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdralw2k.sys
2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdr4_xp.sys
2014-06-13 20:21 - 2014-06-13 20:21 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\eXPert PDF 5
2014-06-13 17:19 - 2014-06-16 17:26 - 00000000 ____D () C:\Users\HDS\AppData\Local\Adobe
2014-06-11 07:58 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 07:58 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 07:58 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 07:58 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 07:58 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 07:58 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 07:58 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 07:58 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 07:58 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 07:58 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 07:58 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 07:58 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 07:58 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 07:58 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 07:58 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 07:58 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 07:58 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 07:58 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 07:58 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 07:58 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 07:58 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 07:58 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 07:58 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 07:58 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 07:58 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 07:58 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 07:58 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 07:58 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 07:58 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 07:58 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 07:58 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 07:58 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 07:58 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 07:58 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 07:58 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 07:58 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 07:58 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 07:58 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 07:58 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 07:58 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 07:58 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 07:58 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 07:58 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 07:58 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 07:58 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 07:58 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 07:58 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 07:58 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 07:58 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 07:58 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 07:58 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 07:58 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 07:33 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 07:33 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 07:33 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 07:33 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 07:33 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 07:33 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 07:33 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 07:33 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 07:33 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 07:33 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 07:33 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 07:33 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 07:28 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 07:28 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-10 13:22 - 2014-04-09 17:51 - 06715624 _____ (TomTom International B.V.) C:\Users\HDS\Downloads\InstallMyDriveConnect_3_3_0_1502.exe
2014-06-08 15:09 - 2014-06-08 15:09 - 00000000 ____D () C:\Program Files (x86)\SuperCar
2014-06-08 14:57 - 2014-06-08 15:09 - 00001905 _____ () C:\Users\Public\Desktop\SuperCar.lnk
2014-06-08 14:57 - 2014-06-08 14:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperCar
2014-06-07 08:59 - 2014-06-07 08:59 - 00000938 _____ () C:\Users\HDS\Desktop\DL - Verknüpfung.lnk

==================== One Month Modified Files and Folders =======

2014-07-07 18:41 - 2014-07-07 18:41 - 00000000 ____D () C:\FRST
2014-07-07 18:36 - 2014-07-07 18:36 - 00000000 _____ () C:\Users\HDS\defogger_reenable
2014-07-07 18:36 - 2014-01-04 17:50 - 00000000 ____D () C:\Users\HDS
2014-07-07 18:28 - 2014-01-04 14:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-07 18:19 - 2014-01-03 19:14 - 01827938 _____ () C:\Windows\WindowsUpdate.log
2014-07-07 15:11 - 2014-07-07 15:11 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Thunderbird
2014-07-07 13:16 - 2009-07-14 06:45 - 00018816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-07 13:16 - 2009-07-14 06:45 - 00018816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-07 13:11 - 2014-07-07 13:11 - 00002098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-07-07 13:11 - 2014-07-07 13:11 - 00002086 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-07-07 13:11 - 2014-07-07 13:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-07-07 13:11 - 2014-01-03 20:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-07 13:09 - 2014-01-05 13:18 - 00000000 ____D () C:\Users\HDS\AppData\Local\HTC MediaHub
2014-07-07 13:09 - 2014-01-04 11:59 - 00262046 _____ () C:\Windows\PFRO.log
2014-07-07 13:09 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-07 13:09 - 2009-07-14 06:51 - 00058674 _____ () C:\Windows\setupact.log
2014-07-07 12:38 - 2014-07-07 12:38 - 00000000 ____D () C:\Users\HDS\AppData\Local\Thunderbird
2014-07-06 21:14 - 2014-01-04 13:52 - 00001617 _____ () C:\Windows\BRRBCOM.INI
2014-07-05 08:19 - 2014-01-05 11:57 - 00001841 _____ () C:\Windows\system32\TeamViewer9_Hooks.log
2014-07-05 08:19 - 2014-01-05 11:56 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-07-05 08:19 - 2014-01-05 11:56 - 00001090 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-07-03 21:36 - 2014-04-05 16:09 - 00000000 ___RD () C:\Users\HDS\Dropbox
2014-07-03 16:52 - 2014-04-05 16:06 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Dropbox
2014-07-03 16:49 - 2014-06-28 15:09 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\DropboxMaster
2014-07-03 08:56 - 2014-07-03 08:56 - 00000000 ____D () C:\Users\HDS\AppData\Local\G DATA
2014-07-03 08:41 - 2014-07-03 08:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity
2014-07-03 08:41 - 2014-04-10 14:04 - 00020992 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBFlt64.sys
2014-07-03 08:41 - 2014-04-10 14:04 - 00001978 _____ () C:\Users\Public\Desktop\G Data InternetSecurity.lnk
2014-07-03 08:41 - 2014-01-03 20:03 - 00064000 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys
2014-07-03 08:41 - 2014-01-03 20:02 - 00064000 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys
2014-07-03 08:41 - 2014-01-03 20:02 - 00061440 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys
2014-07-03 08:40 - 2014-01-05 13:17 - 00053328 _____ () C:\Windows\DPINST.LOG
2014-07-03 08:40 - 2014-01-03 20:02 - 00142336 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys
2014-07-03 08:40 - 2014-01-03 20:02 - 00055808 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys
2014-07-02 17:31 - 2014-01-05 10:50 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\vlc
2014-07-02 17:26 - 2009-07-14 19:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-07-02 17:26 - 2009-07-14 19:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-07-02 17:26 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-02 14:01 - 2014-01-22 18:39 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\KeePass
2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreemakeVideoConverter
2014-07-02 11:05 - 2014-07-02 11:05 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2014-07-02 11:05 - 2014-01-16 16:28 - 00001320 _____ () C:\Users\Public\Desktop\Freemake Video Converter.lnk
2014-07-02 11:05 - 2014-01-16 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2014-06-30 15:40 - 2014-01-05 11:34 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\CoreFTP
2014-06-29 16:14 - 2014-01-05 11:58 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Skype
2014-06-29 13:30 - 2014-03-28 18:36 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-29 13:30 - 2014-01-05 11:58 - 00000000 ____D () C:\ProgramData\Skype
2014-06-28 15:09 - 2014-04-05 16:09 - 00001011 _____ () C:\Users\HDS\Desktop\Dropbox.lnk
2014-06-28 12:34 - 2014-01-14 16:49 - 00017920 _____ () C:\Users\HDS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-24 14:22 - 2014-06-24 14:22 - 00001132 _____ () C:\Users\Public\Desktop\freenetMail Dateimanager.lnk
2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\freenet
2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\freenetMail Dateimanager
2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\freenet
2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Program Files (x86)\freenetMail Dateimanager
2014-06-20 08:40 - 2014-06-20 07:43 - 00000000 ____D () C:\Users\HDS\Documents\Add-in Express
2014-06-20 07:47 - 2014-06-20 07:47 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreeOCR
2014-06-20 07:47 - 2014-06-20 07:44 - 00000000 ____D () C:\FreeOCR
2014-06-20 07:44 - 2014-06-20 07:44 - 00000590 _____ () C:\Users\HDS\Desktop\FreeOCR.lnk
2014-06-20 07:44 - 2014-06-20 07:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOCR
2014-06-20 07:43 - 2014-06-20 07:43 - 00000000 ____D () C:\Program Files (x86)\PrintEco
2014-06-20 07:41 - 2014-06-20 07:40 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\InetStat
2014-06-18 17:58 - 2014-01-04 12:07 - 00000871 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-06-18 16:18 - 2014-06-18 16:12 - 00000000 ____D () C:\Users\HDS\Documents\Fax
2014-06-18 09:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-06-18 09:46 - 2014-06-18 09:46 - 00003090 _____ () C:\Windows\System32\Tasks\{05AE3A2C-E679-448E-AB6E-97F7FFBF0FD5}
2014-06-18 09:43 - 2014-01-04 13:21 - 00002669 _____ () C:\Users\Public\Desktop\TAXMAN 2014 spezial.lnk
2014-06-18 09:43 - 2014-01-03 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
2014-06-18 09:27 - 2014-01-04 17:50 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Adobe
2014-06-17 12:16 - 2014-01-04 09:54 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-17 12:14 - 2014-01-04 17:50 - 00096280 _____ () C:\Users\HDS\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-17 12:14 - 2009-07-14 06:45 - 00369552 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-17 12:09 - 2014-06-17 12:09 - 00001119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 6.0.lnk
2014-06-17 12:09 - 2014-06-17 12:09 - 00001107 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 6.0.lnk
2014-06-17 12:06 - 2014-06-17 12:06 - 01628920 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxsfs.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00547576 ____N (Sonic Solutions) C:\Windows\SysWOW64\px.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00510712 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxdrv.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00379640 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxwave.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00187128 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxmas.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00129784 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxafs.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00118520 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsi64.exe
2014-06-17 12:06 - 2014-06-17 12:06 - 00116472 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpyi64.exe
2014-06-17 12:06 - 2014-06-17 12:06 - 00072440 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxhpinst.exe
2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsa64.exe
2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpya64.exe
2014-06-17 12:06 - 2014-06-17 12:06 - 00052856 ____N (Sonic Solutions) C:\Windows\system32\Drivers\PxHlpa64.sys
2014-06-17 12:06 - 2014-06-17 12:06 - 00039672 ____N (Sonic Solutions) C:\Windows\SysWOW64\vxblock.dll
2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdralw2k.sys
2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdr4_xp.sys
2014-06-17 12:06 - 2014-01-04 11:53 - 00000209 _____ () C:\Windows\ODBCINST.INI
2014-06-17 12:06 - 2014-01-04 09:53 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-06-17 12:03 - 2014-02-19 18:37 - 00000000 ____D () C:\Users\Hans-Dieter\AppData\Roaming\Adobe
2014-06-17 12:03 - 2014-01-04 15:43 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-06-17 10:53 - 2014-03-27 18:12 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-17 10:53 - 2014-01-05 13:05 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-17 10:48 - 2014-03-27 18:12 - 00004118 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-17 10:48 - 2014-01-05 13:05 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-17 08:47 - 2014-01-18 14:52 - 00007906 _____ () C:\Users\HDS\Documents\capella.log
2014-06-16 17:26 - 2014-06-13 17:19 - 00000000 ____D () C:\Users\HDS\AppData\Local\Adobe
2014-06-15 15:50 - 2014-01-22 18:37 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2014-06-15 15:50 - 2014-01-22 18:37 - 00001105 _____ () C:\Users\HDS\Desktop\KeePass 2.lnk
2014-06-15 15:50 - 2014-01-22 18:37 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2
2014-06-15 12:53 - 2014-01-05 10:30 - 00000000 ____D () C:\Users\HDS\Documents\MyHeritage
2014-06-13 20:21 - 2014-06-13 20:21 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\eXPert PDF 5
2014-06-13 20:17 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-06-13 07:12 - 2014-02-25 16:15 - 00000000 ____D () C:\Program Files (x86)\AntiBrowserSpy
2014-06-13 07:11 - 2014-06-03 18:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-12 17:21 - 2014-01-03 20:51 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-12 17:21 - 2014-01-03 20:51 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-12 13:28 - 2014-01-04 14:48 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-12 13:28 - 2014-01-04 14:48 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-12 13:28 - 2014-01-03 19:44 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-12 08:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-11 21:59 - 2014-01-05 09:57 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-11 21:54 - 2014-01-05 09:57 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-11 21:54 - 2014-01-04 10:06 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-11 21:53 - 2014-06-04 05:15 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-09 16:03 - 2014-01-05 10:43 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\GeoSetter
2014-06-08 15:09 - 2014-06-08 15:09 - 00000000 ____D () C:\Program Files (x86)\SuperCar
2014-06-08 15:09 - 2014-06-08 14:57 - 00001905 _____ () C:\Users\Public\Desktop\SuperCar.lnk
2014-06-08 14:57 - 2014-06-08 14:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperCar
2014-06-08 11:13 - 2014-06-11 07:28 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-11 07:28 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-07 08:59 - 2014-06-07 08:59 - 00000938 _____ () C:\Users\HDS\Desktop\DL - Verknüpfung.lnk

Some content of TEMP:
====================
C:\Users\HDS\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
C:\Users\HDS\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpl_pmpy.dll
C:\Users\HDS\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsbry6o.dll
C:\Users\HDS\AppData\Local\Temp\FreemakeVideoConverter_4.1.4.1.exe
C:\Users\HDS\AppData\Local\Temp\FreemakeVideoDownloader_3.6.2.3.exe
C:\Users\HDS\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\HDS\AppData\Local\Temp\Quarantine.exe
C:\Users\HDS\AppData\Local\Temp\vlc-2.1.4-win64.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-06-29 07:49

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01
Ran by HDS at 2014-07-07 18:43:23
Running from E:\Downloads\trojanerboard
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: G Data InternetSecurity (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G Data InternetSecurity (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acoustica 4.1 (HKLM-x32\...\Acoustica_is1) (Version: 4.1 - Acon Digital Media GmbH)
Acronis True Image 2014 (HKLM-x32\...\{3ECDD663-5AF8-489B-9E3C-561F33A271BD}Visible) (Version: 17.0.6673 - Acronis)
Acronis True Image 2014 (x32 Version: 17.0.6673 - Acronis) Hidden
Acronis*Disk*Director*11*Home (HKLM-x32\...\{8EFB7927-48AD-4E6D-91B7-6B2BD6C3F380}) (Version: 11.0.2343 - Acronis)
Adobe Acrobat 7.0 Professional - English, Français, Deutsch (x32 Version: 7.1.0 - Adobe Systems) Hidden
Adobe Acrobat 7.1.0 Professional - English, Français, Deutsch (HKLM-x32\...\Adobe Acrobat 7.0 Professional - English, Français, Deutsch - V) (Version: 7.1.0 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.1.0.5790 - Adobe Systems Inc.) Hidden
Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Bridge 1.0 (x32 Version: 001.000.001 - Adobe Systems) Hidden
Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Common File Installer (x32 Version: 1.00.001 - Adobe System Incorporated) Hidden
Adobe CSI CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CS4 (HKLM-x32\...\Adobe_acce07fd2c8fe7f9e3f26243e626578) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Dreamweaver CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Help Center 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Photoshop Elements 6.0 (HKLM-x32\...\Adobe Photoshop Elements 6) (Version: 6.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements 6.0 (x32 Version: 6.0 - Adobe Systems, Inc.) Hidden
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Search for Help (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Service Manager Extension (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Adobe Stock Photos 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AntiBrowserSpy (HKLM-x32\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 141 - Abelssoft)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI AVIVO64 Codecs (Version: 11.6.0.50517 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{14AF193A-EC13-3B3E-BFBF-D2C471F12718}) (Version: 3.0.778.0 - ATI Technologies, Inc.)
Bizzybolt (HKLM\...\Bizzybolt) (Version: 2013.11.20.184610 - Bizzybolt) <==== ATTENTION
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{D6E46FC2-B513-4B7D-8C8C-352F4735C541}) (Version: 12.54.02 - Broadcom Corporation)
Brother MFL-Pro Suite MFC-J470DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.4.0 - Brother Industries, Ltd.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.5.0.3 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.1.6 - Canon Inc.)
Canon RAW Image Task for ZoomBrowser EX (HKLM-x32\...\RAW Image Task) (Version: 3.3.0.5 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.10.2.21 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.4 (HKLM-x32\...\DPP) (Version: 3.4.0.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.4.0.1 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.4.0.5 - Canon Inc.)
Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 6.4.0.5 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.21.45 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.3.0.0 - Canon Inc.)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\RemoteCaptureTask) (Version: 1.7.1.9 - Canon Inc.)
Canon Utilities WFT-E1/E2/E3 Utility (HKLM-x32\...\WFTK) (Version: 3.2.1.1 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.1.1.21 - Canon Inc.)
capella 7 (HKLM-x32\...\{4623BAA6-0B23-4D47-ABD0-73F2DA4FAF56}) (Version: 7.1.20 - capella software AG)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0517.1742.29870 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0517.1742.29870 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0517.1742.29870 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0517.1742.29870 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help English (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help French (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help German (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0517.1741.29870 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0517.1742.29870 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.0517.1742.29870 - ATI) Hidden
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper)
Core FTP LE (HKLM-x32\...\CoreFTP) (Version: - )
DDBAC (HKLM-x32\...\{AC3DC2B3-9380-4966-87B6-9FAEB5E7739C}) (Version: 5.3.25 - DataDesign)
DDBAC (HKLM-x32\...\{E3B6D3FB-A593-41BA-9AB1-FFE46F608565}) (Version: 5.3.21 - DataDesign)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{2A16B95F-7377-410A-B961-EFD9394E1AF3}) (Version: - Microsoft)
dradio-Recorder Version 3.02.6 (HKLM-x32\...\dradio-Recorder_is1) (Version: - )
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
eXPert PDF 5 (HKLM-x32\...\{A6E92CAB-9E63-46DC-8ABF-0CAFF7B7CD02}) (Version: 5.1.200.0 - Visage Software)
Freemake Video Converter Version 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.6.2 - Ellora Assets Corporation)
freenetMail Dateimanager (HKLM-x32\...\freenetMail Dateimanager) (Version: 1.4.15a - freenet.de GmbH)
FreeOCR v5.0 (HKLM-x32\...\freeocr_is1) (Version: - )
G Data InternetSecurity (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.4 - G Data Software AG)
Garmin BaseCamp (HKLM-x32\...\{EBAC8FD4-28EC-46F7-BF9E-89D6E6673001}) (Version: 4.2.5 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
GeoSetter 3.4.16 (HKLM-x32\...\GeoSetter_is1) (Version: - Friedemann Schmidt)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GoogleClean (HKLM-x32\...\{4281435C-AD1D-4C8A-B9C0-3961C08EF142}_is1) (Version: 5.0.000 - Abelssoft)
High-Definition Video Playback (x32 Version: 11.1.11100.4.196 - Nero AG) Hidden
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.10.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.0.52.0 - HTC)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
InetStat (HKCU\...\InetStat) (Version: 0.5b - InetStat)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
Java(TM) 6 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216021FF}) (Version: 6.0.210 - Oracle)
Java(TM) 6 Update 22 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416022FF}) (Version: 6.0.220 - Oracle)
KeePass Password Safe 2.26 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.26 - Dominik Reichl)
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Lexware Info Service (HKLM-x32\...\{85BF9FDB-BD5B-407C-9CAE-3542E5164783}) (Version: 4.00.00.0075 - Haufe-Lexware GmbH & Co.KG)
Lexware online banking (HKLM-x32\...\{A64DF516-9CDC-4299-BD34-2B2C80CD453B}) (Version: 19.00.00.0059 - Haufe-Lexware GmbH & Co.KG)
LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe)
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
Lotus Notes 6.5.1 de (HKLM-x32\...\{C626B47C-8312-4D8C-89E1-16FE42EF34E6}) (Version: 6.501.421 - IBM)
Lupas Rename 2000 v5.0 Release (HKLM-x32\...\Lupas Rename 2000_is1) (Version: - Ivan Anton Albarracin)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.6.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.4.6422.14 - PC-Doctor, Inc.)
MyDriveConnect 3.3.0.1502 (HKLM-x32\...\MyDriveConnect) (Version: 3.3.0.1502 - TomTom)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 7.0.0.7129 - MyHeritage.com)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Nero 11 Cliparts (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Disc Menus 1 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Disc Menus 2 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Disc Menus 3 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Disc Menus Basic (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Effects Basic (x32 Version: 11.0.11400.14.0 - Nero AG) Hidden
Nero 11 Image Samples (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Kwik Themes 1 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Kwik Themes 2 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Kwik Themes 3 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Kwik Themes 4 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Kwik Themes Basic (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 PiP Effects 1 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 PiP Effects Basic (x32 Version: 11.0.11400.14.0 - Nero AG) Hidden
Nero 11 Platinum (HKLM-x32\...\{79B3E8EE-35F2-4CCD-82D9-4A57F408E449}) (Version: 11.2.00700 - Nero AG)
Nero 11 Video Samples (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Video Transitions 1 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero BackItUp 11 (x32 Version: 6.2.18400.2.100 - Nero AG) Hidden
Nero BackItUp 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG)
Nero Burning ROM 11 (x32 Version: 11.2.10300.0.0 - Nero AG) Hidden
Nero Burning ROM 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero ControlCenter 11 (x32 Version: 11.0.12700.0.27 - Nero AG) Hidden
Nero ControlCenter 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero Core Components 11 (x32 Version: 11.0.16300.1.23 - Nero AG) Hidden
Nero CoverDesigner 11 (x32 Version: 6.0.11000.13.100 - Nero AG) Hidden
Nero CoverDesigner 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero Express 11 (x32 Version: 11.2.10300.0.0 - Nero AG) Hidden
Nero Express 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero Kwik Media (x32 Version: 1.10.24800.146.100 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (x32 Version: 11.0.10200 - Nero AG) Hidden
Nero Recode 11 (x32 Version: 5.2.10900.0.0 - Nero AG) Hidden
Nero Recode 11 Help (CHM) (x32 Version: 11.0.10600 - Nero AG) Hidden
Nero RescueAgent 11 (x32 Version: 4.0.10600.10.100 - Nero AG) Hidden
Nero RescueAgent 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden
Nero SharedVideoCodecs (x32 Version: 1.0.11500.1.5 - Nero AG) Hidden
Nero SoundTrax 11 (x32 Version: 5.0.10700.6.100 - Nero AG) Hidden
Nero SoundTrax 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11500.28.0 - Nero AG) Hidden
Nero Video 11 (x32 Version: 8.2.15700.3.100 - Nero AG) Hidden
Nero Video 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero WaveEditor 11 (x32 Version: 6.2.11300.0.100 - Nero AG) Hidden
Nero WaveEditor 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden
nero.prerequisites.msi (x32 Version: 11.0.20010 - Nero AG) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PrintEco Office (HKLM-x32\...\{864C0654-5C9F-4F03-85D5-47CA3062C7E2}) (Version: 1.4.70 - PrintEco)
Quicken 2014 (HKLM-x32\...\{E60036CF-1E46-4DFE-832F-5476574B30FF}) (Version: 21.37.00.0185 - Haufe-Lexware GmbH & Co.KG)
Quicken DELUXE Jubiläumsversion (HKLM-x32\...\{A907A713-DA24-4352-8786-96C7A6944646}) (Version: 20.36.00.0134 - Haufe-Lexware GmbH & Co.KG)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5919 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.23.0 - Renesas Electronics Corporation) Hidden
Rossmann Fotowelt Software 4.13 (HKLM-x32\...\Rossmann Fotowelt Software) (Version: 4.13 - ORWO Net)
Samsung AllShare (HKLM-x32\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.)
Samsung AllShare (x32 Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Hidden
Secure Eraser (HKLM-x32\...\Secure Eraser_is1) (Version: 4.2.0.1 - ASCOMP Software GmbH)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
SUPER © v2014.build.60+Recorder (2014/02/18) Version v2014.buil (HKLM-x32\...\{8E2A18E2-96AF-8549-4DE7-5C06B75719A4}_is1) (Version: v2014.build.60+Recorder - eRightSoft)
SuperCar (HKLM-x32\...\SuperCar) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAXMAN 2014 spezial (HKLM-x32\...\{23CCE76F-7421-4090-8081-BD519F2F93F4}) (Version: 20.04.00.0003 - Haufe-Lexware GmbH & Co.KG)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}_Office14.SingleImage_{64D96F30-CF4C-4CCE-AAF2-F8909348BF35}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.SingleImage_{9F6507AC-7D8F-46C1-B90F-59C7828E0E0D}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0410-1000-0000000FF1CE}_Office14.SingleImage_{B2508D75-61CF-4CC0-84C0-CF257219201D}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0407-1000-0000000FF1CE}_Office14.SingleImage_{6164E0E5-C903-488C-93AF-1B7AF7EBC331}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0407-1000-0000000FF1CE}_Office14.SingleImage_{FD360122-6829-4497-97C1-1BF578EF695B}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{89FDC8D9-FB84-4EFE-950D-AF4EECC3B64C}) (Version: - Microsoft)
UpdateYeti (HKLM-x32\...\UpdateYeti_is1) (Version: 2.16 - Abelssoft)
Visual C++ 9.0 CRT (x86) WinSXS MSM (x32 Version: 9.0 - Microsoft Corporation) Hidden
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Welcome App (Start-up experience) (x32 Version: 11.0.23500.0.0 - Nero AG) Hidden
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
XnView 2.12 (HKLM-x32\...\XnView_is1) (Version: 2.12 - Gougelet Pierre-e)

==================== Restore Points =========================

22-06-2014 16:11:57 Windows Update
28-06-2014 10:21:06 Windows Update
02-07-2014 07:36:40 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-03-31 15:24 - 00000863 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 google-analytics.com

==================== Scheduled Tasks (whitelisted) =============

Task: {1FECA8C6-0AF7-4BDA-8463-A95604FC3964} - System32\Tasks\AntiBrowserSpy - SocialBlock - IEProxyCheck => C:\Program Files (x86)\AntiBrowserSpy\SocialBlock_ProxyCheck.exe [2014-01-08] ()
Task: {30EE096A-F76E-4793-97A4-C487EA3C2650} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-12-03] (PC-Doctor, Inc.)
Task: {38565432-BFA7-4836-8020-C12C9F5E6DF8} - System32\Tasks\Abelssoft\UpdateYeti scan => C:\Program Files (x86)\UpdateYeti\UpdateYeti.exe [2014-02-18] (Ascora GmbH)
Task: {435A0533-5AF4-4078-B580-08CAFB0A7898} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {50F7C0A7-34B3-43E2-8E84-D811DB9F182D} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-12-03] (PC-Doctor, Inc.)
Task: {95BC6CCC-9B9B-45BA-A5F6-AAA741E5E77B} - System32\Tasks\AntiBrowserSpy - SocialBlock - IE => C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe [2014-01-08] ()
Task: {980E0CDC-C1FE-4BFD-8CB8-F6F7CB6F5481} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-12] (Adobe Systems Incorporated)
Task: {CDD01417-B496-493F-B6DD-43A9FFC02AF3} - System32\Tasks\AntiBrowserSpy - BrowserMask => C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2014-01-08] ()
Task: {E3F06EE1-F3B9-4C89-A4E3-3CA6A1E74C5F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-05] (Google Inc.)
Task: {E83FDDA6-C32F-4394-A1AB-B03D54319006} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-05] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2007-09-11 00:45 - 2007-09-11 00:45 - 00124832 _____ () C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
2014-01-05 13:17 - 2012-12-07 18:26 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-01-04 13:50 - 2005-04-22 06:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2014-02-25 16:15 - 2014-01-08 09:21 - 00778240 _____ () C:\Program Files (x86)\AntiBrowserSpy\SocialBlock_ProxyCheck.exe
2014-02-25 16:15 - 2014-01-08 09:18 - 01136640 _____ () C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe
2013-10-01 11:32 - 2013-10-01 11:32 - 02818216 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2014-02-25 16:15 - 2014-01-08 09:21 - 00823424 _____ () C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe
2014-02-25 16:15 - 2014-01-08 09:21 - 00055936 _____ () C:\Program Files (x86)\AntiBrowserSpy\AbSettings.dll
2014-02-25 16:15 - 2014-01-08 09:21 - 00861312 _____ () C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyResources.dll
2014-02-25 16:15 - 2014-01-08 09:21 - 01340032 _____ () C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyLibrary.dll
2014-02-25 16:15 - 2014-01-08 09:21 - 01401472 _____ () C:\Program Files (x86)\AntiBrowserSpy\AbGui.dll
2014-02-25 16:15 - 2014-01-08 09:21 - 00016000 _____ () C:\Program Files (x86)\AntiBrowserSpy\AbProcessManager.dll
2011-11-15 19:44 - 2011-11-15 19:44 - 02155848 _____ () C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
2011-10-07 11:39 - 2011-10-07 11:39 - 01304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2014-01-04 15:15 - 2012-04-03 18:14 - 00041472 _____ () C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe
2008-11-18 13:00 - 2008-11-18 13:00 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-05-17 18:40 - 2010-05-17 18:40 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-03-21 16:07 - 2014-03-21 16:07 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2014-05-20 03:38 - 2014-05-20 03:38 - 00340088 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-21 16:05 - 2014-03-21 16:05 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2014-03-21 16:06 - 2014-03-21 16:06 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-03-21 16:06 - 2014-03-21 16:06 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-03-21 16:06 - 2014-03-21 16:06 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-03-21 16:06 - 2014-03-21 16:06 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-03-21 16:08 - 2014-03-21 16:08 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-03-21 16:09 - 2014-03-21 16:09 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2014-01-04 13:50 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2013-10-10 13:02 - 2013-10-10 13:02 - 00013120 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 01135616 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMSWrap.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00656896 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ContentDirectoryPresenter.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00105472 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMCDP.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00098816 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\FolderCDP.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00077312 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MetadataFramework.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00520234 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\sqlite3.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00450560 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MoodExtractor.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 05717504 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMImgExtractor.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00029184 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AutoChaptering.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00147456 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexpat.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoThumb.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 04671488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avcodec-52.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00070656 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avutil-50.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00686080 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avformat-52.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00152064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\swscale-0.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00027648 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AudioExtractor.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00063488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ID3Driver.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00366592 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\tag.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00289792 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libThumbnail.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00023040 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RichInfoDriver.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoExtractor.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ThumbnailMaker.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00133120 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoMetadataDriver.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00290304 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libKeyFrame.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\SECMetaDriver.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ImageExtractor.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\photoDriver.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00399826 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexif-12.dll.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00013824 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\TextExtractor.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00031232 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\Autobackup.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00054784 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RosettaAllShare.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00044032 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\us.dll
2014-02-04 19:25 - 2014-02-04 19:25 - 00028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2014-02-04 19:28 - 2014-02-04 19:28 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2014-06-03 18:43 - 2014-06-06 06:38 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-10-01 12:00 - 2013-10-01 12:00 - 00022336 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

==================== EXE Association (whitelisted) =============

==================== MSCONFIG/TASK MANAGER disabled items =========

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (07/07/2014 06:35:19 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/07/2014 06:18:49 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Das Stammelement der Manifestdatei muss assembliert sein.

Error: (07/07/2014 04:06:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8019

Error: (07/07/2014 04:06:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8019

Error: (07/07/2014 04:06:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/07/2014 04:06:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7020

Error: (07/07/2014 04:06:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7020

Error: (07/07/2014 04:06:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/07/2014 04:06:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6022

Error: (07/07/2014 04:06:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6022

System errors:
=============
Error: (07/07/2014 06:18:13 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst afcdpsrv erreicht.

Error: (07/07/2014 00:06:54 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {1EF75F33-893B-4E8F-9655-C3D602BA4897}

Error: (07/03/2014 09:36:03 PM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.

Error: (07/03/2014 08:44:25 PM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.

Error: (07/03/2014 08:44:05 PM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.

Error: (07/03/2014 08:43:25 PM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.

Error: (07/03/2014 08:43:05 PM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.

Error: (07/03/2014 08:42:25 PM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.

Error: (07/03/2014 08:38:05 PM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.

Error: (07/03/2014 08:37:45 PM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.

Microsoft Office Sessions:
=========================
Error: (07/07/2014 06:35:19 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestE:\Downloads\trojanerboard\esetsmartinstaller_enu.exe

Error: (07/07/2014 06:18:49 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: C:\Program Files (x86)\PrintEco\PrintEco Office\adxloader.dll.ManifestC:\Program Files (x86)\PrintEco\PrintEco Office\adxloader.dll.Manifest2

Error: (07/07/2014 04:06:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8019

Error: (07/07/2014 04:06:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8019

Error: (07/07/2014 04:06:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/07/2014 04:06:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7020

Error: (07/07/2014 04:06:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7020

Error: (07/07/2014 04:06:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/07/2014 04:06:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6022

Error: (07/07/2014 04:06:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6022

==================== Memory info ===========================

Percentage of memory in use: 34%
Total physical RAM: 6103.12 MB
Available physical RAM: 3990.33 MB
Total Pagefile: 12204.41 MB
Available Pagefile: 8727.71 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.92 GB) (Free:1764.17 GB) NTFS
Drive d: () (Fixed) (Total:425.58 GB) (Free:207.57 GB) NTFS
Drive e: (Eigene Dateien) (Fixed) (Total:554.98 GB) (Free:244.44 GB) NTFS
Drive i: () (Fixed) (Total:662.53 GB) (Free:182.89 GB) NTFS
Drive j: (MEDIA) (Removable) (Total:29.71 GB) (Free:23.96 GB) FAT32
Drive o: (Kopie C alt) (Fixed) (Total:205.97 GB) (Free:37.65 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 6E7A038E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-198731366400) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 722B620C)
Partition 1: (Not Active) - (Size=150 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=206 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=-434765733888) - (Type=05)

========================================================
Disk: 2 (Size: 30 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-07-07 20:23:44
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST2000DM001-1CH164 rev.CC29 1863,02GB
Running: Gmer-19357.exe; Driver: C:\Users\HDS\AppData\Local\Temp\awlyipow.sys

---- Kernel code sections - GMER 2.1 ----

INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff800031f6000 45 bytes [00, 00, 12, 02, 47, 44, 57, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 574 fffff800031f602e 17 bytes [5C, 00, 55, 00, 53, 00, 45, ...]

---- Threads - GMER 2.1 ----

Thread C:\Windows\System32\svchost.exe [1120:4064] 000007fee7c0a2b0
Thread C:\Windows\System32\svchost.exe [1120:1824] 000007fee52a3efc
Thread C:\Windows\System32\svchost.exe [1120:4816] 000007fee52e8a4c
Thread C:\Windows\system32\svchost.exe [1580:1164] 000007fefa2335c0
Thread C:\Windows\system32\svchost.exe [1580:5116] 000007fefa235600
Thread C:\Windows\system32\svchost.exe [1580:3812] 000007fee8662888
Thread C:\Windows\system32\svchost.exe [1580:2716] 000007fee84b2940
Thread C:\Windows\system32\svchost.exe [1580:4104] 000007fee8662a40
Thread C:\Windows\system32\svchost.exe [2312:2620] 000007fef99e5fd0
Thread C:\Windows\system32\svchost.exe [2312:2700] 000007fef91a3438
Thread C:\Windows\system32\svchost.exe [2312:2712] 000007fef99e63ec
Thread C:\Windows\system32\svchost.exe [2312:2848] 000000000033b128
Thread C:\Windows\system32\svchost.exe [2312:2984] 000007fef9a6a850
Thread C:\Windows\system32\Dwm.exe [2600:2956] 000007fef988f0d8
Thread C:\Windows\system32\Dwm.exe [2600:2960] 000007fef669abf0
Thread C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:2944] 000007fef7f2bd94
Thread C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:2948] 000007fef7ea3368
Thread C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:5060] 000007fef7ed87b8
Thread C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:6440] 000007fef24b4bf4
Thread C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:6608] 000007fef7fb8970
Thread C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:4796] 000007fef7ea3368
Thread C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:6016] 000007fef7ea3368
Thread C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:3484] 000007fef7ea3368
Thread C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:6468] 000007fef7e993d4
Thread C:\Windows\system32\wbem\wmiprvse.exe [3204:3244] 000007fef08210f0
Thread C:\Windows\System32\WUDFHost.exe [5056:5280] 000007fee78624a0

---- Disk sectors - GMER 2.1 ----

Disk \Device\Harddisk0\DR0 unknown MBR code

---- EOF - GMER 2.1 ----

---GData--------------
Ihr Rechner wurden von einem entfernten Rechner auf offene Internet-Dienste (Ports) abgetastet. Die Firewall hat diesen Angriff unterbunden.

Netzwerk Info:
Netzwerk : LAN-Verbindung 2
Entfernter Rechner : 193.175.234.83 (nugo.dife.de)

Besten Dank im voraus

Masin

schrauber

08.07.2014 05:52

hi,

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

http://www.trojaner-board.de/picture...&pictureid=307

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

masin

08.07.2014 07:59

Liste der Anhänge anzeigen (Anzahl: 1)

Hallo Schrauber,

entschuldige, dass ich das Beifügen der Log-Dateien verkehrt gemacht habe.
Jetzt also richtig, incl. TDSS-Killer-Report:

Nein, Dateien sind zu groß, ich soll sie als Anhänge liefern.
Das Problem ist die TDSS-Datei: Sie ist als Anhang zu groß, also muss ich sie doch hier einfügen.
Dir schon mal besten Dank für die Hilfe.

Masin

Code:

08:51:06.0312 0x1ed4  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54

08:51:08.0772 0x1ed4  ============================================================

08:51:08.0772 0x1ed4  Current date / time: 2014/07/08 08:51:08.0772

08:51:08.0772 0x1ed4  SystemInfo:

08:51:08.0772 0x1ed4  

08:51:08.0772 0x1ed4  OS Version: 6.1.7601 ServicePack: 1.0

08:51:08.0772 0x1ed4  Product type: Workstation

08:51:08.0772 0x1ed4  ComputerName: HDS-NEU2

08:51:08.0772 0x1ed4  UserName: HDS

08:51:08.0772 0x1ed4  Windows directory: C:\Windows

08:51:08.0772 0x1ed4  System windows directory: C:\Windows

08:51:08.0772 0x1ed4  Running under WOW64

08:51:08.0772 0x1ed4  Processor architecture: Intel x64

08:51:08.0772 0x1ed4  Number of processors: 4

08:51:08.0772 0x1ed4  Page size: 0x1000

08:51:08.0772 0x1ed4  Boot type: Normal boot

08:51:08.0772 0x1ed4  ============================================================

08:51:11.0082 0x1ed4  KLMD registered as C:\Windows\system32\drivers\09465781.sys

08:51:11.0342 0x1ed4  System UUID: {A974136A-F8B4-94EC-10BF-7F71AE75B0DB}

08:51:11.0772 0x1ed4  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

08:51:11.0782 0x1ed4  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

08:51:11.0802 0x1ed4  Drive \Device\Harddisk2\DR2 - Size: 0x76E480000 ( 29.72 Gb ), SectorSize: 0x200, Cylinders: 0xF28, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

08:51:11.0832 0x1ed4  ============================================================

08:51:11.0832 0x1ed4  \Device\Harddisk0\DR0:

08:51:11.0832 0x1ed4  MBR partitions:

08:51:11.0832 0x1ed4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

08:51:11.0832 0x1ed4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE8DD5800

08:51:11.0832 0x1ed4  \Device\Harddisk1\DR1:

08:51:11.0832 0x1ed4  MBR partitions:

08:51:11.0832 0x1ed4  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x1BEA800, BlocksNum 0x19BEE800

08:51:11.0832 0x1ed4  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x1B7D9800, BlocksNum 0x455F5000

08:51:11.0832 0x1ed4  \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x60DCF000, BlocksNum 0x35328800

08:51:11.0832 0x1ed4  \Device\Harddisk1\DR1\Partition4: MBR, Type 0x7, StartLBA 0x960F8000, BlocksNum 0x52D10800

08:51:11.0832 0x1ed4  \Device\Harddisk2\DR2:

08:51:11.0832 0x1ed4  MBR partitions:

08:51:11.0832 0x1ed4  \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x2000, BlocksNum 0x3B70400

08:51:11.0832 0x1ed4  ============================================================

08:51:11.0852 0x1ed4  C: <-> \Device\Harddisk0\DR0\Partition2

08:51:11.0892 0x1ed4  O: <-> \Device\Harddisk1\DR1\Partition1

08:51:11.0922 0x1ed4  I: <-> \Device\Harddisk1\DR1\Partition4

08:51:11.0942 0x1ed4  D: <-> \Device\Harddisk1\DR1\Partition3

08:51:11.0972 0x1ed4  E: <-> \Device\Harddisk1\DR1\Partition2

08:51:11.0972 0x1ed4  ============================================================

08:51:11.0972 0x1ed4  Initialize success

08:51:11.0972 0x1ed4  ============================================================

08:51:32.0475 0x0704  ============================================================

08:51:32.0475 0x0704  Scan started

08:51:32.0475 0x0704  Mode: Manual; SigCheck; TDLFS; 

08:51:32.0475 0x0704  ============================================================

08:51:32.0475 0x0704  KSN ping started

08:51:46.0007 0x0704  KSN ping finished: true

08:51:46.0997 0x0704  ================ Scan system memory ========================

08:51:46.0997 0x0704  System memory - ok

08:51:46.0997 0x0704  ================ Scan services =============================

08:51:47.0157 0x0704  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys

08:51:47.0257 0x0704  1394ohci - ok

08:51:47.0287 0x0704  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys

08:51:47.0317 0x0704  ACPI - ok

08:51:47.0327 0x0704  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys

08:51:47.0337 0x0704  AcpiPmi - ok

08:51:47.0447 0x0704  [ CD41DFA7A778555B2055E2D388F5CB33, AE149AB7823AE3A97E2826C06968F32A7E50331484203E4581C83E441A1680F9 ] AcrSch2Svc      C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe

08:51:47.0477 0x0704  AcrSch2Svc - ok

08:51:47.0537 0x0704  [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

08:51:47.0547 0x0704  Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )

08:51:47.0847 0x0704  Detect skipped due to KSN trusted

08:51:47.0847 0x0704  Adobe LM Service - ok

08:51:47.0907 0x0704  [ E8FE4FCE23D2809BD88BCC1D0F8408CE, D744A1052BF104490A8D9BDE2B331F2C0157FCF58B54867E192B62CEE85F697E ] AdobeActiveFileMonitor6.0 C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

08:51:47.0937 0x0704  AdobeActiveFileMonitor6.0 - ok

08:51:47.0987 0x0704  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

08:51:48.0007 0x0704  AdobeARMservice - ok

08:51:48.0097 0x0704  [ B5D8DE922237CEDDC7992297654A4BE4, 88EF0B5EBFB383C9069A29AEA8D76EDBE1E70DD6F7C18970EE01ECAE9F408B38 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

08:51:48.0127 0x0704  AdobeFlashPlayerUpdateSvc - ok

08:51:48.0177 0x0704  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys

08:51:48.0207 0x0704  adp94xx - ok

08:51:48.0217 0x0704  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys

08:51:48.0237 0x0704  adpahci - ok

08:51:48.0257 0x0704  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys

08:51:48.0267 0x0704  adpu320 - ok

08:51:48.0297 0x0704  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

08:51:48.0327 0x0704  AeLookupSvc - ok

08:51:48.0377 0x0704  [ 3AC22A3DFA8A050E35F0E3CD99D0CDF2, BBB1FB1A80D9641CB7965A75B8CB8094F0876E9631A93E6BDCC53A016EB48D05 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

08:51:48.0417 0x0704  AERTFilters - ok

08:51:48.0447 0x0704  [ ABCF9C80EAACE03021BB7F450EB8993F, 8E38726C423E82954CA85266D6F38B605D010A659420A4EF99D29035A9474BFB ] afcdp           C:\Windows\system32\DRIVERS\afcdp.sys

08:51:48.0497 0x0704  afcdp - ok

08:51:48.0827 0x0704  [ 3B1C11CB7006495F799F8A2AB8B2D530, B7B0C4922A1843BBF8104CDC705C4FEA1F1A760C1CC2BD6BC5E4213A0E4ED9FD ] afcdpsrv        C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe

08:51:48.0917 0x0704  afcdpsrv - ok

08:51:48.0957 0x0704  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys

08:51:48.0977 0x0704  AFD - ok

08:51:49.0007 0x0704  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys

08:51:49.0017 0x0704  agp440 - ok

08:51:49.0027 0x0704  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe

08:51:49.0037 0x0704  ALG - ok

08:51:49.0097 0x0704  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys

08:51:49.0117 0x0704  aliide - ok

08:51:49.0147 0x0704  [ F0E61CF2C0FDA5B011CD1CB2E2353C9A, B1CE3BB3ED8ED78468B11C7AFB64B0CD48C078C350F049EC9473B60F6130091E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

08:51:49.0177 0x0704  AMD External Events Utility - ok

08:51:49.0197 0x0704  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys

08:51:49.0207 0x0704  amdide - ok

08:51:49.0257 0x0704  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys

08:51:49.0287 0x0704  AmdK8 - ok

08:51:49.0507 0x0704  [ CF3DB4D8B2CE0B282AB39C9D846ECA74, 1679FE9444057D8EFF1389C5EA9677B914DC269BBE447B2684A05FE4E438014A ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys

08:51:49.0677 0x0704  amdkmdag - ok

08:51:49.0697 0x0704  [ 7D07DB26F6D3A16A6C8D34CE6C09FD01, 6ABE6D29ABA9F1E3A08A2FE7E5C1AF304093A8FE148340F5DA5A4F7C20F44753 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys

08:51:49.0717 0x0704  amdkmdap - ok

08:51:49.0727 0x0704  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys

08:51:49.0737 0x0704  AmdPPM - ok

08:51:49.0797 0x0704  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys

08:51:49.0807 0x0704  amdsata - ok

08:51:49.0827 0x0704  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys

08:51:49.0847 0x0704  amdsbs - ok

08:51:49.0867 0x0704  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys

08:51:49.0877 0x0704  amdxata - ok

08:51:49.0917 0x0704  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys

08:51:49.0987 0x0704  AppID - ok

08:51:50.0007 0x0704  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll

08:51:50.0057 0x0704  AppIDSvc - ok

08:51:50.0077 0x0704  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll

08:51:50.0087 0x0704  Appinfo - ok

08:51:50.0177 0x0704  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

08:51:50.0197 0x0704  Apple Mobile Device - ok

08:51:50.0227 0x0704  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll

08:51:50.0257 0x0704  AppMgmt - ok

08:51:50.0277 0x0704  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys

08:51:50.0297 0x0704  arc - ok

08:51:50.0307 0x0704  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys

08:51:50.0317 0x0704  arcsas - ok

08:51:50.0407 0x0704  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

08:51:50.0437 0x0704  aspnet_state - ok

08:51:50.0467 0x0704  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

08:51:50.0507 0x0704  AsyncMac - ok

08:51:50.0547 0x0704  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys

08:51:50.0577 0x0704  atapi - ok

08:51:50.0617 0x0704  [ 637E0753BD6DEB8EA5314A5C357EC1A0, 2B479DBBF72A2AFB3DC65A3FDA30B628BC9FB21160EBD7E1BE44404C671B1D08 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys

08:51:50.0637 0x0704  AtiHdmiService - ok

08:51:50.0697 0x0704  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

08:51:50.0747 0x0704  AudioEndpointBuilder - ok

08:51:50.0757 0x0704  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll

08:51:50.0807 0x0704  AudioSrv - ok

08:51:50.0977 0x0704  [ EEB33B500F7C3A2CC64FB6836D9E93B6, BE41CB08DFC11770C3BC0A213CDF2EFB52043B38DD9E228DBEDE53D4A00B314D ] AVKProxy        C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe

08:51:51.0027 0x0704  AVKProxy - ok

08:51:51.0127 0x0704  [ 56C6F2D7F1D515B4B534217443D3B67F, CB9E94EE515EE7C426B34EC40DFDEF27893C3379C011B2FF6EEF318A34BCF482 ] AVKService      C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe

08:51:51.0157 0x0704  AVKService - ok

08:51:51.0227 0x0704  [ 258B9C230D2A904349CDF18CAD6B22BE, A270FF5D58C516272C248E22FD5ED3C4F279D0348154D56E13E88D05820E9246 ] AVKWCtl         C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe

