Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 03.02.2015, 00:16   #1
Trollherbert
 
Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner? - Standard

Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner?



Guten Abend,
Avast hat bei mir kennwortgeschützte Archive gefunden, ich bin unsicher welchen sinn diese Archive haben, die Archive heißen wie folgt:
C:\Users\Nagel\Downloads\install_flashplayer11x32_mssd_aaa_aih.exe|>images\bgbutton.png
C:\Users\Nagel\Downloads\install_flashplayer11x32_mssd_aaa_aih.exe|>images\bgbuttonfinished.png
C:\Users\Nagel\Downloads\install_flashplayer11x32_mssd_aaa_aih.exe|>images\bgcloseprogram.png
C:\Users\Nagel\Downloads\install_flashplayer11x32_mssd_aaa_aih.exe|>images\bgdownloadbarempty.png
C:\Users\Nagel\Downloads\install_flashplayer11x32_mssd_aaa_aih.exe|>images\bgdownloadbarerror.png

Systemscan mit FRST

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by Nagel (administrator) on NAGEL-PC on 03-02-2015 00:09:36
Running from C:\Users\Nagel\Desktop
Loaded Profiles: Nagel (Available profiles: Nagel)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUsb\XFastUsb.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Farbar) C:\Users\Nagel\Desktop\FRST64(1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-28] (Realtek Semiconductor)
HKLM\...\Run: [RunDLLEntry] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [XFastUsb] => C:\Program Files (x86)\XFastUsb\XFastUsb.exe [4838912 2011-12-20] (FNet Co., Ltd.)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe [241789 2009-05-04] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKU\S-1-5-21-2764538219-2713831469-2866569616-1000\...\Run: [Fatal1tySTU] => [X]
HKU\S-1-5-21-2764538219-2713831469-2866569616-1000\...\Run: [zASRockInstantBoot] => [X]
HKU\S-1-5-21-2764538219-2713831469-2866569616-1000\...\Run: [Google Update] => C:\Users\Nagel\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-02] (Google Inc.)
HKU\S-1-5-21-2764538219-2713831469-2866569616-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
Startup: C:\Users\Nagel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\Nagel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Nagel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2764538219-2713831469-2866569616-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Nagel\AppData\Roaming\Mozilla\Firefox\Profiles\wzrs24v3.default
FF DefaultSearchEngine: LEO Eng-Deu
FF SelectedSearchEngine: LEO Eng-Deu
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2764538219-2713831469-2866569616-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Nagel\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2764538219-2713831469-2866569616-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Nagel\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Nagel\AppData\Roaming\Mozilla\Firefox\Profiles\wzrs24v3.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\Nagel\AppData\Roaming\Mozilla\Firefox\Profiles\wzrs24v3.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Nagel\AppData\Roaming\Mozilla\Firefox\Profiles\wzrs24v3.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Nagel\AppData\Roaming\Mozilla\Firefox\Profiles\wzrs24v3.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Nagel\AppData\Roaming\Mozilla\Firefox\Profiles\wzrs24v3.default\searchplugins\webde-suche.xml
FF Extension: ProxTube - C:\Users\Nagel\AppData\Roaming\Mozilla\Firefox\Profiles\wzrs24v3.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2014-07-29]
FF Extension: Adblock Plus - C:\Users\Nagel\AppData\Roaming\Mozilla\Firefox\Profiles\wzrs24v3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-12-20]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-01-26]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-01-26]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-12-20]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Plugin: (Shockwave Flash) - C:\Users\Nagel\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Nagel\AppData\Local\Google\Chrome\Application\40.0.2214.91\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Nagel\AppData\Local\Google\Chrome\Application\40.0.2214.91\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Nagel\AppData\Local\Google\Chrome\Application\40.0.2214.91\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U35) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.350.10) - C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
CHR Plugin: (Google Update) - C:\Users\Nagel\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Profile: C:\Users\Nagel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Nagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-07-17]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-26]
CHR Extension: (AdBlock) - C:\Users\Nagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-09-02]
CHR Extension: (Google Wallet) - C:\Users\Nagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-11]
StartMenuInternet: Google Chrome.MCGUFTJKQJOMCU353M63HDGSUI - C:\Users\Nagel\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-11] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-11] (Avast Software)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2011-12-20] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2011-12-20] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
S3 Sound Blaster X-Fi MB Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [79360 2011-12-20] (Creative Labs) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S1 AsrHidFilter; C:\Windows\System32\DRIVERS\AsrHidFilter.sys [17928 2011-02-17] (ASRock Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-11] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-11] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-11] ()
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [31808 2011-12-20] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2011-12-20] (FNet Co., Ltd.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 skfiltv; C:\Windows\System32\drivers\skfiltv.sys [24064 2008-08-14] (Creative Technology Ltd.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-11] (Avast Software)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-03 00:09 - 2015-02-03 00:10 - 00016309 _____ () C:\Users\Nagel\Desktop\FRST.txt
2015-02-01 18:36 - 2015-02-01 18:36 - 02131456 _____ (Farbar) C:\Users\Nagel\Desktop\FRST64(1).exe
2015-01-26 23:09 - 2015-01-26 23:12 - 00000000 ____D () C:\Users\Nagel\Documents\Marvel The Agents of S.H.I.E.L.D
2015-01-26 23:09 - 2015-01-26 23:09 - 00000000 ____D () C:\Users\Nagel\Documents\Marvel Guardians of the Galaxy
2015-01-26 18:59 - 2015-01-26 18:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-24 12:34 - 2015-01-24 12:36 - 00000247 _____ () C:\Windows\system32\2015-01-24-11-34-05.078-aswFe.exe-5640.log
2015-01-24 12:34 - 2015-01-24 12:34 - 00000197 _____ () C:\Windows\system32\2015-01-24-11-34-03.060-AvastVBoxSVC.exe-5596.log
2015-01-24 12:28 - 2015-01-24 12:30 - 00000247 _____ () C:\Windows\system32\2015-01-24-11-28-07.092-aswFe.exe-2980.log
2015-01-24 12:28 - 2015-01-24 12:28 - 00000197 _____ () C:\Windows\system32\2015-01-24-11-28-06.010-AvastVBoxSVC.exe