08:51:51.0297 0x0704  AVKWCtl - ok

08:51:51.0317 0x0704  [ 43744F1D3CDE20F3925F10927C9036C2, 47374A71D1A38572B8C247E924C0F3F063A6281743C9B7D818D63CA576B5D289 ] AVMCOWAN        C:\Windows\system32\DRIVERS\AVMCOWAN.sys

08:51:51.0327 0x0704  AVMCOWAN - ok

08:51:51.0357 0x0704  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll

08:51:51.0377 0x0704  AxInstSV - ok

08:51:51.0417 0x0704  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys

08:51:51.0457 0x0704  b06bdrv - ok

08:51:51.0487 0x0704  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys

08:51:51.0507 0x0704  b57nd60a - ok

08:51:51.0557 0x0704  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll

08:51:51.0587 0x0704  BDESVC - ok

08:51:51.0597 0x0704  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys

08:51:51.0637 0x0704  Beep - ok

08:51:51.0697 0x0704  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll

08:51:51.0737 0x0704  BFE - ok

08:51:51.0787 0x0704  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll

08:51:51.0837 0x0704  BITS - ok

08:51:51.0847 0x0704  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys

08:51:51.0867 0x0704  blbdrive - ok

08:51:51.0937 0x0704  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

08:51:51.0967 0x0704  Bonjour Service - ok

08:51:51.0997 0x0704  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

08:51:52.0007 0x0704  bowser - ok

08:51:52.0027 0x0704  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys

08:51:52.0037 0x0704  BrFiltLo - ok

08:51:52.0067 0x0704  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys

08:51:52.0087 0x0704  BrFiltUp - ok

08:51:52.0107 0x0704  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll

08:51:52.0127 0x0704  Browser - ok

08:51:52.0157 0x0704  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys

08:51:52.0177 0x0704  Brserid - ok

08:51:52.0197 0x0704  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys

08:51:52.0227 0x0704  BrSerWdm - ok

08:51:52.0227 0x0704  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys

08:51:52.0247 0x0704  BrUsbMdm - ok

08:51:52.0257 0x0704  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys

08:51:52.0277 0x0704  BrUsbSer - ok

08:51:52.0307 0x0704  [ 065818B8A2CD7F08D6DC8C598191548C, 08982EB22484ECCA1A7FD0C6A10E6D0BB09F624CEBC397C9B241C2D75C984C70 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe

08:51:52.0327 0x0704  BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )

08:51:52.0587 0x0704  Detect skipped due to KSN trusted

08:51:52.0587 0x0704  BrYNSvc - ok

08:51:52.0627 0x0704  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys

08:51:52.0657 0x0704  BTHMODEM - ok

08:51:52.0687 0x0704  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll

08:51:52.0737 0x0704  bthserv - ok

08:51:52.0757 0x0704  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

08:51:52.0787 0x0704  cdfs - ok

08:51:52.0857 0x0704  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

08:51:52.0887 0x0704  cdrom - ok

08:51:52.0937 0x0704  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll

08:51:52.0997 0x0704  CertPropSvc - ok

08:51:53.0007 0x0704  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys

08:51:53.0037 0x0704  circlass - ok

08:51:53.0057 0x0704  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys

08:51:53.0077 0x0704  CLFS - ok

08:51:53.0147 0x0704  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

08:51:53.0167 0x0704  clr_optimization_v2.0.50727_32 - ok

08:51:53.0217 0x0704  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

08:51:53.0237 0x0704  clr_optimization_v2.0.50727_64 - ok

08:51:53.0307 0x0704  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

08:51:53.0337 0x0704  clr_optimization_v4.0.30319_32 - ok

08:51:53.0347 0x0704  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

08:51:53.0367 0x0704  clr_optimization_v4.0.30319_64 - ok

08:51:53.0387 0x0704  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys

08:51:53.0407 0x0704  CmBatt - ok

08:51:53.0447 0x0704  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys

08:51:53.0477 0x0704  cmdide - ok

08:51:53.0537 0x0704  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys

08:51:53.0577 0x0704  CNG - ok

08:51:53.0587 0x0704  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys

08:51:53.0607 0x0704  Compbatt - ok

08:51:53.0657 0x0704  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys

08:51:53.0697 0x0704  CompositeBus - ok

08:51:53.0707 0x0704  COMSysApp - ok

08:51:53.0717 0x0704  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys

08:51:53.0747 0x0704  crcdisk - ok

08:51:53.0777 0x0704  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll

08:51:53.0797 0x0704  CryptSvc - ok

08:51:53.0837 0x0704  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys

08:51:53.0867 0x0704  CSC - ok

08:51:53.0907 0x0704  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll

08:51:53.0937 0x0704  CscService - ok

08:51:53.0957 0x0704  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll

08:51:53.0997 0x0704  DcomLaunch - ok

08:51:54.0017 0x0704  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll

08:51:54.0047 0x0704  defragsvc - ok

08:51:54.0077 0x0704  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

08:51:54.0107 0x0704  DfsC - ok

08:51:54.0127 0x0704  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll

08:51:54.0147 0x0704  Dhcp - ok

08:51:54.0147 0x0704  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys

08:51:54.0177 0x0704  discache - ok

08:51:54.0197 0x0704  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys

08:51:54.0207 0x0704  Disk - ok

08:51:54.0227 0x0704  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll

08:51:54.0237 0x0704  Dnscache - ok

08:51:54.0267 0x0704  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll

08:51:54.0297 0x0704  dot3svc - ok

08:51:54.0327 0x0704  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll

08:51:54.0357 0x0704  DPS - ok

08:51:54.0417 0x0704  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

08:51:54.0437 0x0704  drmkaud - ok

08:51:54.0497 0x0704  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

08:51:54.0537 0x0704  DXGKrnl - ok

08:51:54.0557 0x0704  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll

08:51:54.0587 0x0704  EapHost - ok

08:51:54.0707 0x0704  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys

08:51:54.0797 0x0704  ebdrv - ok

08:51:54.0837 0x0704  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe

08:51:54.0867 0x0704  EFS - ok

08:51:54.0927 0x0704  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe

08:51:54.0967 0x0704  ehRecvr - ok

08:51:54.0997 0x0704  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe

08:51:55.0017 0x0704  ehSched - ok

08:51:55.0067 0x0704  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys

08:51:55.0097 0x0704  elxstor - ok

08:51:55.0117 0x0704  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys

08:51:55.0137 0x0704  ErrDev - ok

08:51:55.0167 0x0704  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll

08:51:55.0207 0x0704  EventSystem - ok

08:51:55.0227 0x0704  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys

08:51:55.0257 0x0704  exfat - ok

08:51:55.0277 0x0704  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys

08:51:55.0307 0x0704  fastfat - ok

08:51:55.0357 0x0704  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe

08:51:55.0397 0x0704  Fax - ok

08:51:55.0417 0x0704  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys

08:51:55.0427 0x0704  fdc - ok

08:51:55.0437 0x0704  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll

08:51:55.0467 0x0704  fdPHost - ok

08:51:55.0487 0x0704  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll

08:51:55.0507 0x0704  FDResPub - ok

08:51:55.0517 0x0704  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

08:51:55.0527 0x0704  FileInfo - ok

08:51:55.0537 0x0704  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

08:51:55.0567 0x0704  Filetrace - ok

08:51:55.0627 0x0704  [ 1F63900E2EB00101B9ACA2B7A870704E, 5AFE1FC852937FECE6B33147BD0110436FE97F33BFDA3F69B1F5EDAD6FFC09C6 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

08:51:55.0657 0x0704  FLEXnet Licensing Service - ok

08:51:55.0677 0x0704  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys

08:51:55.0697 0x0704  flpydisk - ok

08:51:55.0727 0x0704  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

08:51:55.0737 0x0704  FltMgr - ok

08:51:55.0757 0x0704  [ FDD776FAC4159A2983940D1E411FE9F3, 3B147B4D3C5CC67117D65152FA8BD3A603728C92B023AE45CD166E6FF3F474C5 ] fltsrv          C:\Windows\system32\DRIVERS\fltsrv.sys

08:51:55.0767 0x0704  fltsrv - ok

08:51:55.0867 0x0704  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll

08:51:55.0908 0x0704  FontCache - ok

08:51:55.0968 0x0704  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

08:51:55.0988 0x0704  FontCache3.0.0.0 - ok

08:51:56.0048 0x0704  [ CE7593C10A04D08F9B043890216F5728, 21E4AD5643BCDCB811E49C74F682672032A603078EDD80DE6E37249C9A005407 ] FPCIBASE        C:\Windows\system32\DRIVERS\fpcibase.sys

08:51:56.0088 0x0704  FPCIBASE - ok

08:51:56.0218 0x0704  [ 6A4AC533855F11C10764FFDF2AC3F7D0, 16DD69AF4CD85FBEC4CA4C9728D1FCE41E24FE663F6AFA3CFA394C8CBA6275F3 ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

08:51:56.0238 0x0704  Freemake Improver - detected UnsignedFile.Multi.Generic ( 1 )

08:51:56.0518 0x0704  Detect skipped due to KSN trusted

08:51:56.0518 0x0704  Freemake Improver - ok

08:51:56.0578 0x0704  [ E54DA03A8EEB8C002C6F2E709B08651A, 82B46688494AD687D1256D6B48F86699467419D0D0A980E9F639764EA4792CE7 ] FreemakeVideoCapture C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe

08:51:56.0588 0x0704  FreemakeVideoCapture - detected UnsignedFile.Multi.Generic ( 1 )

08:51:56.0888 0x0704  Detect skipped due to KSN trusted

08:51:56.0888 0x0704  FreemakeVideoCapture - ok

08:51:56.0908 0x0704  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

08:51:56.0938 0x0704  FsDepends - ok

08:51:56.0958 0x0704  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

08:51:56.0978 0x0704  Fs_Rec - ok

08:51:56.0998 0x0704  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys

08:51:57.0028 0x0704  fvevol - ok

08:51:57.0038 0x0704  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys

08:51:57.0048 0x0704  gagp30kx - ok

08:51:57.0078 0x0704  [ 1EDC1A2C1762EF7A0782938F17971C12, DDC021AD302589E8A9831A90489F7CFCABBADA5BA9C5623583CC9ED0700B2113 ] GDBehave        C:\Windows\system32\drivers\GDBehave.sys

08:51:57.0088 0x0704  GDBehave - ok

08:51:57.0188 0x0704  [ 69696B81799AA3CD816D99D606E97941, 2A41DA72FE4465ECA21B56D82CC18E1C26B84D5F1F4B605C2D1D4CF741F1D73C ] GDFwSvc         C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe

08:51:57.0268 0x0704  GDFwSvc - ok

08:51:57.0328 0x0704  [ 9F17FCAF51F361A81EE6AB8B0CFDCC96, C9B01E35A442C91F73FA64758734CD553688E19925FEC84A66AF6AEA5033348D ] GDKBFlt         C:\Windows\system32\drivers\GDKBFlt64.sys

08:51:57.0338 0x0704  GDKBFlt - ok

08:51:57.0368 0x0704  [ 905D29BA89387209BD41126E91E0E18E, 4A2D85F218E7033A0169DDBA267FC1A1F6CD4B3810DE705A74CBEAF78A8F4747 ] GDMnIcpt        C:\Windows\system32\drivers\MiniIcpt.sys

08:51:57.0378 0x0704  GDMnIcpt - ok

08:51:57.0418 0x0704  [ 527B1CAA9661D518AC5182292C35AEC7, 1E56FC0EDFED7D60798930812AB0BB623A6721D433B69AD0152379B412CCE4D4 ] GDPkIcpt        C:\Windows\system32\drivers\PktIcpt.sys

08:51:57.0428 0x0704  GDPkIcpt - ok

08:51:57.0498 0x0704  [ CC88D7254787D15B84377137BF739F90, F01BF995EDB533C7E6F2A5B9591DA0B4F8F4E79CC45C2DA73198F4B4A8624F0B ] GDScan          C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe

08:51:57.0528 0x0704  GDScan - ok

08:51:57.0548 0x0704  [ E06B66227AF4E660D5F18D44231D984F, C8E75C7925E74F6811DFFDB81F5572DAAD124EC156B0FFBA4FF0DD60378EFA6A ] gdwfpcd         C:\Windows\system32\drivers\gdwfpcd64.sys

08:51:57.0558 0x0704  gdwfpcd - ok

08:51:57.0598 0x0704  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

08:51:57.0608 0x0704  GEARAspiWDM - ok

08:51:57.0668 0x0704  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll

08:51:57.0708 0x0704  gpsvc - ok

08:51:57.0728 0x0704  [ 380B83300E019065C3B5FA47136F8356, 4279367B4C9683A855C26A0012C3C078EDF21957D97F07FB1F07EB363F674C14 ] GRD             C:\Windows\system32\drivers\GRD.sys

08:51:57.0738 0x0704  GRD - ok

08:51:57.0818 0x0704  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

08:51:57.0848 0x0704  gupdate - ok

08:51:57.0848 0x0704  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

08:51:57.0858 0x0704  gupdatem - ok

08:51:57.0918 0x0704  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

08:51:57.0948 0x0704  gusvc - ok

08:51:57.0968 0x0704  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys

08:51:57.0988 0x0704  hcw85cir - ok

08:51:58.0038 0x0704  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

08:51:58.0068 0x0704  HdAudAddService - ok

08:51:58.0098 0x0704  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys

08:51:58.0108 0x0704  HDAudBus - ok

08:51:58.0138 0x0704  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys

08:51:58.0148 0x0704  HECIx64 - ok

08:51:58.0158 0x0704  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys

08:51:58.0168 0x0704  HidBatt - ok

08:51:58.0198 0x0704  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys

08:51:58.0218 0x0704  HidBth - ok

08:51:58.0238 0x0704  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys

08:51:58.0258 0x0704  HidIr - ok

08:51:58.0268 0x0704  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll

08:51:58.0298 0x0704  hidserv - ok

08:51:58.0338 0x0704  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

08:51:58.0368 0x0704  HidUsb - ok

08:51:58.0388 0x0704  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll

08:51:58.0458 0x0704  hkmsvc - ok

08:51:58.0488 0x0704  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll

08:51:58.0508 0x0704  HomeGroupListener - ok

08:51:58.0538 0x0704  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

08:51:58.0548 0x0704  HomeGroupProvider - ok

08:51:58.0568 0x0704  [ EB6EB3DCC2AD18236EEC42B2FC7BD806, A1334E802997FA2DF34B3C2860731BE03ADB5D1908DDBBCB4A46761ACC568573 ] HookCentre      C:\Windows\system32\drivers\HookCentre.sys

08:51:58.0578 0x0704  HookCentre - ok

08:51:58.0638 0x0704  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys

08:51:58.0668 0x0704  HpSAMD - ok

08:51:58.0708 0x0704  [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys

08:51:58.0738 0x0704  HTCAND64 - ok

08:51:58.0828 0x0704  [ 5C8BC8A28798FD010E7ABC4E0D588CAA, 622CAFD3DCBB05E15539589FDD4002DA6F24790FC55BDF05AA3D043E8A34E53E ] HTCMonitorService C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe

08:51:58.0848 0x0704  HTCMonitorService - ok

08:51:58.0868 0x0704  [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys

08:51:58.0888 0x0704  htcnprot - ok

08:51:58.0918 0x0704  [ 7C7C986776D00E575BFBDE5DCBDC615D, 4CF12851A5A45917C3A9139B19D79434F2038611B617F83A714506CC7A1A6C61 ] HtcVCom32       C:\Windows\system32\DRIVERS\HtcVComV64.sys

08:51:58.0958 0x0704  HtcVCom32 - ok

08:51:59.0018 0x0704  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys

08:51:59.0068 0x0704  HTTP - ok

08:51:59.0078 0x0704  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

08:51:59.0088 0x0704  hwpolicy - ok

08:51:59.0148 0x0704  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys

08:51:59.0158 0x0704  i8042prt - ok

08:51:59.0188 0x0704  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys

08:51:59.0208 0x0704  iaStorV - ok

08:51:59.0268 0x0704  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

08:51:59.0288 0x0704  idsvc - ok

08:51:59.0298 0x0704  IEEtwCollectorService - ok

08:51:59.0328 0x0704  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys

08:51:59.0338 0x0704  iirsp - ok

08:51:59.0378 0x0704  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll

08:51:59.0408 0x0704  IKEEXT - ok

08:51:59.0478 0x0704  [ F04D22D7A49A1B2210DBADF0B803E870, EC3CB81392784E1FBA79846D9241A8F58B5C0B03733A161AAB3EA5ECF4105A11 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

08:51:59.0528 0x0704  IntcAzAudAddService - ok

08:51:59.0548 0x0704  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys

08:51:59.0558 0x0704  intelide - ok

08:51:59.0568 0x0704  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

08:51:59.0578 0x0704  intelppm - ok

08:51:59.0598 0x0704  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

08:51:59.0628 0x0704  IPBusEnum - ok

08:51:59.0648 0x0704  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

08:51:59.0678 0x0704  IpFilterDriver - ok

08:51:59.0708 0x0704  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

08:51:59.0728 0x0704  iphlpsvc - ok

08:51:59.0778 0x0704  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys

08:51:59.0788 0x0704  IPMIDRV - ok

08:51:59.0798 0x0704  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys

08:51:59.0828 0x0704  IPNAT - ok

08:51:59.0878 0x0704  [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe

08:51:59.0898 0x0704  iPod Service - ok

08:51:59.0918 0x0704  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys

08:51:59.0928 0x0704  IRENUM - ok

08:51:59.0958 0x0704  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys

08:51:59.0968 0x0704  isapnp - ok

08:52:00.0008 0x0704  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys

08:52:00.0038 0x0704  iScsiPrt - ok

08:52:00.0078 0x0704  [ 9D7EA8C7215D8D4AE7BE110EEE61085D, C8AEC99985AEAD52FA4FA14DA98EE465594EA1392E2010D0B474CD467D766EE8 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys

08:52:00.0098 0x0704  k57nd60a - ok

08:52:00.0108 0x0704  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

08:52:00.0118 0x0704  kbdclass - ok

08:52:00.0138 0x0704  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

08:52:00.0148 0x0704  kbdhid - ok

08:52:00.0168 0x0704  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe

08:52:00.0178 0x0704  KeyIso - ok

08:52:00.0228 0x0704  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

08:52:00.0248 0x0704  KSecDD - ok

08:52:00.0268 0x0704  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

08:52:00.0288 0x0704  KSecPkg - ok

08:52:00.0298 0x0704  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

08:52:00.0328 0x0704  ksthunk - ok

08:52:00.0368 0x0704  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll

08:52:00.0398 0x0704  KtmRm - ok

08:52:00.0428 0x0704  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll

08:52:00.0458 0x0704  LanmanServer - ok

08:52:00.0478 0x0704  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

08:52:00.0508 0x0704  LanmanWorkstation - ok

08:52:00.0648 0x0704  [ 7772DFAB22611050B79504E671B06E6E, 331FE235EDBCF48EE96A5A9D5D0560457CD85FA3FD7BEACD3700055F815D9F13 ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe

08:52:00.0678 0x0704  LBTServ - ok

08:52:00.0758 0x0704  [ 241F2648ADF090E2A10095BD6D6F5DCB, D31F50F7A70A62E3CA45071F75C56FFA21464BFAF4CA4A3AD2482D7477D78D4E ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys

08:52:00.0778 0x0704  LHidFilt - ok

08:52:00.0858 0x0704  [ C34411A244029F1C08687F7C752C4563, 4FC1D6156D760AE8138547262B33677118BD9369F4930F5C5F9BAA2FE6E78EA3 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

08:52:00.0878 0x0704  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )

08:52:01.0198 0x0704  Detect skipped due to KSN trusted

08:52:01.0198 0x0704  LightScribeService - ok

08:52:01.0228 0x0704  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

08:52:01.0258 0x0704  lltdio - ok

08:52:01.0288 0x0704  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll

08:52:01.0328 0x0704  lltdsvc - ok

08:52:01.0348 0x0704  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll

08:52:01.0378 0x0704  lmhosts - ok

08:52:01.0388 0x0704  [ 342ED5A4B3326014438F36D22D803737, 45488402BD919D84729A19E618B3595D615EB1F73FB9BC77675A21E7DB80AB6C ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys

08:52:01.0398 0x0704  LMouFilt - ok

08:52:01.0408 0x0704  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys

08:52:01.0418 0x0704  LSI_FC - ok

08:52:01.0438 0x0704  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys

08:52:01.0448 0x0704  LSI_SAS - ok

08:52:01.0458 0x0704  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys

08:52:01.0468 0x0704  LSI_SAS2 - ok

08:52:01.0478 0x0704  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys

08:52:01.0488 0x0704  LSI_SCSI - ok

08:52:01.0498 0x0704  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys

08:52:01.0528 0x0704  luafv - ok

08:52:01.0598 0x0704  [ 6140163BFE9D8F2DFDBA088ED5521C13, B7B501F0D1527A15B1610D133E97AB431574502F0553734009627488D0007595 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys

08:52:01.0618 0x0704  MBAMSwissArmy - ok

08:52:01.0648 0x0704  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll

08:52:01.0658 0x0704  Mcx2Svc - ok

08:52:01.0678 0x0704  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys

08:52:01.0688 0x0704  megasas - ok

08:52:01.0708 0x0704  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys

08:52:01.0728 0x0704  MegaSR - ok

08:52:01.0748 0x0704  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll

08:52:01.0778 0x0704  MMCSS - ok

08:52:01.0788 0x0704  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys

08:52:01.0818 0x0704  Modem - ok

08:52:01.0828 0x0704  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

08:52:01.0838 0x0704  monitor - ok

08:52:01.0868 0x0704  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

08:52:01.0878 0x0704  mouclass - ok

08:52:01.0888 0x0704  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

08:52:01.0898 0x0704  mouhid - ok

08:52:01.0938 0x0704  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

08:52:01.0948 0x0704  mountmgr - ok

08:52:01.0978 0x0704  [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

08:52:01.0998 0x0704  MozillaMaintenance - ok

08:52:02.0028 0x0704  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys

08:52:02.0038 0x0704  mpio - ok

08:52:02.0048 0x0704  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

08:52:02.0078 0x0704  mpsdrv - ok

08:52:02.0128 0x0704  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll

08:52:02.0178 0x0704  MpsSvc - ok

08:52:02.0198 0x0704  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

08:52:02.0228 0x0704  MRxDAV - ok

08:52:02.0258 0x0704  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

08:52:02.0278 0x0704  mrxsmb - ok

08:52:02.0288 0x0704  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

08:52:02.0308 0x0704  mrxsmb10 - ok

08:52:02.0328 0x0704  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

08:52:02.0348 0x0704  mrxsmb20 - ok

08:52:02.0388 0x0704  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys

08:52:02.0398 0x0704  msahci - ok

08:52:02.0448 0x0704  [ A592A054D78750B4D73ABAA4C94DECDF, 40B135C9F9EE698EC78BD19BD18353AE2CF4D020DDB9CFC37CD2FDBF7602614A ] MSCamSvc        C:\Program Files\Microsoft LifeCam\MSCamS64.exe

08:52:02.0458 0x0704  MSCamSvc - ok

08:52:02.0468 0x0704  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys

08:52:02.0488 0x0704  msdsm - ok

08:52:02.0498 0x0704  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe

08:52:02.0518 0x0704  MSDTC - ok

08:52:02.0548 0x0704  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

08:52:02.0578 0x0704  Msfs - ok

08:52:02.0598 0x0704  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

08:52:02.0638 0x0704  mshidkmdf - ok

08:52:02.0658 0x0704  [ 55218F924E55FD2786ED40EDF4ED79C3, C6000DE3A1FB526ECB77438A03F7212517CCD5E0CC9DDA07826865F8B980BEA0 ] MSHUSBVideo     C:\Windows\system32\Drivers\nx6000.sys

08:52:02.0668 0x0704  MSHUSBVideo - ok

08:52:02.0708 0x0704  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

08:52:02.0718 0x0704  msisadrv - ok

08:52:02.0748 0x0704  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

08:52:02.0778 0x0704  MSiSCSI - ok

08:52:02.0788 0x0704  msiserver - ok

08:52:02.0808 0x0704  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

08:52:02.0838 0x0704  MSKSSRV - ok

08:52:02.0838 0x0704  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

08:52:02.0868 0x0704  MSPCLOCK - ok

08:52:02.0878 0x0704  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

08:52:02.0908 0x0704  MSPQM - ok

08:52:02.0938 0x0704  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

08:52:02.0958 0x0704  MsRPC - ok

08:52:02.0958 0x0704  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys

08:52:02.0968 0x0704  mssmbios - ok

08:52:02.0978 0x0704  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

08:52:03.0008 0x0704  MSTEE - ok

08:52:03.0018 0x0704  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys

08:52:03.0028 0x0704  MTConfig - ok

08:52:03.0058 0x0704  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys

08:52:03.0078 0x0704  Mup - ok

08:52:03.0098 0x0704  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll

08:52:03.0138 0x0704  napagent - ok

08:52:03.0178 0x0704  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

08:52:03.0198 0x0704  NativeWifiP - ok

08:52:03.0328 0x0704  [ 934BB0D23A25C8C136570800A5A149B6, 15D99CE4E970FECE257F6D69810F8104720B26D8DC3787BC38CC8692ACEABD37 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe

08:52:03.0348 0x0704  NAUpdate - ok

08:52:03.0358 0x0704  [ DACA803A8D732FE5EEAA024EC342F81D, 2DDEA48CD417EDD657D487BADA7C31C05F35DA328AAC5AA63A99FDFD44F2BF02 ] NBVol           C:\Windows\system32\DRIVERS\NBVol.sys

08:52:03.0368 0x0704  NBVol - ok

08:52:03.0388 0x0704  [ 6208F622E9E35860DFB0753DFF56F0C0, AF7730B4AB642E0E45C05AE1429C7B3D90B0889CF94B21AC7869790D4DB6FDBE ] NBVolUp         C:\Windows\system32\DRIVERS\NBVolUp.sys

08:52:03.0398 0x0704  NBVolUp - ok

08:52:03.0438 0x0704  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys

08:52:03.0468 0x0704  NDIS - ok

08:52:03.0488 0x0704  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

08:52:03.0518 0x0704  NdisCap - ok

08:52:03.0548 0x0704  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

08:52:03.0568 0x0704  NdisTapi - ok

08:52:03.0588 0x0704  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

08:52:03.0618 0x0704  Ndisuio - ok

08:52:03.0648 0x0704  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

08:52:03.0678 0x0704  NdisWan - ok

08:52:03.0688 0x0704  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

08:52:03.0718 0x0704  NDProxy - ok

08:52:03.0718 0x0704  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

08:52:03.0748 0x0704  NetBIOS - ok

08:52:03.0778 0x0704  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

08:52:03.0808 0x0704  NetBT - ok

08:52:03.0828 0x0704  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe

08:52:03.0838 0x0704  Netlogon - ok

08:52:03.0858 0x0704  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll

08:52:03.0898 0x0704  Netman - ok

08:52:03.0938 0x0704  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

08:52:03.0958 0x0704  NetMsmqActivator - ok

08:52:03.0958 0x0704  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

08:52:03.0978 0x0704  NetPipeActivator - ok

08:52:04.0008 0x0704  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll

08:52:04.0048 0x0704  netprofm - ok

08:52:04.0048 0x0704  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

08:52:04.0068 0x0704  NetTcpActivator - ok

08:52:04.0068 0x0704  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

08:52:04.0088 0x0704  NetTcpPortSharing - ok

08:52:04.0128 0x0704  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys

08:52:04.0148 0x0704  nfrd960 - ok

08:52:04.0168 0x0704  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll

08:52:04.0188 0x0704  NlaSvc - ok

08:52:04.0228 0x0704  [ 1381E95D4E0F94F22DD484B5F8C1D61D, E91C10A62E3B5A610063F48354C6F4A1AAB7300A69EAD59E89ED8EEFDBD99062 ] nmwcd           C:\Windows\system32\drivers\ccdcmbx64.sys

08:52:04.0278 0x0704  nmwcd - ok

08:52:04.0428 0x0704  [ 205510CDB7B6084BF31760B5D06F9242, F3EAC6A7127DC5A0FEE7A9AFA561A8CA9B6E83FECCD731C890E85C33514B533B ] nmwcdc          C:\Windows\system32\drivers\ccdcmbox64.sys

08:52:04.0478 0x0704  nmwcdc - ok

08:52:04.0588 0x0704  [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] npf             C:\Windows\system32\drivers\npf.sys

08:52:04.0608 0x0704  npf - ok

08:52:04.0628 0x0704  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys

08:52:04.0678 0x0704  Npfs - ok

08:52:04.0688 0x0704  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll

08:52:04.0718 0x0704  nsi - ok

08:52:04.0728 0x0704  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

08:52:04.0758 0x0704  nsiproxy - ok

08:52:04.0818 0x0704  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

08:52:04.0858 0x0704  Ntfs - ok

08:52:04.0878 0x0704  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys

08:52:04.0908 0x0704  Null - ok

08:52:04.0948 0x0704  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys

08:52:04.0958 0x0704  nvraid - ok

08:52:05.0008 0x0704  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys

08:52:05.0018 0x0704  nvstor - ok

08:52:05.0038 0x0704  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

08:52:05.0048 0x0704  nv_agp - ok

08:52:05.0068 0x0704  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys

08:52:05.0078 0x0704  ohci1394 - ok

08:52:05.0198 0x0704  [ FB565EAF1E99F57D1963189EE2F8ED66, 9371111512657A618F4E80DC6968317600872B46A15DF34D8486884B5A848897 ] OS Selector     C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe

08:52:05.0248 0x0704  OS Selector - ok

08:52:05.0298 0x0704  [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

08:52:05.0308 0x0704  ose64 - ok

08:52:05.0458 0x0704  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

08:52:05.0568 0x0704  osppsvc - ok

08:52:05.0608 0x0704  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

08:52:05.0668 0x0704  p2pimsvc - ok

08:52:05.0688 0x0704  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll

08:52:05.0708 0x0704  p2psvc - ok

08:52:05.0748 0x0704  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys

08:52:05.0758 0x0704  Parport - ok

08:52:05.0788 0x0704  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys

08:52:05.0798 0x0704  partmgr - ok

08:52:05.0868 0x0704  [ 3CAE2BBC86FCF7F94C9696994AF30386, 4DA063A60523567272CFB35DF5D7CA142B100EF9123B1F23A6F11AB89DB83486 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

08:52:05.0888 0x0704  PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )

08:52:06.0168 0x0704  Detect skipped due to KSN trusted

08:52:06.0168 0x0704  PassThru Service - ok

08:52:06.0178 0x0704  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll

08:52:06.0198 0x0704  PcaSvc - ok

08:52:06.0228 0x0704  [ 3FDE033DFB0D07F8B7D5C9A3044AA121, 2C23B4FA34BA3060884B0168A830DD395A3853855CD6DF4065FBB303DFB4A87E ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfdx64.sys

08:52:06.0248 0x0704  pccsmcfd - ok

08:52:06.0318 0x0704  [ 4B5F5774FF1C577B9515FDD2B5C535C5, 1D053020079124AC526D84AFFB17BF4A1563ECD872C83B4B6299C9AA6A732557 ] PCDSRVC{D3412D80-CF3B4A27-06020200}_0 c:\program files\my dell\pcdsrvc_x64.pkms

08:52:06.0328 0x0704  PCDSRVC{D3412D80-CF3B4A27-06020200}_0 - ok

08:52:06.0368 0x0704  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys

08:52:06.0388 0x0704  pci - ok

08:52:06.0428 0x0704  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys

08:52:06.0448 0x0704  pciide - ok

08:52:06.0478 0x0704  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys

08:52:06.0498 0x0704  pcmcia - ok

08:52:06.0508 0x0704  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys

08:52:06.0518 0x0704  pcw - ok

08:52:06.0608 0x0704  [ 20372BE109FEE1C37E2D5216680DB9EB, 2C3737FB3C6BCF81D0A7293667412DDEA649A8AEA40B7ADCFCB9893E8B3C4AF3 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe

08:52:06.0648 0x0704  PDF Architect Helper Service - ok

08:52:06.0688 0x0704  [ B90A279073A815A4AA2C45A09EE004FA, 9EA27630C47F5FF99CBBE513C113F3ED01FABA0D59B9D9637764027BCC6EA24A ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe

08:52:06.0708 0x0704  PDF Architect Service - ok

08:52:06.0738 0x0704  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

08:52:06.0778 0x0704  PEAUTH - ok

08:52:06.0828 0x0704  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll

08:52:06.0868 0x0704  PeerDistSvc - ok

08:52:06.0928 0x0704  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe

08:52:06.0958 0x0704  PerfHost - ok

08:52:07.0018 0x0704  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll

08:52:07.0078 0x0704  pla - ok

08:52:07.0128 0x0704  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

08:52:07.0148 0x0704  PlugPlay - ok

08:52:07.0158 0x0704  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

08:52:07.0168 0x0704  PNRPAutoReg - ok

08:52:07.0188 0x0704  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

08:52:07.0208 0x0704  PNRPsvc - ok

08:52:07.0228 0x0704  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

08:52:07.0268 0x0704  PolicyAgent - ok

08:52:07.0288 0x0704  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll

08:52:07.0318 0x0704  Power - ok

08:52:07.0338 0x0704  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

08:52:07.0368 0x0704  PptpMiniport - ok

08:52:07.0388 0x0704  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys

08:52:07.0398 0x0704  Processor - ok

08:52:07.0418 0x0704  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll

08:52:07.0438 0x0704  ProfSvc - ok

08:52:07.0448 0x0704  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe

08:52:07.0458 0x0704  ProtectedStorage - ok

08:52:07.0488 0x0704  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

08:52:07.0518 0x0704  Psched - ok

08:52:07.0548 0x0704  [ A6BF0A9B5A30D743623CA0D3BE35DF05, 0AA2DAE7ADC38F4197548DE174D551A0CF9281D2680B07E6C84914CA199C0661 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys

08:52:07.0558 0x0704  PxHlpa64 - ok

08:52:07.0618 0x0704  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys

08:52:07.0658 0x0704  ql2300 - ok

08:52:07.0678 0x0704  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys

08:52:07.0688 0x0704  ql40xx - ok

08:52:07.0718 0x0704  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll

08:52:07.0738 0x0704  QWAVE - ok

08:52:07.0748 0x0704  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

08:52:07.0758 0x0704  QWAVEdrv - ok

08:52:07.0768 0x0704  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

08:52:07.0798 0x0704  RasAcd - ok

08:52:07.0808 0x0704  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

08:52:07.0838 0x0704  RasAgileVpn - ok

08:52:07.0848 0x0704  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll

08:52:07.0878 0x0704  RasAuto - ok

08:52:07.0908 0x0704  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

08:52:07.0929 0x0704  Rasl2tp - ok

08:52:07.0969 0x0704  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll

08:52:07.0999 0x0704  RasMan - ok

08:52:08.0009 0x0704  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

08:52:08.0039 0x0704  RasPppoe - ok

08:52:08.0049 0x0704  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

08:52:08.0079 0x0704  RasSstp - ok

08:52:08.0099 0x0704  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

08:52:08.0129 0x0704  rdbss - ok

08:52:08.0139 0x0704  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys

08:52:08.0159 0x0704  rdpbus - ok

08:52:08.0169 0x0704  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

08:52:08.0199 0x0704  RDPCDD - ok

08:52:08.0239 0x0704  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys

08:52:08.0259 0x0704  RDPDR - ok

08:52:08.0279 0x0704  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

08:52:08.0309 0x0704  RDPENCDD - ok

08:52:08.0319 0x0704  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys

08:52:08.0349 0x0704  RDPREFMP - ok

08:52:08.0379 0x0704  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

08:52:08.0399 0x0704  RDPWD - ok

08:52:08.0439 0x0704  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

08:52:08.0449 0x0704  rdyboost - ok

08:52:08.0469 0x0704  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll

08:52:08.0499 0x0704  RemoteAccess - ok

08:52:08.0519 0x0704  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

08:52:08.0549 0x0704  RemoteRegistry - ok

08:52:08.0559 0x0704  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

08:52:08.0589 0x0704  RpcEptMapper - ok

08:52:08.0589 0x0704  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe

08:52:08.0609 0x0704  RpcLocator - ok

08:52:08.0639 0x0704  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll

08:52:08.0669 0x0704  RpcSs - ok

08:52:08.0689 0x0704  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

08:52:08.0709 0x0704  rspndr - ok

08:52:08.0739 0x0704  [ A29F3787FEA005C8355F62321BE9E065, A1BE2758EE21CBFB00E6F32D3C62323D890BD9AD177E880390CFAD9F5326A9B3 ] rusb3hub        C:\Windows\system32\DRIVERS\rusb3hub.sys

08:52:08.0749 0x0704  rusb3hub - ok

08:52:08.0769 0x0704  [ 0FE1DB20DA9863CD5B397717FF07738B, 3BCA3269A6ECA501508F2BAC56DB9C0B2DAD3DDA853C5FB168E4C628A94E1C83 ] rusb3xhc        C:\Windows\system32\DRIVERS\rusb3xhc.sys

08:52:08.0779 0x0704  rusb3xhc - ok

08:52:08.0819 0x0704  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys

08:52:08.0829 0x0704  s3cap - ok

08:52:08.0849 0x0704  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe

08:52:08.0879 0x0704  SamSs - ok

08:52:08.0929 0x0704  [ 328100AF2EFD951EAB657384EC361B6F, 2DECBF74E13511395AA13F931F06F4D557E67654DA3314D0095C332FB758B4D9 ] SamsungAllShareV2.0 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe

08:52:08.0939 0x0704  SamsungAllShareV2.0 - ok

08:52:08.0979 0x0704  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

08:52:08.0989 0x0704  sbp2port - ok

08:52:09.0039 0x0704  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll

08:52:09.0069 0x0704  SCardSvr - ok

08:52:09.0089 0x0704  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

08:52:09.0119 0x0704  scfilter - ok

08:52:09.0159 0x0704  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll

08:52:09.0209 0x0704  Schedule - ok

08:52:09.0229 0x0704  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll

08:52:09.0259 0x0704  SCPolicySvc - ok

08:52:09.0279 0x0704  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

08:52:09.0289 0x0704  SDRSVC - ok

08:52:09.0319 0x0704  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys

08:52:09.0349 0x0704  secdrv - ok

08:52:09.0369 0x0704  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll

08:52:09.0399 0x0704  seclogon - ok

08:52:09.0409 0x0704  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll

08:52:09.0429 0x0704  SENS - ok

08:52:09.0439 0x0704  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll

08:52:09.0459 0x0704  SensrSvc - ok

08:52:09.0469 0x0704  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys

08:52:09.0479 0x0704  Serenum - ok

08:52:09.0509 0x0704  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys

08:52:09.0519 0x0704  Serial - ok

08:52:09.0549 0x0704  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys

08:52:09.0559 0x0704  sermouse - ok

08:52:09.0639 0x0704  [ 78F7BB9F4924BE164294C59B8C3FC096, 75051A6A8B0DBB16CD70855A408134270EEAF0C127BAAE5B592DB53BB87C085B ] ServiceLayer    C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

08:52:09.0659 0x0704  ServiceLayer - ok

08:52:09.0689 0x0704  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll

08:52:09.0719 0x0704  SessionEnv - ok

08:52:09.0749 0x0704  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

08:52:09.0759 0x0704  sffdisk - ok

08:52:09.0769 0x0704  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

08:52:09.0789 0x0704  sffp_mmc - ok

08:52:09.0799 0x0704  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

08:52:09.0809 0x0704  sffp_sd - ok

08:52:09.0829 0x0704  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys

08:52:09.0839 0x0704  sfloppy - ok

08:52:09.0879 0x0704  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll

08:52:09.0919 0x0704  SharedAccess - ok

08:52:09.0949 0x0704  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

08:52:09.0979 0x0704  ShellHWDetection - ok

08:52:10.0019 0x0704  [ 1980FE1F5A32067DAD1D8776B63C2669, 26B53EAF89CDBBA8FFA154DBB1F1DA348F894FE1F1D0CA4060E32496464DD5D2 ] SimpleSlideShowServer C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe

08:52:10.0039 0x0704  SimpleSlideShowServer - ok

08:52:10.0069 0x0704  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys

08:52:10.0089 0x0704  SiSRaid2 - ok

08:52:10.0099 0x0704  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys

08:52:10.0119 0x0704  SiSRaid4 - ok

08:52:10.0159 0x0704  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe

08:52:10.0189 0x0704  SkypeUpdate - ok

08:52:10.0199 0x0704  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

08:52:10.0229 0x0704  Smb - ok

08:52:10.0279 0x0704  [ FBE0201AB61E18934C812C34D31A4403, 549E51FC11CCA30B21970C90F4799D6CB94481CDC623B8C319F16DAEFC8A190B ] snapman         C:\Windows\system32\DRIVERS\snapman.sys

08:52:10.0309 0x0704  snapman - ok

08:52:10.0319 0x0704  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

08:52:10.0339 0x0704  SNMPTRAP - ok

08:52:10.0349 0x0704  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys

08:52:10.0359 0x0704  spldr - ok

08:52:10.0429 0x0704  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe

08:52:10.0459 0x0704  Spooler - ok

08:52:10.0579 0x0704  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe

08:52:10.0689 0x0704  sppsvc - ok

08:52:10.0719 0x0704  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll

08:52:10.0749 0x0704  sppuinotify - ok

08:52:10.0779 0x0704  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys

08:52:10.0799 0x0704  srv - ok

08:52:10.0819 0x0704  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

08:52:10.0839 0x0704  srv2 - ok

08:52:10.0849 0x0704  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

08:52:10.0869 0x0704  srvnet - ok

08:52:10.0879 0x0704  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

08:52:10.0909 0x0704  SSDPSRV - ok

08:52:10.0919 0x0704  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll

08:52:10.0949 0x0704  SstpSvc - ok

08:52:10.0999 0x0704  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys

08:52:11.0009 0x0704  stexstor - ok

08:52:11.0029 0x0704  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys

08:52:11.0059 0x0704  StillCam - ok

08:52:11.0149 0x0704  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll

08:52:11.0189 0x0704  stisvc - ok

08:52:11.0249 0x0704  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys

08:52:11.0259 0x0704  storflt - ok

08:52:11.0279 0x0704  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll

08:52:11.0299 0x0704  StorSvc - ok

08:52:11.0329 0x0704  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys

08:52:11.0339 0x0704  storvsc - ok

08:52:11.0349 0x0704  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys

08:52:11.0359 0x0704  swenum - ok

08:52:11.0379 0x0704  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll

08:52:11.0419 0x0704  swprv - ok

08:52:11.0679 0x0704  [ 0FE29D81F372CA2DCE9E49736A3BD3E6, 10ED93BEE7ECBD2AF5E7AB0197CC82A5424FD63A2ED90F0417B266AD06E5F32C ] syncagentsrv    C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe

08:52:11.0829 0x0704  syncagentsrv - ok

08:52:11.0899 0x0704  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll

08:52:11.0949 0x0704  SysMain - ok

08:52:11.0979 0x0704  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll

08:52:11.0999 0x0704  TabletInputService - ok

08:52:12.0029 0x0704  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll

08:52:12.0059 0x0704  TapiSrv - ok

08:52:12.0079 0x0704  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll

08:52:12.0099 0x0704  TBS - ok

08:52:12.0209 0x0704  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

08:52:12.0259 0x0704  Tcpip - ok

08:52:12.0309 0x0704  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

08:52:12.0349 0x0704  TCPIP6 - ok

08:52:12.0379 0x0704  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

08:52:12.0389 0x0704  tcpipreg - ok

08:52:12.0419 0x0704  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

08:52:12.0429 0x0704  TDPIPE - ok

08:52:12.0479 0x0704  [ 07330E30921C70E9D9B416EE43A06349, 398500C12E685BCF732C7F80A2C0E95181E5377A0E6C14CF9A3EE8580083A556 ] tdrpman         C:\Windows\system32\DRIVERS\tdrpman.sys

08:52:12.0519 0x0704  tdrpman - ok

08:52:12.0559 0x0704  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

08:52:12.0569 0x0704  TDTCP - ok

08:52:12.0599 0x0704  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

08:52:12.0629 0x0704  tdx - ok

08:52:12.0929 0x0704  [ 3438EFDC30F7A41D3598ED60BBF6CF2A, 342B8E78DF6B4BA641C5CCB5B1343B363B770681F0794A809728789E3BE56E46 ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

08:52:13.0069 0x0704  TeamViewer9 - ok

08:52:13.0099 0x0704  [ F5520DBB47C60EE83024B38720ABDA24, B8E555D92440BF93E3B55A66E27CEF936477EF7528F870D3B78BD3B294A05CC0 ] teamviewervpn   C:\Windows\system32\DRIVERS\teamviewervpn.sys

08:52:13.0109 0x0704  teamviewervpn - ok

08:52:13.0159 0x0704  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys

08:52:13.0179 0x0704  TermDD - ok

08:52:13.0209 0x0704  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll

08:52:13.0259 0x0704  TermService - ok

08:52:13.0269 0x0704  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll

08:52:13.0289 0x0704  Themes - ok

08:52:13.0299 0x0704  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll

08:52:13.0329 0x0704  THREADORDER - ok

08:52:13.0369 0x0704  [ DE604462206F7D8C203F767F425FCA8D, 149FBF6367C45415B939A9B1A7A10DA7A5E19F28CE533BCBE2B20DA4B78F8645 ] tib             C:\Windows\system32\DRIVERS\tib.sys

08:52:13.0399 0x0704  tib - ok

08:52:13.0409 0x0704  [ 3C29FB9FC9B4C511AD69DC50257FEC75, 4906DADE076FD363C53044C805602EEA4D0EF6E92041C693E1BED2286614B36E ] tib_mounter     C:\Windows\system32\DRIVERS\tib_mounter.sys

08:52:13.0419 0x0704  tib_mounter - ok

08:52:13.0429 0x0704  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll

08:52:13.0459 0x0704  TrkWks - ok

08:52:13.0489 0x0704  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

08:52:13.0519 0x0704  TrustedInstaller - ok

08:52:13.0539 0x0704  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

08:52:13.0549 0x0704  tssecsrv - ok

08:52:13.0569 0x0704  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys

08:52:13.0579 0x0704  TsUsbFlt - ok

08:52:13.0619 0x0704  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

08:52:13.0649 0x0704  tunnel - ok

08:52:13.0659 0x0704  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys

08:52:13.0669 0x0704  uagp35 - ok

08:52:13.0699 0x0704  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

08:52:13.0729 0x0704  udfs - ok

08:52:13.0749 0x0704  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe

08:52:13.0759 0x0704  UI0Detect - ok

08:52:13.0789 0x0704  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

08:52:13.0799 0x0704  uliagpkx - ok

08:52:13.0859 0x0704  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys

08:52:13.0889 0x0704  umbus - ok

08:52:13.0899 0x0704  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys

08:52:13.0919 0x0704  UmPass - ok

08:52:13.0949 0x0704  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll

08:52:13.0969 0x0704  UmRdpService - ok

08:52:13.0989 0x0704  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll

08:52:14.0029 0x0704  upnphost - ok

08:52:14.0079 0x0704  [ 311C90F0767A63000AC35DD0A7078A30, DB80E10015DCC595F90C31CE61590DB07E84F8B13DA904B2D59233678C366A2D ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys

08:52:14.0119 0x0704  upperdev - ok

08:52:14.0169 0x0704  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys

08:52:14.0189 0x0704  USBAAPL64 - ok

08:52:14.0259 0x0704  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys

08:52:14.0279 0x0704  usbaudio - ok

08:52:14.0299 0x0704  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

08:52:14.0319 0x0704  usbccgp - ok

08:52:14.0359 0x0704  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys

08:52:14.0389 0x0704  usbcir - ok

08:52:14.0409 0x0704  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys

08:52:14.0429 0x0704  usbehci - ok

08:52:14.0459 0x0704  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

08:52:14.0499 0x0704  usbhub - ok

08:52:14.0519 0x0704  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys

08:52:14.0539 0x0704  usbohci - ok

08:52:14.0559 0x0704  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

08:52:14.0579 0x0704  usbprint - ok

08:52:14.0629 0x0704  [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser          C:\Windows\system32\DRIVERS\usbser.sys

08:52:14.0659 0x0704  usbser - ok

08:52:14.0669 0x0704  [ C03DA998E412D69D18DD11D835229AF0, DD43E370EF370767588A6D56A51A4ADF99B5E063C7AA0528F91FD431DE7C2932 ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys

08:52:14.0709 0x0704  UsbserFilt - ok

08:52:14.0749 0x0704  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

08:52:14.0779 0x0704  USBSTOR - ok

08:52:14.0789 0x0704  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys

08:52:14.0809 0x0704  usbuhci - ok

08:52:14.0859 0x0704  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys

08:52:14.0889 0x0704  usbvideo - ok

08:52:14.0919 0x0704  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys

08:52:14.0939 0x0704  usb_rndisx - ok

08:52:14.0959 0x0704  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll

08:52:14.0989 0x0704  UxSms - ok

08:52:15.0009 0x0704  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe

08:52:15.0019 0x0704  VaultSvc - ok

08:52:15.0039 0x0704  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys

08:52:15.0049 0x0704  vdrvroot - ok

08:52:15.0079 0x0704  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe

08:52:15.0119 0x0704  vds - ok

08:52:15.0139 0x0704  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

08:52:15.0159 0x0704  vga - ok

08:52:15.0169 0x0704  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys

08:52:15.0199 0x0704  VgaSave - ok

08:52:15.0229 0x0704  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys

08:52:15.0239 0x0704  vhdmp - ok

08:52:15.0269 0x0704  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys

08:52:15.0279 0x0704  viaide - ok

08:52:15.0299 0x0704  [ 35E8A18D1C558D5C2FF2FFED2FD396F6, 5516AC03964DD33CF239AB3FB1D41BAB7454DB35FB38C45907614C3DB8F23391 ] vididr          C:\Windows\system32\DRIVERS\vididr.sys

08:52:15.0319 0x0704  vididr - ok

08:52:15.0329 0x0704  [ 0DCD5C8F2E0B3650C4A29F6569C074FD, 8FB24D79ADE1541C5DD6241A3395EF2E6575A8376111294CD5C87ECA798EDCFD ] vidsflt         C:\Windows\system32\DRIVERS\vidsflt.sys

08:52:15.0339 0x0704  vidsflt - ok

08:52:15.0349 0x0704  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys

08:52:15.0369 0x0704  vmbus - ok

08:52:15.0389 0x0704  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys

08:52:15.0399 0x0704  VMBusHID - ok

08:52:15.0429 0x0704  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys

08:52:15.0439 0x0704  volmgr - ok

08:52:15.0469 0x0704  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

08:52:15.0489 0x0704  volmgrx - ok

08:52:15.0499 0x0704  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys

08:52:15.0519 0x0704  volsnap - ok

08:52:15.0549 0x0704  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys

08:52:15.0579 0x0704  vsmraid - ok

08:52:15.0639 0x0704  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe

08:52:15.0709 0x0704  VSS - ok

08:52:15.0719 0x0704  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys

08:52:15.0729 0x0704  vwifibus - ok

08:52:15.0759 0x0704  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll

08:52:15.0799 0x0704  W32Time - ok

08:52:15.0809 0x0704  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys

08:52:15.0819 0x0704  WacomPen - ok

08:52:15.0839 0x0704  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys

08:52:15.0869 0x0704  WANARP - ok

08:52:15.0869 0x0704  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

08:52:15.0899 0x0704  Wanarpv6 - ok

08:52:16.0039 0x0704  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe

08:52:16.0089 0x0704  wbengine - ok

08:52:16.0089 0x0704  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

08:52:16.0109 0x0704  WbioSrvc - ok

08:52:16.0169 0x0704  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll

08:52:16.0209 0x0704  wcncsvc - ok

08:52:16.0229 0x0704  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

08:52:16.0239 0x0704  WcsPlugInService - ok

08:52:16.0259 0x0704  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys

08:52:16.0279 0x0704  Wd - ok

08:52:16.0319 0x0704  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

08:52:16.0359 0x0704  Wdf01000 - ok

08:52:16.0379 0x0704  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll

08:52:16.0389 0x0704  WdiServiceHost - ok

08:52:16.0399 0x0704  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll

08:52:16.0419 0x0704  WdiSystemHost - ok

08:52:16.0439 0x0704  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll

08:52:16.0459 0x0704  WebClient - ok

08:52:16.0469 0x0704  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll

08:52:16.0499 0x0704  Wecsvc - ok

08:52:16.0509 0x0704  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

08:52:16.0539 0x0704  wercplsupport - ok

08:52:16.0559 0x0704  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll

08:52:16.0579 0x0704  WerSvc - ok

08:52:16.0599 0x0704  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys

08:52:16.0619 0x0704  WfpLwf - ok

08:52:16.0629 0x0704  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

08:52:16.0639 0x0704  WIMMount - ok

08:52:16.0659 0x0704  WinDefend - ok

08:52:16.0659 0x0704  WinHttpAutoProxySvc - ok

08:52:16.0709 0x0704  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

08:52:16.0739 0x0704  Winmgmt - ok

08:52:16.0829 0x0704  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll

08:52:16.0899 0x0704  WinRM - ok

08:52:16.0949 0x0704  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys

08:52:16.0969 0x0704  WinUsb - ok

08:52:17.0189 0x0704  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll

08:52:17.0229 0x0704  Wlansvc - ok

08:52:17.0279 0x0704  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys

08:52:17.0289 0x0704  WmiAcpi - ok

08:52:17.0399 0x0704  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

08:52:17.0409 0x0704  wmiApSrv - ok

08:52:17.0519 0x0704  WMPNetworkSvc - ok

08:52:17.0569 0x0704  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll

08:52:17.0579 0x0704  WPCSvc - ok

08:52:17.0619 0x0704  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

08:52:17.0659 0x0704  WPDBusEnum - ok

08:52:17.0699 0x0704  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

08:52:17.0739 0x0704  ws2ifsl - ok

08:52:17.0759 0x0704  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll

08:52:17.0779 0x0704  wscsvc - ok

08:52:17.0809 0x0704  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys

08:52:17.0829 0x0704  WSDPrintDevice - ok

08:52:17.0839 0x0704  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys

08:52:17.0849 0x0704  WSDScan - ok

08:52:17.0849 0x0704  WSearch - ok

08:52:17.0949 0x0704  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll

08:52:18.0009 0x0704  wuauserv - ok

08:52:18.0029 0x0704  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

08:52:18.0049 0x0704  WudfPf - ok

08:52:18.0079 0x0704  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

08:52:18.0099 0x0704  WUDFRd - ok

08:52:18.0129 0x0704  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

08:52:18.0159 0x0704  wudfsvc - ok

08:52:18.0179 0x0704  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll

08:52:18.0199 0x0704  WwanSvc - ok

08:52:18.0219 0x0704  ================ Scan global ===============================

08:52:18.0229 0x0704  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll

08:52:18.0259 0x0704  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll

08:52:18.0279 0x0704  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll

08:52:18.0299 0x0704  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll

08:52:18.0319 0x0704  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe

08:52:18.0329 0x0704  [ Global ] - ok

08:52:18.0329 0x0704  ================ Scan MBR ==================================

08:52:18.0339 0x0704  [ E87267CB6496429BB50554191DA7C765 ] \Device\Harddisk0\DR0

08:52:18.0759 0x0704  \Device\Harddisk0\DR0 - ok

08:52:18.0769 0x0704  [ F2634EFAB9E22A7870007C2453CEFE38 ] \Device\Harddisk1\DR1

08:52:19.0389 0x0704  \Device\Harddisk1\DR1 - ok

08:52:19.0399 0x0704  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2

08:52:19.0549 0x0704  \Device\Harddisk2\DR2 - ok

08:52:19.0549 0x0704  ================ Scan VBR ==================================

08:52:19.0559 0x0704  [ 33196769F5533E97BBF3CF1B0DBD7E97 ] \Device\Harddisk0\DR0\Partition1

08:52:19.0779 0x0704  \Device\Harddisk0\DR0\Partition1 - ok

08:52:19.0789 0x0704  [ D93A77E8B03537FE5B73AEA864B2D202 ] \Device\Harddisk0\DR0\Partition2

08:52:19.0859 0x0704  \Device\Harddisk0\DR0\Partition2 - ok

08:52:19.0859 0x0704  [ 4D770FA5EEDBA50288A779519E293433 ] \Device\Harddisk1\DR1\Partition1

08:52:19.0919 0x0704  \Device\Harddisk1\DR1\Partition1 - ok

08:52:19.0919 0x0704  [ D6B777808A122F9C5B8D9724B6FC2344 ] \Device\Harddisk1\DR1\Partition2

08:52:19.0989 0x0704  \Device\Harddisk1\DR1\Partition2 - ok

08:52:19.0999 0x0704  [ 2B505A9EECDD390A9F6C0753FE860D8C ] \Device\Harddisk1\DR1\Partition3

08:52:20.0049 0x0704  \Device\Harddisk1\DR1\Partition3 - ok

08:52:20.0059 0x0704  [ B67981594E46A69ABCA1D04672CD6AA4 ] \Device\Harddisk1\DR1\Partition4

08:52:20.0109 0x0704  \Device\Harddisk1\DR1\Partition4 - ok

08:52:20.0109 0x0704  [ 2F0174EF90787E5CE6EA31B007331B93 ] \Device\Harddisk2\DR2\Partition1

08:52:20.0119 0x0704  \Device\Harddisk2\DR2\Partition1 - ok

08:52:20.0119 0x0704  ================ Scan generic autorun ======================

08:52:20.0159 0x0704  [ A0B996A6D4F7502EC6A9AADFB87FDA25, 2A79F03DECCC5C11E5B14109F5FBD790A4E005A45C71766E3C85BF14699F034C ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe

08:52:20.0179 0x0704  Acronis Scheduler2 Service - ok

08:52:20.0379 0x0704  [ 1869AA6DAF4F664660225B6D2102DF69, 636E9FBB2B27D8E084A3EABCDFE6498BCD38ACB6983D3D95FB9FB86716033235 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

08:52:20.0539 0x0704  RtHDVCpl - ok

08:52:20.0709 0x0704  [ DF72D700CC33611206675B8A2FD4D4F9, AB3AF6FD92140A1432FEAFFF2015CFAD5E9362F0018EA1D859A2DA349E95847D ] C:\Program Files\Logitech\SetPointP\SetPoint.exe

08:52:20.0749 0x0704  EvtMgr6 - ok

08:52:20.0789 0x0704  [ 80FDA1E7877DDBBB53D736AD290EC08A, E042AD1D6D6F04C2000853A16AEE4F28C6325ABE64C00890460A4EC7FB6D1939 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

08:52:20.0799 0x0704  StartCCC - detected UnsignedFile.Multi.Generic ( 1 )

08:52:21.0070 0x0704  Detect skipped due to KSN trusted

08:52:21.0070 0x0704  StartCCC - ok

08:52:21.0180 0x0704  [ 0B6307FB3D24EACBB86A51E285E1F384, 4658EEBD36669906C15D876B28D566E74703A81A3EF6ACE99EE2B6D8857DA594 ] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe

08:52:21.0220 0x0704  GDFirewallTray - ok

08:52:21.0280 0x0704  [ A3A9E5888143F3DAB803B007393D791F, 42435F0AF4C942F4F05EB80B36188951A8BEAB3E50F67FCDB1FF8B52A04890C0 ] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe

08:52:21.0300 0x0704  AdobeCS4ServiceManager - ok

08:52:21.0370 0x0704  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

08:52:21.0390 0x0704  Adobe ARM - ok

08:52:21.0540 0x0704  [ 22310E2C6AE375142ABBB9EF384ECD40, A8673DF56546E4CDD7A0099D8CCB889415125089F786D0637E8D9B21CE53AB4D ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe

08:52:21.0650 0x0704  BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )

08:52:21.0940 0x0704  Detect skipped due to KSN trusted

08:52:21.0940 0x0704  BrStsMon00 - ok

08:52:22.0010 0x0704  [ 0C0DD390CF53D506414AC2CAA68E7F34, C64A9BAF0FDA5161B9361FC454CA36E7595E6BC969A6FA03993C5949373D8A00 ] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe

08:52:22.0070 0x0704  BrHelp - detected UnsignedFile.Multi.Generic ( 1 )

08:52:22.0350 0x0704  Detect skipped due to KSN trusted

08:52:22.0350 0x0704  BrHelp - ok

08:52:22.0430 0x0704  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

08:52:22.0480 0x0704  Sidebar - ok

08:52:22.0490 0x0704  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

08:52:22.0510 0x0704  mctadmin - ok

08:52:22.0540 0x0704  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

08:52:22.0580 0x0704  Sidebar - ok

08:52:22.0580 0x0704  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

08:52:22.0600 0x0704  mctadmin - ok

08:52:22.0750 0x0704  [ 4C8942B8721813E5C8874D47112DCF73, 85869B814417397D92A028CF841FC7B1B41E5D53EFF3470DED664484709C9FBA ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

08:52:22.0850 0x0704  LightScribe Control Panel - ok

08:52:22.0920 0x0704  [ 16D510C28673BF1565D096D41234773C, 72BC509E8D9B444B37F10A266DF8E05471FC0006F34367EEF24203419EE9585C ] C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe

08:52:22.0930 0x0704  dradio-RecorderTimer - detected UnsignedFile.Multi.Generic ( 1 )

08:52:23.0220 0x0704  Detect skipped due to KSN trusted

08:52:23.0220 0x0704  dradio-RecorderTimer - ok

08:52:23.0250 0x0704  [ 16D510C28673BF1565D096D41234773C, 72BC509E8D9B444B37F10A266DF8E05471FC0006F34367EEF24203419EE9585C ] C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe

08:52:23.0260 0x0704  dradio-RecorderTimer - detected UnsignedFile.Multi.Generic ( 1 )

08:52:23.0260 0x0704  Detect skipped due to KSN trusted

08:52:23.0260 0x0704  dradio-RecorderTimer - ok

08:52:23.0360 0x0704  [ 4C8942B8721813E5C8874D47112DCF73, 85869B814417397D92A028CF841FC7B1B41E5D53EFF3470DED664484709C9FBA ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

08:52:23.0430 0x0704  LightScribe Control Panel - ok

08:52:23.0490 0x0704  [ 4C8942B8721813E5C8874D47112DCF73, 85869B814417397D92A028CF841FC7B1B41E5D53EFF3470DED664484709C9FBA ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

08:52:23.0550 0x0704  LightScribe Control Panel - ok

08:52:23.0560 0x0704  Waiting for KSN requests completion. In queue: 167

08:52:24.0570 0x0704  AV detected via SS2: G Data InternetSecurity, C:\Program Files (x86)\G Data\InternetSecurity\AVK\avkwscpe.exe ( 25.0.0.0 ), 0x41000 ( enabled : updated )

08:52:24.0570 0x0704  FW detected via SS2: G Data Personal Firewall, C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe ( 22.0.0.1 ), 0x41010 ( enabled )

08:52:26.0960 0x0704  ============================================================

08:52:26.0960 0x0704  Scan finished

08:52:26.0960 0x0704  ============================================================

08:52:26.0970 0x1540  Detected object count: 0

08:52:26.0970 0x1540  Actual detected object count: 0

schrauber

09.07.2014 08:02

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

http://www.trojaner-board.de/picture...&pictureid=307

masin

09.07.2014 08:20

Ok, tut mir leid.
Also nochmal, diesmal in drei Portionen:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01

Ran by HDS (administrator) on HDS-NEU2 on 07-07-2014 18:41:42

Running from E:\Downloads\trojanerboard

Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11

Boot Mode: Normal
 
 

==================== Processes (Whitelisted) =================
 

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe

(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe

() C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe

(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

() C:\Program Files (x86)\AntiBrowserSpy\SocialBlock_ProxyCheck.exe

() C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe

() C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe

(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe

() C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe

() C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe

(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe

(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe

(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe

(freenet.de GmbH) C:\Program Files (x86)\freenetMail Dateimanager\DBDDsktDrvTrayApp.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe

(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe

(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe

(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519408 2013-07-18] (Acronis)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8067616 2009-08-18] (Realtek Semiconductor)

HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-05-17] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1756792 2014-05-20] (G Data Software AG)

HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2014-01-04] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104616 2013-10-10] (Acronis International GmbH)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)

HKLM-x32\...\Run: [Adobe Photo Downloader] => C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe [67488 2007-09-11] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [freenet.de Dateimanager Taskleistensymbol] => C:\Program Files (x86)\freenetMail Dateimanager\DBDDsktDrvTrayApp.exe [142336 2009-01-22] (freenet.de GmbH)

HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,

Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)

HKU\S-1-5-21-1477405295-139641872-1139874065-1005\...\Run: [dradio-RecorderTimer] => C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe [41472 2012-04-03] ()

HKU\S-1-5-21-1477405295-139641872-1139874065-1005\...\Run: [] => [X]

HKU\S-1-5-21-1477405295-139641872-1139874065-1005\...\MountPoints2: {0eb18823-749a-11e3-9f74-806e6f6e6963} - F:\Autoplay.exe -auto

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()

ShellIconOverlayIdentifiers: AcronisSyncError -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()

ShellIconOverlayIdentifiers: AcronisSyncInProgress -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()

ShellIconOverlayIdentifiers: AcronisSyncOk -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()

BootExecute: autocheck autochk * auto_reactivate \\?\Volume{0eb18820-749a-11e3-9f74-806e6f6e6963}\bootwiz\asrm.bin
 

==================== Internet (Whitelisted) ====================
 

ProxyEnable: Internet Explorer proxy is enabled.

ProxyServer: localhost:8088

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

SearchScopes: HKLM - DefaultScope {71CA019B-6980-4703-BBEF-AAA0CC218409} URL = hxxp://www.sm.de/?q={searchTerms}

SearchScopes: HKLM - {71CA019B-6980-4703-BBEF-AAA0CC218409} URL = hxxp://www.sm.de/?q={searchTerms}

SearchScopes: HKLM-x32 - DefaultScope value is missing.

SearchScopes: HKCU - DefaultScope {71CA019B-6980-4703-BBEF-AAA0CC218409} URL = 

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: PrintEco - {BEB54677-E12F-44E7-AC7E-48241B866B5F} - C:\Program Files (x86)\PrintEco\PrintEco Office\adxloader64.dll ()

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: PrintEco - {BEB54677-E12F-44E7-AC7E-48241B866B5F} - C:\Program Files (x86)\PrintEco\PrintEco Office\adxloader.dll ()

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Hosts: 127.0.0.1 google-analytics.com

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

FireFox:

========

FF ProfilePath: C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default

FF DefaultSearchEngine: Wikipedia (de)

FF SelectedSearchEngine: Wikipedia (de)

FF Homepage: about:home

FF NetworkProxy: "ftp", "87.250.52.230"

FF NetworkProxy: "ftp_port", 8080

FF NetworkProxy: "http", "87.250.52.230"

FF NetworkProxy: "http_port", 8080

FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"

FF NetworkProxy: "share_proxy_settings", true

FF NetworkProxy: "socks", "87.250.52.230"

FF NetworkProxy: "socks_port", 8080

FF NetworkProxy: "ssl", "87.250.52.230"

FF NetworkProxy: "ssl_port", 8080

FF NetworkProxy: "type", 0

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()

FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)

FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @phonostar.de/phonostar - C:\Program Files (x86)\dradio-Recorder\npphonostarDetectNP.dll No File

FF SearchPlugin: C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\searchplugins\wikipdia-fr.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: FRITZ!Box AddOn - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\fb_add_on@avm.de [2014-01-04]

FF Extension: Nokia Maps 3D browser plugin - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\maps@ovi.com [2014-01-04]

FF Extension: WOT - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-01-12]

FF Extension: DownloadHelper - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-26]

FF Extension: anonymoX - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\client@anonymox.net.xpi [2014-01-04]

FF Extension: Preispilot - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\extension@preispilot.com.xpi [2014-01-04]

FF Extension: CleanTube - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\jid0-Oh6YfHwkh8Cb1Y4efKhBukwKfB0@jetpack.xpi [2014-01-04]

FF Extension: Safe Preview - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\safepreview@everhelper.me.xpi [2014-01-07]

FF Extension: Stealthy - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\stealthyextension@gmail.com.xpi [2014-01-04]

FF Extension: Webutation - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{15fe27f3-e5ab-2d59-4c5c-dadc7945bdbd}.xpi [2014-01-07]

FF Extension: Google Analytics Opt-out Browser Add-on - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2014-01-04]

FF Extension: NoScript - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-03-01]

FF Extension: Youtube Converter MP3 - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{a3a5c777-f583-4fef-9380-ab4add1bc2a5}.xpi [2014-01-04]

FF Extension: Go To Google - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{BCC877E7-7F3F-4632-8338-DAEE4475DE35}.xpi [2014-01-04]

FF Extension: Adblock Plus - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-04]

FF Extension: Fox!Box - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi [2014-01-04]

FF Extension: QuickJava - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2014-01-04]

FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt

FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-01-04]

FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com

FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-01-16]

FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com

FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-01-16]

FF HKLM-x32\...\Firefox\Extensions: [jid0-1wPBLrijxGVkIUhu0kFYq6ZaWzA@jetpack] - C:\Program Files (x86)\AntiBrowserSpy\Addons\Firefox

FF Extension: AntiBrowserSpy - SocialBlocker - C:\Program Files (x86)\AntiBrowserSpy\Addons\Firefox [2014-02-25]

FF HKLM-x32\...\Firefox\Extensions: [firefox@printecosoftware.com] - C:\Program Files (x86)\PrintEco\PrintEco Office\firefox@printecosoftware.com.xpi

FF Extension: PrintEco - C:\Program Files (x86)\PrintEco\PrintEco Office\firefox@printecosoftware.com.xpi [2014-03-17]
 

==================== Services (Whitelisted) =================
 

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-01-06] (Adobe Systems) [File not signed]

R2 AdobeActiveFileMonitor6.0; C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] ()

R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2250360 2014-05-27] (G Data Software AG)

R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)

R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2683760 2014-05-20] (G Data Software AG)

R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]

R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-05-27] (Freemake) [File not signed]

S4 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-01-13] (Ellora Assets Corp.) [File not signed]

R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3203392 2014-05-20] (G Data Software AG)

R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700536 2014-05-20] (G Data Software AG)

R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-18] (Nero AG)

R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]

R2 OS Selector; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2155848 2011-11-15] ()

R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]

S4 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)

S4 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)

S3 Mtpip000ode; No ImagePath
 

==================== Drivers (Whitelisted) ====================
 

R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2009-06-10] (AVM GmbH)

R3 FPCIBASE; C:\Windows\System32\DRIVERS\fpcibase.sys [899328 2009-06-10] (AVM Berlin)

R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [55808 2014-07-03] (G Data Software AG)

R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2014-07-03] (G Data Software AG)

R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [142336 2014-07-03] (G Data Software AG)

R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [64000 2014-07-03] (G Data Software AG)

R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64000 2014-07-03] (G Data Software AG)

R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2014-03-06] (G Data Software)

R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [61440 2014-07-03] (G Data Software AG)

S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)

S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-28] (Malwarebytes Corporation)

R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)

R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)

R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)

S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-01-04] (Acronis International GmbH)

R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-01-04] (Acronis International GmbH)

R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-01-04] (Acronis International GmbH)

S3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0; \??\c:\program files\my dell\pcdsrvc_x64.pkms [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-07-07 18:41 - 2014-07-07 18:41 - 00000000 ____D () C:\FRST

2014-07-07 18:36 - 2014-07-07 18:36 - 00000000 _____ () C:\Users\HDS\defogger_reenable

2014-07-07 15:11 - 2014-07-07 15:11 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Thunderbird

2014-07-07 13:11 - 2014-07-07 13:11 - 00002098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk

2014-07-07 13:11 - 2014-07-07 13:11 - 00002086 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk

2014-07-07 13:11 - 2014-07-07 13:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

2014-07-07 12:38 - 2014-07-07 12:38 - 00000000 ____D () C:\Users\HDS\AppData\Local\Thunderbird

2014-07-03 08:56 - 2014-07-03 08:56 - 00000000 ____D () C:\Users\HDS\AppData\Local\G DATA

2014-07-03 08:41 - 2014-07-03 08:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity

2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreemakeVideoConverter

2014-07-02 11:05 - 2014-07-02 11:05 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake

2014-06-28 15:09 - 2014-07-03 16:49 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\DropboxMaster

2014-06-24 14:22 - 2014-06-24 14:22 - 00001132 _____ () C:\Users\Public\Desktop\freenetMail Dateimanager.lnk

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\freenet

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\freenetMail Dateimanager

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\freenet

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Program Files (x86)\freenetMail Dateimanager

2014-06-20 07:47 - 2014-06-20 07:47 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreeOCR

2014-06-20 07:44 - 2014-06-20 07:47 - 00000000 ____D () C:\FreeOCR

2014-06-20 07:44 - 2014-06-20 07:44 - 00000590 _____ () C:\Users\HDS\Desktop\FreeOCR.lnk

2014-06-20 07:44 - 2014-06-20 07:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOCR

2014-06-20 07:44 - 2007-03-10 10:11 - 02680320 _____ (HiComponents) C:\Windows\SysWOW64\ImageEnXLibrary.ocx

2014-06-20 07:43 - 2014-06-20 08:40 - 00000000 ____D () C:\Users\HDS\Documents\Add-in Express

2014-06-20 07:43 - 2014-06-20 07:43 - 00000000 ____D () C:\Program Files (x86)\PrintEco

2014-06-20 07:40 - 2014-06-20 07:41 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\InetStat

2014-06-18 16:12 - 2014-06-18 16:18 - 00000000 ____D () C:\Users\HDS\Documents\Fax

2014-06-18 09:46 - 2014-06-18 09:46 - 00003090 _____ () C:\Windows\System32\Tasks\{05AE3A2C-E679-448E-AB6E-97F7FFBF0FD5}

2014-06-17 12:09 - 2014-06-17 12:09 - 00001119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 6.0.lnk

2014-06-17 12:09 - 2014-06-17 12:09 - 00001107 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 6.0.lnk

2014-06-17 12:06 - 2014-06-17 12:06 - 01628920 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxsfs.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00547576 ____N (Sonic Solutions) C:\Windows\SysWOW64\px.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00510712 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxdrv.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00379640 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxwave.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00187128 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxmas.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00129784 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxafs.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00118520 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsi64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00116472 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpyi64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00072440 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxhpinst.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsa64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpya64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00052856 ____N (Sonic Solutions) C:\Windows\system32\Drivers\PxHlpa64.sys

2014-06-17 12:06 - 2014-06-17 12:06 - 00039672 ____N (Sonic Solutions) C:\Windows\SysWOW64\vxblock.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdralw2k.sys

2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdr4_xp.sys

2014-06-13 20:21 - 2014-06-13 20:21 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\eXPert PDF 5

2014-06-13 17:19 - 2014-06-16 17:26 - 00000000 ____D () C:\Users\HDS\AppData\Local\Adobe

2014-06-11 07:58 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-06-11 07:58 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-06-11 07:58 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-06-11 07:58 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-06-11 07:58 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-06-11 07:58 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-06-11 07:58 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-06-11 07:58 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-06-11 07:58 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-06-11 07:58 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-06-11 07:58 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-06-11 07:58 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-06-11 07:58 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-06-11 07:58 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-06-11 07:58 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-06-11 07:58 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-06-11 07:58 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-06-11 07:58 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-06-11 07:58 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-06-11 07:58 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-06-11 07:58 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-06-11 07:58 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-06-11 07:58 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-06-11 07:58 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-06-11 07:58 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-06-11 07:58 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-06-11 07:58 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-06-11 07:58 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-06-11 07:58 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-06-11 07:58 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-06-11 07:58 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-06-11 07:58 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-06-11 07:58 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-06-11 07:58 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-06-11 07:58 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-06-11 07:58 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-06-11 07:58 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-06-11 07:58 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-06-11 07:58 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-06-11 07:58 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-06-11 07:58 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-06-11 07:58 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-06-11 07:58 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-06-11 07:58 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-06-11 07:58 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-06-11 07:58 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-06-11 07:58 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-06-11 07:58 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-06-11 07:58 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-06-11 07:58 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-06-11 07:58 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-06-11 07:58 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-06-11 07:33 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll

2014-06-11 07:33 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll

2014-06-11 07:33 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2014-06-11 07:33 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS

2014-06-11 07:33 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2014-06-11 07:33 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-06-11 07:33 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll

2014-06-11 07:33 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

2014-06-11 07:33 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll

2014-06-11 07:33 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2014-06-11 07:33 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll

2014-06-11 07:33 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

2014-06-11 07:28 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-06-11 07:28 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-06-10 13:22 - 2014-04-09 17:51 - 06715624 _____ (TomTom International B.V.) C:\Users\HDS\Downloads\InstallMyDriveConnect_3_3_0_1502.exe

2014-06-08 15:09 - 2014-06-08 15:09 - 00000000 ____D () C:\Program Files (x86)\SuperCar

2014-06-08 14:57 - 2014-06-08 15:09 - 00001905 _____ () C:\Users\Public\Desktop\SuperCar.lnk

2014-06-08 14:57 - 2014-06-08 14:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperCar

2014-06-07 08:59 - 2014-06-07 08:59 - 00000938 _____ () C:\Users\HDS\Desktop\DL - Verknüpfung.lnk
 

==================== One Month Modified Files and Folders =======
 

2014-07-07 18:41 - 2014-07-07 18:41 - 00000000 ____D () C:\FRST

2014-07-07 18:36 - 2014-07-07 18:36 - 00000000 _____ () C:\Users\HDS\defogger_reenable

2014-07-07 18:36 - 2014-01-04 17:50 - 00000000 ____D () C:\Users\HDS

2014-07-07 18:28 - 2014-01-04 14:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-07-07 18:19 - 2014-01-03 19:14 - 01827938 _____ () C:\Windows\WindowsUpdate.log

2014-07-07 15:11 - 2014-07-07 15:11 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Thunderbird

2014-07-07 13:16 - 2009-07-14 06:45 - 00018816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-07-07 13:16 - 2009-07-14 06:45 - 00018816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-07-07 13:11 - 2014-07-07 13:11 - 00002098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk

2014-07-07 13:11 - 2014-07-07 13:11 - 00002086 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk

2014-07-07 13:11 - 2014-07-07 13:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

2014-07-07 13:11 - 2014-01-03 20:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-07-07 13:09 - 2014-01-05 13:18 - 00000000 ____D () C:\Users\HDS\AppData\Local\HTC MediaHub

2014-07-07 13:09 - 2014-01-04 11:59 - 00262046 _____ () C:\Windows\PFRO.log

2014-07-07 13:09 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-07-07 13:09 - 2009-07-14 06:51 - 00058674 _____ () C:\Windows\setupact.log

2014-07-07 12:38 - 2014-07-07 12:38 - 00000000 ____D () C:\Users\HDS\AppData\Local\Thunderbird

2014-07-06 21:14 - 2014-01-04 13:52 - 00001617 _____ () C:\Windows\BRRBCOM.INI

2014-07-05 08:19 - 2014-01-05 11:57 - 00001841 _____ () C:\Windows\system32\TeamViewer9_Hooks.log

2014-07-05 08:19 - 2014-01-05 11:56 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk

2014-07-05 08:19 - 2014-01-05 11:56 - 00001090 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk

2014-07-03 21:36 - 2014-04-05 16:09 - 00000000 ___RD () C:\Users\HDS\Dropbox

2014-07-03 16:52 - 2014-04-05 16:06 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Dropbox

2014-07-03 16:49 - 2014-06-28 15:09 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\DropboxMaster

2014-07-03 08:56 - 2014-07-03 08:56 - 00000000 ____D () C:\Users\HDS\AppData\Local\G DATA

2014-07-03 08:41 - 2014-07-03 08:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity

2014-07-03 08:41 - 2014-04-10 14:04 - 00020992 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBFlt64.sys

2014-07-03 08:41 - 2014-04-10 14:04 - 00001978 _____ () C:\Users\Public\Desktop\G Data InternetSecurity.lnk

2014-07-03 08:41 - 2014-01-03 20:03 - 00064000 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys

2014-07-03 08:41 - 2014-01-03 20:02 - 00064000 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys

2014-07-03 08:41 - 2014-01-03 20:02 - 00061440 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys

2014-07-03 08:40 - 2014-01-05 13:17 - 00053328 _____ () C:\Windows\DPINST.LOG

2014-07-03 08:40 - 2014-01-03 20:02 - 00142336 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys

2014-07-03 08:40 - 2014-01-03 20:02 - 00055808 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys

2014-07-02 17:31 - 2014-01-05 10:50 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\vlc

2014-07-02 17:26 - 2009-07-14 19:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat

2014-07-02 17:26 - 2009-07-14 19:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat

2014-07-02 17:26 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-07-02 14:01 - 2014-01-22 18:39 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\KeePass

2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreemakeVideoConverter

2014-07-02 11:05 - 2014-07-02 11:05 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake

2014-07-02 11:05 - 2014-01-16 16:28 - 00001320 _____ () C:\Users\Public\Desktop\Freemake Video Converter.lnk

2014-07-02 11:05 - 2014-01-16 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake

2014-06-30 15:40 - 2014-01-05 11:34 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\CoreFTP

2014-06-29 16:14 - 2014-01-05 11:58 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Skype

2014-06-29 13:30 - 2014-03-28 18:36 - 00000000 ___RD () C:\Program Files (x86)\Skype

2014-06-29 13:30 - 2014-01-05 11:58 - 00000000 ____D () C:\ProgramData\Skype

2014-06-28 15:09 - 2014-04-05 16:09 - 00001011 _____ () C:\Users\HDS\Desktop\Dropbox.lnk

2014-06-28 12:34 - 2014-01-14 16:49 - 00017920 _____ () C:\Users\HDS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-06-24 14:22 - 2014-06-24 14:22 - 00001132 _____ () C:\Users\Public\Desktop\freenetMail Dateimanager.lnk

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\freenet

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\freenetMail Dateimanager

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\freenet

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Program Files (x86)\freenetMail Dateimanager

2014-06-20 08:40 - 2014-06-20 07:43 - 00000000 ____D () C:\Users\HDS\Documents\Add-in Express

2014-06-20 07:47 - 2014-06-20 07:47 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreeOCR

2014-06-20 07:47 - 2014-06-20 07:44 - 00000000 ____D () C:\FreeOCR

2014-06-20 07:44 - 2014-06-20 07:44 - 00000590 _____ () C:\Users\HDS\Desktop\FreeOCR.lnk

2014-06-20 07:44 - 2014-06-20 07:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOCR

2014-06-20 07:43 - 2014-06-20 07:43 - 00000000 ____D () C:\Program Files (x86)\PrintEco

2014-06-20 07:41 - 2014-06-20 07:40 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\InetStat

2014-06-18 17:58 - 2014-01-04 12:07 - 00000871 _____ () C:\Users\Public\Desktop\VLC media player.lnk

2014-06-18 16:18 - 2014-06-18 16:12 - 00000000 ____D () C:\Users\HDS\Documents\Fax

2014-06-18 09:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help

2014-06-18 09:46 - 2014-06-18 09:46 - 00003090 _____ () C:\Windows\System32\Tasks\{05AE3A2C-E679-448E-AB6E-97F7FFBF0FD5}

2014-06-18 09:43 - 2014-01-04 13:21 - 00002669 _____ () C:\Users\Public\Desktop\TAXMAN 2014 spezial.lnk

2014-06-18 09:43 - 2014-01-03 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware

2014-06-18 09:27 - 2014-01-04 17:50 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Adobe

2014-06-17 12:16 - 2014-01-04 09:54 - 00000000 ____D () C:\ProgramData\Adobe

2014-06-17 12:14 - 2014-01-04 17:50 - 00096280 _____ () C:\Users\HDS\AppData\Local\GDIPFONTCACHEV1.DAT

2014-06-17 12:14 - 2009-07-14 06:45 - 00369552 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-06-17 12:09 - 2014-06-17 12:09 - 00001119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 6.0.lnk

2014-06-17 12:09 - 2014-06-17 12:09 - 00001107 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 6.0.lnk

2014-06-17 12:06 - 2014-06-17 12:06 - 01628920 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxsfs.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00547576 ____N (Sonic Solutions) C:\Windows\SysWOW64\px.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00510712 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxdrv.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00379640 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxwave.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00187128 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxmas.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00129784 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxafs.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00118520 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsi64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00116472 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpyi64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00072440 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxhpinst.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsa64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpya64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00052856 ____N (Sonic Solutions) C:\Windows\system32\Drivers\PxHlpa64.sys

2014-06-17 12:06 - 2014-06-17 12:06 - 00039672 ____N (Sonic Solutions) C:\Windows\SysWOW64\vxblock.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdralw2k.sys

2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdr4_xp.sys

2014-06-17 12:06 - 2014-01-04 11:53 - 00000209 _____ () C:\Windows\ODBCINST.INI

2014-06-17 12:06 - 2014-01-04 09:53 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-06-17 12:03 - 2014-02-19 18:37 - 00000000 ____D () C:\Users\Hans-Dieter\AppData\Roaming\Adobe

2014-06-17 12:03 - 2014-01-04 15:43 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe

2014-06-17 10:53 - 2014-03-27 18:12 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-06-17 10:53 - 2014-01-05 13:05 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-06-17 10:48 - 2014-03-27 18:12 - 00004118 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-06-17 10:48 - 2014-01-05 13:05 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-06-17 08:47 - 2014-01-18 14:52 - 00007906 _____ () C:\Users\HDS\Documents\capella.log

2014-06-16 17:26 - 2014-06-13 17:19 - 00000000 ____D () C:\Users\HDS\AppData\Local\Adobe

2014-06-15 15:50 - 2014-01-22 18:37 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk

2014-06-15 15:50 - 2014-01-22 18:37 - 00001105 _____ () C:\Users\HDS\Desktop\KeePass 2.lnk

2014-06-15 15:50 - 2014-01-22 18:37 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2

2014-06-15 12:53 - 2014-01-05 10:30 - 00000000 ____D () C:\Users\HDS\Documents\MyHeritage

2014-06-13 20:21 - 2014-06-13 20:21 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\eXPert PDF 5

2014-06-13 20:17 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp

2014-06-13 07:12 - 2014-02-25 16:15 - 00000000 ____D () C:\Program Files (x86)\AntiBrowserSpy

2014-06-13 07:11 - 2014-06-03 18:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-06-12 17:21 - 2014-01-03 20:51 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2014-06-12 17:21 - 2014-01-03 20:51 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

2014-06-12 13:28 - 2014-01-04 14:48 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-06-12 13:28 - 2014-01-04 14:48 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-06-12 13:28 - 2014-01-03 19:44 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-06-12 08:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache

2014-06-11 21:59 - 2014-01-05 09:57 - 00000000 ____D () C:\Windows\system32\MRT

2014-06-11 21:54 - 2014-01-05 09:57 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-06-11 21:54 - 2014-01-04 10:06 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-06-11 21:53 - 2014-06-04 05:15 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-06-09 16:03 - 2014-01-05 10:43 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\GeoSetter

2014-06-08 15:09 - 2014-06-08 15:09 - 00000000 ____D () C:\Program Files (x86)\SuperCar

2014-06-08 15:09 - 2014-06-08 14:57 - 00001905 _____ () C:\Users\Public\Desktop\SuperCar.lnk

2014-06-08 14:57 - 2014-06-08 14:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperCar

2014-06-08 11:13 - 2014-06-11 07:28 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-06-08 11:08 - 2014-06-11 07:28 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-06-07 08:59 - 2014-06-07 08:59 - 00000938 _____ () C:\Users\HDS\Desktop\DL - Verknüpfung.lnk
 

Some content of TEMP:

====================

C:\Users\HDS\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe

C:\Users\HDS\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpl_pmpy.dll

C:\Users\HDS\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsbry6o.dll

C:\Users\HDS\AppData\Local\Temp\FreemakeVideoConverter_4.1.4.1.exe

C:\Users\HDS\AppData\Local\Temp\FreemakeVideoDownloader_3.6.2.3.exe

C:\Users\HDS\AppData\Local\Temp\NOSEventMessages.dll

C:\Users\HDS\AppData\Local\Temp\Quarantine.exe

C:\Users\HDS\AppData\Local\Temp\vlc-2.1.4-win64.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-06-29 07:49
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Sendung 2:
FRST Additions Logfile:

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01

Ran by HDS at 2014-07-07 18:43:23

Running from E:\Downloads\trojanerboard

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: G Data InternetSecurity (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}

AS: G Data InternetSecurity (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
 

==================== Installed Programs ======================
 

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

Acoustica 4.1 (HKLM-x32\...\Acoustica_is1) (Version: 4.1 - Acon Digital Media GmbH)

Acronis True Image 2014 (HKLM-x32\...\{3ECDD663-5AF8-489B-9E3C-561F33A271BD}Visible) (Version: 17.0.6673 - Acronis)

Acronis True Image 2014 (x32 Version: 17.0.6673 - Acronis) Hidden

Acronis*Disk*Director*11*Home (HKLM-x32\...\{8EFB7927-48AD-4E6D-91B7-6B2BD6C3F380}) (Version: 11.0.2343 - Acronis)

Adobe Acrobat 7.0 Professional - English, Français, Deutsch (x32 Version: 7.1.0 - Adobe Systems) Hidden

Adobe Acrobat 7.1.0 Professional - English, Français, Deutsch (HKLM-x32\...\Adobe Acrobat 7.0 Professional - English, Français, Deutsch - V) (Version: 7.1.0 - Adobe Systems)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)

Adobe AIR (x32 Version: 1.1.0.5790 - Adobe Systems Inc.) Hidden

Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden

Adobe Bridge 1.0 (x32 Version: 001.000.001 - Adobe Systems) Hidden

Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden

Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden

Adobe Common File Installer (x32 Version: 1.00.001 - Adobe System Incorporated) Hidden

Adobe CSI CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden

Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden

Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden

Adobe Device Central CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden

Adobe Dreamweaver CS4 (HKLM-x32\...\Adobe_acce07fd2c8fe7f9e3f26243e626578) (Version: 10.0 - Adobe Systems Incorporated)

Adobe Dreamweaver CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden

Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden

Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)

Adobe Help Center 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden

Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)

Adobe Media Player (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden

Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden

Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden

Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)

Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden

Adobe Photoshop Elements 6.0 (HKLM-x32\...\Adobe Photoshop Elements 6) (Version: 6.0 - Adobe Systems, Inc.)

Adobe Photoshop Elements 6.0 (x32 Version: 6.0 - Adobe Systems, Inc.) Hidden

Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)

Adobe Search for Help (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe Service Manager Extension (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden

Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)

Adobe Stock Photos 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden

Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden

Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden

Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden

AntiBrowserSpy (HKLM-x32\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 141 - Abelssoft)

Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

ATI AVIVO64 Codecs (Version: 11.6.0.50517 - ATI Technologies Inc.) Hidden

ATI Catalyst Install Manager (HKLM\...\{14AF193A-EC13-3B3E-BFBF-D2C471F12718}) (Version: 3.0.778.0 - ATI Technologies, Inc.)

Bizzybolt (HKLM\...\Bizzybolt) (Version: 2013.11.20.184610 - Bizzybolt) <==== ATTENTION

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{D6E46FC2-B513-4B7D-8C8C-352F4735C541}) (Version: 12.54.02 - Broadcom Corporation)

Brother MFL-Pro Suite MFC-J470DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.4.0 - Brother Industries, Ltd.)

CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.5.0.3 - Canon Inc.)

Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.1.6 - Canon Inc.)

Canon RAW Image Task for ZoomBrowser EX (HKLM-x32\...\RAW Image Task) (Version: 3.3.0.5 - Canon Inc.)

Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.10.2.21 - Canon Inc.)

Canon Utilities Digital Photo Professional 3.4 (HKLM-x32\...\DPP) (Version: 3.4.0.0 - Canon Inc.)

Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.4.0.1 - Canon Inc.)

Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.4.0.5 - Canon Inc.)

Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 6.4.0.5 - Canon Inc.)

Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.21.45 - Canon Inc.)

Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.3.0.0 - Canon Inc.)

Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\RemoteCaptureTask) (Version: 1.7.1.9 - Canon Inc.)

Canon Utilities WFT-E1/E2/E3 Utility (HKLM-x32\...\WFTK) (Version: 3.2.1.1 - Canon Inc.)

Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.1.1.21 - Canon Inc.)

capella 7 (HKLM-x32\...\{4623BAA6-0B23-4D47-ABD0-73F2DA4FAF56}) (Version: 7.1.20 - capella software AG)

Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden

Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0517.1742.29870 - ATI) Hidden

Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0517.1742.29870 - ATI) Hidden

Catalyst Control Center InstallProxy (x32 Version: 2010.0517.1742.29870 - ATI Technologies, Inc.) Hidden

Catalyst Control Center Localization All (x32 Version: 2010.0517.1742.29870 - ATI) Hidden

CCC Help Chinese Standard (x32 Version: 2010.0517.1741.29870 - ATI) Hidden

CCC Help Chinese Traditional (x32 Version: 2010.0517.1741.29870 - ATI) Hidden

CCC Help Czech (x32 Version: 2010.0517.1741.29870 - ATI) Hidden

CCC Help Danish (x32 Version: 2010.0517.1741.29870 - ATI) Hidden

CCC Help Dutch (x32 Version: 2010.0517.1741.29870 - ATI) Hidden

CCC Help English (x32 Version: 2010.0517.1741.29870 - ATI) Hidden

CCC Help Finnish (x32 Version: 2010.0517.1741.29870 - ATI) Hidden

CCC Help French (x32 Version: 2010.0517.1741.29870 - ATI) Hidden

CCC Help German (x32 Version: 2010.0517.1741.29870 - ATI) Hidden

CCC Help Greek (x32 Version: 2010.0517.1741.29870 - ATI) Hidden

CCC Help Hungarian (x32 Version: 2010.0517.1741.29870 - ATI) Hidden

CCC Help Italian (x32 Version: 2010.0517.1741.29870 - ATI) Hidden

CCC Help Japanese (x32 Version: 2010.0517.1741.29870 - ATI) Hidden

CCC Help Korean (x32 Version: 2010.0517.1741.29870 - ATI) Hidden

CCC Help Norwegian (x32 Version: 2010.0517.1741.29870 - ATI) Hidden

CCC Help Polish (x32 Version: 2010.0517.1741.29870 - ATI) Hidden

CCC Help Portuguese (x32 Version: 2010.0517.1741.29870 - ATI) Hidden

CCC Help Russian (x32 Version: 2010.0517.1741.29870 - ATI) Hidden

CCC Help Spanish (x32 Version: 2010.0517.1741.29870 - ATI) Hidden

CCC Help Swedish (x32 Version: 2010.0517.1741.29870 - ATI) Hidden

CCC Help Thai (x32 Version: 2010.0517.1741.29870 - ATI) Hidden

CCC Help Turkish (x32 Version: 2010.0517.1741.29870 - ATI) Hidden

ccc-core-static (x32 Version: 2010.0517.1742.29870 - Ihr Firmenname) Hidden

ccc-utility64 (Version: 2010.0517.1742.29870 - ATI) Hidden

Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden

ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version:  - DownloadHelper)

Core FTP LE (HKLM-x32\...\CoreFTP) (Version:  - )

DDBAC (HKLM-x32\...\{AC3DC2B3-9380-4966-87B6-9FAEB5E7739C}) (Version: 5.3.25 - DataDesign)

DDBAC (HKLM-x32\...\{E3B6D3FB-A593-41BA-9AB1-FFE46F608565}) (Version: 5.3.21 - DataDesign)

Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{2A16B95F-7377-410A-B961-EFD9394E1AF3}) (Version:  - Microsoft)

dradio-Recorder Version 3.02.6 (HKLM-x32\...\dradio-Recorder_is1) (Version:  - )

Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)

eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden

eXPert PDF 5 (HKLM-x32\...\{A6E92CAB-9E63-46DC-8ABF-0CAFF7B7CD02}) (Version: 5.1.200.0 - Visage Software)

Freemake Video Converter Version 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)

Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.6.2 - Ellora Assets Corporation)

freenetMail Dateimanager (HKLM-x32\...\freenetMail Dateimanager) (Version: 1.4.15a - freenet.de GmbH)

FreeOCR v5.0 (HKLM-x32\...\freeocr_is1) (Version:  - )

G Data InternetSecurity (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.4 - G Data Software AG)

Garmin BaseCamp (HKLM-x32\...\{EBAC8FD4-28EC-46F7-BF9E-89D6E6673001}) (Version: 4.2.5 - Garmin Ltd or its subsidiaries)

Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)

GeoSetter 3.4.16 (HKLM-x32\...\GeoSetter_is1) (Version:  - Friedemann Schmidt)

Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden

Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)

GoogleClean (HKLM-x32\...\{4281435C-AD1D-4C8A-B9C0-3961C08EF142}_is1) (Version: 5.0.000 - Abelssoft)

High-Definition Video Playback (x32 Version: 11.1.11100.4.196 - Nero AG) Hidden

HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.10.0.001 - HTC Corporation)

HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.0.52.0 - HTC)

iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)

InetStat (HKCU\...\InetStat) (Version: 0.5b - InetStat)

IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)

IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)

iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)

Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)

Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden

Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)

Java(TM) 6 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216021FF}) (Version: 6.0.210 - Oracle)

Java(TM) 6 Update 22 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416022FF}) (Version: 6.0.220 - Oracle)

KeePass Password Safe 2.26 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.26 - Dominik Reichl)

kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden

Lexware Info Service (HKLM-x32\...\{85BF9FDB-BD5B-407C-9CAE-3542E5164783}) (Version: 4.00.00.0075 - Haufe-Lexware GmbH & Co.KG)

Lexware online banking (HKLM-x32\...\{A64DF516-9CDC-4299-BD34-2B2C80CD453B}) (Version: 19.00.00.0059 - Haufe-Lexware GmbH & Co.KG)

LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe)

Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)

Lotus Notes 6.5.1 de (HKLM-x32\...\{C626B47C-8312-4D8C-89E1-16FE42EF34E6}) (Version: 6.501.421 - IBM)

Lupas Rename 2000 v5.0 Release (HKLM-x32\...\Lupas Rename 2000_is1) (Version:  - Ivan Anton Albarracin)

Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden

Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden

Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)

Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Single Image 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden

Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden

Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.6.0 - Mozilla)

Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)

MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden

MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden

MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden

MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.4.6422.14 - PC-Doctor, Inc.)

MyDriveConnect 3.3.0.1502 (HKLM-x32\...\MyDriveConnect) (Version: 3.3.0.1502 - TomTom)

MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 7.0.0.7129 - MyHeritage.com)

MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)

Nero 11 Cliparts (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden

Nero 11 Disc Menus 1 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden

Nero 11 Disc Menus 2 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden

Nero 11 Disc Menus 3 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden

Nero 11 Disc Menus Basic (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden

Nero 11 Effects Basic (x32 Version: 11.0.11400.14.0 - Nero AG) Hidden

Nero 11 Image Samples (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden

Nero 11 Kwik Themes 1 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden

Nero 11 Kwik Themes 2 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden

Nero 11 Kwik Themes 3 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden

Nero 11 Kwik Themes 4 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden

Nero 11 Kwik Themes Basic (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden

Nero 11 PiP Effects 1 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden

Nero 11 PiP Effects Basic (x32 Version: 11.0.11400.14.0 - Nero AG) Hidden

Nero 11 Platinum (HKLM-x32\...\{79B3E8EE-35F2-4CCD-82D9-4A57F408E449}) (Version: 11.2.00700 - Nero AG)

Nero 11 Video Samples (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden

Nero 11 Video Transitions 1 (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden

Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden

Nero BackItUp 11 (x32 Version: 6.2.18400.2.100 - Nero AG) Hidden

Nero BackItUp 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden

Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG)

Nero Burning ROM 11 (x32 Version: 11.2.10300.0.0 - Nero AG) Hidden

Nero Burning ROM 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden

Nero ControlCenter 11 (x32 Version: 11.0.12700.0.27 - Nero AG) Hidden

Nero ControlCenter 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden

Nero Core Components 11 (x32 Version: 11.0.16300.1.23 - Nero AG) Hidden

Nero CoverDesigner 11 (x32 Version: 6.0.11000.13.100 - Nero AG) Hidden

Nero CoverDesigner 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden

Nero Express 11 (x32 Version: 11.2.10300.0.0 - Nero AG) Hidden

Nero Express 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden

Nero Kwik Media (x32 Version: 1.10.24800.146.100 - Nero AG) Hidden

Nero Kwik Media Help (CHM) (x32 Version: 11.0.10200 - Nero AG) Hidden

Nero Recode 11 (x32 Version: 5.2.10900.0.0 - Nero AG) Hidden

Nero Recode 11 Help (CHM) (x32 Version: 11.0.10600 - Nero AG) Hidden

Nero RescueAgent 11 (x32 Version: 4.0.10600.10.100 - Nero AG) Hidden

Nero RescueAgent 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden

Nero SharedVideoCodecs (x32 Version: 1.0.11500.1.5 - Nero AG) Hidden

Nero SoundTrax 11 (x32 Version: 5.0.10700.6.100 - Nero AG) Hidden

Nero SoundTrax 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden

Nero Update (x32 Version: 11.0.11500.28.0 - Nero AG) Hidden

Nero Video 11 (x32 Version: 8.2.15700.3.100 - Nero AG) Hidden

Nero Video 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden

Nero WaveEditor 11 (x32 Version: 6.2.11300.0.100 - Nero AG) Hidden

Nero WaveEditor 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden

nero.prerequisites.msi (x32 Version: 11.0.20010 - Nero AG) Hidden

Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)

Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)

Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden

PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)

PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)

PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)

Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden

Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)

PrintEco Office (HKLM-x32\...\{864C0654-5C9F-4F03-85D5-47CA3062C7E2}) (Version: 1.4.70 - PrintEco)

Quicken 2014 (HKLM-x32\...\{E60036CF-1E46-4DFE-832F-5476574B30FF}) (Version: 21.37.00.0185 - Haufe-Lexware GmbH & Co.KG)

Quicken DELUXE Jubiläumsversion (HKLM-x32\...\{A907A713-DA24-4352-8786-96C7A6944646}) (Version: 20.36.00.0134 - Haufe-Lexware GmbH & Co.KG)

QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5919 - Realtek Semiconductor Corp.)

Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation)

Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.23.0 - Renesas Electronics Corporation) Hidden

Rossmann Fotowelt Software 4.13 (HKLM-x32\...\Rossmann Fotowelt Software) (Version: 4.13 - ORWO Net)

Samsung AllShare (HKLM-x32\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.)

Samsung AllShare (x32 Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Hidden

Secure Eraser (HKLM-x32\...\Secure Eraser_is1) (Version: 4.2.0.1 - ASCOMP Software GmbH)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden

Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)

Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden

SUPER © v2014.build.60+Recorder (2014/02/18) Version v2014.buil (HKLM-x32\...\{8E2A18E2-96AF-8549-4DE7-5C06B75719A4}_is1) (Version: v2014.build.60+Recorder - eRightSoft)

SuperCar (HKLM-x32\...\SuperCar) (Version:  - )

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

TAXMAN 2014 spezial (HKLM-x32\...\{23CCE76F-7421-4090-8081-BD519F2F93F4}) (Version: 20.04.00.0003 - Haufe-Lexware GmbH & Co.KG)

TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer)

Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version:  - Microsoft)

Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version:  - Microsoft)

Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}_Office14.SingleImage_{64D96F30-CF4C-4CCE-AAF2-F8909348BF35}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.SingleImage_{9F6507AC-7D8F-46C1-B90F-59C7828E0E0D}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0410-1000-0000000FF1CE}_Office14.SingleImage_{B2508D75-61CF-4CC0-84C0-CF257219201D}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version:  - Microsoft)

Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)

Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)

Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0407-1000-0000000FF1CE}_Office14.SingleImage_{6164E0E5-C903-488C-93AF-1B7AF7EBC331}) (Version:  - Microsoft)

Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version:  - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0407-1000-0000000FF1CE}_Office14.SingleImage_{FD360122-6829-4497-97C1-1BF578EF695B}) (Version:  - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version:  - Microsoft)

Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)

Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version:  - Microsoft)

Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version:  - Microsoft)

Update for Microsoft Word 2010 (KB2880529) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{89FDC8D9-FB84-4EFE-950D-AF4EECC3B64C}) (Version:  - Microsoft)

UpdateYeti (HKLM-x32\...\UpdateYeti_is1) (Version: 2.16 - Abelssoft)

Visual C++ 9.0 CRT (x86) WinSXS MSM (x32 Version: 9.0 - Microsoft Corporation) Hidden

Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)

VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)

Welcome App (Start-up experience) (x32 Version: 11.0.23500.0.0 - Nero AG) Hidden

Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)

Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)

WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

XnView 2.12 (HKLM-x32\...\XnView_is1) (Version: 2.12 - Gougelet Pierre-e)
 

==================== Restore Points  =========================
 

22-06-2014 16:11:57 Windows Update

28-06-2014 10:21:06 Windows Update

02-07-2014 07:36:40 Windows Update
 

==================== Hosts content: ==========================
 

2009-07-14 04:34 - 2014-03-31 15:24 - 00000863 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 google-analytics.com
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {1FECA8C6-0AF7-4BDA-8463-A95604FC3964} - System32\Tasks\AntiBrowserSpy - SocialBlock - IEProxyCheck => C:\Program Files (x86)\AntiBrowserSpy\SocialBlock_ProxyCheck.exe [2014-01-08] ()

Task: {30EE096A-F76E-4793-97A4-C487EA3C2650} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-12-03] (PC-Doctor, Inc.)

Task: {38565432-BFA7-4836-8020-C12C9F5E6DF8} - System32\Tasks\Abelssoft\UpdateYeti scan => C:\Program Files (x86)\UpdateYeti\UpdateYeti.exe [2014-02-18] (Ascora GmbH)

Task: {435A0533-5AF4-4078-B580-08CAFB0A7898} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {50F7C0A7-34B3-43E2-8E84-D811DB9F182D} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-12-03] (PC-Doctor, Inc.)

Task: {95BC6CCC-9B9B-45BA-A5F6-AAA741E5E77B} - System32\Tasks\AntiBrowserSpy - SocialBlock - IE => C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe [2014-01-08] ()

Task: {980E0CDC-C1FE-4BFD-8CB8-F6F7CB6F5481} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-12] (Adobe Systems Incorporated)

Task: {CDD01417-B496-493F-B6DD-43A9FFC02AF3} - System32\Tasks\AntiBrowserSpy - BrowserMask => C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2014-01-08] ()

Task: {E3F06EE1-F3B9-4C89-A4E3-3CA6A1E74C5F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-05] (Google Inc.)

Task: {E83FDDA6-C32F-4394-A1AB-B03D54319006} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-05] (Google Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 

2007-09-11 00:45 - 2007-09-11 00:45 - 00124832 _____ () C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

2014-01-05 13:17 - 2012-12-07 18:26 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

2014-01-04 13:50 - 2005-04-22 06:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll

2014-02-25 16:15 - 2014-01-08 09:21 - 00778240 _____ () C:\Program Files (x86)\AntiBrowserSpy\SocialBlock_ProxyCheck.exe

2014-02-25 16:15 - 2014-01-08 09:18 - 01136640 _____ () C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe

2013-10-01 11:32 - 2013-10-01 11:32 - 02818216 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll

2014-02-25 16:15 - 2014-01-08 09:21 - 00823424 _____ () C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe

2014-02-25 16:15 - 2014-01-08 09:21 - 00055936 _____ () C:\Program Files (x86)\AntiBrowserSpy\AbSettings.dll

2014-02-25 16:15 - 2014-01-08 09:21 - 00861312 _____ () C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyResources.dll

2014-02-25 16:15 - 2014-01-08 09:21 - 01340032 _____ () C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyLibrary.dll

2014-02-25 16:15 - 2014-01-08 09:21 - 01401472 _____ () C:\Program Files (x86)\AntiBrowserSpy\AbGui.dll

2014-02-25 16:15 - 2014-01-08 09:21 - 00016000 _____ () C:\Program Files (x86)\AntiBrowserSpy\AbProcessManager.dll

2011-11-15 19:44 - 2011-11-15 19:44 - 02155848 _____ () C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe

2011-10-07 11:39 - 2011-10-07 11:39 - 01304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll

2014-01-04 15:15 - 2012-04-03 18:14 - 00041472 _____ () C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe

2008-11-18 13:00 - 2008-11-18 13:00 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll

2010-05-17 18:40 - 2010-05-17 18:40 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

2014-03-21 16:07 - 2014-03-21 16:07 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe

2014-05-20 03:38 - 2014-05-20 03:38 - 00340088 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll

2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2014-03-21 16:05 - 2014-03-21 16:05 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll

2014-03-21 16:06 - 2014-03-21 16:06 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll

2014-03-21 16:06 - 2014-03-21 16:06 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll

2014-03-21 16:06 - 2014-03-21 16:06 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll

2014-03-21 16:06 - 2014-03-21 16:06 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll

2014-03-21 16:08 - 2014-03-21 16:08 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll

2014-03-21 16:09 - 2014-03-21 16:09 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll

2014-01-04 13:50 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll

2013-10-10 13:02 - 2013-10-10 13:02 - 00013120 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 01135616 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMSWrap.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00656896 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ContentDirectoryPresenter.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00105472 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMCDP.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00098816 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\FolderCDP.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00077312 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MetadataFramework.dll

2012-01-05 23:40 - 2012-01-05 23:40 - 00520234 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\sqlite3.dll

2012-01-05 23:40 - 2012-01-05 23:40 - 00450560 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MoodExtractor.dll

2012-01-05 23:40 - 2012-01-05 23:40 - 05717504 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMImgExtractor.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00029184 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AutoChaptering.dll

2012-01-05 23:40 - 2012-01-05 23:40 - 00147456 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexpat.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoThumb.dll

2012-01-05 23:40 - 2012-01-05 23:40 - 04671488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avcodec-52.dll

2012-01-05 23:40 - 2012-01-05 23:40 - 00070656 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avutil-50.dll

2012-01-05 23:40 - 2012-01-05 23:40 - 00686080 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avformat-52.dll

2012-01-05 23:40 - 2012-01-05 23:40 - 00152064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\swscale-0.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00027648 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AudioExtractor.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00063488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ID3Driver.dll

2012-01-05 23:40 - 2012-01-05 23:40 - 00366592 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\tag.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00289792 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libThumbnail.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00023040 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RichInfoDriver.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoExtractor.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ThumbnailMaker.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00133120 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoMetadataDriver.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00290304 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libKeyFrame.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\SECMetaDriver.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ImageExtractor.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\photoDriver.dll

2012-01-05 23:40 - 2012-01-05 23:40 - 00399826 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexif-12.dll.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00013824 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\TextExtractor.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00031232 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\Autobackup.dll

2012-02-22 17:46 - 2012-02-22 17:46 - 00054784 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RosettaAllShare.dll

2012-01-05 23:40 - 2012-01-05 23:40 - 00044032 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\us.dll

2014-02-04 19:25 - 2014-02-04 19:25 - 00028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll

2014-02-04 19:28 - 2014-02-04 19:28 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll

2014-06-03 18:43 - 2014-06-06 06:38 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

2013-10-01 12:00 - 2013-10-01 12:00 - 00022336 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll
 

==================== Alternate Data Streams (whitelisted) =========
 
 

==================== Safe Mode (whitelisted) ===================
 
 

==================== EXE Association (whitelisted) =============
 
 

==================== MSCONFIG/TASK MANAGER disabled items =========
 
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (07/07/2014 06:35:19 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 

Error: (07/07/2014 06:18:49 PM) (Source: SideBySide) (EventID: 9) (User: )

Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.

Das Stammelement der Manifestdatei muss assembliert sein.
 

Error: (07/07/2014 04:06:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 8019
 

Error: (07/07/2014 04:06:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 8019
 

Error: (07/07/2014 04:06:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (07/07/2014 04:06:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 7020
 

Error: (07/07/2014 04:06:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 7020
 

Error: (07/07/2014 04:06:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (07/07/2014 04:06:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 6022
 

Error: (07/07/2014 04:06:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 6022
 
 

System errors:

=============

Error: (07/07/2014 06:18:13 PM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst afcdpsrv erreicht.
 

Error: (07/07/2014 00:06:54 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {1EF75F33-893B-4E8F-9655-C3D602BA4897}
 

Error: (07/03/2014 09:36:03 PM) (Source: srv) (EventID: 2017) (User: )

Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.
 

Error: (07/03/2014 08:44:25 PM) (Source: srv) (EventID: 2017) (User: )

Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.
 

Error: (07/03/2014 08:44:05 PM) (Source: srv) (EventID: 2017) (User: )

Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.
 

Error: (07/03/2014 08:43:25 PM) (Source: srv) (EventID: 2017) (User: )

Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.
 

Error: (07/03/2014 08:43:05 PM) (Source: srv) (EventID: 2017) (User: )

Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.
 

Error: (07/03/2014 08:42:25 PM) (Source: srv) (EventID: 2017) (User: )

Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.
 

Error: (07/03/2014 08:38:05 PM) (Source: srv) (EventID: 2017) (User: )

Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.
 

Error: (07/03/2014 08:37:45 PM) (Source: srv) (EventID: 2017) (User: )

Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.
 
 

Microsoft Office Sessions:

=========================

Error: (07/07/2014 06:35:19 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestE:\Downloads\trojanerboard\esetsmartinstaller_enu.exe
 

Error: (07/07/2014 06:18:49 PM) (Source: SideBySide) (EventID: 9) (User: )

Description: C:\Program Files (x86)\PrintEco\PrintEco Office\adxloader.dll.ManifestC:\Program Files (x86)\PrintEco\PrintEco Office\adxloader.dll.Manifest2
 

Error: (07/07/2014 04:06:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 8019
 

Error: (07/07/2014 04:06:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 8019
 

Error: (07/07/2014 04:06:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (07/07/2014 04:06:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 7020
 

Error: (07/07/2014 04:06:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 7020
 

Error: (07/07/2014 04:06:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (07/07/2014 04:06:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 6022
 

Error: (07/07/2014 04:06:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 6022
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 34%

Total physical RAM: 6103.12 MB

Available physical RAM: 3990.33 MB

Total Pagefile: 12204.41 MB

Available Pagefile: 8727.71 MB

Total Virtual: 8192 MB

Available Virtual: 8191.83 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:1862.92 GB) (Free:1764.17 GB) NTFS

Drive d: () (Fixed) (Total:425.58 GB) (Free:207.57 GB) NTFS

Drive e: (Eigene Dateien) (Fixed) (Total:554.98 GB) (Free:244.44 GB) NTFS

Drive i: () (Fixed) (Total:662.53 GB) (Free:182.89 GB) NTFS

Drive j: (MEDIA) (Removable) (Total:29.71 GB) (Free:23.96 GB) FAT32

Drive o: (Kopie C alt) (Fixed) (Total:205.97 GB) (Free:37.65 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (Size: 1863 GB) (Disk ID: 6E7A038E)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=-198731366400) - (Type=07 NTFS)
 

========================================================

Disk: 1 (Size: 1863 GB) (Disk ID: 722B620C)

Partition 1: (Not Active) - (Size=150 MB) - (Type=DE)

Partition 2: (Not Active) - (Size=206 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=-434765733888) - (Type=05)
 

========================================================

Disk: 2 (Size: 30 GB) (Disk ID: 00000000)
 

Partition: GPT Partition Type.
 

==================== End Of Log ============================

--- --- ---

masin

09.07.2014 08:29

Sendung 3:

Code:

08:51:06.0312 0x1ed4  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54

08:51:08.0772 0x1ed4  ============================================================

08:51:08.0772 0x1ed4  Current date / time: 2014/07/08 08:51:08.0772

08:51:08.0772 0x1ed4  SystemInfo:

08:51:08.0772 0x1ed4  

08:51:08.0772 0x1ed4  OS Version: 6.1.7601 ServicePack: 1.0

08:51:08.0772 0x1ed4  Product type: Workstation

08:51:08.0772 0x1ed4  ComputerName: HDS-NEU2

08:51:08.0772 0x1ed4  UserName: HDS

08:51:08.0772 0x1ed4  Windows directory: C:\Windows

08:51:08.0772 0x1ed4  System windows directory: C:\Windows

08:51:08.0772 0x1ed4  Running under WOW64

08:51:08.0772 0x1ed4  Processor architecture: Intel x64

08:51:08.0772 0x1ed4  Number of processors: 4

08:51:08.0772 0x1ed4  Page size: 0x1000

08:51:08.0772 0x1ed4  Boot type: Normal boot

08:51:08.0772 0x1ed4  ============================================================

08:51:11.0082 0x1ed4  KLMD registered as C:\Windows\system32\drivers\09465781.sys

08:51:11.0342 0x1ed4  System UUID: {A974136A-F8B4-94EC-10BF-7F71AE75B0DB}

08:51:11.0772 0x1ed4  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

08:51:11.0782 0x1ed4  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

08:51:11.0802 0x1ed4  Drive \Device\Harddisk2\DR2 - Size: 0x76E480000 ( 29.72 Gb ), SectorSize: 0x200, Cylinders: 0xF28, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

08:51:11.0832 0x1ed4  ============================================================

08:51:11.0832 0x1ed4  \Device\Harddisk0\DR0:

08:51:11.0832 0x1ed4  MBR partitions:

08:51:11.0832 0x1ed4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

08:51:11.0832 0x1ed4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE8DD5800

08:51:11.0832 0x1ed4  \Device\Harddisk1\DR1:

08:51:11.0832 0x1ed4  MBR partitions:

08:51:11.0832 0x1ed4  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x1BEA800, BlocksNum 0x19BEE800

08:51:11.0832 0x1ed4  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x1B7D9800, BlocksNum 0x455F5000

08:51:11.0832 0x1ed4  \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x60DCF000, BlocksNum 0x35328800

08:51:11.0832 0x1ed4  \Device\Harddisk1\DR1\Partition4: MBR, Type 0x7, StartLBA 0x960F8000, BlocksNum 0x52D10800

08:51:11.0832 0x1ed4  \Device\Harddisk2\DR2:

08:51:11.0832 0x1ed4  MBR partitions:

08:51:11.0832 0x1ed4  \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x2000, BlocksNum 0x3B70400

08:51:11.0832 0x1ed4  ============================================================

08:51:11.0852 0x1ed4  C: <-> \Device\Harddisk0\DR0\Partition2

08:51:11.0892 0x1ed4  O: <-> \Device\Harddisk1\DR1\Partition1

08:51:11.0922 0x1ed4  I: <-> \Device\Harddisk1\DR1\Partition4

08:51:11.0942 0x1ed4  D: <-> \Device\Harddisk1\DR1\Partition3

08:51:11.0972 0x1ed4  E: <-> \Device\Harddisk1\DR1\Partition2

08:51:11.0972 0x1ed4  ============================================================

08:51:11.0972 0x1ed4  Initialize success

08:51:11.0972 0x1ed4  ============================================================

08:51:32.0475 0x0704  ============================================================

08:51:32.0475 0x0704  Scan started

08:51:32.0475 0x0704  Mode: Manual; SigCheck; TDLFS; 

08:51:32.0475 0x0704  ============================================================

08:51:32.0475 0x0704  KSN ping started

08:51:46.0007 0x0704  KSN ping finished: true

08:51:46.0997 0x0704  ================ Scan system memory ========================

08:51:46.0997 0x0704  System memory - ok

08:51:46.0997 0x0704  ================ Scan services =============================

08:51:47.0157 0x0704  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys

08:51:47.0257 0x0704  1394ohci - ok

08:51:47.0287 0x0704  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys

08:51:47.0317 0x0704  ACPI - ok

08:51:47.0327 0x0704  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys

08:51:47.0337 0x0704  AcpiPmi - ok

08:51:47.0447 0x0704  [ CD41DFA7A778555B2055E2D388F5CB33, AE149AB7823AE3A97E2826C06968F32A7E50331484203E4581C83E441A1680F9 ] AcrSch2Svc      C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe

08:51:47.0477 0x0704  AcrSch2Svc - ok

08:51:47.0537 0x0704  [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

08:51:47.0547 0x0704  Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )

08:51:47.0847 0x0704  Detect skipped due to KSN trusted

08:51:47.0847 0x0704  Adobe LM Service - ok

08:51:47.0907 0x0704  [ E8FE4FCE23D2809BD88BCC1D0F8408CE, D744A1052BF104490A8D9BDE2B331F2C0157FCF58B54867E192B62CEE85F697E ] AdobeActiveFileMonitor6.0 C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

08:51:47.0937 0x0704  AdobeActiveFileMonitor6.0 - ok

08:51:47.0987 0x0704  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

08:51:48.0007 0x0704  AdobeARMservice - ok

08:51:48.0097 0x0704  [ B5D8DE922237CEDDC7992297654A4BE4, 88EF0B5EBFB383C9069A29AEA8D76EDBE1E70DD6F7C18970EE01ECAE9F408B38 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

08:51:48.0127 0x0704  AdobeFlashPlayerUpdateSvc - ok

08:51:48.0177 0x0704  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys

08:51:48.0207 0x0704  adp94xx - ok

08:51:48.0217 0x0704  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys

08:51:48.0237 0x0704  adpahci - ok

08:51:48.0257 0x0704  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys

08:51:48.0267 0x0704  adpu320 - ok

08:51:48.0297 0x0704  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

08:51:48.0327 0x0704  AeLookupSvc - ok

08:51:48.0377 0x0704  [ 3AC22A3DFA8A050E35F0E3CD99D0CDF2, BBB1FB1A80D9641CB7965A75B8CB8094F0876E9631A93E6BDCC53A016EB48D05 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

08:51:48.0417 0x0704  AERTFilters - ok

08:51:48.0447 0x0704  [ ABCF9C80EAACE03021BB7F450EB8993F, 8E38726C423E82954CA85266D6F38B605D010A659420A4EF99D29035A9474BFB ] afcdp           C:\Windows\system32\DRIVERS\afcdp.sys

08:51:48.0497 0x0704  afcdp - ok

08:51:48.0827 0x0704  [ 3B1C11CB7006495F799F8A2AB8B2D530, B7B0C4922A1843BBF8104CDC705C4FEA1F1A760C1CC2BD6BC5E4213A0E4ED9FD ] afcdpsrv        C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe

08:51:48.0917 0x0704  afcdpsrv - ok

08:51:48.0957 0x0704  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys

08:51:48.0977 0x0704  AFD - ok

08:51:49.0007 0x0704  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys

08:51:49.0017 0x0704  agp440 - ok

08:51:49.0027 0x0704  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe

08:51:49.0037 0x0704  ALG - ok

08:51:49.0097 0x0704  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys

08:51:49.0117 0x0704  aliide - ok

08:51:49.0147 0x0704  [ F0E61CF2C0FDA5B011CD1CB2E2353C9A, B1CE3BB3ED8ED78468B11C7AFB64B0CD48C078C350F049EC9473B60F6130091E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

08:51:49.0177 0x0704  AMD External Events Utility - ok

08:51:49.0197 0x0704  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys

08:51:49.0207 0x0704  amdide - ok

08:51:49.0257 0x0704  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys

08:51:49.0287 0x0704  AmdK8 - ok

08:51:49.0507 0x0704  [ CF3DB4D8B2CE0B282AB39C9D846ECA74, 1679FE9444057D8EFF1389C5EA9677B914DC269BBE447B2684A05FE4E438014A ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys

08:51:49.0677 0x0704  amdkmdag - ok

08:51:49.0697 0x0704  [ 7D07DB26F6D3A16A6C8D34CE6C09FD01, 6ABE6D29ABA9F1E3A08A2FE7E5C1AF304093A8FE148340F5DA5A4F7C20F44753 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys

08:51:49.0717 0x0704  amdkmdap - ok

08:51:49.0727 0x0704  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys

08:51:49.0737 0x0704  AmdPPM - ok

08:51:49.0797 0x0704  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys

08:51:49.0807 0x0704  amdsata - ok

08:51:49.0827 0x0704  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys

08:51:49.0847 0x0704  amdsbs - ok

08:51:49.0867 0x0704  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys

08:51:49.0877 0x0704  amdxata - ok

08:51:49.0917 0x0704  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys

08:51:49.0987 0x0704  AppID - ok

08:51:50.0007 0x0704  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll

08:51:50.0057 0x0704  AppIDSvc - ok

08:51:50.0077 0x0704  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll

08:51:50.0087 0x0704  Appinfo - ok

08:51:50.0177 0x0704  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

08:51:50.0197 0x0704  Apple Mobile Device - ok

08:51:50.0227 0x0704  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll

08:51:50.0257 0x0704  AppMgmt - ok

08:51:50.0277 0x0704  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys

08:51:50.0297 0x0704  arc - ok

08:51:50.0307 0x0704  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys

08:51:50.0317 0x0704  arcsas - ok

08:51:50.0407 0x0704  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

08:51:50.0437 0x0704  aspnet_state - ok

08:51:50.0467 0x0704  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

08:51:50.0507 0x0704  AsyncMac - ok

08:51:50.0547 0x0704  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys

08:51:50.0577 0x0704  atapi - ok

08:51:50.0617 0x0704  [ 637E0753BD6DEB8EA5314A5C357EC1A0, 2B479DBBF72A2AFB3DC65A3FDA30B628BC9FB21160EBD7E1BE44404C671B1D08 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys

08:51:50.0637 0x0704  AtiHdmiService - ok

08:51:50.0697 0x0704  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

08:51:50.0747 0x0704  AudioEndpointBuilder - ok

08:51:50.0757 0x0704  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll

08:51:50.0807 0x0704  AudioSrv - ok

08:51:50.0977 0x0704  [ EEB33B500F7C3A2CC64FB6836D9E93B6, BE41CB08DFC11770C3BC0A213CDF2EFB52043B38DD9E228DBEDE53D4A00B314D ] AVKProxy        C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe

08:51:51.0027 0x0704  AVKProxy - ok

08:51:51.0127 0x0704  [ 56C6F2D7F1D515B4B534217443D3B67F, CB9E94EE515EE7C426B34EC40DFDEF27893C3379C011B2FF6EEF318A34BCF482 ] AVKService      C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe

08:51:51.0157 0x0704  AVKService - ok

08:51:51.0227 0x0704  [ 258B9C230D2A904349CDF18CAD6B22BE, A270FF5D58C516272C248E22FD5ED3C4F279D0348154D56E13E88D05820E9246 ] AVKWCtl         C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe

08:51:51.0297 0x0704  AVKWCtl - ok

08:51:51.0317 0x0704  [ 43744F1D3CDE20F3925F10927C9036C2, 47374A71D1A38572B8C247E924C0F3F063A6281743C9B7D818D63CA576B5D289 ] AVMCOWAN        C:\Windows\system32\DRIVERS\AVMCOWAN.sys

08:51:51.0327 0x0704  AVMCOWAN - ok

08:51:51.0357 0x0704  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll

08:51:51.0377 0x0704  AxInstSV - ok

08:51:51.0417 0x0704  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys

08:51:51.0457 0x0704  b06bdrv - ok

08:51:51.0487 0x0704  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys

08:51:51.0507 0x0704  b57nd60a - ok

08:51:51.0557 0x0704  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll

08:51:51.0587 0x0704  BDESVC - ok

08:51:51.0597 0x0704  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys

08:51:51.0637 0x0704  Beep - ok

08:51:51.0697 0x0704  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll

08:51:51.0737 0x0704  BFE - ok

08:51:51.0787 0x0704  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll

08:51:51.0837 0x0704  BITS - ok

08:51:51.0847 0x0704  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys

08:51:51.0867 0x0704  blbdrive - ok

08:51:51.0937 0x0704  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

08:51:51.0967 0x0704  Bonjour Service - ok

08:51:51.0997 0x0704  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

08:51:52.0007 0x0704  bowser - ok

08:51:52.0027 0x0704  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys

08:51:52.0037 0x0704  BrFiltLo - ok

08:51:52.0067 0x0704  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys

08:51:52.0087 0x0704  BrFiltUp - ok

08:51:52.0107 0x0704  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll

08:51:52.0127 0x0704  Browser - ok

08:51:52.0157 0x0704  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys

08:51:52.0177 0x0704  Brserid - ok

08:51:52.0197 0x0704  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys

08:51:52.0227 0x0704  BrSerWdm - ok

08:51:52.0227 0x0704  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys

08:51:52.0247 0x0704  BrUsbMdm - ok

08:51:52.0257 0x0704  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys

08:51:52.0277 0x0704  BrUsbSer - ok

08:51:52.0307 0x0704  [ 065818B8A2CD7F08D6DC8C598191548C, 08982EB22484ECCA1A7FD0C6A10E6D0BB09F624CEBC397C9B241C2D75C984C70 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe

08:51:52.0327 0x0704  BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )

08:51:52.0587 0x0704  Detect skipped due to KSN trusted

08:51:52.0587 0x0704  BrYNSvc - ok

08:51:52.0627 0x0704  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys

08:51:52.0657 0x0704  BTHMODEM - ok

08:51:52.0687 0x0704  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll

08:51:52.0737 0x0704  bthserv - ok

08:51:52.0757 0x0704  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

08:51:52.0787 0x0704  cdfs - ok

08:51:52.0857 0x0704  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

08:51:52.0887 0x0704  cdrom - ok

08:51:52.0937 0x0704  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll

08:51:52.0997 0x0704  CertPropSvc - ok

08:51:53.0007 0x0704  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys

08:51:53.0037 0x0704  circlass - ok

08:51:53.0057 0x0704  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys

08:51:53.0077 0x0704  CLFS - ok

08:51:53.0147 0x0704  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

08:51:53.0167 0x0704  clr_optimization_v2.0.50727_32 - ok

08:51:53.0217 0x0704  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

08:51:53.0237 0x0704  clr_optimization_v2.0.50727_64 - ok

08:51:53.0307 0x0704  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

08:51:53.0337 0x0704  clr_optimization_v4.0.30319_32 - ok

08:51:53.0347 0x0704  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

08:51:53.0367 0x0704  clr_optimization_v4.0.30319_64 - ok

08:51:53.0387 0x0704  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys

08:51:53.0407 0x0704  CmBatt - ok

08:51:53.0447 0x0704  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys

08:51:53.0477 0x0704  cmdide - ok

08:51:53.0537 0x0704  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys

08:51:53.0577 0x0704  CNG - ok

08:51:53.0587 0x0704  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys

08:51:53.0607 0x0704  Compbatt - ok

08:51:53.0657 0x0704  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys

08:51:53.0697 0x0704  CompositeBus - ok

08:51:53.0707 0x0704  COMSysApp - ok

08:51:53.0717 0x0704  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys

08:51:53.0747 0x0704  crcdisk - ok

08:51:53.0777 0x0704  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll

08:51:53.0797 0x0704  CryptSvc - ok

08:51:53.0837 0x0704  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys

08:51:53.0867 0x0704  CSC - ok

08:51:53.0907 0x0704  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll

08:51:53.0937 0x0704  CscService - ok

08:51:53.0957 0x0704  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll

08:51:53.0997 0x0704  DcomLaunch - ok

08:51:54.0017 0x0704  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll

08:51:54.0047 0x0704  defragsvc - ok

08:51:54.0077 0x0704  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

08:51:54.0107 0x0704  DfsC - ok

08:51:54.0127 0x0704  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll

08:51:54.0147 0x0704  Dhcp - ok

08:51:54.0147 0x0704  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys

08:51:54.0177 0x0704  discache - ok

08:51:54.0197 0x0704  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys

08:51:54.0207 0x0704  Disk - ok

08:51:54.0227 0x0704  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll

08:51:54.0237 0x0704  Dnscache - ok

08:51:54.0267 0x0704  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll

08:51:54.0297 0x0704  dot3svc - ok

08:51:54.0327 0x0704  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll

08:51:54.0357 0x0704  DPS - ok

08:51:54.0417 0x0704  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

08:51:54.0437 0x0704  drmkaud - ok

08:51:54.0497 0x0704  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

08:51:54.0537 0x0704  DXGKrnl - ok

08:51:54.0557 0x0704  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll

08:51:54.0587 0x0704  EapHost - ok

08:51:54.0707 0x0704  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys

08:51:54.0797 0x0704  ebdrv - ok

08:51:54.0837 0x0704  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe

08:51:54.0867 0x0704  EFS - ok

08:51:54.0927 0x0704  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe

08:51:54.0967 0x0704  ehRecvr - ok

08:51:54.0997 0x0704  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe

08:51:55.0017 0x0704  ehSched - ok

08:51:55.0067 0x0704  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys

08:51:55.0097 0x0704  elxstor - ok

08:51:55.0117 0x0704  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys

08:51:55.0137 0x0704  ErrDev - ok

08:51:55.0167 0x0704  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll

08:51:55.0207 0x0704  EventSystem - ok

08:51:55.0227 0x0704  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys

08:51:55.0257 0x0704  exfat - ok

08:51:55.0277 0x0704  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys

08:51:55.0307 0x0704  fastfat - ok

08:51:55.0357 0x0704  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe

08:51:55.0397 0x0704  Fax - ok

08:51:55.0417 0x0704  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys

08:51:55.0427 0x0704  fdc - ok

08:51:55.0437 0x0704  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll

08:51:55.0467 0x0704  fdPHost - ok

08:51:55.0487 0x0704  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll

08:51:55.0507 0x0704  FDResPub - ok

08:51:55.0517 0x0704  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

08:51:55.0527 0x0704  FileInfo - ok

08:51:55.0537 0x0704  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

08:51:55.0567 0x0704  Filetrace - ok

08:51:55.0627 0x0704  [ 1F63900E2EB00101B9ACA2B7A870704E, 5AFE1FC852937FECE6B33147BD0110436FE97F33BFDA3F69B1F5EDAD6FFC09C6 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

08:51:55.0657 0x0704  FLEXnet Licensing Service - ok

08:51:55.0677 0x0704  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys

08:51:55.0697 0x0704  flpydisk - ok

08:51:55.0727 0x0704  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

08:51:55.0737 0x0704  FltMgr - ok

08:51:55.0757 0x0704  [ FDD776FAC4159A2983940D1E411FE9F3, 3B147B4D3C5CC67117D65152FA8BD3A603728C92B023AE45CD166E6FF3F474C5 ] fltsrv          C:\Windows\system32\DRIVERS\fltsrv.sys

08:51:55.0767 0x0704  fltsrv - ok

08:51:55.0867 0x0704  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll

08:51:55.0908 0x0704  FontCache - ok

08:51:55.0968 0x0704  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

08:51:55.0988 0x0704  FontCache3.0.0.0 - ok

08:51:56.0048 0x0704  [ CE7593C10A04D08F9B043890216F5728, 21E4AD5643BCDCB811E49C74F682672032A603078EDD80DE6E37249C9A005407 ] FPCIBASE        C:\Windows\system32\DRIVERS\fpcibase.sys

08:51:56.0088 0x0704  FPCIBASE - ok

08:51:56.0218 0x0704  [ 6A4AC533855F11C10764FFDF2AC3F7D0, 16DD69AF4CD85FBEC4CA4C9728D1FCE41E24FE663F6AFA3CFA394C8CBA6275F3 ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

08:51:56.0238 0x0704  Freemake Improver - detected UnsignedFile.Multi.Generic ( 1 )

08:51:56.0518 0x0704  Detect skipped due to KSN trusted

08:51:56.0518 0x0704  Freemake Improver - ok

08:51:56.0578 0x0704  [ E54DA03A8EEB8C002C6F2E709B08651A, 82B46688494AD687D1256D6B48F86699467419D0D0A980E9F639764EA4792CE7 ] FreemakeVideoCapture C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe

08:51:56.0588 0x0704  FreemakeVideoCapture - detected UnsignedFile.Multi.Generic ( 1 )

08:51:56.0888 0x0704  Detect skipped due to KSN trusted

08:51:56.0888 0x0704  FreemakeVideoCapture - ok

08:51:56.0908 0x0704  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

08:51:56.0938 0x0704  FsDepends - ok

08:51:56.0958 0x0704  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

08:51:56.0978 0x0704  Fs_Rec - ok

08:51:56.0998 0x0704  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys

08:51:57.0028 0x0704  fvevol - ok

08:51:57.0038 0x0704  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys

08:51:57.0048 0x0704  gagp30kx - ok

08:51:57.0078 0x0704  [ 1EDC1A2C1762EF7A0782938F17971C12, DDC021AD302589E8A9831A90489F7CFCABBADA5BA9C5623583CC9ED0700B2113 ] GDBehave        C:\Windows\system32\drivers\GDBehave.sys

08:51:57.0088 0x0704  GDBehave - ok

08:51:57.0188 0x0704  [ 69696B81799AA3CD816D99D606E97941, 2A41DA72FE4465ECA21B56D82CC18E1C26B84D5F1F4B605C2D1D4CF741F1D73C ] GDFwSvc         C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe

08:51:57.0268 0x0704  GDFwSvc - ok

08:51:57.0328 0x0704  [ 9F17FCAF51F361A81EE6AB8B0CFDCC96, C9B01E35A442C91F73FA64758734CD553688E19925FEC84A66AF6AEA5033348D ] GDKBFlt         C:\Windows\system32\drivers\GDKBFlt64.sys

08:51:57.0338 0x0704  GDKBFlt - ok

08:51:57.0368 0x0704  [ 905D29BA89387209BD41126E91E0E18E, 4A2D85F218E7033A0169DDBA267FC1A1F6CD4B3810DE705A74CBEAF78A8F4747 ] GDMnIcpt        C:\Windows\system32\drivers\MiniIcpt.sys

08:51:57.0378 0x0704  GDMnIcpt - ok

08:51:57.0418 0x0704  [ 527B1CAA9661D518AC5182292C35AEC7, 1E56FC0EDFED7D60798930812AB0BB623A6721D433B69AD0152379B412CCE4D4 ] GDPkIcpt        C:\Windows\system32\drivers\PktIcpt.sys

08:51:57.0428 0x0704  GDPkIcpt - ok

08:51:57.0498 0x0704  [ CC88D7254787D15B84377137BF739F90, F01BF995EDB533C7E6F2A5B9591DA0B4F8F4E79CC45C2DA73198F4B4A8624F0B ] GDScan          C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe

08:51:57.0528 0x0704  GDScan - ok

08:51:57.0548 0x0704  [ E06B66227AF4E660D5F18D44231D984F, C8E75C7925E74F6811DFFDB81F5572DAAD124EC156B0FFBA4FF0DD60378EFA6A ] gdwfpcd         C:\Windows\system32\drivers\gdwfpcd64.sys

08:51:57.0558 0x0704  gdwfpcd - ok

08:51:57.0598 0x0704  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

08:51:57.0608 0x0704  GEARAspiWDM - ok

08:51:57.0668 0x0704  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll

08:51:57.0708 0x0704  gpsvc - ok

08:51:57.0728 0x0704  [ 380B83300E019065C3B5FA47136F8356, 4279367B4C9683A855C26A0012C3C078EDF21957D97F07FB1F07EB363F674C14 ] GRD             C:\Windows\system32\drivers\GRD.sys

08:51:57.0738 0x0704  GRD - ok

08:51:57.0818 0x0704  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

08:51:57.0848 0x0704  gupdate - ok

08:51:57.0848 0x0704  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

08:51:57.0858 0x0704  gupdatem - ok

08:51:57.0918 0x0704  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

08:51:57.0948 0x0704  gusvc - ok

08:51:57.0968 0x0704  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys

08:51:57.0988 0x0704  hcw85cir - ok

08:51:58.0038 0x0704  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

08:51:58.0068 0x0704  HdAudAddService - ok

08:51:58.0098 0x0704  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys

08:51:58.0108 0x0704  HDAudBus - ok

08:51:58.0138 0x0704  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys

08:51:58.0148 0x0704  HECIx64 - ok

08:51:58.0158 0x0704  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys

08:51:58.0168 0x0704  HidBatt - ok

08:51:58.0198 0x0704  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys

08:51:58.0218 0x0704  HidBth - ok

08:51:58.0238 0x0704  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys

08:51:58.0258 0x0704  HidIr - ok

08:51:58.0268 0x0704  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll

08:51:58.0298 0x0704  hidserv - ok

08:51:58.0338 0x0704  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

08:51:58.0368 0x0704  HidUsb - ok

08:51:58.0388 0x0704  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll

08:51:58.0458 0x0704  hkmsvc - ok

08:51:58.0488 0x0704  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll

08:51:58.0508 0x0704  HomeGroupListener - ok

08:51:58.0538 0x0704  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

08:51:58.0548 0x0704  HomeGroupProvider - ok

08:51:58.0568 0x0704  [ EB6EB3DCC2AD18236EEC42B2FC7BD806, A1334E802997FA2DF34B3C2860731BE03ADB5D1908DDBBCB4A46761ACC568573 ] HookCentre      C:\Windows\system32\drivers\HookCentre.sys

08:51:58.0578 0x0704  HookCentre - ok

08:51:58.0638 0x0704  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys

08:51:58.0668 0x0704  HpSAMD - ok

08:51:58.0708 0x0704  [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys

08:51:58.0738 0x0704  HTCAND64 - ok

08:51:58.0828 0x0704  [ 5C8BC8A28798FD010E7ABC4E0D588CAA, 622CAFD3DCBB05E15539589FDD4002DA6F24790FC55BDF05AA3D043E8A34E53E ] HTCMonitorService C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe

08:51:58.0848 0x0704  HTCMonitorService - ok

08:51:58.0868 0x0704  [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys

08:51:58.0888 0x0704  htcnprot - ok

08:51:58.0918 0x0704  [ 7C7C986776D00E575BFBDE5DCBDC615D, 4CF12851A5A45917C3A9139B19D79434F2038611B617F83A714506CC7A1A6C61 ] HtcVCom32       C:\Windows\system32\DRIVERS\HtcVComV64.sys

08:51:58.0958 0x0704  HtcVCom32 - ok

08:51:59.0018 0x0704  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys

08:51:59.0068 0x0704  HTTP - ok

08:51:59.0078 0x0704  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

08:51:59.0088 0x0704  hwpolicy - ok

08:51:59.0148 0x0704  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys

08:51:59.0158 0x0704  i8042prt - ok

08:51:59.0188 0x0704  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys

08:51:59.0208 0x0704  iaStorV - ok

08:51:59.0268 0x0704  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

08:51:59.0288 0x0704  idsvc - ok

08:51:59.0298 0x0704  IEEtwCollectorService - ok

08:51:59.0328 0x0704  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys

08:51:59.0338 0x0704  iirsp - ok

08:51:59.0378 0x0704  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll

08:51:59.0408 0x0704  IKEEXT - ok

08:51:59.0478 0x0704  [ F04D22D7A49A1B2210DBADF0B803E870, EC3CB81392784E1FBA79846D9241A8F58B5C0B03733A161AAB3EA5ECF4105A11 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

08:51:59.0528 0x0704  IntcAzAudAddService - ok

08:51:59.0548 0x0704  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys

08:51:59.0558 0x0704  intelide - ok

08:51:59.0568 0x0704  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

08:51:59.0578 0x0704  intelppm - ok

08:51:59.0598 0x0704  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

08:51:59.0628 0x0704  IPBusEnum - ok

08:51:59.0648 0x0704  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

08:51:59.0678 0x0704  IpFilterDriver - ok

08:51:59.0708 0x0704  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

08:51:59.0728 0x0704  iphlpsvc - ok

08:51:59.0778 0x0704  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys

08:51:59.0788 0x0704  IPMIDRV - ok

08:51:59.0798 0x0704  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys

08:51:59.0828 0x0704  IPNAT - ok

08:51:59.0878 0x0704  [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe

08:51:59.0898 0x0704  iPod Service - ok

08:51:59.0918 0x0704  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys

08:51:59.0928 0x0704  IRENUM - ok

08:51:59.0958 0x0704  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys

08:51:59.0968 0x0704  isapnp - ok

08:52:00.0008 0x0704  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys

08:52:00.0038 0x0704  iScsiPrt - ok

08:52:00.0078 0x0704  [ 9D7EA8C7215D8D4AE7BE110EEE61085D, C8AEC99985AEAD52FA4FA14DA98EE465594EA1392E2010D0B474CD467D766EE8 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys

08:52:00.0098 0x0704  k57nd60a - ok

08:52:00.0108 0x0704  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

08:52:00.0118 0x0704  kbdclass - ok

08:52:00.0138 0x0704  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

08:52:00.0148 0x0704  kbdhid - ok

08:52:00.0168 0x0704  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe

08:52:00.0178 0x0704  KeyIso - ok

08:52:00.0228 0x0704  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

08:52:00.0248 0x0704  KSecDD - ok

08:52:00.0268 0x0704  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

08:52:00.0288 0x0704  KSecPkg - ok

08:52:00.0298 0x0704  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

08:52:00.0328 0x0704  ksthunk - ok

08:52:00.0368 0x0704  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll

08:52:00.0398 0x0704  KtmRm - ok

08:52:00.0428 0x0704  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll

08:52:00.0458 0x0704  LanmanServer - ok

08:52:00.0478 0x0704  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

08:52:00.0508 0x0704  LanmanWorkstation - ok

08:52:00.0648 0x0704  [ 7772DFAB22611050B79504E671B06E6E, 331FE235EDBCF48EE96A5A9D5D0560457CD85FA3FD7BEACD3700055F815D9F13 ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe

08:52:00.0678 0x0704  LBTServ - ok

08:52:00.0758 0x0704  [ 241F2648ADF090E2A10095BD6D6F5DCB, D31F50F7A70A62E3CA45071F75C56FFA21464BFAF4CA4A3AD2482D7477D78D4E ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys

08:52:00.0778 0x0704  LHidFilt - ok

08:52:00.0858 0x0704  [ C34411A244029F1C08687F7C752C4563, 4FC1D6156D760AE8138547262B33677118BD9369F4930F5C5F9BAA2FE6E78EA3 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

08:52:00.0878 0x0704  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )

08:52:01.0198 0x0704  Detect skipped due to KSN trusted

08:52:01.0198 0x0704  LightScribeService - ok

08:52:01.0228 0x0704  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

08:52:01.0258 0x0704  lltdio - ok

08:52:01.0288 0x0704  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll

08:52:01.0328 0x0704  lltdsvc - ok

08:52:01.0348 0x0704  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll

08:52:01.0378 0x0704  lmhosts - ok

08:52:01.0388 0x0704  [ 342ED5A4B3326014438F36D22D803737, 45488402BD919D84729A19E618B3595D615EB1F73FB9BC77675A21E7DB80AB6C ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys

08:52:01.0398 0x0704  LMouFilt - ok

08:52:01.0408 0x0704  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys

08:52:01.0418 0x0704  LSI_FC - ok

08:52:01.0438 0x0704  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys

08:52:01.0448 0x0704  LSI_SAS - ok

08:52:01.0458 0x0704  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys

08:52:01.0468 0x0704  LSI_SAS2 - ok

08:52:01.0478 0x0704  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys

08:52:01.0488 0x0704  LSI_SCSI - ok

08:52:01.0498 0x0704  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys

08:52:01.0528 0x0704  luafv - ok

08:52:01.0598 0x0704  [ 6140163BFE9D8F2DFDBA088ED5521C13, B7B501F0D1527A15B1610D133E97AB431574502F0553734009627488D0007595 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys

08:52:01.0618 0x0704  MBAMSwissArmy - ok

08:52:01.0648 0x0704  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll

08:52:01.0658 0x0704  Mcx2Svc - ok

08:52:01.0678 0x0704  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys

08:52:01.0688 0x0704  megasas - ok

08:52:01.0708 0x0704  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys

08:52:01.0728 0x0704  MegaSR - ok

08:52:01.0748 0x0704  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll

08:52:01.0778 0x0704  MMCSS - ok

08:52:01.0788 0x0704  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys

08:52:01.0818 0x0704  Modem - ok

08:52:01.0828 0x0704  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

08:52:01.0838 0x0704  monitor - ok

08:52:01.0868 0x0704  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

08:52:01.0878 0x0704  mouclass - ok

08:52:01.0888 0x0704  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

08:52:01.0898 0x0704  mouhid - ok

08:52:01.0938 0x0704  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

08:52:01.0948 0x0704  mountmgr - ok

08:52:01.0978 0x0704  [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

08:52:01.0998 0x0704  MozillaMaintenance - ok

08:52:02.0028 0x0704  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys

08:52:02.0038 0x0704  mpio - ok

08:52:02.0048 0x0704  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

08:52:02.0078 0x0704  mpsdrv - ok

08:52:02.0128 0x0704  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll

08:52:02.0178 0x0704  MpsSvc - ok

08:52:02.0198 0x0704  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

08:52:02.0228 0x0704  MRxDAV - ok

08:52:02.0258 0x0704  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

08:52:02.0278 0x0704  mrxsmb - ok

08:52:02.0288 0x0704  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

08:52:02.0308 0x0704  mrxsmb10 - ok

08:52:02.0328 0x0704  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

08:52:02.0348 0x0704  mrxsmb20 - ok

08:52:02.0388 0x0704  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys

08:52:02.0398 0x0704  msahci - ok

08:52:02.0448 0x0704  [ A592A054D78750B4D73ABAA4C94DECDF, 40B135C9F9EE698EC78BD19BD18353AE2CF4D020DDB9CFC37CD2FDBF7602614A ] MSCamSvc        C:\Program Files\Microsoft LifeCam\MSCamS64.exe

08:52:02.0458 0x0704  MSCamSvc - ok

08:52:02.0468 0x0704  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys

08:52:02.0488 0x0704  msdsm - ok

08:52:02.0498 0x0704  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe

08:52:02.0518 0x0704  MSDTC - ok

08:52:02.0548 0x0704  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

08:52:02.0578 0x0704  Msfs - ok

08:52:02.0598 0x0704  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

08:52:02.0638 0x0704  mshidkmdf - ok

08:52:02.0658 0x0704  [ 55218F924E55FD2786ED40EDF4ED79C3, C6000DE3A1FB526ECB77438A03F7212517CCD5E0CC9DDA07826865F8B980BEA0 ] MSHUSBVideo     C:\Windows\system32\Drivers\nx6000.sys

08:52:02.0668 0x0704  MSHUSBVideo - ok

08:52:02.0708 0x0704  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

08:52:02.0718 0x0704  msisadrv - ok

08:52:02.0748 0x0704  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

08:52:02.0778 0x0704  MSiSCSI - ok

08:52:02.0788 0x0704  msiserver - ok

08:52:02.0808 0x0704  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

08:52:02.0838 0x0704  MSKSSRV - ok

08:52:02.0838 0x0704  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

08:52:02.0868 0x0704  MSPCLOCK - ok

08:52:02.0878 0x0704  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

08:52:02.0908 0x0704  MSPQM - ok

08:52:02.0938 0x0704  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

08:52:02.0958 0x0704  MsRPC - ok

08:52:02.0958 0x0704  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys

08:52:02.0968 0x0704  mssmbios - ok

08:52:02.0978 0x0704  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

08:52:03.0008 0x0704  MSTEE - ok

08:52:03.0018 0x0704  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys

08:52:03.0028 0x0704  MTConfig - ok

08:52:03.0058 0x0704  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys

08:52:03.0078 0x0704  Mup - ok

08:52:03.0098 0x0704  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll

08:52:03.0138 0x0704  napagent - ok

08:52:03.0178 0x0704  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

08:52:03.0198 0x0704  NativeWifiP - ok

08:52:03.0328 0x0704  [ 934BB0D23A25C8C136570800A5A149B6, 15D99CE4E970FECE257F6D69810F8104720B26D8DC3787BC38CC8692ACEABD37 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe

08:52:03.0348 0x0704  NAUpdate - ok

08:52:03.0358 0x0704  [ DACA803A8D732FE5EEAA024EC342F81D, 2DDEA48CD417EDD657D487BADA7C31C05F35DA328AAC5AA63A99FDFD44F2BF02 ] NBVol           C:\Windows\system32\DRIVERS\NBVol.sys

08:52:03.0368 0x0704  NBVol - ok

08:52:03.0388 0x0704  [ 6208F622E9E35860DFB0753DFF56F0C0, AF7730B4AB642E0E45C05AE1429C7B3D90B0889CF94B21AC7869790D4DB6FDBE ] NBVolUp         C:\Windows\system32\DRIVERS\NBVolUp.sys

08:52:03.0398 0x0704  NBVolUp - ok

08:52:03.0438 0x0704  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys

08:52:03.0468 0x0704  NDIS - ok

08:52:03.0488 0x0704  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

08:52:03.0518 0x0704  NdisCap - ok

08:52:03.0548 0x0704  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

08:52:03.0568 0x0704  NdisTapi - ok

08:52:03.0588 0x0704  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

08:52:03.0618 0x0704  Ndisuio - ok

08:52:03.0648 0x0704  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

08:52:03.0678 0x0704  NdisWan - ok

08:52:03.0688 0x0704  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

08:52:03.0718 0x0704  NDProxy - ok

08:52:03.0718 0x0704  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

08:52:03.0748 0x0704  NetBIOS - ok

08:52:03.0778 0x0704  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

08:52:03.0808 0x0704  NetBT - ok

08:52:03.0828 0x0704  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe

08:52:03.0838 0x0704  Netlogon - ok

08:52:03.0858 0x0704  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll

08:52:03.0898 0x0704  Netman - ok

08:52:03.0938 0x0704  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

08:52:03.0958 0x0704  NetMsmqActivator - ok

08:52:03.0958 0x0704  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

08:52:03.0978 0x0704  NetPipeActivator - ok

08:52:04.0008 0x0704  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll

08:52:04.0048 0x0704  netprofm - ok

08:52:04.0048 0x0704  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

08:52:04.0068 0x0704  NetTcpActivator - ok

08:52:04.0068 0x0704  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

08:52:04.0088 0x0704  NetTcpPortSharing - ok

08:52:04.0128 0x0704  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys

08:52:04.0148 0x0704  nfrd960 - ok

08:52:04.0168 0x0704  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll

08:52:04.0188 0x0704  NlaSvc - ok

08:52:04.0228 0x0704  [ 1381E95D4E0F94F22DD484B5F8C1D61D, E91C10A62E3B5A610063F48354C6F4A1AAB7300A69EAD59E89ED8EEFDBD99062 ] nmwcd           C:\Windows\system32\drivers\ccdcmbx64.sys

08:52:04.0278 0x0704  nmwcd - ok

08:52:04.0428 0x0704  [ 205510CDB7B6084BF31760B5D06F9242, F3EAC6A7127DC5A0FEE7A9AFA561A8CA9B6E83FECCD731C890E85C33514B533B ] nmwcdc          C:\Windows\system32\drivers\ccdcmbox64.sys

08:52:04.0478 0x0704  nmwcdc - ok

08:52:04.0588 0x0704  [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] npf             C:\Windows\system32\drivers\npf.sys

08:52:04.0608 0x0704  npf - ok

08:52:04.0628 0x0704  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys

08:52:04.0678 0x0704  Npfs - ok

08:52:04.0688 0x0704  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll

08:52:04.0718 0x0704  nsi - ok

08:52:04.0728 0x0704  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

08:52:04.0758 0x0704  nsiproxy - ok

08:52:04.0818 0x0704  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

08:52:04.0858 0x0704  Ntfs - ok

08:52:04.0878 0x0704  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys

08:52:04.0908 0x0704  Null - ok

08:52:04.0948 0x0704  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys

08:52:04.0958 0x0704  nvraid - ok

08:52:05.0008 0x0704  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys

08:52:05.0018 0x0704  nvstor - ok

08:52:05.0038 0x0704  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

08:52:05.0048 0x0704  nv_agp - ok

08:52:05.0068 0x0704  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys

08:52:05.0078 0x0704  ohci1394 - ok

08:52:05.0198 0x0704  [ FB565EAF1E99F57D1963189EE2F8ED66, 9371111512657A618F4E80DC6968317600872B46A15DF34D8486884B5A848897 ] OS Selector     C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe

08:52:05.0248 0x0704  OS Selector - ok

08:52:05.0298 0x0704  [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

08:52:05.0308 0x0704  ose64 - ok

08:52:05.0458 0x0704  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

08:52:05.0568 0x0704  osppsvc - ok

08:52:05.0608 0x0704  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

08:52:05.0668 0x0704  p2pimsvc - ok

08:52:05.0688 0x0704  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll

08:52:05.0708 0x0704  p2psvc - ok

08:52:05.0748 0x0704  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys

08:52:05.0758 0x0704  Parport - ok

08:52:05.0788 0x0704  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys

08:52:05.0798 0x0704  partmgr - ok

08:52:05.0868 0x0704  [ 3CAE2BBC86FCF7F94C9696994AF30386, 4DA063A60523567272CFB35DF5D7CA142B100EF9123B1F23A6F11AB89DB83486 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

08:52:05.0888 0x0704  PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )

08:52:06.0168 0x0704  Detect skipped due to KSN trusted

08:52:06.0168 0x0704  PassThru Service - ok

08:52:06.0178 0x0704  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll

08:52:06.0198 0x0704  PcaSvc - ok

08:52:06.0228 0x0704  [ 3FDE033DFB0D07F8B7D5C9A3044AA121, 2C23B4FA34BA3060884B0168A830DD395A3853855CD6DF4065FBB303DFB4A87E ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfdx64.sys

08:52:06.0248 0x0704  pccsmcfd - ok

08:52:06.0318 0x0704  [ 4B5F5774FF1C577B9515FDD2B5C535C5, 1D053020079124AC526D84AFFB17BF4A1563ECD872C83B4B6299C9AA6A732557 ] PCDSRVC{D3412D80-CF3B4A27-06020200}_0 c:\program files\my dell\pcdsrvc_x64.pkms

08:52:06.0328 0x0704  PCDSRVC{D3412D80-CF3B4A27-06020200}_0 - ok

08:52:06.0368 0x0704  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys

08:52:06.0388 0x0704  pci - ok

08:52:06.0428 0x0704  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys

08:52:06.0448 0x0704  pciide - ok

08:52:06.0478 0x0704  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys

08:52:06.0498 0x0704  pcmcia - ok

08:52:06.0508 0x0704  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys

08:52:06.0518 0x0704  pcw - ok

08:52:06.0608 0x0704  [ 20372BE109FEE1C37E2D5216680DB9EB, 2C3737FB3C6BCF81D0A7293667412DDEA649A8AEA40B7ADCFCB9893E8B3C4AF3 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe

08:52:06.0648 0x0704  PDF Architect Helper Service - ok

08:52:06.0688 0x0704  [ B90A279073A815A4AA2C45A09EE004FA, 9EA27630C47F5FF99CBBE513C113F3ED01FABA0D59B9D9637764027BCC6EA24A ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe

08:52:06.0708 0x0704  PDF Architect Service - ok

08:52:06.0738 0x0704  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

08:52:06.0778 0x0704  PEAUTH - ok

08:52:06.0828 0x0704  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll

08:52:06.0868 0x0704  PeerDistSvc - ok

08:52:06.0928 0x0704  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe

08:52:06.0958 0x0704  PerfHost - ok

08:52:07.0018 0x0704  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll

08:52:07.0078 0x0704  pla - ok

08:52:07.0128 0x0704  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

08:52:07.0148 0x0704  PlugPlay - ok

08:52:07.0158 0x0704  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

08:52:07.0168 0x0704  PNRPAutoReg - ok

08:52:07.0188 0x0704  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

08:52:07.0208 0x0704  PNRPsvc - ok

08:52:07.0228 0x0704  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

08:52:07.0268 0x0704  PolicyAgent - ok

08:52:07.0288 0x0704  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll

08:52:07.0318 0x0704  Power - ok

08:52:07.0338 0x0704  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

08:52:07.0368 0x0704  PptpMiniport - ok

08:52:07.0388 0x0704  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys

08:52:07.0398 0x0704  Processor - ok

08:52:07.0418 0x0704  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll

08:52:07.0438 0x0704  ProfSvc - ok

08:52:07.0448 0x0704  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe

08:52:07.0458 0x0704  ProtectedStorage - ok

08:52:07.0488 0x0704  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

08:52:07.0518 0x0704  Psched - ok

08:52:07.0548 0x0704  [ A6BF0A9B5A30D743623CA0D3BE35DF05, 0AA2DAE7ADC38F4197548DE174D551A0CF9281D2680B07E6C84914CA199C0661 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys

08:52:07.0558 0x0704  PxHlpa64 - ok

08:52:07.0618 0x0704  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys

08:52:07.0658 0x0704  ql2300 - ok

08:52:07.0678 0x0704  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys

08:52:07.0688 0x0704  ql40xx - ok

08:52:07.0718 0x0704  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll

08:52:07.0738 0x0704  QWAVE - ok

08:52:07.0748 0x0704  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

08:52:07.0758 0x0704  QWAVEdrv - ok

08:52:07.0768 0x0704  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

08:52:07.0798 0x0704  RasAcd - ok

08:52:07.0808 0x0704  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

08:52:07.0838 0x0704  RasAgileVpn - ok

08:52:07.0848 0x0704  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll

08:52:07.0878 0x0704  RasAuto - ok

08:52:07.0908 0x0704  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

08:52:07.0929 0x0704  Rasl2tp - ok

08:52:07.0969 0x0704  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll

08:52:07.0999 0x0704  RasMan - ok

08:52:08.0009 0x0704  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

08:52:08.0039 0x0704  RasPppoe - ok

08:52:08.0049 0x0704  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

08:52:08.0079 0x0704  RasSstp - ok

08:52:08.0099 0x0704  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

08:52:08.0129 0x0704  rdbss - ok

08:52:08.0139 0x0704  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys

08:52:08.0159 0x0704  rdpbus - ok

08:52:08.0169 0x0704  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

08:52:08.0199 0x0704  RDPCDD - ok

08:52:08.0239 0x0704  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys

08:52:08.0259 0x0704  RDPDR - ok

08:52:08.0279 0x0704  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

08:52:08.0309 0x0704  RDPENCDD - ok

08:52:08.0319 0x0704  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys

08:52:08.0349 0x0704  RDPREFMP - ok

08:52:08.0379 0x0704  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

08:52:08.0399 0x0704  RDPWD - ok

08:52:08.0439 0x0704  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

08:52:08.0449 0x0704  rdyboost - ok

08:52:08.0469 0x0704  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll

08:52:08.0499 0x0704  RemoteAccess - ok

08:52:08.0519 0x0704  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

08:52:08.0549 0x0704  RemoteRegistry - ok

08:52:08.0559 0x0704  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

08:52:08.0589 0x0704  RpcEptMapper - ok

08:52:08.0589 0x0704  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe

08:52:08.0609 0x0704  RpcLocator - ok

08:52:08.0639 0x0704  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll

08:52:08.0669 0x0704  RpcSs - ok

08:52:08.0689 0x0704  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

08:52:08.0709 0x0704  rspndr - ok

08:52:08.0739 0x0704  [ A29F3787FEA005C8355F62321BE9E065, A1BE2758EE21CBFB00E6F32D3C62323D890BD9AD177E880390CFAD9F5326A9B3 ] rusb3hub        C:\Windows\system32\DRIVERS\rusb3hub.sys

08:52:08.0749 0x0704  rusb3hub - ok

08:52:08.0769 0x0704  [ 0FE1DB20DA9863CD5B397717FF07738B, 3BCA3269A6ECA501508F2BAC56DB9C0B2DAD3DDA853C5FB168E4C628A94E1C83 ] rusb3xhc        C:\Windows\system32\DRIVERS\rusb3xhc.sys

08:52:08.0779 0x0704  rusb3xhc - ok

08:52:08.0819 0x0704  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys

08:52:08.0829 0x0704  s3cap - ok

08:52:08.0849 0x0704  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe

08:52:08.0879 0x0704  SamSs - ok

08:52:08.0929 0x0704  [ 328100AF2EFD951EAB657384EC361B6F, 2DECBF74E13511395AA13F931F06F4D557E67654DA3314D0095C332FB758B4D9 ] SamsungAllShareV2.0 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe

08:52:08.0939 0x0704  SamsungAllShareV2.0 - ok

08:52:08.0979 0x0704  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

08:52:08.0989 0x0704  sbp2port - ok

08:52:09.0039 0x0704  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll

08:52:09.0069 0x0704  SCardSvr - ok

08:52:09.0089 0x0704  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

08:52:09.0119 0x0704  scfilter - ok

08:52:09.0159 0x0704  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll

08:52:09.0209 0x0704  Schedule - ok

08:52:09.0229 0x0704  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll

08:52:09.0259 0x0704  SCPolicySvc - ok

08:52:09.0279 0x0704  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

08:52:09.0289 0x0704  SDRSVC - ok

08:52:09.0319 0x0704  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys

08:52:09.0349 0x0704  secdrv - ok

08:52:09.0369 0x0704  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll

08:52:09.0399 0x0704  seclogon - ok

08:52:09.0409 0x0704  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll

08:52:09.0429 0x0704  SENS - ok

08:52:09.0439 0x0704  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll

08:52:09.0459 0x0704  SensrSvc - ok

08:52:09.0469 0x0704  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys

08:52:09.0479 0x0704  Serenum - ok

08:52:09.0509 0x0704  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys

08:52:09.0519 0x0704  Serial - ok

08:52:09.0549 0x0704  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys

08:52:09.0559 0x0704  sermouse - ok

08:52:09.0639 0x0704  [ 78F7BB9F4924BE164294C59B8C3FC096, 75051A6A8B0DBB16CD70855A408134270EEAF0C127BAAE5B592DB53BB87C085B ] ServiceLayer    C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

08:52:09.0659 0x0704  ServiceLayer - ok

08:52:09.0689 0x0704  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll

08:52:09.0719 0x0704  SessionEnv - ok

08:52:09.0749 0x0704  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

08:52:09.0759 0x0704  sffdisk - ok

08:52:09.0769 0x0704  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

08:52:09.0789 0x0704  sffp_mmc - ok

08:52:09.0799 0x0704  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

08:52:09.0809 0x0704  sffp_sd - ok

08:52:09.0829 0x0704  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys

08:52:09.0839 0x0704  sfloppy - ok

08:52:09.0879 0x0704  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll

08:52:09.0919 0x0704  SharedAccess - ok

08:52:09.0949 0x0704  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

08:52:09.0979 0x0704  ShellHWDetection - ok

08:52:10.0019 0x0704  [ 1980FE1F5A32067DAD1D8776B63C2669, 26B53EAF89CDBBA8FFA154DBB1F1DA348F894FE1F1D0CA4060E32496464DD5D2 ] SimpleSlideShowServer C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe

08:52:10.0039 0x0704  SimpleSlideShowServer - ok

08:52:10.0069 0x0704  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys

08:52:10.0089 0x0704  SiSRaid2 - ok

08:52:10.0099 0x0704  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys

08:52:10.0119 0x0704  SiSRaid4 - ok

08:52:10.0159 0x0704  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe

08:52:10.0189 0x0704  SkypeUpdate - ok

08:52:10.0199 0x0704  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

08:52:10.0229 0x0704  Smb - ok

08:52:10.0279 0x0704  [ FBE0201AB61E18934C812C34D31A4403, 549E51FC11CCA30B21970C90F4799D6CB94481CDC623B8C319F16DAEFC8A190B ] snapman         C:\Windows\system32\DRIVERS\snapman.sys

08:52:10.0309 0x0704  snapman - ok

08:52:10.0319 0x0704  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

08:52:10.0339 0x0704  SNMPTRAP - ok

08:52:10.0349 0x0704  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys

08:52:10.0359 0x0704  spldr - ok

08:52:10.0429 0x0704  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe

08:52:10.0459 0x0704  Spooler - ok

08:52:10.0579 0x0704  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe

08:52:10.0689 0x0704  sppsvc - ok

08:52:10.0719 0x0704  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll

08:52:10.0749 0x0704  sppuinotify - ok

08:52:10.0779 0x0704  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys

08:52:10.0799 0x0704  srv - ok

08:52:10.0819 0x0704  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

08:52:10.0839 0x0704  srv2 - ok

08:52:10.0849 0x0704  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

08:52:10.0869 0x0704  srvnet - ok

08:52:10.0879 0x0704  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

08:52:10.0909 0x0704  SSDPSRV - ok

08:52:10.0919 0x0704  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll

08:52:10.0949 0x0704  SstpSvc - ok

08:52:10.0999 0x0704  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys

08:52:11.0009 0x0704  stexstor - ok

08:52:11.0029 0x0704  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys

08:52:11.0059 0x0704  StillCam - ok

08:52:11.0149 0x0704  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll

08:52:11.0189 0x0704  stisvc - ok

08:52:11.0249 0x0704  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys

08:52:11.0259 0x0704  storflt - ok

08:52:11.0279 0x0704  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll

08:52:11.0299 0x0704  StorSvc - ok

08:52:11.0329 0x0704  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys

08:52:11.0339 0x0704  storvsc - ok

08:52:11.0349 0x0704  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys

08:52:11.0359 0x0704  swenum - ok

08:52:11.0379 0x0704  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll

08:52:11.0419 0x0704  swprv - ok

08:52:11.0679 0x0704  [ 0FE29D81F372CA2DCE9E49736A3BD3E6, 10ED93BEE7ECBD2AF5E7AB0197CC82A5424FD63A2ED90F0417B266AD06E5F32C ] syncagentsrv    C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe

08:52:11.0829 0x0704  syncagentsrv - ok

08:52:11.0899 0x0704  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll

08:52:11.0949 0x0704  SysMain - ok

08:52:11.0979 0x0704  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll

08:52:11.0999 0x0704  TabletInputService - ok

08:52:12.0029 0x0704  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll

08:52:12.0059 0x0704  TapiSrv - ok

08:52:12.0079 0x0704  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll

08:52:12.0099 0x0704  TBS - ok

08:52:12.0209 0x0704  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

08:52:12.0259 0x0704  Tcpip - ok

08:52:12.0309 0x0704  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

08:52:12.0349 0x0704  TCPIP6 - ok

08:52:12.0379 0x0704  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

08:52:12.0389 0x0704  tcpipreg - ok

08:52:12.0419 0x0704  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

08:52:12.0429 0x0704  TDPIPE - ok

08:52:12.0479 0x0704  [ 07330E30921C70E9D9B416EE43A06349, 398500C12E685BCF732C7F80A2C0E95181E5377A0E6C14CF9A3EE8580083A556 ] tdrpman         C:\Windows\system32\DRIVERS\tdrpman.sys

08:52:12.0519 0x0704  tdrpman - ok

08:52:12.0559 0x0704  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

08:52:12.0569 0x0704  TDTCP - ok

08:52:12.0599 0x0704  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

08:52:12.0629 0x0704  tdx - ok

08:52:12.0929 0x0704  [ 3438EFDC30F7A41D3598ED60BBF6CF2A, 342B8E78DF6B4BA641C5CCB5B1343B363B770681F0794A809728789E3BE56E46 ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

08:52:13.0069 0x0704  TeamViewer9 - ok

08:52:13.0099 0x0704  [ F5520DBB47C60EE83024B38720ABDA24, B8E555D92440BF93E3B55A66E27CEF936477EF7528F870D3B78BD3B294A05CC0 ] teamviewervpn   C:\Windows\system32\DRIVERS\teamviewervpn.sys

08:52:13.0109 0x0704  teamviewervpn - ok

08:52:13.0159 0x0704  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys

08:52:13.0179 0x0704  TermDD - ok

08:52:13.0209 0x0704  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll

08:52:13.0259 0x0704  TermService - ok

08:52:13.0269 0x0704  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll

08:52:13.0289 0x0704  Themes - ok

08:52:13.0299 0x0704  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll

08:52:13.0329 0x0704  THREADORDER - ok

08:52:13.0369 0x0704  [ DE604462206F7D8C203F767F425FCA8D, 149FBF6367C45415B939A9B1A7A10DA7A5E19F28CE533BCBE2B20DA4B78F8645 ] tib             C:\Windows\system32\DRIVERS\tib.sys

08:52:13.0399 0x0704  tib - ok

08:52:13.0409 0x0704  [ 3C29FB9FC9B4C511AD69DC50257FEC75, 4906DADE076FD363C53044C805602EEA4D0EF6E92041C693E1BED2286614B36E ] tib_mounter     C:\Windows\system32\DRIVERS\tib_mounter.sys

08:52:13.0419 0x0704  tib_mounter - ok

08:52:13.0429 0x0704  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll

08:52:13.0459 0x0704  TrkWks - ok

08:52:13.0489 0x0704  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

08:52:13.0519 0x0704  TrustedInstaller - ok

08:52:13.0539 0x0704  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

08:52:13.0549 0x0704  tssecsrv - ok

08:52:13.0569 0x0704  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys

08:52:13.0579 0x0704  TsUsbFlt - ok

08:52:13.0619 0x0704  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

08:52:13.0649 0x0704  tunnel - ok

08:52:13.0659 0x0704  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys

08:52:13.0669 0x0704  uagp35 - ok

08:52:13.0699 0x0704  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

08:52:13.0729 0x0704  udfs - ok

08:52:13.0749 0x0704  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe

08:52:13.0759 0x0704  UI0Detect - ok

08:52:13.0789 0x0704  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

08:52:13.0799 0x0704  uliagpkx - ok

08:52:13.0859 0x0704  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys

08:52:13.0889 0x0704  umbus - ok

08:52:13.0899 0x0704  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys

08:52:13.0919 0x0704  UmPass - ok

08:52:13.0949 0x0704  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll

08:52:13.0969 0x0704  UmRdpService - ok

08:52:13.0989 0x0704  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll

08:52:14.0029 0x0704  upnphost - ok

08:52:14.0079 0x0704  [ 311C90F0767A63000AC35DD0A7078A30, DB80E10015DCC595F90C31CE61590DB07E84F8B13DA904B2D59233678C366A2D ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys

08:52:14.0119 0x0704  upperdev - ok

08:52:14.0169 0x0704  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys

08:52:14.0189 0x0704  USBAAPL64 - ok

08:52:14.0259 0x0704  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys

08:52:14.0279 0x0704  usbaudio - ok

08:52:14.0299 0x0704  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

08:52:14.0319 0x0704  usbccgp - ok

08:52:14.0359 0x0704  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys

08:52:14.0389 0x0704  usbcir - ok

08:52:14.0409 0x0704  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys

08:52:14.0429 0x0704  usbehci - ok

08:52:14.0459 0x0704  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

08:52:14.0499 0x0704  usbhub - ok

08:52:14.0519 0x0704  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys

08:52:14.0539 0x0704  usbohci - ok

08:52:14.0559 0x0704  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

08:52:14.0579 0x0704  usbprint - ok

08:52:14.0629 0x0704  [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser          C:\Windows\system32\DRIVERS\usbser.sys

08:52:14.0659 0x0704  usbser - ok

08:52:14.0669 0x0704  [ C03DA998E412D69D18DD11D835229AF0, DD43E370EF370767588A6D56A51A4ADF99B5E063C7AA0528F91FD431DE7C2932 ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys

08:52:14.0709 0x0704  UsbserFilt - ok

08:52:14.0749 0x0704  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

08:52:14.0779 0x0704  USBSTOR - ok

08:52:14.0789 0x0704  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys

08:52:14.0809 0x0704  usbuhci - ok

08:52:14.0859 0x0704  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys

08:52:14.0889 0x0704  usbvideo - ok

08:52:14.0919 0x0704  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys

08:52:14.0939 0x0704  usb_rndisx - ok

08:52:14.0959 0x0704  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll

08:52:14.0989 0x0704  UxSms - ok

08:52:15.0009 0x0704  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe

08:52:15.0019 0x0704  VaultSvc - ok

08:52:15.0039 0x0704  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys

08:52:15.0049 0x0704  vdrvroot - ok

08:52:15.0079 0x0704  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe

08:52:15.0119 0x0704  vds - ok

08:52:15.0139 0x0704  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

08:52:15.0159 0x0704  vga - ok

08:52:15.0169 0x0704  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys

08:52:15.0199 0x0704  VgaSave - ok

08:52:15.0229 0x0704  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys

08:52:15.0239 0x0704  vhdmp - ok

08:52:15.0269 0x0704  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys

08:52:15.0279 0x0704  viaide - ok

08:52:15.0299 0x0704  [ 35E8A18D1C558D5C2FF2FFED2FD396F6, 5516AC03964DD33CF239AB3FB1D41BAB7454DB35FB38C45907614C3DB8F23391 ] vididr          C:\Windows\system32\DRIVERS\vididr.sys

08:52:15.0319 0x0704  vididr - ok

08:52:15.0329 0x0704  [ 0DCD5C8F2E0B3650C4A29F6569C074FD, 8FB24D79ADE1541C5DD6241A3395EF2E6575A8376111294CD5C87ECA798EDCFD ] vidsflt         C:\Windows\system32\DRIVERS\vidsflt.sys

08:52:15.0339 0x0704  vidsflt - ok

08:52:15.0349 0x0704  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys

08:52:15.0369 0x0704  vmbus - ok

08:52:15.0389 0x0704  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys

08:52:15.0399 0x0704  VMBusHID - ok

08:52:15.0429 0x0704  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys

08:52:15.0439 0x0704  volmgr - ok

08:52:15.0469 0x0704  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

08:52:15.0489 0x0704  volmgrx - ok

08:52:15.0499 0x0704  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys

08:52:15.0519 0x0704  volsnap - ok

08:52:15.0549 0x0704  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys

08:52:15.0579 0x0704  vsmraid - ok

08:52:15.0639 0x0704  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe

08:52:15.0709 0x0704  VSS - ok

08:52:15.0719 0x0704  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys

08:52:15.0729 0x0704  vwifibus - ok

08:52:15.0759 0x0704  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll

08:52:15.0799 0x0704  W32Time - ok

08:52:15.0809 0x0704  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys

08:52:15.0819 0x0704  WacomPen - ok

08:52:15.0839 0x0704  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys

08:52:15.0869 0x0704  WANARP - ok

08:52:15.0869 0x0704  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

08:52:15.0899 0x0704  Wanarpv6 - ok

08:52:16.0039 0x0704  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe

08:52:16.0089 0x0704  wbengine - ok

08:52:16.0089 0x0704  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

08:52:16.0109 0x0704  WbioSrvc - ok

08:52:16.0169 0x0704  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll

08:52:16.0209 0x0704  wcncsvc - ok

08:52:16.0229 0x0704  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

08:52:16.0239 0x0704  WcsPlugInService - ok

08:52:16.0259 0x0704  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys

08:52:16.0279 0x0704  Wd - ok

08:52:16.0319 0x0704  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

08:52:16.0359 0x0704  Wdf01000 - ok

08:52:16.0379 0x0704  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll

08:52:16.0389 0x0704  WdiServiceHost - ok

08:52:16.0399 0x0704  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll

08:52:16.0419 0x0704  WdiSystemHost - ok

08:52:16.0439 0x0704  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll

08:52:16.0459 0x0704  WebClient - ok

08:52:16.0469 0x0704  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll

08:52:16.0499 0x0704  Wecsvc - ok

08:52:16.0509 0x0704  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

08:52:16.0539 0x0704  wercplsupport - ok

08:52:16.0559 0x0704  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll

08:52:16.0579 0x0704  WerSvc - ok

08:52:16.0599 0x0704  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys

08:52:16.0619 0x0704  WfpLwf - ok

08:52:16.0629 0x0704  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

08:52:16.0639 0x0704  WIMMount - ok

08:52:16.0659 0x0704  WinDefend - ok

08:52:16.0659 0x0704  WinHttpAutoProxySvc - ok

08:52:16.0709 0x0704  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

08:52:16.0739 0x0704  Winmgmt - ok

08:52:16.0829 0x0704  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll

08:52:16.0899 0x0704  WinRM - ok

08:52:16.0949 0x0704  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys

08:52:16.0969 0x0704  WinUsb - ok

08:52:17.0189 0x0704  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll

08:52:17.0229 0x0704  Wlansvc - ok

08:52:17.0279 0x0704  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys

08:52:17.0289 0x0704  WmiAcpi - ok

08:52:17.0399 0x0704  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

08:52:17.0409 0x0704  wmiApSrv - ok

08:52:17.0519 0x0704  WMPNetworkSvc - ok

08:52:17.0569 0x0704  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll

08:52:17.0579 0x0704  WPCSvc - ok

08:52:17.0619 0x0704  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

08:52:17.0659 0x0704  WPDBusEnum - ok

08:52:17.0699 0x0704  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

08:52:17.0739 0x0704  ws2ifsl - ok

08:52:17.0759 0x0704  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll

08:52:17.0779 0x0704  wscsvc - ok

08:52:17.0809 0x0704  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys

08:52:17.0829 0x0704  WSDPrintDevice - ok

08:52:17.0839 0x0704  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys

08:52:17.0849 0x0704  WSDScan - ok

08:52:17.0849 0x0704  WSearch - ok

08:52:17.0949 0x0704  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll

08:52:18.0009 0x0704  wuauserv - ok

08:52:18.0029 0x0704  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

08:52:18.0049 0x0704  WudfPf - ok

08:52:18.0079 0x0704  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

08:52:18.0099 0x0704  WUDFRd - ok

08:52:18.0129 0x0704  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

08:52:18.0159 0x0704  wudfsvc - ok

08:52:18.0179 0x0704  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll

08:52:18.0199 0x0704  WwanSvc - ok

08:52:18.0219 0x0704  ================ Scan global ===============================

08:52:18.0229 0x0704  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll

08:52:18.0259 0x0704  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll

08:52:18.0279 0x0704  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll

08:52:18.0299 0x0704  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll

08:52:18.0319 0x0704  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe

08:52:18.0329 0x0704  [ Global ] - ok

08:52:18.0329 0x0704  ================ Scan MBR ==================================

08:52:18.0339 0x0704  [ E87267CB6496429BB50554191DA7C765 ] \Device\Harddisk0\DR0

08:52:18.0759 0x0704  \Device\Harddisk0\DR0 - ok

08:52:18.0769 0x0704  [ F2634EFAB9E22A7870007C2453CEFE38 ] \Device\Harddisk1\DR1

08:52:19.0389 0x0704  \Device\Harddisk1\DR1 - ok

08:52:19.0399 0x0704  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2

08:52:19.0549 0x0704  \Device\Harddisk2\DR2 - ok

08:52:19.0549 0x0704  ================ Scan VBR ==================================

08:52:19.0559 0x0704  [ 33196769F5533E97BBF3CF1B0DBD7E97 ] \Device\Harddisk0\DR0\Partition1

08:52:19.0779 0x0704  \Device\Harddisk0\DR0\Partition1 - ok

08:52:19.0789 0x0704  [ D93A77E8B03537FE5B73AEA864B2D202 ] \Device\Harddisk0\DR0\Partition2

08:52:19.0859 0x0704  \Device\Harddisk0\DR0\Partition2 - ok

08:52:19.0859 0x0704  [ 4D770FA5EEDBA50288A779519E293433 ] \Device\Harddisk1\DR1\Partition1

08:52:19.0919 0x0704  \Device\Harddisk1\DR1\Partition1 - ok

08:52:19.0919 0x0704  [ D6B777808A122F9C5B8D9724B6FC2344 ] \Device\Harddisk1\DR1\Partition2

08:52:19.0989 0x0704  \Device\Harddisk1\DR1\Partition2 - ok

08:52:19.0999 0x0704  [ 2B505A9EECDD390A9F6C0753FE860D8C ] \Device\Harddisk1\DR1\Partition3

08:52:20.0049 0x0704  \Device\Harddisk1\DR1\Partition3 - ok

08:52:20.0059 0x0704  [ B67981594E46A69ABCA1D04672CD6AA4 ] \Device\Harddisk1\DR1\Partition4

08:52:20.0109 0x0704  \Device\Harddisk1\DR1\Partition4 - ok

08:52:20.0109 0x0704  [ 2F0174EF90787E5CE6EA31B007331B93 ] \Device\Harddisk2\DR2\Partition1

08:52:20.0119 0x0704  \Device\Harddisk2\DR2\Partition1 - ok

08:52:20.0119 0x0704  ================ Scan generic autorun ======================

08:52:20.0159 0x0704  [ A0B996A6D4F7502EC6A9AADFB87FDA25, 2A79F03DECCC5C11E5B14109F5FBD790A4E005A45C71766E3C85BF14699F034C ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe

08:52:20.0179 0x0704  Acronis Scheduler2 Service - ok

08:52:20.0379 0x0704  [ 1869AA6DAF4F664660225B6D2102DF69, 636E9FBB2B27D8E084A3EABCDFE6498BCD38ACB6983D3D95FB9FB86716033235 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

08:52:20.0539 0x0704  RtHDVCpl - ok

08:52:20.0709 0x0704  [ DF72D700CC33611206675B8A2FD4D4F9, AB3AF6FD92140A1432FEAFFF2015CFAD5E9362F0018EA1D859A2DA349E95847D ] C:\Program Files\Logitech\SetPointP\SetPoint.exe

08:52:20.0749 0x0704  EvtMgr6 - ok

08:52:20.0789 0x0704  [ 80FDA1E7877DDBBB53D736AD290EC08A, E042AD1D6D6F04C2000853A16AEE4F28C6325ABE64C00890460A4EC7FB6D1939 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

08:52:20.0799 0x0704  StartCCC - detected UnsignedFile.Multi.Generic ( 1 )

08:52:21.0070 0x0704  Detect skipped due to KSN trusted

08:52:21.0070 0x0704  StartCCC - ok

08:52:21.0180 0x0704  [ 0B6307FB3D24EACBB86A51E285E1F384, 4658EEBD36669906C15D876B28D566E74703A81A3EF6ACE99EE2B6D8857DA594 ] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe

08:52:21.0220 0x0704  GDFirewallTray - ok

08:52:21.0280 0x0704  [ A3A9E5888143F3DAB803B007393D791F, 42435F0AF4C942F4F05EB80B36188951A8BEAB3E50F67FCDB1FF8B52A04890C0 ] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe

08:52:21.0300 0x0704  AdobeCS4ServiceManager - ok

08:52:21.0370 0x0704  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

08:52:21.0390 0x0704  Adobe ARM - ok

08:52:21.0540 0x0704  [ 22310E2C6AE375142ABBB9EF384ECD40, A8673DF56546E4CDD7A0099D8CCB889415125089F786D0637E8D9B21CE53AB4D ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe

08:52:21.0650 0x0704  BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )

08:52:21.0940 0x0704  Detect skipped due to KSN trusted

08:52:21.0940 0x0704  BrStsMon00 - ok

08:52:22.0010 0x0704  [ 0C0DD390CF53D506414AC2CAA68E7F34, C64A9BAF0FDA5161B9361FC454CA36E7595E6BC969A6FA03993C5949373D8A00 ] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe

08:52:22.0070 0x0704  BrHelp - detected UnsignedFile.Multi.Generic ( 1 )

08:52:22.0350 0x0704  Detect skipped due to KSN trusted

08:52:22.0350 0x0704  BrHelp - ok

08:52:22.0430 0x0704  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

08:52:22.0480 0x0704  Sidebar - ok

08:52:22.0490 0x0704  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

08:52:22.0510 0x0704  mctadmin - ok

08:52:22.0540 0x0704  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

08:52:22.0580 0x0704  Sidebar - ok

08:52:22.0580 0x0704  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

08:52:22.0600 0x0704  mctadmin - ok

08:52:22.0750 0x0704  [ 4C8942B8721813E5C8874D47112DCF73, 85869B814417397D92A028CF841FC7B1B41E5D53EFF3470DED664484709C9FBA ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

08:52:22.0850 0x0704  LightScribe Control Panel - ok

08:52:22.0920 0x0704  [ 16D510C28673BF1565D096D41234773C, 72BC509E8D9B444B37F10A266DF8E05471FC0006F34367EEF24203419EE9585C ] C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe

08:52:22.0930 0x0704  dradio-RecorderTimer - detected UnsignedFile.Multi.Generic ( 1 )

08:52:23.0220 0x0704  Detect skipped due to KSN trusted

08:52:23.0220 0x0704  dradio-RecorderTimer - ok

08:52:23.0250 0x0704  [ 16D510C28673BF1565D096D41234773C, 72BC509E8D9B444B37F10A266DF8E05471FC0006F34367EEF24203419EE9585C ] C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe

08:52:23.0260 0x0704  dradio-RecorderTimer - detected UnsignedFile.Multi.Generic ( 1 )

08:52:23.0260 0x0704  Detect skipped due to KSN trusted

08:52:23.0260 0x0704  dradio-RecorderTimer - ok

08:52:23.0360 0x0704  [ 4C8942B8721813E5C8874D47112DCF73, 85869B814417397D92A028CF841FC7B1B41E5D53EFF3470DED664484709C9FBA ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

08:52:23.0430 0x0704  LightScribe Control Panel - ok

08:52:23.0490 0x0704  [ 4C8942B8721813E5C8874D47112DCF73, 85869B814417397D92A028CF841FC7B1B41E5D53EFF3470DED664484709C9FBA ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

08:52:23.0550 0x0704  LightScribe Control Panel - ok

08:52:23.0560 0x0704  Waiting for KSN requests completion. In queue: 167

08:52:24.0570 0x0704  AV detected via SS2: G Data InternetSecurity, C:\Program Files (x86)\G Data\InternetSecurity\AVK\avkwscpe.exe ( 25.0.0.0 ), 0x41000 ( enabled : updated )

08:52:24.0570 0x0704  FW detected via SS2: G Data Personal Firewall, C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe ( 22.0.0.1 ), 0x41010 ( enabled )

08:52:26.0960 0x0704  ============================================================

08:52:26.0960 0x0704  Scan finished

08:52:26.0960 0x0704  ============================================================

08:52:26.0970 0x1540  Detected object count: 0

08:52:26.0970 0x1540  Actual detected object count: 0

Und schließlich Nummer 4:
[CODE]
,GMER Logfile:

Code:

GMER 2.1.19357 - hxxp://www.gmer.net

Rootkit scan 2014-07-07 20:23:44

Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST2000DM001-1CH164 rev.CC29 1863,02GB

Running: Gmer-19357.exe; Driver: C:\Users\HDS\AppData\Local\Temp\awlyipow.sys
 
 

---- Kernel code sections - GMER 2.1 ----
 

INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528  fffff800031f6000 45 bytes [00, 00, 12, 02, 47, 44, 57, ...]

INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 574  fffff800031f602e 17 bytes [5C, 00, 55, 00, 53, 00, 45, ...]
 

---- Threads - GMER 2.1 ----
 

Thread    C:\Windows\System32\svchost.exe [1120:4064]                         000007fee7c0a2b0

Thread    C:\Windows\System32\svchost.exe [1120:1824]                         000007fee52a3efc

Thread    C:\Windows\System32\svchost.exe [1120:4816]                         000007fee52e8a4c

Thread    C:\Windows\system32\svchost.exe [1580:1164]                         000007fefa2335c0

Thread    C:\Windows\system32\svchost.exe [1580:5116]                         000007fefa235600

Thread    C:\Windows\system32\svchost.exe [1580:3812]                         000007fee8662888

Thread    C:\Windows\system32\svchost.exe [1580:2716]                         000007fee84b2940

Thread    C:\Windows\system32\svchost.exe [1580:4104]                         000007fee8662a40

Thread    C:\Windows\system32\svchost.exe [2312:2620]                         000007fef99e5fd0

Thread    C:\Windows\system32\svchost.exe [2312:2700]                         000007fef91a3438

Thread    C:\Windows\system32\svchost.exe [2312:2712]                         000007fef99e63ec

Thread    C:\Windows\system32\svchost.exe [2312:2848]                         000000000033b128

Thread    C:\Windows\system32\svchost.exe [2312:2984]                         000007fef9a6a850

Thread    C:\Windows\system32\Dwm.exe [2600:2956]                             000007fef988f0d8

Thread    C:\Windows\system32\Dwm.exe [2600:2960]                             000007fef669abf0

Thread    C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:2944]   000007fef7f2bd94

Thread    C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:2948]   000007fef7ea3368

Thread    C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:5060]   000007fef7ed87b8

Thread    C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:6440]   000007fef24b4bf4

Thread    C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:6608]   000007fef7fb8970

Thread    C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:4796]   000007fef7ea3368

Thread    C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:6016]   000007fef7ea3368

Thread    C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:3484]   000007fef7ea3368

Thread    C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [2936:6468]   000007fef7e993d4

Thread    C:\Windows\system32\wbem\wmiprvse.exe [3204:3244]                   000007fef08210f0

Thread    C:\Windows\System32\WUDFHost.exe [5056:5280]                        000007fee78624a0
 

---- Disk sectors - GMER 2.1 ----
 

Disk      \Device\Harddisk0\DR0                                               unknown MBR code
 

---- EOF - GMER 2.1 ----

--- --- ---

Noch vergessen: GData

Code:

Ihr Rechner wurden von einem entfernten Rechner auf offene Internet-Dienste (Ports) abgetastet. Die Firewall hat diesen Angriff unterbunden.
 

Netzwerk Info:

Netzwerk                 : LAN-Verbindung 2

Entfernter Rechner       : 193.175.234.83 (nugo.dife.de)

Ich bin leicht verunsichert, da mein Beitrag schon wieder um diverse Zeichen zu lang war.
Hast du jetzt wirklich alle 5 Logs erhalten?

Danke und Gruß

Masin

schrauber

09.07.2014 18:15

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

masin

09.07.2014 19:10

Combofix läßt sich leider nicht starten - die Version ist nicht mit der ausgeführten Windows-Version kompatibel.
Ich habe ein 24 Bit-System; was ist jetzt zu tun?

Gruß Masin

schrauber

10.07.2014 14:56

24? Du meinst 64? Du hast nen stinknormales Win 7 64Bit, da muss CF laufen.

Fehlermeldung?

masin

10.07.2014 15:54

Klar war 24 Blödsinn, hatte mich vertippt.

Habe CF runtergeladen und auf dem Desktop gespeichert.
Wenn ich das Ding als Administrator starten will (was allerdings nicht gefordert ist), lautet die Fehlermeldeung:
"C:\...\Desktop\Combofix.exe" konnte nicht gefunden werden. Stellen Sie sicher, dass Sie den Namen richtig eingegeben haben und wiederholen Sie den Vorgang.
Starte ich normal mit Doppelklick, dann erscheint:
Die Version dieser Datei ist nicht mit der ausgeführten Windows-Version kompatibel. Öffnen Sie die Systeminformation des Computers, um zu überprüfen, ob eine x86-(32 Bit)- oder eine x64-(64 Bit)-Version des Programms erforderlich ist, und wenden Sie sich anschließend an den Berausgeber der Software

Gruß Masin

schrauber

11.07.2014 11:06

Zeig mir davon, inklusive dem ganzen Desktop, bitte mal einen Screenshot.

masin

11.07.2014 11:36

Bin nicht sicher, ob die Screenshots für dich sichtbar sind. Wenn nicht, sag mir bitte eine andere Möglichkeit, sie einzufügen.

Gruß Masin

http://www.familie-sachse.eu/wp-cont...dmin-Start.jpg

http://www.familie-sachse.eu/wp-cont...ormalstart.jpg

schrauber

12.07.2014 07:36

sehr komisch.

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

masin

12.07.2014 10:39

Hallo, schrauber,

hier die Files:

Schönes Wochenende!

masin

Code:

Malwarebytes Anti-Malware

www.malwarebytes.org
 

Suchlauf Datum: 12.07.2014

Suchlauf-Zeit: 09:56:30

Logdatei: mbam.txt

Administrator: Ja
 

Version: 2.00.2.1012

Malware Datenbank: v2014.07.12.01

Rootkit Datenbank: v2014.07.09.01

Lizenz: Kostenlos

Malware Schutz: Deaktiviert

Bösartiger Webseiten Schutz: Deaktiviert

Self-protection: Deaktiviert
 

Betriebssystem: Windows 7 Service Pack 1

CPU: x64

Dateisystem: NTFS

Benutzer: HDS
 

Suchlauf-Art: Bedrohungs-Suchlauf

Ergebnis: Abgeschlossen

Durchsuchte Objekte: 395646

Verstrichene Zeit: 30 Min, 49 Sek
 

Speicher: Aktiviert

Autostart: Aktiviert

Dateisystem: Aktiviert

Archive: Aktiviert

Rootkits: Deaktiviert

Heuristics: Aktiviert

PUP: Aktiviert

PUM: Aktiviert
 

Prozesse: 0

(No malicious items detected)
 

Module: 0

(No malicious items detected)
 

Registrierungsschlüssel: 0

(No malicious items detected)
 

Registrierungswerte: 0

(No malicious items detected)
 

Registrierungsdaten: 0

(No malicious items detected)
 

Ordner: 0

(No malicious items detected)
 

Dateien: 1

PUP.Optional.InstallMonetizer, C:\Users\HDS\AppData\Local\Temp\nsv6D83.tmp\nsBaliWeb.dll, In Quarantäne, [1988ddc1dd9e9d99d839103f50b2be42], 
 

Physische Sektoren: 0

(No malicious items detected)
 
 

(end)

Code:

# AdwCleaner v3.215 - Bericht erstellt am 12/07/2014 um 10:51:19

# Aktualisiert 09/07/2014 von Xplode

# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)

# Benutzername : HDS - HDS-NEU2

# Gestartet von : C:\Users\HDS\Desktop\adwcleaner_3.215.exe

# Option : Löschen
 

***** [ Dienste ] *****
 
 

***** [ Dateien / Ordner ] *****
 
 

***** [ Verknüpfungen ] *****
 
 

***** [ Registrierungsdatenbank ] *****
 
 

***** [ Browser ] *****
 

-\\ Internet Explorer v11.0.9600.17207
 
 

-\\ Mozilla Firefox v30.0 (de)
 

[ Datei : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\llz1tcco.default\prefs.js ]
 
 

[ Datei : C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\prefs.js ]
 
 

*************************
 

AdwCleaner[R0].txt - [1153 octets] - [12/07/2014 10:50:07]

AdwCleaner[S0].txt - [1075 octets] - [12/07/2014 10:51:19]
 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1135 octets] ##########

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 7 Professional x64

Ran by HDS on 12.07.2014 at 10:39:28,18

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Registry Values
 

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
 
 
 

~~~ Registry Keys
 
 
 

~~~ Files
 
 
 

~~~ Folders
 
 
 

~~~ FireFox
 

Emptied folder: C:\Users\HDS\AppData\Roaming\mozilla\firefox\profiles\l63f1fcz.default\minidumps [20 files]
 
 
 

~~~ Event Viewer Logs were cleared
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 12.07.2014 at 10:45:39,28

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

FRST Logfile:
 

FRST Logfile:
 

        Code:


        
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-07-2014

Ran by HDS (administrator) on HDS-NEU2 on 12-07-2014 11:00:54

Running from C:\Users\HDS\Downloads

Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe

(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe

() C:\Program Files (x86)\AntiBrowserSpy\SocialBlock_ProxyCheck.exe

() C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe

() C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe

(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe

() C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe

(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe

(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

() C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe

() C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe

() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe

(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe

(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe

(freenet.de GmbH) C:\Program Files (x86)\freenetMail Dateimanager\DBDDsktDrvTrayApp.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe

(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe

(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe

(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519408 2013-07-18] (Acronis)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8067616 2009-08-18] (Realtek Semiconductor)

HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-05-17] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1756792 2014-05-20] (G Data Software AG)

HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2014-01-04] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104616 2013-10-10] (Acronis International GmbH)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)

HKLM-x32\...\Run: [Adobe Photo Downloader] => C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe [67488 2007-09-11] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [freenet.de Dateimanager Taskleistensymbol] => C:\Program Files (x86)\freenetMail Dateimanager\DBDDsktDrvTrayApp.exe [142336 2009-01-22] (freenet.de GmbH)

HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,

Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)

HKU\S-1-5-21-1477405295-139641872-1139874065-1005\...\Run: [dradio-RecorderTimer] => C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe [41472 2012-04-03] ()

HKU\S-1-5-21-1477405295-139641872-1139874065-1005\...\Run: [] => [X]

HKU\S-1-5-21-1477405295-139641872-1139874065-1005\...\MountPoints2: {0eb18823-749a-11e3-9f74-806e6f6e6963} - F:\Autoplay.exe -auto

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()

ShellIconOverlayIdentifiers: AcronisSyncError -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()

ShellIconOverlayIdentifiers: AcronisSyncInProgress -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()

ShellIconOverlayIdentifiers: AcronisSyncOk -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()

BootExecute: autocheck autochk * auto_reactivate \\?\Volume{0eb18820-749a-11e3-9f74-806e6f6e6963}\bootwiz\asrm.bin
 

==================== Internet (Whitelisted) ====================
 

ProxyEnable: Internet Explorer proxy is enabled.

ProxyServer: localhost:8088

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

SearchScopes: HKLM - DefaultScope {71CA019B-6980-4703-BBEF-AAA0CC218409} URL = hxxp://www.sm.de/?q={searchTerms}

SearchScopes: HKLM - {71CA019B-6980-4703-BBEF-AAA0CC218409} URL = hxxp://www.sm.de/?q={searchTerms}

SearchScopes: HKLM-x32 - DefaultScope value is missing.

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: PrintEco - {BEB54677-E12F-44E7-AC7E-48241B866B5F} - C:\Program Files (x86)\PrintEco\PrintEco Office\adxloader64.dll ()

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: PrintEco - {BEB54677-E12F-44E7-AC7E-48241B866B5F} - C:\Program Files (x86)\PrintEco\PrintEco Office\adxloader.dll ()

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Hosts: 127.0.0.1 google-analytics.com

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

FireFox:

========

FF ProfilePath: C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default

FF DefaultSearchEngine: Wikipedia (de)

FF SelectedSearchEngine: Wikipedia (de)

FF Homepage: about:home

FF NetworkProxy: "ftp", "87.250.52.230"

FF NetworkProxy: "ftp_port", 8080

FF NetworkProxy: "http", "87.250.52.230"

FF NetworkProxy: "http_port", 8080

FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"

FF NetworkProxy: "share_proxy_settings", true

FF NetworkProxy: "socks", "87.250.52.230"

FF NetworkProxy: "socks_port", 8080

FF NetworkProxy: "ssl", "87.250.52.230"

FF NetworkProxy: "ssl_port", 8080

FF NetworkProxy: "type", 0

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()

FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)

FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @phonostar.de/phonostar - C:\Program Files (x86)\dradio-Recorder\npphonostarDetectNP.dll No File

FF SearchPlugin: C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\searchplugins\wikipdia-fr.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: FRITZ!Box AddOn - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\fb_add_on@avm.de [2014-01-04]

FF Extension: Nokia Maps 3D browser plugin - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\maps@ovi.com [2014-01-04]

FF Extension: WOT - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-01-12]

FF Extension: DownloadHelper - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-26]

FF Extension: anonymoX - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\client@anonymox.net.xpi [2014-01-04]

FF Extension: Preispilot - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\extension@preispilot.com.xpi [2014-01-04]

FF Extension: CleanTube - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\jid0-Oh6YfHwkh8Cb1Y4efKhBukwKfB0@jetpack.xpi [2014-01-04]

FF Extension: Safe Preview - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\safepreview@everhelper.me.xpi [2014-01-07]

FF Extension: Stealthy - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\stealthyextension@gmail.com.xpi [2014-01-04]

FF Extension: Webutation - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{15fe27f3-e5ab-2d59-4c5c-dadc7945bdbd}.xpi [2014-01-07]

FF Extension: Google Analytics Opt-out Browser Add-on - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2014-01-04]

FF Extension: NoScript - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-03-01]

FF Extension: Youtube Converter MP3 - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{a3a5c777-f583-4fef-9380-ab4add1bc2a5}.xpi [2014-01-04]

FF Extension: Go To Google - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{BCC877E7-7F3F-4632-8338-DAEE4475DE35}.xpi [2014-01-04]

FF Extension: Adblock Plus - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-04]

FF Extension: Fox!Box - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi [2014-01-04]

FF Extension: QuickJava - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2014-01-04]

FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt

FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-01-04]

FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com

FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-01-16]

FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com

FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-01-16]

FF HKLM-x32\...\Firefox\Extensions: [jid0-1wPBLrijxGVkIUhu0kFYq6ZaWzA@jetpack] - C:\Program Files (x86)\AntiBrowserSpy\Addons\Firefox

FF Extension: AntiBrowserSpy - SocialBlocker - C:\Program Files (x86)\AntiBrowserSpy\Addons\Firefox [2014-02-25]

FF HKLM-x32\...\Firefox\Extensions: [firefox@printecosoftware.com] - C:\Program Files (x86)\PrintEco\PrintEco Office\firefox@printecosoftware.com.xpi

FF Extension: PrintEco - C:\Program Files (x86)\PrintEco\PrintEco Office\firefox@printecosoftware.com.xpi [2014-03-17]
 

==================== Services (Whitelisted) =================
 

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-01-06] (Adobe Systems) [File not signed]

R2 AdobeActiveFileMonitor6.0; C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] ()

R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2250360 2014-05-27] (G Data Software AG)

R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)

R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2683760 2014-05-20] (G Data Software AG)

R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]

R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-05-27] (Freemake) [File not signed]

S4 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-01-13] (Ellora Assets Corp.) [File not signed]

R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3203392 2014-05-20] (G Data Software AG)

R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700536 2014-05-20] (G Data Software AG)

R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-18] (Nero AG)

R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]

R2 OS Selector; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2155848 2011-11-15] ()

R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]

S4 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)

S4 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)

S3 Mtpip000ode; No ImagePath
 

==================== Drivers (Whitelisted) ====================
 

R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2009-06-10] (AVM GmbH)

R3 FPCIBASE; C:\Windows\System32\DRIVERS\fpcibase.sys [899328 2009-06-10] (AVM Berlin)

R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [55808 2014-07-03] (G Data Software AG)

R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2014-07-03] (G Data Software AG)

R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [142336 2014-07-03] (G Data Software AG)

R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [64000 2014-07-03] (G Data Software AG)

R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64000 2014-07-03] (G Data Software AG)

R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2014-03-06] (G Data Software)

R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [61440 2014-07-03] (G Data Software AG)

S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)

S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-12] (Malwarebytes Corporation)

R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)

R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)

R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)

S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-01-04] (Acronis International GmbH)

R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-01-04] (Acronis International GmbH)

R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-01-04] (Acronis International GmbH)

S3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0; \??\c:\program files\my dell\pcdsrvc_x64.pkms [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-07-12 11:00 - 2014-07-12 11:00 - 00022580 _____ () C:\Users\HDS\Downloads\FRST.txt

2014-07-12 10:59 - 2014-07-12 11:00 - 02084864 _____ (Farbar) C:\Users\HDS\Downloads\FRST64.exe

2014-07-12 10:45 - 2014-07-12 10:45 - 00000887 _____ () C:\Users\HDS\Desktop\JRT.txt

2014-07-12 10:38 - 2014-07-12 10:38 - 01016261 _____ (Thisisu) C:\Users\HDS\Desktop\JRT.exe

2014-07-12 10:13 - 2014-07-12 10:48 - 01348263 _____ () C:\Users\HDS\Desktop\adwcleaner_3.215.exe

2014-07-12 09:56 - 2014-07-12 09:56 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-12 09:56 - 2014-07-12 09:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-12 09:55 - 2014-07-12 09:56 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-07-12 09:55 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-07-12 09:55 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-07-12 09:55 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-07-11 12:01 - 2014-07-11 12:01 - 00000000 ____D () C:\Users\HDS\Documents\Canon Utilities

2014-07-09 19:58 - 2014-07-09 19:58 - 05216105 _____ () C:\Users\HDS\Desktop\ComboFix.exe

2014-07-09 07:59 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-07-09 07:59 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-07-09 07:59 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-07-09 07:59 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-07-09 07:59 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-07-09 07:59 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-07-09 07:59 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-07-09 07:59 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-07-09 07:59 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-07-09 07:59 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-07-09 07:59 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-07-09 07:59 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-07-09 07:59 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-07-09 07:59 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-07-09 07:59 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-07-09 07:59 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-07-09 07:59 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-07-09 07:59 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-07-09 07:59 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-07-09 07:59 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-07-09 07:59 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-07-09 07:59 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-07-09 07:59 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-07-09 07:59 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-07-09 07:59 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-07-09 07:59 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-07-09 07:59 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-07-09 07:59 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-07-09 07:59 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-07-09 07:59 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-07-09 07:59 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-07-09 07:59 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-07-09 07:59 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-07-09 07:59 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-07-09 07:59 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-07-09 07:59 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-07-09 07:59 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-07-09 07:59 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-07-09 07:59 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-07-09 07:59 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-07-09 07:59 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-07-09 07:59 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-07-09 07:59 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-07-09 07:59 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-07-09 07:59 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-07-09 07:59 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-07-09 07:59 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-07-09 07:59 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-07-09 07:59 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-07-09 07:59 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-07-09 07:59 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-07-09 07:59 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-07-09 07:59 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-07-09 07:59 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-07-09 07:59 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-07-09 07:59 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-07-09 07:59 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-07-09 07:59 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-07-09 07:59 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe

2014-07-09 07:59 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe

2014-07-09 07:59 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-07-09 07:59 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2014-07-09 07:59 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2014-07-09 07:59 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2014-07-09 07:54 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-07-09 07:54 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2014-07-09 07:54 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2014-07-09 07:54 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2014-07-09 07:54 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2014-07-09 07:54 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2014-07-09 07:54 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2014-07-09 07:54 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-07-09 07:54 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2014-07-09 07:54 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2014-07-09 07:54 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2014-07-09 07:54 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2014-07-09 07:54 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2014-07-09 07:54 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2014-07-09 07:49 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-07-09 07:49 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2014-07-09 07:49 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2014-07-07 21:51 - 2014-07-07 21:51 - 909476139 _____ () C:\Windows\MEMORY.DMP

2014-07-07 21:51 - 2014-07-07 21:51 - 00455752 _____ () C:\Windows\Minidump\070714-46347-01.dmp

2014-07-07 21:51 - 2014-07-07 21:51 - 00000000 ____D () C:\Windows\Minidump

2014-07-07 20:23 - 2014-07-07 20:23 - 00003301 _____ () C:\Users\HDS\Desktop\Gmer.txt

2014-07-07 18:41 - 2014-07-12 11:01 - 00000000 ____D () C:\FRST

2014-07-07 18:36 - 2014-07-07 18:36 - 00000000 _____ () C:\Users\HDS\defogger_reenable

2014-07-07 15:11 - 2014-07-07 15:11 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Thunderbird

2014-07-07 13:11 - 2014-07-07 13:11 - 00002098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk

2014-07-07 13:11 - 2014-07-07 13:11 - 00002086 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk

2014-07-07 13:11 - 2014-07-07 13:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

2014-07-07 12:38 - 2014-07-07 12:38 - 00000000 ____D () C:\Users\HDS\AppData\Local\Thunderbird

2014-07-03 08:56 - 2014-07-03 08:56 - 00000000 ____D () C:\Users\HDS\AppData\Local\G DATA

2014-07-03 08:41 - 2014-07-03 08:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity

2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreemakeVideoConverter

2014-07-02 11:05 - 2014-07-02 11:05 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake

2014-06-28 15:09 - 2014-07-03 16:49 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\DropboxMaster

2014-06-24 14:22 - 2014-06-24 14:22 - 00001132 _____ () C:\Users\Public\Desktop\freenetMail Dateimanager.lnk

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\freenet

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\freenetMail Dateimanager

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\freenet

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Program Files (x86)\freenetMail Dateimanager

2014-06-20 07:47 - 2014-06-20 07:47 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreeOCR

2014-06-20 07:44 - 2014-06-20 07:47 - 00000000 ____D () C:\FreeOCR

2014-06-20 07:44 - 2014-06-20 07:44 - 00000590 _____ () C:\Users\HDS\Desktop\FreeOCR.lnk

2014-06-20 07:44 - 2014-06-20 07:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOCR

2014-06-20 07:44 - 2007-03-10 10:11 - 02680320 _____ (HiComponents) C:\Windows\SysWOW64\ImageEnXLibrary.ocx

2014-06-20 07:43 - 2014-06-20 08:40 - 00000000 ____D () C:\Users\HDS\Documents\Add-in Express

2014-06-20 07:43 - 2014-06-20 07:43 - 00000000 ____D () C:\Program Files (x86)\PrintEco

2014-06-18 16:12 - 2014-06-18 16:18 - 00000000 ____D () C:\Users\HDS\Documents\Fax

2014-06-18 09:46 - 2014-06-18 09:46 - 00003090 _____ () C:\Windows\System32\Tasks\{05AE3A2C-E679-448E-AB6E-97F7FFBF0FD5}

2014-06-17 12:09 - 2014-06-17 12:09 - 00001119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 6.0.lnk

2014-06-17 12:09 - 2014-06-17 12:09 - 00001107 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 6.0.lnk

2014-06-17 12:06 - 2014-06-17 12:06 - 01628920 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxsfs.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00547576 ____N (Sonic Solutions) C:\Windows\SysWOW64\px.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00510712 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxdrv.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00379640 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxwave.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00187128 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxmas.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00129784 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxafs.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00118520 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsi64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00116472 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpyi64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00072440 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxhpinst.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsa64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpya64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00052856 ____N (Sonic Solutions) C:\Windows\system32\Drivers\PxHlpa64.sys

2014-06-17 12:06 - 2014-06-17 12:06 - 00039672 ____N (Sonic Solutions) C:\Windows\SysWOW64\vxblock.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdralw2k.sys

2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdr4_xp.sys

2014-06-13 20:21 - 2014-06-13 20:21 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\eXPert PDF 5

2014-06-13 17:19 - 2014-06-16 17:26 - 00000000 ____D () C:\Users\HDS\AppData\Local\Adobe
 

==================== One Month Modified Files and Folders =======
 

2014-07-12 11:01 - 2014-07-12 11:00 - 00022580 _____ () C:\Users\HDS\Downloads\FRST.txt

2014-07-12 11:01 - 2014-07-07 18:41 - 00000000 ____D () C:\FRST

2014-07-12 11:00 - 2014-07-12 10:59 - 02084864 _____ (Farbar) C:\Users\HDS\Downloads\FRST64.exe

2014-07-12 11:00 - 2009-07-14 06:45 - 00018816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-07-12 11:00 - 2009-07-14 06:45 - 00018816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-07-12 10:53 - 2014-01-05 13:18 - 00000000 ____D () C:\Users\HDS\AppData\Local\HTC MediaHub

2014-07-12 10:53 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-07-12 10:53 - 2009-07-14 06:51 - 00060309 _____ () C:\Windows\setupact.log

2014-07-12 10:52 - 2014-01-04 11:59 - 00263276 _____ () C:\Windows\PFRO.log

2014-07-12 10:51 - 2014-04-23 17:06 - 00000000 ____D () C:\AdwCleaner

2014-07-12 10:51 - 2014-01-03 19:14 - 01580324 _____ () C:\Windows\WindowsUpdate.log

2014-07-12 10:48 - 2014-07-12 10:13 - 01348263 _____ () C:\Users\HDS\Desktop\adwcleaner_3.215.exe

2014-07-12 10:45 - 2014-07-12 10:45 - 00000887 _____ () C:\Users\HDS\Desktop\JRT.txt

2014-07-12 10:38 - 2014-07-12 10:38 - 01016261 _____ (Thisisu) C:\Users\HDS\Desktop\JRT.exe

2014-07-12 10:33 - 2014-04-23 15:42 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-07-12 10:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat

2014-07-12 10:28 - 2014-01-04 14:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-07-12 10:27 - 2014-01-04 13:52 - 00001617 _____ () C:\Windows\BRRBCOM.INI

2014-07-12 09:56 - 2014-07-12 09:56 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-12 09:56 - 2014-07-12 09:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-12 09:56 - 2014-07-12 09:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-07-11 18:45 - 2014-01-14 16:49 - 00017920 _____ () C:\Users\HDS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-07-11 12:41 - 2014-01-05 11:34 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\CoreFTP

2014-07-11 12:01 - 2014-07-11 12:01 - 00000000 ____D () C:\Users\HDS\Documents\Canon Utilities

2014-07-10 19:18 - 2009-07-14 19:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat

2014-07-10 19:18 - 2009-07-14 19:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat

2014-07-10 19:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-07-10 13:51 - 2014-01-04 09:54 - 00000000 ____D () C:\ProgramData\Adobe

2014-07-10 12:44 - 2014-01-04 17:50 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Adobe

2014-07-10 08:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache

2014-07-10 07:36 - 2009-07-14 06:45 - 00369552 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-07-10 07:34 - 2014-06-04 05:15 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-07-10 07:34 - 2009-07-14 20:18 - 00000000 ____D () C:\Program Files\Windows Journal

2014-07-10 07:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism

2014-07-10 07:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism

2014-07-09 21:52 - 2014-01-05 09:57 - 00000000 ____D () C:\Windows\system32\MRT

2014-07-09 21:52 - 2014-01-04 10:06 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-07-09 21:48 - 2014-01-05 09:57 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-07-09 19:58 - 2014-07-09 19:58 - 05216105 _____ () C:\Users\HDS\Desktop\ComboFix.exe

2014-07-09 19:28 - 2014-01-04 14:48 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-07-09 19:28 - 2014-01-04 14:48 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-07-09 19:28 - 2014-01-03 19:44 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-07-07 21:51 - 2014-07-07 21:51 - 909476139 _____ () C:\Windows\MEMORY.DMP

2014-07-07 21:51 - 2014-07-07 21:51 - 00455752 _____ () C:\Windows\Minidump\070714-46347-01.dmp

2014-07-07 21:51 - 2014-07-07 21:51 - 00000000 ____D () C:\Windows\Minidump

2014-07-07 21:51 - 2014-01-03 20:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-07-07 20:23 - 2014-07-07 20:23 - 00003301 _____ () C:\Users\HDS\Desktop\Gmer.txt

2014-07-07 18:36 - 2014-07-07 18:36 - 00000000 _____ () C:\Users\HDS\defogger_reenable

2014-07-07 18:36 - 2014-01-04 17:50 - 00000000 ____D () C:\Users\HDS

2014-07-07 15:11 - 2014-07-07 15:11 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Thunderbird

2014-07-07 13:11 - 2014-07-07 13:11 - 00002098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk

2014-07-07 13:11 - 2014-07-07 13:11 - 00002086 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk

2014-07-07 13:11 - 2014-07-07 13:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

2014-07-07 12:38 - 2014-07-07 12:38 - 00000000 ____D () C:\Users\HDS\AppData\Local\Thunderbird

2014-07-05 08:19 - 2014-01-05 11:57 - 00001841 _____ () C:\Windows\system32\TeamViewer9_Hooks.log

2014-07-05 08:19 - 2014-01-05 11:56 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk

2014-07-05 08:19 - 2014-01-05 11:56 - 00001090 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk

2014-07-03 21:36 - 2014-04-05 16:09 - 00000000 ___RD () C:\Users\HDS\Dropbox

2014-07-03 16:52 - 2014-04-05 16:06 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Dropbox

2014-07-03 16:49 - 2014-06-28 15:09 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\DropboxMaster

2014-07-03 08:56 - 2014-07-03 08:56 - 00000000 ____D () C:\Users\HDS\AppData\Local\G DATA

2014-07-03 08:41 - 2014-07-03 08:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity

2014-07-03 08:41 - 2014-04-10 14:04 - 00020992 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBFlt64.sys

2014-07-03 08:41 - 2014-04-10 14:04 - 00001978 _____ () C:\Users\Public\Desktop\G Data InternetSecurity.lnk

2014-07-03 08:41 - 2014-01-03 20:03 - 00064000 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys

2014-07-03 08:41 - 2014-01-03 20:02 - 00064000 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys

2014-07-03 08:41 - 2014-01-03 20:02 - 00061440 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys

2014-07-03 08:40 - 2014-01-05 13:17 - 00053328 _____ () C:\Windows\DPINST.LOG

2014-07-03 08:40 - 2014-01-03 20:02 - 00142336 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys

2014-07-03 08:40 - 2014-01-03 20:02 - 00055808 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys

2014-07-02 17:31 - 2014-01-05 10:50 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\vlc

2014-07-02 14:01 - 2014-01-22 18:39 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\KeePass

2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreemakeVideoConverter

2014-07-02 11:05 - 2014-07-02 11:05 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake

2014-07-02 11:05 - 2014-01-16 16:28 - 00001320 _____ () C:\Users\Public\Desktop\Freemake Video Converter.lnk

2014-07-02 11:05 - 2014-01-16 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake

2014-06-30 04:09 - 2014-07-09 07:59 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-06-30 04:04 - 2014-07-09 07:59 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-06-29 16:14 - 2014-01-05 11:58 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Skype

2014-06-29 13:30 - 2014-03-28 18:36 - 00000000 ___RD () C:\Program Files (x86)\Skype

2014-06-29 13:30 - 2014-01-05 11:58 - 00000000 ____D () C:\ProgramData\Skype

2014-06-28 15:09 - 2014-04-05 16:09 - 00001011 _____ () C:\Users\HDS\Desktop\Dropbox.lnk

2014-06-24 14:22 - 2014-06-24 14:22 - 00001132 _____ () C:\Users\Public\Desktop\freenetMail Dateimanager.lnk

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\freenet

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\freenetMail Dateimanager

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\freenet

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Program Files (x86)\freenetMail Dateimanager

2014-06-20 22:14 - 2014-07-09 07:59 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-06-20 21:39 - 2014-07-09 07:59 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-06-20 08:40 - 2014-06-20 07:43 - 00000000 ____D () C:\Users\HDS\Documents\Add-in Express

2014-06-20 07:47 - 2014-06-20 07:47 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreeOCR

2014-06-20 07:47 - 2014-06-20 07:44 - 00000000 ____D () C:\FreeOCR

2014-06-20 07:44 - 2014-06-20 07:44 - 00000590 _____ () C:\Users\HDS\Desktop\FreeOCR.lnk

2014-06-20 07:44 - 2014-06-20 07:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOCR

2014-06-20 07:43 - 2014-06-20 07:43 - 00000000 ____D () C:\Program Files (x86)\PrintEco

2014-06-19 03:39 - 2014-07-09 07:59 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-06-19 03:06 - 2014-07-09 07:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-06-19 03:06 - 2014-07-09 07:59 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-06-19 02:48 - 2014-07-09 07:59 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-06-19 02:42 - 2014-07-09 07:59 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-06-19 02:42 - 2014-07-09 07:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-06-19 02:41 - 2014-07-09 07:59 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-06-19 02:41 - 2014-07-09 07:59 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-06-19 02:32 - 2014-07-09 07:59 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-06-19 02:31 - 2014-07-09 07:59 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-06-19 02:26 - 2014-07-09 07:59 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-06-19 02:24 - 2014-07-09 07:59 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-06-19 02:24 - 2014-07-09 07:59 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-06-19 02:23 - 2014-07-09 07:59 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-06-19 02:16 - 2014-07-09 07:59 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-06-19 02:14 - 2014-07-09 07:59 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-06-19 02:09 - 2014-07-09 07:59 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-06-19 01:59 - 2014-07-09 07:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-06-19 01:56 - 2014-07-09 07:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-06-19 01:53 - 2014-07-09 07:59 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-06-19 01:51 - 2014-07-09 07:59 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-06-19 01:50 - 2014-07-09 07:59 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-06-19 01:48 - 2014-07-09 07:59 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-06-19 01:39 - 2014-07-09 07:59 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-06-19 01:38 - 2014-07-09 07:59 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-06-19 01:37 - 2014-07-09 07:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-06-19 01:36 - 2014-07-09 07:59 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-06-19 01:35 - 2014-07-09 07:59 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-06-19 01:33 - 2014-07-09 07:59 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-06-19 01:32 - 2014-07-09 07:59 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-06-19 01:28 - 2014-07-09 07:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-06-19 01:28 - 2014-07-09 07:59 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-06-19 01:27 - 2014-07-09 07:59 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-06-19 01:27 - 2014-07-09 07:59 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-06-19 01:25 - 2014-07-09 07:59 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-06-19 01:23 - 2014-07-09 07:59 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-06-19 01:22 - 2014-07-09 07:59 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-06-19 01:12 - 2014-07-09 07:59 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-06-19 01:06 - 2014-07-09 07:59 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-06-19 01:01 - 2014-07-09 07:59 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-06-19 00:59 - 2014-07-09 07:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-06-19 00:58 - 2014-07-09 07:59 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-06-19 00:58 - 2014-07-09 07:59 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-06-19 00:52 - 2014-07-09 07:59 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-06-19 00:51 - 2014-07-09 07:59 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-06-19 00:49 - 2014-07-09 07:59 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-06-19 00:46 - 2014-07-09 07:59 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-06-19 00:45 - 2014-07-09 07:59 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-06-19 00:35 - 2014-07-09 07:59 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-06-19 00:34 - 2014-07-09 07:59 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-06-19 00:15 - 2014-07-09 07:59 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-06-19 00:13 - 2014-07-09 07:59 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-06-19 00:09 - 2014-07-09 07:59 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-06-19 00:07 - 2014-07-09 07:59 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-06-18 17:58 - 2014-01-04 12:07 - 00000871 _____ () C:\Users\Public\Desktop\VLC media player.lnk

2014-06-18 16:18 - 2014-06-18 16:12 - 00000000 ____D () C:\Users\HDS\Documents\Fax

2014-06-18 09:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help

2014-06-18 09:46 - 2014-06-18 09:46 - 00003090 _____ () C:\Windows\System32\Tasks\{05AE3A2C-E679-448E-AB6E-97F7FFBF0FD5}

2014-06-18 09:43 - 2014-01-04 13:21 - 00002669 _____ () C:\Users\Public\Desktop\TAXMAN 2014 spezial.lnk

2014-06-18 09:43 - 2014-01-03 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware

2014-06-18 04:18 - 2014-07-09 07:59 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe

2014-06-18 03:51 - 2014-07-09 07:59 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe

2014-06-18 03:10 - 2014-07-09 07:59 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-06-17 12:14 - 2014-01-04 17:50 - 00096280 _____ () C:\Users\HDS\AppData\Local\GDIPFONTCACHEV1.DAT

2014-06-17 12:09 - 2014-06-17 12:09 - 00001119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 6.0.lnk

2014-06-17 12:09 - 2014-06-17 12:09 - 00001107 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 6.0.lnk

2014-06-17 12:06 - 2014-06-17 12:06 - 01628920 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxsfs.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00547576 ____N (Sonic Solutions) C:\Windows\SysWOW64\px.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00510712 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxdrv.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00379640 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxwave.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00187128 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxmas.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00129784 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxafs.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00118520 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsi64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00116472 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpyi64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00072440 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxhpinst.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsa64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpya64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00052856 ____N (Sonic Solutions) C:\Windows\system32\Drivers\PxHlpa64.sys

2014-06-17 12:06 - 2014-06-17 12:06 - 00039672 ____N (Sonic Solutions) C:\Windows\SysWOW64\vxblock.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdralw2k.sys

2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdr4_xp.sys

2014-06-17 12:06 - 2014-01-04 11:53 - 00000209 _____ () C:\Windows\ODBCINST.INI

2014-06-17 12:06 - 2014-01-04 09:53 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-06-17 12:03 - 2014-02-19 18:37 - 00000000 ____D () C:\Users\Hans-Dieter\AppData\Roaming\Adobe

2014-06-17 12:03 - 2014-01-04 15:43 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe

2014-06-17 10:53 - 2014-03-27 18:12 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-06-17 10:53 - 2014-01-05 13:05 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-06-17 10:48 - 2014-03-27 18:12 - 00004118 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-06-17 10:48 - 2014-01-05 13:05 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-06-17 08:47 - 2014-01-18 14:52 - 00007906 _____ () C:\Users\HDS\Documents\capella.log

2014-06-16 17:26 - 2014-06-13 17:19 - 00000000 ____D () C:\Users\HDS\AppData\Local\Adobe

2014-06-15 15:50 - 2014-01-22 18:37 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk

2014-06-15 15:50 - 2014-01-22 18:37 - 00001105 _____ () C:\Users\HDS\Desktop\KeePass 2.lnk

2014-06-15 15:50 - 2014-01-22 18:37 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2

2014-06-15 12:53 - 2014-01-05 10:30 - 00000000 ____D () C:\Users\HDS\Documents\MyHeritage

2014-06-13 20:21 - 2014-06-13 20:21 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\eXPert PDF 5

2014-06-13 20:17 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp

2014-06-13 07:12 - 2014-02-25 16:15 - 00000000 ____D () C:\Program Files (x86)\AntiBrowserSpy

2014-06-13 07:11 - 2014-06-03 18:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-06-12 17:21 - 2014-01-03 20:51 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2014-06-12 17:21 - 2014-01-03 20:51 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
 

Some content of TEMP:

====================

C:\Users\HDS\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe

C:\Users\HDS\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpl_pmpy.dll

C:\Users\HDS\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsbry6o.dll

C:\Users\HDS\AppData\Local\Temp\FreemakeVideoConverter_4.1.4.1.exe

C:\Users\HDS\AppData\Local\Temp\FreemakeVideoDownloader_3.6.2.3.exe

C:\Users\HDS\AppData\Local\Temp\NOSEventMessages.dll

C:\Users\HDS\AppData\Local\Temp\Quarantine.exe

C:\Users\HDS\AppData\Local\Temp\vlc-2.1.4-win64.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-07-08 07:47
 

==================== End Of Log ============================

 
--- --- ---
 

--- --- ---

masin

12.07.2014 10:40

Pardon, habe die frst.txt falsch gepostet
FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-07-2014

Ran by HDS (administrator) on HDS-NEU2 on 12-07-2014 11:00:54

Running from C:\Users\HDS\Downloads

Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11

Boot Mode: Normal
 

The only official download link for FRST:

Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 

Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
 

==================== Processes (Whitelisted) =================
 

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe

(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe

() C:\Program Files (x86)\AntiBrowserSpy\SocialBlock_ProxyCheck.exe

() C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe

() C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe

(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe

() C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe

(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe

(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

() C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe

() C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe

() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe

(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe

(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe

(freenet.de GmbH) C:\Program Files (x86)\freenetMail Dateimanager\DBDDsktDrvTrayApp.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe

(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe

(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe

(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519408 2013-07-18] (Acronis)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8067616 2009-08-18] (Realtek Semiconductor)

HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-05-17] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1756792 2014-05-20] (G Data Software AG)

HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2014-01-04] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104616 2013-10-10] (Acronis International GmbH)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)

HKLM-x32\...\Run: [Adobe Photo Downloader] => C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe [67488 2007-09-11] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [freenet.de Dateimanager Taskleistensymbol] => C:\Program Files (x86)\freenetMail Dateimanager\DBDDsktDrvTrayApp.exe [142336 2009-01-22] (freenet.de GmbH)

HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,

Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)

HKU\S-1-5-21-1477405295-139641872-1139874065-1005\...\Run: [dradio-RecorderTimer] => C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe [41472 2012-04-03] ()

HKU\S-1-5-21-1477405295-139641872-1139874065-1005\...\Run: [] => [X]

HKU\S-1-5-21-1477405295-139641872-1139874065-1005\...\MountPoints2: {0eb18823-749a-11e3-9f74-806e6f6e6963} - F:\Autoplay.exe -auto

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()

ShellIconOverlayIdentifiers: AcronisSyncError -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()

ShellIconOverlayIdentifiers: AcronisSyncInProgress -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()

ShellIconOverlayIdentifiers: AcronisSyncOk -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()

BootExecute: autocheck autochk * auto_reactivate \\?\Volume{0eb18820-749a-11e3-9f74-806e6f6e6963}\bootwiz\asrm.bin
 

==================== Internet (Whitelisted) ====================
 

ProxyEnable: Internet Explorer proxy is enabled.

ProxyServer: localhost:8088

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

SearchScopes: HKLM - DefaultScope {71CA019B-6980-4703-BBEF-AAA0CC218409} URL = hxxp://www.sm.de/?q={searchTerms}

SearchScopes: HKLM - {71CA019B-6980-4703-BBEF-AAA0CC218409} URL = hxxp://www.sm.de/?q={searchTerms}

SearchScopes: HKLM-x32 - DefaultScope value is missing.

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: PrintEco - {BEB54677-E12F-44E7-AC7E-48241B866B5F} - C:\Program Files (x86)\PrintEco\PrintEco Office\adxloader64.dll ()

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: PrintEco - {BEB54677-E12F-44E7-AC7E-48241B866B5F} - C:\Program Files (x86)\PrintEco\PrintEco Office\adxloader.dll ()

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Hosts: 127.0.0.1 google-analytics.com

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

FireFox:

========

FF ProfilePath: C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default

FF DefaultSearchEngine: Wikipedia (de)

FF SelectedSearchEngine: Wikipedia (de)

FF Homepage: about:home

FF NetworkProxy: "ftp", "87.250.52.230"

FF NetworkProxy: "ftp_port", 8080

FF NetworkProxy: "http", "87.250.52.230"

FF NetworkProxy: "http_port", 8080

FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"

FF NetworkProxy: "share_proxy_settings", true

FF NetworkProxy: "socks", "87.250.52.230"

FF NetworkProxy: "socks_port", 8080

FF NetworkProxy: "ssl", "87.250.52.230"

FF NetworkProxy: "ssl_port", 8080

FF NetworkProxy: "type", 0

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()

FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)

FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @phonostar.de/phonostar - C:\Program Files (x86)\dradio-Recorder\npphonostarDetectNP.dll No File

FF SearchPlugin: C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\searchplugins\wikipdia-fr.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: FRITZ!Box AddOn - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\fb_add_on@avm.de [2014-01-04]

FF Extension: Nokia Maps 3D browser plugin - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\maps@ovi.com [2014-01-04]

FF Extension: WOT - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-01-12]

FF Extension: DownloadHelper - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-26]

FF Extension: anonymoX - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\client@anonymox.net.xpi [2014-01-04]

FF Extension: Preispilot - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\extension@preispilot.com.xpi [2014-01-04]

FF Extension: CleanTube - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\jid0-Oh6YfHwkh8Cb1Y4efKhBukwKfB0@jetpack.xpi [2014-01-04]

FF Extension: Safe Preview - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\safepreview@everhelper.me.xpi [2014-01-07]

FF Extension: Stealthy - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\stealthyextension@gmail.com.xpi [2014-01-04]

FF Extension: Webutation - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{15fe27f3-e5ab-2d59-4c5c-dadc7945bdbd}.xpi [2014-01-07]

FF Extension: Google Analytics Opt-out Browser Add-on - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2014-01-04]

FF Extension: NoScript - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-03-01]

FF Extension: Youtube Converter MP3 - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{a3a5c777-f583-4fef-9380-ab4add1bc2a5}.xpi [2014-01-04]

FF Extension: Go To Google - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{BCC877E7-7F3F-4632-8338-DAEE4475DE35}.xpi [2014-01-04]

FF Extension: Adblock Plus - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-04]

FF Extension: Fox!Box - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi [2014-01-04]

FF Extension: QuickJava - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2014-01-04]

FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt

FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-01-04]

FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com

FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-01-16]

FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com

FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-01-16]

FF HKLM-x32\...\Firefox\Extensions: [jid0-1wPBLrijxGVkIUhu0kFYq6ZaWzA@jetpack] - C:\Program Files (x86)\AntiBrowserSpy\Addons\Firefox

FF Extension: AntiBrowserSpy - SocialBlocker - C:\Program Files (x86)\AntiBrowserSpy\Addons\Firefox [2014-02-25]

FF HKLM-x32\...\Firefox\Extensions: [firefox@printecosoftware.com] - C:\Program Files (x86)\PrintEco\PrintEco Office\firefox@printecosoftware.com.xpi

FF Extension: PrintEco - C:\Program Files (x86)\PrintEco\PrintEco Office\firefox@printecosoftware.com.xpi [2014-03-17]
 

==================== Services (Whitelisted) =================
 

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-01-06] (Adobe Systems) [File not signed]

R2 AdobeActiveFileMonitor6.0; C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] ()

R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2250360 2014-05-27] (G Data Software AG)

R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)

R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2683760 2014-05-20] (G Data Software AG)

R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]

R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-05-27] (Freemake) [File not signed]

S4 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-01-13] (Ellora Assets Corp.) [File not signed]

R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3203392 2014-05-20] (G Data Software AG)

R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700536 2014-05-20] (G Data Software AG)

R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-18] (Nero AG)

R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]

R2 OS Selector; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2155848 2011-11-15] ()

R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]

S4 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)

S4 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)

S3 Mtpip000ode; No ImagePath
 

==================== Drivers (Whitelisted) ====================
 

R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2009-06-10] (AVM GmbH)

R3 FPCIBASE; C:\Windows\System32\DRIVERS\fpcibase.sys [899328 2009-06-10] (AVM Berlin)

R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [55808 2014-07-03] (G Data Software AG)

R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2014-07-03] (G Data Software AG)

R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [142336 2014-07-03] (G Data Software AG)

R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [64000 2014-07-03] (G Data Software AG)

R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64000 2014-07-03] (G Data Software AG)

R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2014-03-06] (G Data Software)

R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [61440 2014-07-03] (G Data Software AG)

S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)

S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-12] (Malwarebytes Corporation)

R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)

R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)

R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)

S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-01-04] (Acronis International GmbH)

R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-01-04] (Acronis International GmbH)

R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-01-04] (Acronis International GmbH)

S3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0; \??\c:\program files\my dell\pcdsrvc_x64.pkms [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-07-12 11:00 - 2014-07-12 11:00 - 00022580 _____ () C:\Users\HDS\Downloads\FRST.txt

2014-07-12 10:59 - 2014-07-12 11:00 - 02084864 _____ (Farbar) C:\Users\HDS\Downloads\FRST64.exe

2014-07-12 10:45 - 2014-07-12 10:45 - 00000887 _____ () C:\Users\HDS\Desktop\JRT.txt

2014-07-12 10:38 - 2014-07-12 10:38 - 01016261 _____ (Thisisu) C:\Users\HDS\Desktop\JRT.exe

2014-07-12 10:13 - 2014-07-12 10:48 - 01348263 _____ () C:\Users\HDS\Desktop\adwcleaner_3.215.exe

2014-07-12 09:56 - 2014-07-12 09:56 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-12 09:56 - 2014-07-12 09:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-12 09:55 - 2014-07-12 09:56 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-07-12 09:55 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-07-12 09:55 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-07-12 09:55 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-07-11 12:01 - 2014-07-11 12:01 - 00000000 ____D () C:\Users\HDS\Documents\Canon Utilities

2014-07-09 19:58 - 2014-07-09 19:58 - 05216105 _____ () C:\Users\HDS\Desktop\ComboFix.exe

2014-07-09 07:59 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-07-09 07:59 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-07-09 07:59 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-07-09 07:59 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-07-09 07:59 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-07-09 07:59 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-07-09 07:59 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-07-09 07:59 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-07-09 07:59 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-07-09 07:59 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-07-09 07:59 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-07-09 07:59 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-07-09 07:59 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-07-09 07:59 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-07-09 07:59 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-07-09 07:59 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-07-09 07:59 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-07-09 07:59 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-07-09 07:59 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-07-09 07:59 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-07-09 07:59 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-07-09 07:59 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-07-09 07:59 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-07-09 07:59 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-07-09 07:59 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-07-09 07:59 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-07-09 07:59 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-07-09 07:59 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-07-09 07:59 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-07-09 07:59 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-07-09 07:59 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-07-09 07:59 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-07-09 07:59 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-07-09 07:59 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-07-09 07:59 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-07-09 07:59 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-07-09 07:59 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-07-09 07:59 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-07-09 07:59 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-07-09 07:59 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-07-09 07:59 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-07-09 07:59 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-07-09 07:59 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-07-09 07:59 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-07-09 07:59 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-07-09 07:59 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-07-09 07:59 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-07-09 07:59 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-07-09 07:59 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-07-09 07:59 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-07-09 07:59 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-07-09 07:59 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-07-09 07:59 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-07-09 07:59 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-07-09 07:59 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-07-09 07:59 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-07-09 07:59 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-07-09 07:59 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-07-09 07:59 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe

2014-07-09 07:59 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe

2014-07-09 07:59 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-07-09 07:59 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2014-07-09 07:59 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2014-07-09 07:59 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2014-07-09 07:54 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-07-09 07:54 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2014-07-09 07:54 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2014-07-09 07:54 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2014-07-09 07:54 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2014-07-09 07:54 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2014-07-09 07:54 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2014-07-09 07:54 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-07-09 07:54 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2014-07-09 07:54 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2014-07-09 07:54 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2014-07-09 07:54 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2014-07-09 07:54 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2014-07-09 07:54 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2014-07-09 07:49 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-07-09 07:49 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2014-07-09 07:49 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2014-07-07 21:51 - 2014-07-07 21:51 - 909476139 _____ () C:\Windows\MEMORY.DMP

2014-07-07 21:51 - 2014-07-07 21:51 - 00455752 _____ () C:\Windows\Minidump\070714-46347-01.dmp

2014-07-07 21:51 - 2014-07-07 21:51 - 00000000 ____D () C:\Windows\Minidump

2014-07-07 20:23 - 2014-07-07 20:23 - 00003301 _____ () C:\Users\HDS\Desktop\Gmer.txt

2014-07-07 18:41 - 2014-07-12 11:01 - 00000000 ____D () C:\FRST

2014-07-07 18:36 - 2014-07-07 18:36 - 00000000 _____ () C:\Users\HDS\defogger_reenable

2014-07-07 15:11 - 2014-07-07 15:11 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Thunderbird

2014-07-07 13:11 - 2014-07-07 13:11 - 00002098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk

2014-07-07 13:11 - 2014-07-07 13:11 - 00002086 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk

2014-07-07 13:11 - 2014-07-07 13:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

2014-07-07 12:38 - 2014-07-07 12:38 - 00000000 ____D () C:\Users\HDS\AppData\Local\Thunderbird

2014-07-03 08:56 - 2014-07-03 08:56 - 00000000 ____D () C:\Users\HDS\AppData\Local\G DATA

2014-07-03 08:41 - 2014-07-03 08:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity

2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreemakeVideoConverter

2014-07-02 11:05 - 2014-07-02 11:05 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake

2014-06-28 15:09 - 2014-07-03 16:49 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\DropboxMaster

2014-06-24 14:22 - 2014-06-24 14:22 - 00001132 _____ () C:\Users\Public\Desktop\freenetMail Dateimanager.lnk

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\freenet

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\freenetMail Dateimanager

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\freenet

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Program Files (x86)\freenetMail Dateimanager

2014-06-20 07:47 - 2014-06-20 07:47 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreeOCR

2014-06-20 07:44 - 2014-06-20 07:47 - 00000000 ____D () C:\FreeOCR

2014-06-20 07:44 - 2014-06-20 07:44 - 00000590 _____ () C:\Users\HDS\Desktop\FreeOCR.lnk

2014-06-20 07:44 - 2014-06-20 07:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOCR

2014-06-20 07:44 - 2007-03-10 10:11 - 02680320 _____ (HiComponents) C:\Windows\SysWOW64\ImageEnXLibrary.ocx

2014-06-20 07:43 - 2014-06-20 08:40 - 00000000 ____D () C:\Users\HDS\Documents\Add-in Express

2014-06-20 07:43 - 2014-06-20 07:43 - 00000000 ____D () C:\Program Files (x86)\PrintEco

2014-06-18 16:12 - 2014-06-18 16:18 - 00000000 ____D () C:\Users\HDS\Documents\Fax

2014-06-18 09:46 - 2014-06-18 09:46 - 00003090 _____ () C:\Windows\System32\Tasks\{05AE3A2C-E679-448E-AB6E-97F7FFBF0FD5}

2014-06-17 12:09 - 2014-06-17 12:09 - 00001119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 6.0.lnk

2014-06-17 12:09 - 2014-06-17 12:09 - 00001107 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 6.0.lnk

2014-06-17 12:06 - 2014-06-17 12:06 - 01628920 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxsfs.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00547576 ____N (Sonic Solutions) C:\Windows\SysWOW64\px.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00510712 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxdrv.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00379640 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxwave.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00187128 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxmas.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00129784 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxafs.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00118520 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsi64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00116472 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpyi64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00072440 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxhpinst.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsa64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpya64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00052856 ____N (Sonic Solutions) C:\Windows\system32\Drivers\PxHlpa64.sys

2014-06-17 12:06 - 2014-06-17 12:06 - 00039672 ____N (Sonic Solutions) C:\Windows\SysWOW64\vxblock.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdralw2k.sys

2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdr4_xp.sys

2014-06-13 20:21 - 2014-06-13 20:21 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\eXPert PDF 5

2014-06-13 17:19 - 2014-06-16 17:26 - 00000000 ____D () C:\Users\HDS\AppData\Local\Adobe
 

==================== One Month Modified Files and Folders =======
 

2014-07-12 11:01 - 2014-07-12 11:00 - 00022580 _____ () C:\Users\HDS\Downloads\FRST.txt

2014-07-12 11:01 - 2014-07-07 18:41 - 00000000 ____D () C:\FRST

2014-07-12 11:00 - 2014-07-12 10:59 - 02084864 _____ (Farbar) C:\Users\HDS\Downloads\FRST64.exe

2014-07-12 11:00 - 2009-07-14 06:45 - 00018816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-07-12 11:00 - 2009-07-14 06:45 - 00018816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-07-12 10:53 - 2014-01-05 13:18 - 00000000 ____D () C:\Users\HDS\AppData\Local\HTC MediaHub

2014-07-12 10:53 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-07-12 10:53 - 2009-07-14 06:51 - 00060309 _____ () C:\Windows\setupact.log

2014-07-12 10:52 - 2014-01-04 11:59 - 00263276 _____ () C:\Windows\PFRO.log

2014-07-12 10:51 - 2014-04-23 17:06 - 00000000 ____D () C:\AdwCleaner

2014-07-12 10:51 - 2014-01-03 19:14 - 01580324 _____ () C:\Windows\WindowsUpdate.log

2014-07-12 10:48 - 2014-07-12 10:13 - 01348263 _____ () C:\Users\HDS\Desktop\adwcleaner_3.215.exe

2014-07-12 10:45 - 2014-07-12 10:45 - 00000887 _____ () C:\Users\HDS\Desktop\JRT.txt

2014-07-12 10:38 - 2014-07-12 10:38 - 01016261 _____ (Thisisu) C:\Users\HDS\Desktop\JRT.exe

2014-07-12 10:33 - 2014-04-23 15:42 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-07-12 10:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat

2014-07-12 10:28 - 2014-01-04 14:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-07-12 10:27 - 2014-01-04 13:52 - 00001617 _____ () C:\Windows\BRRBCOM.INI

2014-07-12 09:56 - 2014-07-12 09:56 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-12 09:56 - 2014-07-12 09:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-12 09:56 - 2014-07-12 09:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-07-11 18:45 - 2014-01-14 16:49 - 00017920 _____ () C:\Users\HDS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-07-11 12:41 - 2014-01-05 11:34 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\CoreFTP

2014-07-11 12:01 - 2014-07-11 12:01 - 00000000 ____D () C:\Users\HDS\Documents\Canon Utilities

2014-07-10 19:18 - 2009-07-14 19:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat

2014-07-10 19:18 - 2009-07-14 19:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat

2014-07-10 19:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-07-10 13:51 - 2014-01-04 09:54 - 00000000 ____D () C:\ProgramData\Adobe

2014-07-10 12:44 - 2014-01-04 17:50 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Adobe

2014-07-10 08:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache

2014-07-10 07:36 - 2009-07-14 06:45 - 00369552 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-07-10 07:34 - 2014-06-04 05:15 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-07-10 07:34 - 2009-07-14 20:18 - 00000000 ____D () C:\Program Files\Windows Journal

2014-07-10 07:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism

2014-07-10 07:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism

2014-07-09 21:52 - 2014-01-05 09:57 - 00000000 ____D () C:\Windows\system32\MRT

2014-07-09 21:52 - 2014-01-04 10:06 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-07-09 21:48 - 2014-01-05 09:57 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-07-09 19:58 - 2014-07-09 19:58 - 05216105 _____ () C:\Users\HDS\Desktop\ComboFix.exe

2014-07-09 19:28 - 2014-01-04 14:48 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-07-09 19:28 - 2014-01-04 14:48 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-07-09 19:28 - 2014-01-03 19:44 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-07-07 21:51 - 2014-07-07 21:51 - 909476139 _____ () C:\Windows\MEMORY.DMP

2014-07-07 21:51 - 2014-07-07 21:51 - 00455752 _____ () C:\Windows\Minidump\070714-46347-01.dmp

2014-07-07 21:51 - 2014-07-07 21:51 - 00000000 ____D () C:\Windows\Minidump

2014-07-07 21:51 - 2014-01-03 20:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-07-07 20:23 - 2014-07-07 20:23 - 00003301 _____ () C:\Users\HDS\Desktop\Gmer.txt

2014-07-07 18:36 - 2014-07-07 18:36 - 00000000 _____ () C:\Users\HDS\defogger_reenable

2014-07-07 18:36 - 2014-01-04 17:50 - 00000000 ____D () C:\Users\HDS

2014-07-07 15:11 - 2014-07-07 15:11 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Thunderbird

2014-07-07 13:11 - 2014-07-07 13:11 - 00002098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk

2014-07-07 13:11 - 2014-07-07 13:11 - 00002086 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk

2014-07-07 13:11 - 2014-07-07 13:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

2014-07-07 12:38 - 2014-07-07 12:38 - 00000000 ____D () C:\Users\HDS\AppData\Local\Thunderbird

2014-07-05 08:19 - 2014-01-05 11:57 - 00001841 _____ () C:\Windows\system32\TeamViewer9_Hooks.log

2014-07-05 08:19 - 2014-01-05 11:56 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk

2014-07-05 08:19 - 2014-01-05 11:56 - 00001090 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk

2014-07-03 21:36 - 2014-04-05 16:09 - 00000000 ___RD () C:\Users\HDS\Dropbox

2014-07-03 16:52 - 2014-04-05 16:06 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Dropbox

2014-07-03 16:49 - 2014-06-28 15:09 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\DropboxMaster

2014-07-03 08:56 - 2014-07-03 08:56 - 00000000 ____D () C:\Users\HDS\AppData\Local\G DATA

2014-07-03 08:41 - 2014-07-03 08:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity

2014-07-03 08:41 - 2014-04-10 14:04 - 00020992 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBFlt64.sys

2014-07-03 08:41 - 2014-04-10 14:04 - 00001978 _____ () C:\Users\Public\Desktop\G Data InternetSecurity.lnk

2014-07-03 08:41 - 2014-01-03 20:03 - 00064000 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys

2014-07-03 08:41 - 2014-01-03 20:02 - 00064000 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys

2014-07-03 08:41 - 2014-01-03 20:02 - 00061440 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys

2014-07-03 08:40 - 2014-01-05 13:17 - 00053328 _____ () C:\Windows\DPINST.LOG

2014-07-03 08:40 - 2014-01-03 20:02 - 00142336 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys

2014-07-03 08:40 - 2014-01-03 20:02 - 00055808 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys

2014-07-02 17:31 - 2014-01-05 10:50 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\vlc

2014-07-02 14:01 - 2014-01-22 18:39 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\KeePass

2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreemakeVideoConverter

2014-07-02 11:05 - 2014-07-02 11:05 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake

2014-07-02 11:05 - 2014-01-16 16:28 - 00001320 _____ () C:\Users\Public\Desktop\Freemake Video Converter.lnk

2014-07-02 11:05 - 2014-01-16 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake

2014-06-30 04:09 - 2014-07-09 07:59 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-06-30 04:04 - 2014-07-09 07:59 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-06-29 16:14 - 2014-01-05 11:58 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Skype

2014-06-29 13:30 - 2014-03-28 18:36 - 00000000 ___RD () C:\Program Files (x86)\Skype

2014-06-29 13:30 - 2014-01-05 11:58 - 00000000 ____D () C:\ProgramData\Skype

2014-06-28 15:09 - 2014-04-05 16:09 - 00001011 _____ () C:\Users\HDS\Desktop\Dropbox.lnk

2014-06-24 14:22 - 2014-06-24 14:22 - 00001132 _____ () C:\Users\Public\Desktop\freenetMail Dateimanager.lnk

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\freenet

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\freenetMail Dateimanager

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\freenet

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Program Files (x86)\freenetMail Dateimanager

2014-06-20 22:14 - 2014-07-09 07:59 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-06-20 21:39 - 2014-07-09 07:59 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-06-20 08:40 - 2014-06-20 07:43 - 00000000 ____D () C:\Users\HDS\Documents\Add-in Express

2014-06-20 07:47 - 2014-06-20 07:47 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreeOCR

2014-06-20 07:47 - 2014-06-20 07:44 - 00000000 ____D () C:\FreeOCR

2014-06-20 07:44 - 2014-06-20 07:44 - 00000590 _____ () C:\Users\HDS\Desktop\FreeOCR.lnk

2014-06-20 07:44 - 2014-06-20 07:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOCR

2014-06-20 07:43 - 2014-06-20 07:43 - 00000000 ____D () C:\Program Files (x86)\PrintEco

2014-06-19 03:39 - 2014-07-09 07:59 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-06-19 03:06 - 2014-07-09 07:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-06-19 03:06 - 2014-07-09 07:59 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-06-19 02:48 - 2014-07-09 07:59 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-06-19 02:42 - 2014-07-09 07:59 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-06-19 02:42 - 2014-07-09 07:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-06-19 02:41 - 2014-07-09 07:59 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-06-19 02:41 - 2014-07-09 07:59 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-06-19 02:32 - 2014-07-09 07:59 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-06-19 02:31 - 2014-07-09 07:59 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-06-19 02:26 - 2014-07-09 07:59 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-06-19 02:24 - 2014-07-09 07:59 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-06-19 02:24 - 2014-07-09 07:59 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-06-19 02:23 - 2014-07-09 07:59 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-06-19 02:16 - 2014-07-09 07:59 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-06-19 02:14 - 2014-07-09 07:59 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-06-19 02:09 - 2014-07-09 07:59 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-06-19 01:59 - 2014-07-09 07:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-06-19 01:56 - 2014-07-09 07:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-06-19 01:53 - 2014-07-09 07:59 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-06-19 01:51 - 2014-07-09 07:59 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-06-19 01:50 - 2014-07-09 07:59 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-06-19 01:48 - 2014-07-09 07:59 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-06-19 01:39 - 2014-07-09 07:59 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-06-19 01:38 - 2014-07-09 07:59 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-06-19 01:37 - 2014-07-09 07:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-06-19 01:36 - 2014-07-09 07:59 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-06-19 01:35 - 2014-07-09 07:59 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-06-19 01:33 - 2014-07-09 07:59 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-06-19 01:32 - 2014-07-09 07:59 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-06-19 01:28 - 2014-07-09 07:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-06-19 01:28 - 2014-07-09 07:59 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-06-19 01:27 - 2014-07-09 07:59 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-06-19 01:27 - 2014-07-09 07:59 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-06-19 01:25 - 2014-07-09 07:59 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-06-19 01:23 - 2014-07-09 07:59 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-06-19 01:22 - 2014-07-09 07:59 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-06-19 01:12 - 2014-07-09 07:59 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-06-19 01:06 - 2014-07-09 07:59 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-06-19 01:01 - 2014-07-09 07:59 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-06-19 00:59 - 2014-07-09 07:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-06-19 00:58 - 2014-07-09 07:59 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-06-19 00:58 - 2014-07-09 07:59 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-06-19 00:52 - 2014-07-09 07:59 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-06-19 00:51 - 2014-07-09 07:59 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-06-19 00:49 - 2014-07-09 07:59 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-06-19 00:46 - 2014-07-09 07:59 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-06-19 00:45 - 2014-07-09 07:59 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-06-19 00:35 - 2014-07-09 07:59 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-06-19 00:34 - 2014-07-09 07:59 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-06-19 00:15 - 2014-07-09 07:59 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-06-19 00:13 - 2014-07-09 07:59 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-06-19 00:09 - 2014-07-09 07:59 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-06-19 00:07 - 2014-07-09 07:59 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-06-18 17:58 - 2014-01-04 12:07 - 00000871 _____ () C:\Users\Public\Desktop\VLC media player.lnk

2014-06-18 16:18 - 2014-06-18 16:12 - 00000000 ____D () C:\Users\HDS\Documents\Fax

2014-06-18 09:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help

2014-06-18 09:46 - 2014-06-18 09:46 - 00003090 _____ () C:\Windows\System32\Tasks\{05AE3A2C-E679-448E-AB6E-97F7FFBF0FD5}

2014-06-18 09:43 - 2014-01-04 13:21 - 00002669 _____ () C:\Users\Public\Desktop\TAXMAN 2014 spezial.lnk

2014-06-18 09:43 - 2014-01-03 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware

2014-06-18 04:18 - 2014-07-09 07:59 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe

2014-06-18 03:51 - 2014-07-09 07:59 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe

2014-06-18 03:10 - 2014-07-09 07:59 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-06-17 12:14 - 2014-01-04 17:50 - 00096280 _____ () C:\Users\HDS\AppData\Local\GDIPFONTCACHEV1.DAT

2014-06-17 12:09 - 2014-06-17 12:09 - 00001119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 6.0.lnk

2014-06-17 12:09 - 2014-06-17 12:09 - 00001107 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 6.0.lnk

2014-06-17 12:06 - 2014-06-17 12:06 - 01628920 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxsfs.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00547576 ____N (Sonic Solutions) C:\Windows\SysWOW64\px.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00510712 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxdrv.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00379640 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxwave.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00187128 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxmas.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00129784 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxafs.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00118520 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsi64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00116472 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpyi64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00072440 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxhpinst.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsa64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpya64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00052856 ____N (Sonic Solutions) C:\Windows\system32\Drivers\PxHlpa64.sys

2014-06-17 12:06 - 2014-06-17 12:06 - 00039672 ____N (Sonic Solutions) C:\Windows\SysWOW64\vxblock.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdralw2k.sys

2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdr4_xp.sys

2014-06-17 12:06 - 2014-01-04 11:53 - 00000209 _____ () C:\Windows\ODBCINST.INI

2014-06-17 12:06 - 2014-01-04 09:53 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-06-17 12:03 - 2014-02-19 18:37 - 00000000 ____D () C:\Users\Hans-Dieter\AppData\Roaming\Adobe

2014-06-17 12:03 - 2014-01-04 15:43 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe

2014-06-17 10:53 - 2014-03-27 18:12 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-06-17 10:53 - 2014-01-05 13:05 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-06-17 10:48 - 2014-03-27 18:12 - 00004118 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-06-17 10:48 - 2014-01-05 13:05 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-06-17 08:47 - 2014-01-18 14:52 - 00007906 _____ () C:\Users\HDS\Documents\capella.log

2014-06-16 17:26 - 2014-06-13 17:19 - 00000000 ____D () C:\Users\HDS\AppData\Local\Adobe

2014-06-15 15:50 - 2014-01-22 18:37 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk

2014-06-15 15:50 - 2014-01-22 18:37 - 00001105 _____ () C:\Users\HDS\Desktop\KeePass 2.lnk

2014-06-15 15:50 - 2014-01-22 18:37 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2

2014-06-15 12:53 - 2014-01-05 10:30 - 00000000 ____D () C:\Users\HDS\Documents\MyHeritage

2014-06-13 20:21 - 2014-06-13 20:21 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\eXPert PDF 5

2014-06-13 20:17 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp

2014-06-13 07:12 - 2014-02-25 16:15 - 00000000 ____D () C:\Program Files (x86)\AntiBrowserSpy

2014-06-13 07:11 - 2014-06-03 18:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-06-12 17:21 - 2014-01-03 20:51 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2014-06-12 17:21 - 2014-01-03 20:51 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
 

Some content of TEMP:

====================

C:\Users\HDS\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe

C:\Users\HDS\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpl_pmpy.dll

C:\Users\HDS\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsbry6o.dll

C:\Users\HDS\AppData\Local\Temp\FreemakeVideoConverter_4.1.4.1.exe

C:\Users\HDS\AppData\Local\Temp\FreemakeVideoDownloader_3.6.2.3.exe

C:\Users\HDS\AppData\Local\Temp\NOSEventMessages.dll

C:\Users\HDS\AppData\Local\Temp\Quarantine.exe

C:\Users\HDS\AppData\Local\Temp\vlc-2.1.4-win64.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-07-08 07:47
 

==================== End Of Log ============================

--- --- ---

schrauber

13.07.2014 08:15

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

masin

14.07.2014 07:56

Hier ist das Gewünschte. FRST dauerte etwas lange (über 12 h), muß wohl dringend mal was ausmisten.

Bin gespannt, was du rausgefunden hast.

Gruß masin

Code:

ESETSmartInstaller@High as downloader log:

all ok

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.7623

# api_version=3.0.2

# EOSSerial=177bc74952a363448cae25a53c7880f7

# engine=19148

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2014-07-14 05:59:42

# local_time=2014-07-14 07:59:42 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# lang=1031

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode_1=''

# compatibility_mode=5893 16776573 100 94 172919 156947432 0 0

# scanned=1399393

# found=164

# cleaned=0

# scan_time=79840

sh=11CE54C8F8EB9DEAC4A312830CA5527D46CAB1E3 ft=1 fh=22799d0707c6326f vn="Win32/InstallMonetizer.AW evtl. unerwünschte Anwendung" ac=I fn="C:\Users\HDS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FUP6PZTL\SUPER1321_9407[1].exe"

sh=7A5B168BB2B8C06B2A9134B656BBF195830D21C2 ft=1 fh=55d4f387d8566cf4 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="D:\Backup J\HDS-Home\backup\Hans-Dieter\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoftTB\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll"

sh=FDBC6EB6E9A237339773F943F29D99AFACFB41F6 ft=1 fh=0748fb2f5740e5c0 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="D:\Backup J\HDS-Home\backup\Hans-Dieter\Lokale Einstellungen\Temp\GLF45.tmp.tbDVDV.dll"

sh=61A8D16A5586134040C587C83F285C978EC432E3 ft=1 fh=550beeaa64c08289 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="D:\Backup J\HDS-Home\backup\Hans-Dieter\Lokale Einstellungen\Temporary Internet Files\Content.IE5\JEYURQQ7\tbedrs[1].dll"

sh=FE35DE58565C97C53AE06E074B1709384D593095 ft=0 fh=0000000000000000 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="D:\Backup J\HDS-Home\backup\Hans-Dieter\Lokale Einstellungen\Temporary Internet Files\Content.IE5\JEYURQQ7\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}[1].cpi"

sh=743CF6F7C346A3CF7BB0B81442DC14A7F3DA352D ft=1 fh=67b200ae242c58b1 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="D:\Backup J\HDS-Home\backup\Hans-Dieter\Lokale Einstellungen\Temporary Internet Files\Content.IE5\THY29T4S\Alert[1].dll"

sh=4B862C114F85CECCAC4CB4DF595BB24638F22B88 ft=1 fh=3f7dbff1b151b53f vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="D:\DASI 32bit-Stick\PowerDVD 14 - CHIP-Downloader.exe"

sh=9901FC58D2D005EE4E42CDFF7DA264E638456E52 ft=1 fh=dbe4800a79f2330f vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="D:\DASI HDD Notebook\Daten1\Download\FreeStudio.exe"

sh=8292EAD64C0EEB2609D7D4C46CF4D70A8DABE289 ft=1 fh=b92ac18f52992a4a vn="Win32/BrowseFox.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XUHDGU3Q\Setup[1].exe"

sh=1DA8DF693AE65DEC4081544EF325F36ACFDFCA0E ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\firefox@bizzybolt.co.xpi"

sh=B5ED1E639B7D9AD3C0F3C81E5AA2E9F88DDFEB65 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\102_dealply_m.js"

sh=7004C50EC82BFA560814E4094FC5D424F58161D3 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\103_intext_5_m.js"

sh=8BFBBD749FDAA46297DA7F28A30E29C55FD72880 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\104_jollywallet_m.js"

sh=0B21E41A47E579081215969619861996F43524B1 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\105_corticas_m.js"

sh=76383B8DE33E6BBFB98D545DEA12B018A0A8F2C8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\108_icm_m.js"

sh=7F7359D9F0900191297BFDF5B85D5CDF588CD9EA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\117_coupons_intext_ads_5_m.js"

sh=8C65267C1AADD4AB670D6D979C4A686D16A86869 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\119_similar_web_m.js"

sh=35CE3B76158991DDEA79CAF0C1F826A7EE18A820 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\120_luck_m.js"

sh=E106EF12FBA54AD37717391E3A2A8B7416B0A30E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\123_intext_adv_m.js"

sh=6376FE6DF3E7E394FAE45C47A1FDE1CF41CAFBFD ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\124_superfish_no_search_no_coupons_m.js"

sh=D295E3F253D0942BD3114F61DEF5D78DD0FC5BFB ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\125_arcadi2_m.js"

sh=3CFE90E3825BB08EB9B4222552FAC05360188207 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\126_revizer_ws_m.js"

sh=031F6CD140ED363E0F137E627AE1FE4DED5714E2 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\127_revizer_p_m.js"

sh=97C406784CD0DEA751BE4E02EB82633F1F88CA1F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\128_superfish_pricora_m.js"

sh=BB2946641B9FEB2F76D281220A52220336E454E1 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\135_arcadi3_m.js"

sh=8BD506BDCB470B73FE581B4DA1769AD9FBCAF0D8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\138_getdeal_m.js"

sh=90A4F559561CF603A203F93D56C80B17B8152325 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\141_corticas_ru_m.js.js"

sh=8395A2B6D59D2F3EDDCFC863DDA2F674396DC74C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\142_intext_fa_m.js"

sh=AE2D5CE395EE9CD2595F77F616E574F4794B1152 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\155_ibario_pops_m.js"

sh=0CEB1A073B87956FD1F21F8425B8F76015B1BCD8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\158_50onred_ads_only_no_fb_m.js"

sh=441E98540BDEC21B7E534C2B317AE91925F6CEE7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\159_cortica_rollover_m.js"

sh=C8B01A1511A63AEC3D40B1D045034D76B1E85EFD ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\171_arcadi2_sourceID_m.js"

sh=078C314715CCC0DE7547172AD4B810FD754115C6 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js"

sh=220B01F705C009D135199A26C85EB536B16C9D6E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\175_coolmirage_m.js"

sh=CFFCA6A4EE3A0DF2319440491BB297ADEC6EEF37 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\178_revizer_ws_dynamic_m.js"

sh=316AD88F43CC33313DB30CA9C001AE6BB1FBC414 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\179_revizer_p_dynamic_m.js"

sh=C9A8D5AE55FA65E00EE75767C5D2E9B56041858D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\180_bpo_serp_m.js"

sh=24E6E5A06D24A5CC24C0B705FDB089FD4FEC70AC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\184_noproblemppc_m.js"

sh=913EFB9D675CDABC6594788C8F6F1BA8FB057815 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\189_active_sanity.js"

sh=6B3C17F9D4BD40BFCF87831196C40DBA3C4DB14C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\190_pops_5_m.js"

sh=9F07ACC96BC246F25975479E9382CDF88E7D8711 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\191_ciuvo_m.js"

sh=F913C9EE03B4CCE8680961DBF505FA17BAC140F0 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\192_revizer_ws_dynamic_b2b_m.js"

sh=28F70DF1D28964084CCA8382AE4ADA97EF0C4C0A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\193_revizer_p_dynamic_b2b_m.js"

sh=73E3DE6407B972684132A0542884E6109B387FFE ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\194_retargeting_bi_m.js.js"

sh=B09166ED1B1E138E78F807E6E7B4A19E0934E5A5 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\195_icm_convertmedia_m.js"

sh=0A113BDC19C5B96609992E6C9D972B814B918109 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\197_kreapixel_pops_m.js"

sh=9A67AB016B12405F2FF8E65A64A035E46421F243 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\198_superfish_no_search_no_coupons_plushd_m.js"

sh=6DF0914CB2A51AA8E7F1BDDEC414B8969C38A6F7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\199_superfish_no_coupons_plushd_m.js"

sh=61DB672F16D1D9053F6B8D591E51C53BA3165770 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\200_foxydeal_m.js"

sh=392B3EB529AF22E57C2AC4076E7702176010694C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\204_pricedetect_m.js"

sh=F4047FA127C3997FC8D4611885D9C339A0EDF946 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\91_monetizationLoader.js.js"

sh=0C5AC30A082628E85A9A8B68EF5E5EAFA46F0CC7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="D:\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\b798oxsz.default\extensions\9a1cadcd-98ec-4413-87d3-0f7c4253cd27@31f19576-e1e2-40bc-81ac-be7a5f1cf67c.com\extensionData\plugins\93_superfish_no_coupons_m.js"

sh=42909CFBBF6E60F48964F431E3A11DD8DD08D0E2 ft=1 fh=b4a6a3766b39db39 vn="Variante von Win32/Toolbar.Babylon.C evtl. unerwünschte Anwendung" ac=I fn="E:\Babylon9_setup.exe"

sh=1D814EA403A946B40CC0A6A261B2387880D6B547 ft=1 fh=ff0bc5a908f5ad94 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="E:\Integrated_BrotherSoft_TB.exe"

sh=457335C7D7CF3B76BDA5156BDFC9D2E55F5EB26E ft=1 fh=733834ea60493ef0 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="E:\Integrated_CT2325506.exe"

sh=D1792533022A1718AB1E5F5E7A4254BF242ADF51 ft=1 fh=05454cf79f55e5d0 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="E:\jmmaster.exe"

sh=D86451022DDD8348105C1D52FBFD2ADB1E2DCC30 ft=1 fh=d3e706a6307522ba vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll"

sh=314F703F0F190BF70F0386509C10998D4E2BD10B ft=1 fh=2f9f46df1834d950 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\AppData\Local\Conduit\BackgroundContainer\TBUpdaterLogic_1.0.0.1.dll"

sh=D3CBDD7C6ED2C9D81DA4FCF9AF57CDD5D3711ED3 ft=1 fh=86dbe26399c3d0fa vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\AppData\Local\Conduit\BackgroundContainer\TBUpdaterLogic_1.0.0.2.dll"

sh=9A76A5476CE4436E2C30ADE7D235AFBD1527AEB6 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.AA evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\AppData\Local\CRE\pgcdkhefhcplceibklphkiojijiffglg.crx"

sh=068A54F966DB6AC14BCA0E39E2A99E3F0027304D ft=1 fh=39f7a16b0423d981 vn="Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\AppData\LocalLow\Jmalaya_LiveTV\hk64tbJma0.dll"

sh=ECAAC2B22C5DF388FA3847749C931AEF458384B8 ft=1 fh=2876dfec7d92aded vn="Variante von Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\AppData\LocalLow\Jmalaya_LiveTV\hk64tbJmal.dll"

sh=C325F9A28C049D03E23060686A70B398531CDB05 ft=1 fh=742ed93f69aeb6e1 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\AppData\LocalLow\Jmalaya_LiveTV\hktbJmal.dll"

sh=EFB534D515903744B9755391A417051902C16DE2 ft=1 fh=e331f9a91891a78b vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\AppData\LocalLow\Jmalaya_LiveTV\ldrtbJmal.dll"

sh=81AF7CFB10091601ED1B82B92BDA2A254AA2B82F ft=1 fh=b76578e523b80dbc vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\AppData\LocalLow\Jmalaya_LiveTV\tbJma1.dll"

sh=19C0679FA65F480C9A0BC5C43396D2ADEC8BCAF9 ft=1 fh=bca908a16a338e6a vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\AppData\LocalLow\Jmalaya_LiveTV\tbJmal.dll"

sh=B5C93DA0C608B26C9487ABC49CCB643C9A15ED33 ft=1 fh=75f1c65aa8a331ed vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\AppData\LocalLow\Jmalaya_LiveTV\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGongIE.dll"

sh=D86451022DDD8348105C1D52FBFD2ADB1E2DCC30 ft=1 fh=d3e706a6307522ba vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\Benutzer\Hans-Dieter\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll"

sh=314F703F0F190BF70F0386509C10998D4E2BD10B ft=1 fh=2f9f46df1834d950 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\Benutzer\Hans-Dieter\AppData\Local\Conduit\BackgroundContainer\TBUpdaterLogic_1.0.0.1.dll"

sh=D3CBDD7C6ED2C9D81DA4FCF9AF57CDD5D3711ED3 ft=1 fh=86dbe26399c3d0fa vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\Benutzer\Hans-Dieter\AppData\Local\Conduit\BackgroundContainer\TBUpdaterLogic_1.0.0.2.dll"

sh=9A76A5476CE4436E2C30ADE7D235AFBD1527AEB6 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.AA evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\Benutzer\Hans-Dieter\AppData\Local\CRE\pgcdkhefhcplceibklphkiojijiffglg.crx"

sh=068A54F966DB6AC14BCA0E39E2A99E3F0027304D ft=1 fh=39f7a16b0423d981 vn="Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\Benutzer\Hans-Dieter\AppData\LocalLow\Jmalaya_LiveTV\hk64tbJma0.dll"

sh=ECAAC2B22C5DF388FA3847749C931AEF458384B8 ft=1 fh=2876dfec7d92aded vn="Variante von Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\Benutzer\Hans-Dieter\AppData\LocalLow\Jmalaya_LiveTV\hk64tbJmal.dll"

sh=C325F9A28C049D03E23060686A70B398531CDB05 ft=1 fh=742ed93f69aeb6e1 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\Benutzer\Hans-Dieter\AppData\LocalLow\Jmalaya_LiveTV\hktbJmal.dll"

sh=EFB534D515903744B9755391A417051902C16DE2 ft=1 fh=e331f9a91891a78b vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\Benutzer\Hans-Dieter\AppData\LocalLow\Jmalaya_LiveTV\ldrtbJmal.dll"

sh=81AF7CFB10091601ED1B82B92BDA2A254AA2B82F ft=1 fh=b76578e523b80dbc vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\Benutzer\Hans-Dieter\AppData\LocalLow\Jmalaya_LiveTV\tbJma1.dll"

sh=19C0679FA65F480C9A0BC5C43396D2ADEC8BCAF9 ft=1 fh=bca908a16a338e6a vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\Benutzer\Hans-Dieter\AppData\LocalLow\Jmalaya_LiveTV\tbJmal.dll"

sh=B5C93DA0C608B26C9487ABC49CCB643C9A15ED33 ft=1 fh=75f1c65aa8a331ed vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\Benutzer\Hans-Dieter\AppData\LocalLow\Jmalaya_LiveTV\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGongIE.dll"

sh=D86451022DDD8348105C1D52FBFD2ADB1E2DCC30 ft=1 fh=d3e706a6307522ba vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\Benutzer\HDneu\Hans-Dieter\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll"

sh=314F703F0F190BF70F0386509C10998D4E2BD10B ft=1 fh=2f9f46df1834d950 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\Benutzer\HDneu\Hans-Dieter\AppData\Local\Conduit\BackgroundContainer\TBUpdaterLogic_1.0.0.1.dll"

sh=D3CBDD7C6ED2C9D81DA4FCF9AF57CDD5D3711ED3 ft=1 fh=86dbe26399c3d0fa vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\Benutzer\HDneu\Hans-Dieter\AppData\Local\Conduit\BackgroundContainer\TBUpdaterLogic_1.0.0.2.dll"

sh=9A76A5476CE4436E2C30ADE7D235AFBD1527AEB6 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.AA evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\Benutzer\HDneu\Hans-Dieter\AppData\Local\CRE\pgcdkhefhcplceibklphkiojijiffglg.crx"

sh=050742ABE364EBDCB4E46869E57DF3157B4F6976 ft=1 fh=715f78b7f0bf2e14 vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\Benutzer\HDneu\Hans-Dieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgcdkhefhcplceibklphkiojijiffglg\10.22.0.588_0\plugins\ConduitChromeApiPlugin.dll"

sh=60A882DFB633B1179EC55F395F1862192BABE03A ft=1 fh=feb8b77c43644f53 vn="Variante von Win32/Toolbar.Conduit.AA evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\Benutzer\HDneu\Hans-Dieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgcdkhefhcplceibklphkiojijiffglg\10.22.0.588_0\TBHostSupport\TBHostSupport.dll"

sh=59E1F6545601413839BB5D1AF5A93C7EC031A9F0 ft=1 fh=f41c3efef8f07739 vn="Win32/InstallMonetizer.AZ evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\Benutzer\HDneu\Hans-Dieter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5IWDOEER\MyPhoneExplorer_v2_5185[1].exe"

sh=1426B95F2619E462F812F6807C88694DF9FBECE7 ft=1 fh=a10496de67a69999 vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\Benutzer\HDneu\Hans-Dieter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6864LHCM\mconduitinstaller[1].exe"

sh=D3CBDD7C6ED2C9D81DA4FCF9AF57CDD5D3711ED3 ft=1 fh=86dbe26399c3d0fa vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\Benutzer\HDneu\Hans-Dieter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6864LHCM\TBUpdaterLogic[1].dll"

sh=91F440A8F2A0FFC91EDA87FE5410B93141B1C6B0 ft=1 fh=1ce5d7cf83504dfe vn="Win32/Toolbar.Conduit.AF evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\Benutzer\HDneu\Hans-Dieter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6G24CN3K\checktbexist[1].exe"

sh=F89D0D35647789000A23E8BD1E557BEE519A6BAE ft=1 fh=4f81c51847428f3f vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\Benutzer\HDneu\Hans-Dieter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ERUBAH1A\statisticsstub[1].exe"

sh=BEEE8DD701FEBCFC69D755CB07D7FD9A89245E81 ft=1 fh=eb68ac25d112c457 vn="Win32/DownWare.N evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\Benutzer\HDneu\Hans-Dieter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JC9VPRR0\QuickShare1[1].exe"

sh=314F703F0F190BF70F0386509C10998D4E2BD10B ft=1 fh=2f9f46df1834d950 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="E:\Dell neu\Sicherungsdaten\Benutzer\HDneu\Hans-Dieter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JC9VPRR0\TBUpdaterLogic[1].dll"

sh=42909CFBBF6E60F48964F431E3A11DD8DD08D0E2 ft=1 fh=b4a6a3766b39db39 vn="Variante von Win32/Toolbar.Babylon.C evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\ED\Downloads\Babylon9_setup.exe"

sh=1D814EA403A946B40CC0A6A261B2387880D6B547 ft=1 fh=ff0bc5a908f5ad94 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\ED\Downloads\Integrated_BrotherSoft_TB.exe"

sh=457335C7D7CF3B76BDA5156BDFC9D2E55F5EB26E ft=1 fh=733834ea60493ef0 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\ED\Downloads\Integrated_CT2325506.exe"

sh=D1792533022A1718AB1E5F5E7A4254BF242ADF51 ft=1 fh=05454cf79f55e5d0 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\ED\Downloads\jmmaster.exe"

sh=2DEB723E30628F0724122D6055606BFCB2DA834D ft=1 fh=dcd908a271e19a21 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\ED\Downloads\SoftonicDownloader_fuer_expert-pdf.exe"

sh=5CD5F5826CD6215021E47235438CF4946C829310 ft=1 fh=4e188cd8e9452fb8 vn="Variante von Win32/Toolbar.Visicom.B evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\ED\Downloads\Grafik\PosPanoramaPro_SetUp.exe"

sh=04E0C5EE12128EF45F0A04F1E4522E7CA835803D ft=1 fh=bf87f39b5da59869 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\ED\Downloads\OCR\SoftonicDownloader_fuer_abbyy-finereader.exe"

sh=48FD60E5A677BD39B13E0188075E83137005259E ft=1 fh=ff79543ffacc5f95 vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\ED\Downloads\pdf\PDFCreator-1_2_1_setup.exe"

sh=6CF8A9F031B45F70BE3E66E7ACC7449CDA15FA34 ft=1 fh=2de4b6f517306153 vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\ED\Downloads\pdf\PDFCreator-1_2_3_setup.exe"

sh=19595585D973FAA1511F59341930EA418A67350A ft=1 fh=6ece50a171e19a21 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\ED\Downloads\pdf\SoftonicDownloader_fuer_expert-pdf.exe"

sh=AB15B6D368B56F5D726E4FF91BD60FF01CA710F3 ft=1 fh=6e8e370706893100 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\ED\Downloads\pdf\SoftonicDownloader_fuer_pdfcreator.exe"

sh=DEDD6D62793B40A6BAF2C77AABAF26F446658E7C ft=1 fh=b08ccde21cdf93fa vn="Variante von Win32/Toolbar.MyWebSearch.W evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\ED\Downloads\system\gamebooster_15.exe"

sh=D09F5733E7FF49C376E5350473B52032F6161B96 ft=1 fh=6f2e648313a493d0 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\ED\Downloads\Video\FreeDVDVideoConverter.exe"

sh=CFD782729B3FCDEFFDCB45310822DE754EB1EC2C ft=1 fh=222c0412eaeace3f vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\ED\Downloads\Video\FreeVideoToFlashConverter.exe"

sh=2AD75ED8FF9CD872EC0616B9DCC9D38DD59BC3FE ft=1 fh=48a05cfefd0e55c2 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\ED\Downloads\Video\FreeYouTubeDownload.exe"

sh=68E9C5DD4D2D471311392D815C3EEFE81051BE17 ft=1 fh=cac44e7cd436c291 vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\ED\Downloads\Video\Setup58_FreeFlvConverter.exe"

sh=B807523DCA569D41FF3FFA8523A6693D930D8768 ft=1 fh=250619b7ed6e391c vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\ED\Downloads\Video\Setup_696FreeFlvConverter.exe"

sh=091F1455A71B28647F33F1995A2F86122294AAD0 ft=1 fh=4ec54ebe94456a2f vn="möglicherweise Variante von Win32/RegistryBooster evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\ED\Downloads\windows\registrybooster.exe"

sh=317F43F8902F8CBED680602B69DC237800C05CBF ft=1 fh=1a68ed8b191ce456 vn="Win32/SoftonicDownloader.D evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\ED\Downloads\windows\SoftonicDownloader_fuer_total-commander.exe"

sh=0C38A7EE4DBB35FC124CBC9B49A28E4AB469F93C ft=1 fh=00cd012659834f0b vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\ED\Downloads\windows\Winload_TB-20091222.exe"

sh=EAE2784C9115FE9CFA44A116B74E72C1BCCFA7F6 ft=1 fh=2e79e77116fe19c4 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\HTC\MyPhoneExplorer_1.8.5.exe"

sh=76C19267783B1C3FBE78C7EDFB19EEE1CA020E5B ft=1 fh=24f1c525cd32bc9c vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\HTC\MyPhoneExplorer_Setup_1.8.5.exe"

sh=CB2944AE1A1977A899538F1065F9D1211C2AEA03 ft=1 fh=013aeab0cb55a839 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\HTC\MyPhoneExplorer_Setup_1.8.5_pcwelt.exe"

sh=0C7E1F8EB63F9F1C75EB08A156E54A7349853EFF ft=1 fh=d24020069345d3b6 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\pdf\PDFCreator-1_6_0_setup.exe"

sh=64131EBCE68286BAAEFAC74F12628EBFC159B7CB ft=1 fh=252d3f247af8095f vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\pdf\PDFCreator-1_6_1_setup.exe"

sh=BCF43267B4416C6DDEFAAD5AE0A63E3F682C5BB0 ft=1 fh=905be375e5c80006 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\pdf\PDFCreator-1_6_2_setup.exe"

sh=D0357617961BF3D526BEFAAB0048CBB983EA4DF9 ft=1 fh=c604c933e8b9509f vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\pdf\PDFCreator-1_7_0_setup.exe"

sh=9434866971DD357600C9F2B1E31B7893C3A070F0 ft=1 fh=4f14aeb246e47811 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\pdf\PDFCreator-1_7_1_setup.exe"

sh=FBBE31F08E493A8B0702FE72F3ABA6DF996E20C6 ft=1 fh=1055b3d0ea15ac02 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\pdf\PDFCreator-1_7_2_setup.exe"

sh=E2C028A886AA7352539DEE32CBB38770C529A76E ft=1 fh=d2aeb2930bcba9f7 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\pdf\PDFCreator-1_7_3_setup.exe"

sh=99528D78297495D151C72F2E56CF88B1C67CEA14 ft=1 fh=d22d7e98ae7ecb36 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\Skype\Skype - CHIP-Downloader.exe"

sh=DEDD6D62793B40A6BAF2C77AABAF26F446658E7C ft=1 fh=b08ccde21cdf93fa vn="Variante von Win32/Toolbar.MyWebSearch.W evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\system\gamebooster_15.exe"

sh=D09F5733E7FF49C376E5350473B52032F6161B96 ft=1 fh=6f2e648313a493d0 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\Video\FreeDVDVideoConverter.exe"

sh=CFD782729B3FCDEFFDCB45310822DE754EB1EC2C ft=1 fh=222c0412eaeace3f vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\Video\FreeVideoToFlashConverter.exe"

sh=2AD75ED8FF9CD872EC0616B9DCC9D38DD59BC3FE ft=1 fh=48a05cfefd0e55c2 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\Video\FreeYouTubeDownload.exe"

sh=6F95706779083B352A634D6505F523791B2CE2B8 ft=1 fh=41f77d06f2469b33 vn="Win32/StartPage.OPH Trojaner" ac=I fn="E:\Downloads\Video\vlc-2.0.2-win64.exe"

sh=7D3C87DC751B0FA7EBD42E9762BF377878FC3DCC ft=1 fh=e0f876a89ae94369 vn="Win32/Ivefound evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\windows\Mp4PlayerSetup.exe"

sh=6695AF83A5FA9289BF8B73A6F14BF9F6DE3CBC40 ft=1 fh=b70c4e52ef91b123 vn="Win32/Toolbar.Babylon.T evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\windows\ReimageRepair.exe"

sh=36C8AC6018A2C408F08B6DB8CCBAFFC2DBBDC5C7 ft=1 fh=5225f801218a777d vn="Win32/SpeedUpMyPC evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\windows\speedupmypc.exe"

sh=CCC470B63ED9F07CAB4EAFC96DE9C670EEEEDF00 ft=0 fh=0000000000000000 vn="Win32/BrowserCompanion.G evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\windows\Mozilla-DASI\Firefox 15.0 (de) - 2012-09-25.pcv"

sh=20C5FA6D8C95D04E8B1E84880744D152562A8D37 ft=1 fh=6b40447dbef51897 vn="Win32/SoftonicDownloader.D evtl. unerwünschte Anwendung" ac=I fn="E:\Eigene Dateien\Downloads\SoftonicDownloader_fuer_advanced-pdf-to-word.exe"

sh=B2E7D46ADA1E8F998749E5BC6DF1D769086526F2 ft=1 fh=01644c7490e2425d vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="O:\AdwCleaner\Quarantine\C\Users\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{8A9386B4-E958-4C4C-ADF4-8F26DB3E4829}\plugins\npPriceGong_FF.dll.vir"

sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="O:\Program Files (x86)\Conduit\Community Alerts\Alert.dll"

sh=F72C54E326016DD0A1F4FE7ADF6D0F0261053F22 ft=1 fh=c71c00113f60402f vn="möglicherweise Variante von Win32/Toolbar.CrossRider.H evtl. unerwünschte Anwendung" ac=I fn="O:\Program Files (x86)\HTML5 Player\HTML5 Player-buttonutil.dll"

sh=709500EA78F7977A3B54185C79C7ADECE74671B4 ft=1 fh=f3fd0242b69965f6 vn="Variante von Win64/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="O:\Program Files (x86)\HTML5 Player\HTML5 Player-buttonutil64.dll"

sh=8C5D057DC8625D9D37A46934DC22544DB8A24926 ft=1 fh=f22355fbcd6bcbc4 vn="Variante von Win64/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="O:\Program Files (x86)\HTML5 Player\HTML5 Player-buttonutil64.exe"

sh=8E0A12F94A800424AAB9575C2705912FD46B4B6D ft=1 fh=e982e12c695e76ed vn="Variante von Win32/Toolbar.CrossRider.I evtl. unerwünschte Anwendung" ac=I fn="O:\Program Files (x86)\HTML5 Player\HTML5 Player-helper.exe"

sh=A8F8AC39FF8F306E0397623CB0F05AAD13CC54CA ft=1 fh=fa3bc4574c45b1f1 vn="Win32/Packed.VMDetector.B evtl. unerwünschte Anwendung" ac=I fn="O:\Program Files (x86)\HTML5 Player\Uninstall.exe"

sh=ECAAC2B22C5DF388FA3847749C931AEF458384B8 ft=1 fh=2876dfec7d92aded vn="Variante von Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="O:\Program Files (x86)\Jmalaya_LiveTV\hk64tbJmal.dll"

sh=C325F9A28C049D03E23060686A70B398531CDB05 ft=1 fh=742ed93f69aeb6e1 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="O:\Program Files (x86)\Jmalaya_LiveTV\hktbJmal.dll"

sh=EFB534D515903744B9755391A417051902C16DE2 ft=1 fh=e331f9a91891a78b vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="O:\Program Files (x86)\Jmalaya_LiveTV\ldrtbJmal.dll"

sh=1CAAAB0EDE5FDF753F0DFBA5B395A2840CD0A76C ft=1 fh=ed0fde6c6c7e3f9e vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="O:\Program Files (x86)\Jmalaya_LiveTV\prxtbJmal.dll"

sh=19C0679FA65F480C9A0BC5C43396D2ADEC8BCAF9 ft=1 fh=bca908a16a338e6a vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="O:\Program Files (x86)\Jmalaya_LiveTV\tbJmal.dll"

sh=D86451022DDD8348105C1D52FBFD2ADB1E2DCC30 ft=1 fh=d3e706a6307522ba vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="O:\Users\Hans-Dieter\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll"

sh=314F703F0F190BF70F0386509C10998D4E2BD10B ft=1 fh=2f9f46df1834d950 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="O:\Users\Hans-Dieter\AppData\Local\Conduit\BackgroundContainer\TBUpdaterLogic_1.0.0.1.dll"

sh=D3CBDD7C6ED2C9D81DA4FCF9AF57CDD5D3711ED3 ft=1 fh=86dbe26399c3d0fa vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="O:\Users\Hans-Dieter\AppData\Local\Conduit\BackgroundContainer\TBUpdaterLogic_1.0.0.2.dll"

sh=9A76A5476CE4436E2C30ADE7D235AFBD1527AEB6 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.AA evtl. unerwünschte Anwendung" ac=I fn="O:\Users\Hans-Dieter\AppData\Local\CRE\pgcdkhefhcplceibklphkiojijiffglg.crx"

sh=050742ABE364EBDCB4E46869E57DF3157B4F6976 ft=1 fh=715f78b7f0bf2e14 vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="O:\Users\Hans-Dieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgcdkhefhcplceibklphkiojijiffglg\10.22.0.588_0\plugins\ConduitChromeApiPlugin.dll"

sh=60A882DFB633B1179EC55F395F1862192BABE03A ft=1 fh=feb8b77c43644f53 vn="Variante von Win32/Toolbar.Conduit.AA evtl. unerwünschte Anwendung" ac=I fn="O:\Users\Hans-Dieter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgcdkhefhcplceibklphkiojijiffglg\10.22.0.588_0\TBHostSupport\TBHostSupport.dll"

sh=59E1F6545601413839BB5D1AF5A93C7EC031A9F0 ft=1 fh=f41c3efef8f07739 vn="Win32/InstallMonetizer.AZ evtl. unerwünschte Anwendung" ac=I fn="O:\Users\Hans-Dieter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5IWDOEER\MyPhoneExplorer_v2_5185[1].exe"

sh=1426B95F2619E462F812F6807C88694DF9FBECE7 ft=1 fh=a10496de67a69999 vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="O:\Users\Hans-Dieter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6864LHCM\mconduitinstaller[1].exe"

sh=D3CBDD7C6ED2C9D81DA4FCF9AF57CDD5D3711ED3 ft=1 fh=86dbe26399c3d0fa vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="O:\Users\Hans-Dieter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6864LHCM\TBUpdaterLogic[1].dll"

sh=91F440A8F2A0FFC91EDA87FE5410B93141B1C6B0 ft=1 fh=1ce5d7cf83504dfe vn="Win32/Toolbar.Conduit.AF evtl. unerwünschte Anwendung" ac=I fn="O:\Users\Hans-Dieter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6G24CN3K\checktbexist[1].exe"

sh=F89D0D35647789000A23E8BD1E557BEE519A6BAE ft=1 fh=4f81c51847428f3f vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="O:\Users\Hans-Dieter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ERUBAH1A\statisticsstub[1].exe"

sh=BEEE8DD701FEBCFC69D755CB07D7FD9A89245E81 ft=1 fh=eb68ac25d112c457 vn="Win32/DownWare.N evtl. unerwünschte Anwendung" ac=I fn="O:\Users\Hans-Dieter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JC9VPRR0\QuickShare1[1].exe"

sh=314F703F0F190BF70F0386509C10998D4E2BD10B ft=1 fh=2f9f46df1834d950 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="O:\Users\Hans-Dieter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JC9VPRR0\TBUpdaterLogic[1].dll"

sh=068A54F966DB6AC14BCA0E39E2A99E3F0027304D ft=1 fh=39f7a16b0423d981 vn="Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="O:\Users\Hans-Dieter\AppData\LocalLow\Jmalaya_LiveTV\hk64tbJma0.dll"

sh=ECAAC2B22C5DF388FA3847749C931AEF458384B8 ft=1 fh=2876dfec7d92aded vn="Variante von Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="O:\Users\Hans-Dieter\AppData\LocalLow\Jmalaya_LiveTV\hk64tbJmal.dll"

sh=C325F9A28C049D03E23060686A70B398531CDB05 ft=1 fh=742ed93f69aeb6e1 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="O:\Users\Hans-Dieter\AppData\LocalLow\Jmalaya_LiveTV\hktbJmal.dll"

sh=EFB534D515903744B9755391A417051902C16DE2 ft=1 fh=e331f9a91891a78b vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="O:\Users\Hans-Dieter\AppData\LocalLow\Jmalaya_LiveTV\ldrtbJmal.dll"

sh=81AF7CFB10091601ED1B82B92BDA2A254AA2B82F ft=1 fh=b76578e523b80dbc vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="O:\Users\Hans-Dieter\AppData\LocalLow\Jmalaya_LiveTV\tbJma1.dll"

sh=19C0679FA65F480C9A0BC5C43396D2ADEC8BCAF9 ft=1 fh=bca908a16a338e6a vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="O:\Users\Hans-Dieter\AppData\LocalLow\Jmalaya_LiveTV\tbJmal.dll"

sh=B5C93DA0C608B26C9487ABC49CCB643C9A15ED33 ft=1 fh=75f1c65aa8a331ed vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="O:\Users\Hans-Dieter\AppData\LocalLow\Jmalaya_LiveTV\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGongIE.dll"

Code:

 Results of screen317's Security Check version 0.99.85  

 Windows 7 Service Pack 1 x64 (UAC is enabled)  

 Internet Explorer 11  
 ``````````````Antivirus/Firewall Check:`````````````` 

G Data InternetSecurity   

 Antivirus up to date!   
 `````````Anti-malware/Other Utilities Check:````````` 

 AntiBrowserSpy     

 Java(TM) 6 Update 21  

 Java version out of Date! 

 Adobe Flash Player 14.0.0.145  

 Adobe Reader XI  

 Mozilla Firefox (30.0) 

 Mozilla Thunderbird (24.6.0) 
 ````````Process Check: objlist.exe by Laurent````````  

 G Data InternetSecurity Firewall GDFirewallTray.exe 

 G Data InternetSecurity Firewall GDFwSvcx64.exe 
 `````````````````System Health check````````````````` 

 Total Fragmentation on Drive C:  
 ````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2014

Ran by HDS (administrator) on HDS-NEU2 on 14-07-2014 08:48:26

Running from E:\Downloads

Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe

(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe

(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe

() C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe

() C:\Program Files (x86)\AntiBrowserSpy\SocialBlock_ProxyCheck.exe

() C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe

() C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe

(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe

() C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe

(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe

(freenet.de GmbH) C:\Program Files (x86)\freenetMail Dateimanager\DBDDsktDrvTrayApp.exe

(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe

(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

() C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe

() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe

(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe

(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe

(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe

(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519408 2013-07-18] (Acronis)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8067616 2009-08-18] (Realtek Semiconductor)

HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-05-17] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1756792 2014-05-20] (G Data Software AG)

HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2014-01-04] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104616 2013-10-10] (Acronis International GmbH)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)

HKLM-x32\...\Run: [Adobe Photo Downloader] => C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe [67488 2007-09-11] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [freenet.de Dateimanager Taskleistensymbol] => C:\Program Files (x86)\freenetMail Dateimanager\DBDDsktDrvTrayApp.exe [142336 2009-01-22] (freenet.de GmbH)

HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,

Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)

HKU\S-1-5-21-1477405295-139641872-1139874065-1005\...\Run: [dradio-RecorderTimer] => C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe [41472 2012-04-03] ()

HKU\S-1-5-21-1477405295-139641872-1139874065-1005\...\Run: [] => [X]

HKU\S-1-5-21-1477405295-139641872-1139874065-1005\...\MountPoints2: {0eb18823-749a-11e3-9f74-806e6f6e6963} - F:\Autoplay.exe -auto

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()

ShellIconOverlayIdentifiers: AcronisSyncError -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()

ShellIconOverlayIdentifiers: AcronisSyncInProgress -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()

ShellIconOverlayIdentifiers: AcronisSyncOk -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()

BootExecute: autocheck autochk * auto_reactivate \\?\Volume{0eb18820-749a-11e3-9f74-806e6f6e6963}\bootwiz\asrm.bin
 

==================== Internet (Whitelisted) ====================
 

ProxyEnable: Internet Explorer proxy is enabled.

ProxyServer: localhost:8088

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

SearchScopes: HKLM - DefaultScope {71CA019B-6980-4703-BBEF-AAA0CC218409} URL = hxxp://www.sm.de/?q={searchTerms}

SearchScopes: HKLM - {71CA019B-6980-4703-BBEF-AAA0CC218409} URL = hxxp://www.sm.de/?q={searchTerms}

SearchScopes: HKLM-x32 - DefaultScope value is missing.

SearchScopes: HKCU - DefaultScope {71CA019B-6980-4703-BBEF-AAA0CC218409} URL = 

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: PrintEco - {BEB54677-E12F-44E7-AC7E-48241B866B5F} - C:\Program Files (x86)\PrintEco\PrintEco Office\adxloader64.dll ()

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: PrintEco - {BEB54677-E12F-44E7-AC7E-48241B866B5F} - C:\Program Files (x86)\PrintEco\PrintEco Office\adxloader.dll ()

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Hosts: 127.0.0.1 google-analytics.com

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

FireFox:

========

FF ProfilePath: C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\hm57pnie.default-1405180022660

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()

FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)

FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @phonostar.de/phonostar - C:\Program Files (x86)\dradio-Recorder\npphonostarDetectNP.dll No File

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: NoScript - C:\Users\HDS\AppData\Roaming\Mozilla\Firefox\Profiles\hm57pnie.default-1405180022660\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-07-12]

FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt

FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-01-04]

FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com

FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-01-16]

FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com

FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-01-16]

FF HKLM-x32\...\Firefox\Extensions: [jid0-1wPBLrijxGVkIUhu0kFYq6ZaWzA@jetpack] - C:\Program Files (x86)\AntiBrowserSpy\Addons\Firefox

FF Extension: AntiBrowserSpy - SocialBlocker - C:\Program Files (x86)\AntiBrowserSpy\Addons\Firefox [2014-02-25]

FF HKLM-x32\...\Firefox\Extensions: [firefox@printecosoftware.com] - C:\Program Files (x86)\PrintEco\PrintEco Office\firefox@printecosoftware.com.xpi

FF Extension: PrintEco - C:\Program Files (x86)\PrintEco\PrintEco Office\firefox@printecosoftware.com.xpi [2014-03-17]
 

==================== Services (Whitelisted) =================
 

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-01-06] (Adobe Systems) [File not signed]

R2 AdobeActiveFileMonitor6.0; C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] ()

R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2250360 2014-05-27] (G Data Software AG)

R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)

R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2683760 2014-05-20] (G Data Software AG)

R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]

R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-05-27] (Freemake) [File not signed]

S4 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-01-13] (Ellora Assets Corp.) [File not signed]

R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3203392 2014-05-20] (G Data Software AG)

R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700536 2014-05-20] (G Data Software AG)

R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-18] (Nero AG)

R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]

R2 OS Selector; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2155848 2011-11-15] ()

R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]

S4 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)

S4 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)

S3 Mtpip000ode; No ImagePath
 

==================== Drivers (Whitelisted) ====================
 

R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2009-06-10] (AVM GmbH)

R3 FPCIBASE; C:\Windows\System32\DRIVERS\fpcibase.sys [899328 2009-06-10] (AVM Berlin)

R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [55808 2014-07-03] (G Data Software AG)

R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2014-07-03] (G Data Software AG)

R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [142336 2014-07-03] (G Data Software AG)

R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [64000 2014-07-03] (G Data Software AG)

R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64000 2014-07-03] (G Data Software AG)

R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2014-03-06] (G Data Software)

R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [61440 2014-07-03] (G Data Software AG)

S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)

S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-12] (Malwarebytes Corporation)

R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)

R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)

R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)

S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-01-04] (Acronis International GmbH)

R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-01-04] (Acronis International GmbH)

R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-01-04] (Acronis International GmbH)

S3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0; \??\c:\program files\my dell\pcdsrvc_x64.pkms [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-07-13 09:22 - 2014-07-13 09:22 - 02347384 _____ (ESET) C:\Users\HDS\Downloads\esetsmartinstaller_deu.exe

2014-07-12 11:00 - 2014-07-12 11:02 - 00060081 _____ () C:\Users\HDS\Downloads\FRST.txt

2014-07-12 10:59 - 2014-07-12 11:00 - 02084864 _____ (Farbar) C:\Users\HDS\Downloads\FRST64.exe

2014-07-12 10:45 - 2014-07-12 10:45 - 00000887 _____ () C:\Users\HDS\Desktop\JRT.txt

2014-07-12 10:38 - 2014-07-12 10:38 - 01016261 _____ (Thisisu) C:\Users\HDS\Desktop\JRT.exe

2014-07-12 10:13 - 2014-07-12 10:48 - 01348263 _____ () C:\Users\HDS\Desktop\adwcleaner_3.215.exe

2014-07-12 09:56 - 2014-07-12 09:56 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-12 09:56 - 2014-07-12 09:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-12 09:55 - 2014-07-12 09:56 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-07-12 09:55 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-07-12 09:55 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-07-12 09:55 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-07-11 12:01 - 2014-07-11 12:01 - 00000000 ____D () C:\Users\HDS\Documents\Canon Utilities

2014-07-09 19:58 - 2014-07-09 19:58 - 05216105 _____ () C:\Users\HDS\Desktop\ComboFix.exe

2014-07-09 07:59 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-07-09 07:59 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-07-09 07:59 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-07-09 07:59 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-07-09 07:59 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-07-09 07:59 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-07-09 07:59 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-07-09 07:59 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-07-09 07:59 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-07-09 07:59 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-07-09 07:59 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-07-09 07:59 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-07-09 07:59 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-07-09 07:59 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-07-09 07:59 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-07-09 07:59 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-07-09 07:59 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-07-09 07:59 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-07-09 07:59 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-07-09 07:59 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-07-09 07:59 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-07-09 07:59 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-07-09 07:59 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-07-09 07:59 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-07-09 07:59 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-07-09 07:59 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-07-09 07:59 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-07-09 07:59 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-07-09 07:59 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-07-09 07:59 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-07-09 07:59 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-07-09 07:59 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-07-09 07:59 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-07-09 07:59 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-07-09 07:59 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-07-09 07:59 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-07-09 07:59 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-07-09 07:59 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-07-09 07:59 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-07-09 07:59 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-07-09 07:59 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-07-09 07:59 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-07-09 07:59 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-07-09 07:59 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-07-09 07:59 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-07-09 07:59 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-07-09 07:59 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-07-09 07:59 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-07-09 07:59 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-07-09 07:59 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-07-09 07:59 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-07-09 07:59 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-07-09 07:59 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-07-09 07:59 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-07-09 07:59 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-07-09 07:59 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-07-09 07:59 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-07-09 07:59 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-07-09 07:59 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe

2014-07-09 07:59 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe

2014-07-09 07:59 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-07-09 07:59 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2014-07-09 07:59 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2014-07-09 07:59 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2014-07-09 07:54 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-07-09 07:54 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2014-07-09 07:54 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2014-07-09 07:54 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2014-07-09 07:54 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2014-07-09 07:54 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2014-07-09 07:54 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2014-07-09 07:54 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-07-09 07:54 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2014-07-09 07:54 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2014-07-09 07:54 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2014-07-09 07:54 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2014-07-09 07:54 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2014-07-09 07:54 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2014-07-09 07:49 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-07-09 07:49 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2014-07-09 07:49 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2014-07-07 21:51 - 2014-07-07 21:51 - 909476139 _____ () C:\Windows\MEMORY.DMP

2014-07-07 21:51 - 2014-07-07 21:51 - 00455752 _____ () C:\Windows\Minidump\070714-46347-01.dmp

2014-07-07 21:51 - 2014-07-07 21:51 - 00000000 ____D () C:\Windows\Minidump

2014-07-07 20:23 - 2014-07-07 20:23 - 00003301 _____ () C:\Users\HDS\Desktop\Gmer.txt

2014-07-07 18:41 - 2014-07-14 08:48 - 00000000 ____D () C:\FRST

2014-07-07 18:36 - 2014-07-07 18:36 - 00000000 _____ () C:\Users\HDS\defogger_reenable

2014-07-07 15:11 - 2014-07-07 15:11 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Thunderbird

2014-07-07 13:11 - 2014-07-07 13:11 - 00002098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk

2014-07-07 13:11 - 2014-07-07 13:11 - 00002086 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk

2014-07-07 13:11 - 2014-07-07 13:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

2014-07-07 12:38 - 2014-07-07 12:38 - 00000000 ____D () C:\Users\HDS\AppData\Local\Thunderbird

2014-07-03 08:56 - 2014-07-03 08:56 - 00000000 ____D () C:\Users\HDS\AppData\Local\G DATA

2014-07-03 08:41 - 2014-07-03 08:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity

2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreemakeVideoConverter

2014-07-02 11:05 - 2014-07-02 11:05 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake

2014-06-28 15:09 - 2014-07-03 16:49 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\DropboxMaster

2014-06-24 14:22 - 2014-06-24 14:22 - 00001132 _____ () C:\Users\Public\Desktop\freenetMail Dateimanager.lnk

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\freenet

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\freenetMail Dateimanager

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\freenet

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Program Files (x86)\freenetMail Dateimanager

2014-06-20 07:47 - 2014-06-20 07:47 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreeOCR

2014-06-20 07:44 - 2014-06-20 07:47 - 00000000 ____D () C:\FreeOCR

2014-06-20 07:44 - 2014-06-20 07:44 - 00000590 _____ () C:\Users\HDS\Desktop\FreeOCR.lnk

2014-06-20 07:44 - 2014-06-20 07:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOCR

2014-06-20 07:44 - 2007-03-10 10:11 - 02680320 _____ (HiComponents) C:\Windows\SysWOW64\ImageEnXLibrary.ocx

2014-06-20 07:43 - 2014-06-20 08:40 - 00000000 ____D () C:\Users\HDS\Documents\Add-in Express

2014-06-20 07:43 - 2014-06-20 07:43 - 00000000 ____D () C:\Program Files (x86)\PrintEco

2014-06-18 16:12 - 2014-06-18 16:18 - 00000000 ____D () C:\Users\HDS\Documents\Fax

2014-06-18 09:46 - 2014-06-18 09:46 - 00003090 _____ () C:\Windows\System32\Tasks\{05AE3A2C-E679-448E-AB6E-97F7FFBF0FD5}

2014-06-17 12:09 - 2014-06-17 12:09 - 00001119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 6.0.lnk

2014-06-17 12:09 - 2014-06-17 12:09 - 00001107 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 6.0.lnk

2014-06-17 12:06 - 2014-06-17 12:06 - 01628920 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxsfs.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00547576 ____N (Sonic Solutions) C:\Windows\SysWOW64\px.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00510712 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxdrv.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00379640 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxwave.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00187128 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxmas.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00129784 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxafs.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00118520 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsi64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00116472 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpyi64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00072440 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxhpinst.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsa64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpya64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00052856 ____N (Sonic Solutions) C:\Windows\system32\Drivers\PxHlpa64.sys

2014-06-17 12:06 - 2014-06-17 12:06 - 00039672 ____N (Sonic Solutions) C:\Windows\SysWOW64\vxblock.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdralw2k.sys

2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdr4_xp.sys
 

==================== One Month Modified Files and Folders =======
 

2014-07-14 08:48 - 2014-07-07 18:41 - 00000000 ____D () C:\FRST

2014-07-14 08:41 - 2014-01-03 19:14 - 01619836 _____ () C:\Windows\WindowsUpdate.log

2014-07-14 08:28 - 2014-01-04 14:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-07-14 08:19 - 2009-07-14 06:45 - 00018816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-07-14 08:19 - 2009-07-14 06:45 - 00018816 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-07-14 08:12 - 2014-01-05 13:18 - 00000000 ____D () C:\Users\HDS\AppData\Local\HTC MediaHub

2014-07-14 08:11 - 2014-02-25 16:15 - 00000000 ____D () C:\Program Files (x86)\AntiBrowserSpy

2014-07-14 08:10 - 2014-01-04 11:59 - 00264102 _____ () C:\Windows\PFRO.log

2014-07-14 08:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-07-14 08:10 - 2009-07-14 06:51 - 00060421 _____ () C:\Windows\setupact.log

2014-07-13 09:22 - 2014-07-13 09:22 - 02347384 _____ (ESET) C:\Users\HDS\Downloads\esetsmartinstaller_deu.exe

2014-07-12 17:47 - 2014-01-04 18:24 - 00000000 ____D () C:\Users\HDS\Desktop\Alte Firefox-Daten

2014-07-12 14:10 - 2014-01-04 13:52 - 00001617 _____ () C:\Windows\BRRBCOM.INI

2014-07-12 11:34 - 2014-04-23 17:06 - 00000000 ____D () C:\AdwCleaner

2014-07-12 11:02 - 2014-07-12 11:00 - 00060081 _____ () C:\Users\HDS\Downloads\FRST.txt

2014-07-12 11:00 - 2014-07-12 10:59 - 02084864 _____ (Farbar) C:\Users\HDS\Downloads\FRST64.exe

2014-07-12 10:48 - 2014-07-12 10:13 - 01348263 _____ () C:\Users\HDS\Desktop\adwcleaner_3.215.exe

2014-07-12 10:45 - 2014-07-12 10:45 - 00000887 _____ () C:\Users\HDS\Desktop\JRT.txt

2014-07-12 10:38 - 2014-07-12 10:38 - 01016261 _____ (Thisisu) C:\Users\HDS\Desktop\JRT.exe

2014-07-12 10:33 - 2014-04-23 15:42 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-07-12 10:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat

2014-07-12 09:56 - 2014-07-12 09:56 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-12 09:56 - 2014-07-12 09:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-12 09:56 - 2014-07-12 09:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-07-11 18:45 - 2014-01-14 16:49 - 00017920 _____ () C:\Users\HDS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-07-11 12:41 - 2014-01-05 11:34 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\CoreFTP

2014-07-11 12:01 - 2014-07-11 12:01 - 00000000 ____D () C:\Users\HDS\Documents\Canon Utilities

2014-07-10 19:18 - 2009-07-14 19:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat

2014-07-10 19:18 - 2009-07-14 19:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat

2014-07-10 19:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-07-10 13:51 - 2014-01-04 09:54 - 00000000 ____D () C:\ProgramData\Adobe

2014-07-10 12:44 - 2014-01-04 17:50 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Adobe

2014-07-10 08:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache

2014-07-10 07:36 - 2009-07-14 06:45 - 00369552 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-07-10 07:34 - 2014-06-04 05:15 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-07-10 07:34 - 2009-07-14 20:18 - 00000000 ____D () C:\Program Files\Windows Journal

2014-07-10 07:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism

2014-07-10 07:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism

2014-07-09 21:52 - 2014-01-05 09:57 - 00000000 ____D () C:\Windows\system32\MRT

2014-07-09 21:52 - 2014-01-04 10:06 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-07-09 21:48 - 2014-01-05 09:57 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-07-09 19:58 - 2014-07-09 19:58 - 05216105 _____ () C:\Users\HDS\Desktop\ComboFix.exe

2014-07-09 19:28 - 2014-01-04 14:48 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-07-09 19:28 - 2014-01-04 14:48 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-07-09 19:28 - 2014-01-03 19:44 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-07-07 21:51 - 2014-07-07 21:51 - 909476139 _____ () C:\Windows\MEMORY.DMP

2014-07-07 21:51 - 2014-07-07 21:51 - 00455752 _____ () C:\Windows\Minidump\070714-46347-01.dmp

2014-07-07 21:51 - 2014-07-07 21:51 - 00000000 ____D () C:\Windows\Minidump

2014-07-07 21:51 - 2014-01-03 20:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-07-07 20:23 - 2014-07-07 20:23 - 00003301 _____ () C:\Users\HDS\Desktop\Gmer.txt

2014-07-07 18:36 - 2014-07-07 18:36 - 00000000 _____ () C:\Users\HDS\defogger_reenable

2014-07-07 18:36 - 2014-01-04 17:50 - 00000000 ____D () C:\Users\HDS

2014-07-07 15:11 - 2014-07-07 15:11 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Thunderbird

2014-07-07 13:11 - 2014-07-07 13:11 - 00002098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk

2014-07-07 13:11 - 2014-07-07 13:11 - 00002086 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk

2014-07-07 13:11 - 2014-07-07 13:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

2014-07-07 12:38 - 2014-07-07 12:38 - 00000000 ____D () C:\Users\HDS\AppData\Local\Thunderbird

2014-07-05 08:19 - 2014-01-05 11:57 - 00001841 _____ () C:\Windows\system32\TeamViewer9_Hooks.log

2014-07-05 08:19 - 2014-01-05 11:56 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk

2014-07-05 08:19 - 2014-01-05 11:56 - 00001090 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk

2014-07-03 21:36 - 2014-04-05 16:09 - 00000000 ___RD () C:\Users\HDS\Dropbox

2014-07-03 16:52 - 2014-04-05 16:06 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Dropbox

2014-07-03 16:49 - 2014-06-28 15:09 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\DropboxMaster

2014-07-03 08:56 - 2014-07-03 08:56 - 00000000 ____D () C:\Users\HDS\AppData\Local\G DATA

2014-07-03 08:41 - 2014-07-03 08:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity

2014-07-03 08:41 - 2014-04-10 14:04 - 00020992 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBFlt64.sys

2014-07-03 08:41 - 2014-04-10 14:04 - 00001978 _____ () C:\Users\Public\Desktop\G Data InternetSecurity.lnk

2014-07-03 08:41 - 2014-01-03 20:03 - 00064000 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys

2014-07-03 08:41 - 2014-01-03 20:02 - 00064000 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys

2014-07-03 08:41 - 2014-01-03 20:02 - 00061440 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys

2014-07-03 08:40 - 2014-01-05 13:17 - 00053328 _____ () C:\Windows\DPINST.LOG

2014-07-03 08:40 - 2014-01-03 20:02 - 00142336 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys

2014-07-03 08:40 - 2014-01-03 20:02 - 00055808 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys

2014-07-02 17:31 - 2014-01-05 10:50 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\vlc

2014-07-02 14:01 - 2014-01-22 18:39 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\KeePass

2014-07-02 11:06 - 2014-07-02 11:06 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreemakeVideoConverter

2014-07-02 11:05 - 2014-07-02 11:05 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake

2014-07-02 11:05 - 2014-01-16 16:28 - 00001320 _____ () C:\Users\Public\Desktop\Freemake Video Converter.lnk

2014-07-02 11:05 - 2014-01-16 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake

2014-06-30 04:09 - 2014-07-09 07:59 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-06-30 04:04 - 2014-07-09 07:59 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-06-29 16:14 - 2014-01-05 11:58 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\Skype

2014-06-29 13:30 - 2014-03-28 18:36 - 00000000 ___RD () C:\Program Files (x86)\Skype

2014-06-29 13:30 - 2014-01-05 11:58 - 00000000 ____D () C:\ProgramData\Skype

2014-06-28 15:09 - 2014-04-05 16:09 - 00001011 _____ () C:\Users\HDS\Desktop\Dropbox.lnk

2014-06-24 14:22 - 2014-06-24 14:22 - 00001132 _____ () C:\Users\Public\Desktop\freenetMail Dateimanager.lnk

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Users\HDS\AppData\Roaming\freenet

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\freenetMail Dateimanager

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\ProgramData\freenet

2014-06-24 14:22 - 2014-06-24 14:22 - 00000000 ____D () C:\Program Files (x86)\freenetMail Dateimanager

2014-06-20 22:14 - 2014-07-09 07:59 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-06-20 21:39 - 2014-07-09 07:59 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-06-20 08:40 - 2014-06-20 07:43 - 00000000 ____D () C:\Users\HDS\Documents\Add-in Express

2014-06-20 07:47 - 2014-06-20 07:47 - 00000000 ____D () C:\Users\HDS\AppData\Local\FreeOCR

2014-06-20 07:47 - 2014-06-20 07:44 - 00000000 ____D () C:\FreeOCR

2014-06-20 07:44 - 2014-06-20 07:44 - 00000590 _____ () C:\Users\HDS\Desktop\FreeOCR.lnk

2014-06-20 07:44 - 2014-06-20 07:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOCR

2014-06-20 07:43 - 2014-06-20 07:43 - 00000000 ____D () C:\Program Files (x86)\PrintEco

2014-06-19 03:39 - 2014-07-09 07:59 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-06-19 03:06 - 2014-07-09 07:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-06-19 03:06 - 2014-07-09 07:59 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-06-19 02:48 - 2014-07-09 07:59 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-06-19 02:42 - 2014-07-09 07:59 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-06-19 02:42 - 2014-07-09 07:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-06-19 02:41 - 2014-07-09 07:59 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-06-19 02:41 - 2014-07-09 07:59 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-06-19 02:32 - 2014-07-09 07:59 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-06-19 02:31 - 2014-07-09 07:59 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-06-19 02:26 - 2014-07-09 07:59 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-06-19 02:24 - 2014-07-09 07:59 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-06-19 02:24 - 2014-07-09 07:59 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-06-19 02:23 - 2014-07-09 07:59 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-06-19 02:16 - 2014-07-09 07:59 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-06-19 02:14 - 2014-07-09 07:59 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-06-19 02:09 - 2014-07-09 07:59 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-06-19 01:59 - 2014-07-09 07:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-06-19 01:56 - 2014-07-09 07:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-06-19 01:53 - 2014-07-09 07:59 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-06-19 01:51 - 2014-07-09 07:59 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-06-19 01:50 - 2014-07-09 07:59 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-06-19 01:48 - 2014-07-09 07:59 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-06-19 01:39 - 2014-07-09 07:59 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-06-19 01:38 - 2014-07-09 07:59 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-06-19 01:37 - 2014-07-09 07:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-06-19 01:36 - 2014-07-09 07:59 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-06-19 01:35 - 2014-07-09 07:59 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-06-19 01:33 - 2014-07-09 07:59 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-06-19 01:32 - 2014-07-09 07:59 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-06-19 01:28 - 2014-07-09 07:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-06-19 01:28 - 2014-07-09 07:59 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-06-19 01:27 - 2014-07-09 07:59 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-06-19 01:27 - 2014-07-09 07:59 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-06-19 01:25 - 2014-07-09 07:59 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-06-19 01:23 - 2014-07-09 07:59 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-06-19 01:22 - 2014-07-09 07:59 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-06-19 01:12 - 2014-07-09 07:59 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-06-19 01:06 - 2014-07-09 07:59 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-06-19 01:01 - 2014-07-09 07:59 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-06-19 00:59 - 2014-07-09 07:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-06-19 00:58 - 2014-07-09 07:59 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-06-19 00:58 - 2014-07-09 07:59 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-06-19 00:52 - 2014-07-09 07:59 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-06-19 00:51 - 2014-07-09 07:59 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-06-19 00:49 - 2014-07-09 07:59 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-06-19 00:46 - 2014-07-09 07:59 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-06-19 00:45 - 2014-07-09 07:59 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-06-19 00:35 - 2014-07-09 07:59 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-06-19 00:34 - 2014-07-09 07:59 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-06-19 00:15 - 2014-07-09 07:59 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-06-19 00:13 - 2014-07-09 07:59 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-06-19 00:09 - 2014-07-09 07:59 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-06-19 00:07 - 2014-07-09 07:59 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-06-18 17:58 - 2014-01-04 12:07 - 00000871 _____ () C:\Users\Public\Desktop\VLC media player.lnk

2014-06-18 16:18 - 2014-06-18 16:12 - 00000000 ____D () C:\Users\HDS\Documents\Fax

2014-06-18 09:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help

2014-06-18 09:46 - 2014-06-18 09:46 - 00003090 _____ () C:\Windows\System32\Tasks\{05AE3A2C-E679-448E-AB6E-97F7FFBF0FD5}

2014-06-18 09:43 - 2014-01-04 13:21 - 00002669 _____ () C:\Users\Public\Desktop\TAXMAN 2014 spezial.lnk

2014-06-18 09:43 - 2014-01-03 19:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware

2014-06-18 04:18 - 2014-07-09 07:59 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe

2014-06-18 03:51 - 2014-07-09 07:59 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe

2014-06-18 03:10 - 2014-07-09 07:59 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-06-17 12:14 - 2014-01-04 17:50 - 00096280 _____ () C:\Users\HDS\AppData\Local\GDIPFONTCACHEV1.DAT

2014-06-17 12:09 - 2014-06-17 12:09 - 00001119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 6.0.lnk

2014-06-17 12:09 - 2014-06-17 12:09 - 00001107 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 6.0.lnk

2014-06-17 12:06 - 2014-06-17 12:06 - 01628920 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxsfs.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00547576 ____N (Sonic Solutions) C:\Windows\SysWOW64\px.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00510712 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxdrv.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00379640 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxwave.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00187128 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxmas.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00129784 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxafs.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00118520 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsi64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00116472 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpyi64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00072440 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxhpinst.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxinsa64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00064760 ____N (Sonic Solutions) C:\Windows\SysWOW64\pxcpya64.exe

2014-06-17 12:06 - 2014-06-17 12:06 - 00052856 ____N (Sonic Solutions) C:\Windows\system32\Drivers\PxHlpa64.sys

2014-06-17 12:06 - 2014-06-17 12:06 - 00039672 ____N (Sonic Solutions) C:\Windows\SysWOW64\vxblock.dll

2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdralw2k.sys

2014-06-17 12:06 - 2014-06-17 12:06 - 00010488 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdr4_xp.sys

2014-06-17 12:06 - 2014-01-04 11:53 - 00000209 _____ () C:\Windows\ODBCINST.INI

2014-06-17 12:06 - 2014-01-04 09:53 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-06-17 12:03 - 2014-02-19 18:37 - 00000000 ____D () C:\Users\Hans-Dieter\AppData\Roaming\Adobe

2014-06-17 12:03 - 2014-01-04 15:43 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe

2014-06-17 10:53 - 2014-03-27 18:12 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-06-17 10:53 - 2014-01-05 13:05 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-06-17 10:48 - 2014-03-27 18:12 - 00004118 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-06-17 10:48 - 2014-01-05 13:05 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-06-17 08:47 - 2014-01-18 14:52 - 00007906 _____ () C:\Users\HDS\Documents\capella.log

2014-06-16 17:26 - 2014-06-13 17:19 - 00000000 ____D () C:\Users\HDS\AppData\Local\Adobe

2014-06-15 15:50 - 2014-01-22 18:37 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk

2014-06-15 15:50 - 2014-01-22 18:37 - 00001105 _____ () C:\Users\HDS\Desktop\KeePass 2.lnk

2014-06-15 15:50 - 2014-01-22 18:37 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2

2014-06-15 12:53 - 2014-01-05 10:30 - 00000000 ____D () C:\Users\HDS\Documents\MyHeritage
 

Some content of TEMP:

====================

C:\Users\HDS\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe

C:\Users\HDS\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpl_pmpy.dll

C:\Users\HDS\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsbry6o.dll

C:\Users\HDS\AppData\Local\Temp\FreemakeVideoConverter_4.1.4.1.exe

C:\Users\HDS\AppData\Local\Temp\FreemakeVideoDownloader_3.6.2.3.exe

C:\Users\HDS\AppData\Local\Temp\NOSEventMessages.dll

C:\Users\HDS\AppData\Local\Temp\Quarantine.exe

C:\Users\HDS\AppData\Local\Temp\vlc-2.1.4-win64.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-07-08 07:47
 

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber

14.07.2014 17:55

Java updaten.

Downloads und Backups auf E kannste komplett löschen.

Revo Uninstaller - Download - Filepony
damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.mozilla.org/de/kb/fi...einfach-loesen

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ProxyEnable: Internet Explorer proxy is enabled.

ProxyServer: localhost:8088

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Noch Probleme?

masin

15.07.2014 11:46

Danke, werde mich morgen gleich ans Werk machen.
Habe aber eine kleine Verständnisfrage:
Wenn ich Firefox komplett gebügelt und dann blitzsauber neu installiert habe - was genau soll ich mit dem Mozilla-Support-Link tun, wo es im wesentlichen um das Rücksetzen von Firefox bei Fehlern geht (die ja jetzt hoffentlich nicht mehr drin sein werden)?

Gruß masin

Morgen, schrauber,

ich muß mal einen Zwischenbericht liefern, weil irgendwas zu klemmen scheint.
Habfolgendes gemacht:
1. Java (war bereits aktuell)
2. Firefox mit Revo Uninstaller komplett deinstalliert und neu installiert
3. Support-Link Mozilla: vorläufig ausgelassen (she. meinen Text von gestern abend)
4.TFC: läuft jetzt und scheint Probleme zu machen. Hat in kurzer Zeit von diversen Usern die Temp-Dateien gelöscht. Jetzt gucke ich beim User HDS schon etwa 20 min auf den grünen Fortschrittsbalken, der fröhlich hin- und hersaust, weiter passiert nichts.
Wenn du das für normal hältst, warte ich gern weiter, wenn nicht - was mache ich?

Gruß masin

Wie du dir wahrscheinlich gedacht hast, war ich mit dem TFC etwas zu ungeduldig.
Als ich nach zwei Stunden wieder zu Hause war, war TFC auch fertig.
Hier die fixlog.txt:

Code:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-07-2014

Ran by HDS at 2014-07-15 12:35:00 Run:1

Running from C:\Users\HDS\Downloads

Boot Mode: Normal

==============================================
 

Content of fixlist:

*****************

ProxyEnable: Internet Explorer proxy is enabled.

ProxyServer: localhost:8088

*****************
 

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
 

==== End of Fixlog ====

Was deine Frage nach Problemen betrifft, so werde ich es sicher schnell feststellen.
Außerdem werde ich etwas in euren Sparbüchsenschlitz werfen und dann die nächste Bitte um Hilfe starten - auf meinem anderen Rechner (Notebook) habe ich das Problem mit dem ständig abstürzenden Shockwave Flash.

Dir auf jeden Fall besten Dank

masin

schrauber

16.07.2014 09:49

Firefox auf jeden Fall zurücksetzen, nach Deinstall und Neuinstall bleiben immer noch Reste. Dann bitte Rechner testen und berichten :)

masin

16.07.2014 13:17

Ach so ist das mit dem Firefox zurücksetzen, dann ist alles klar.
Rechner scheint ök zu sein, bin bis jetzt sehr zufrieden.

Wenn es eine erkennbare Ursache für das Dilemma auf meinem Rechner gibt - welche ist es? Softonic wie beim letzten Mal jedenfalls nicht :nono:

Hast du 'ne Vorstellung, woher die seltsamen Fehlermeldungen beim Combofix kamen?

Nochmals Danke und Gruß!

masin

schrauber

16.07.2014 20:31

Nee, spontan keine Idee.

Fertig :)

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

masin

17.07.2014 17:32

Hallo, schrauber,

habe alles erledigt; folgende Bemerkungen dazu:
1. Defogger: problemlos
2. Combofix: derselbe Trödel mit den Fehlermeldungen wie neulich, es half auch kein Umbenennen. Darauf habe ich CF erneut heruntergeladen - nun klappte es wie es sollte.
Die combofix.txt kann ich dir allerdings - falls du sie überhaupt haben wolltest - nicht schicken; die hat Delfix gelöscht.

Vielen Dank auch für deine anschließenden wertvollen Tipps für ein sicheres Leben am Computer.
Ich habe zwar das meiste davon bereits aktiviert, wie WOT, NoScript, Adblock Plus, aber einiges war doch neu für mich; ich werde mich in den nächsten Tagen damit beschäftigen.
Was die erbetene Rückmeldung betrifft - es scheint ja nun alles erledigt zu sein, du kannst mich "streichen".

Dir nochmals besten Dank für deine wiederholte fachkundige Hilfe und alles Gute für dich.

Viele Grüße

masin

schrauber

18.07.2014 04:50

Gern Geschehen :)

Alle Zeitangaben in WEZ +1. Es ist jetzt 15:43 Uhr.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55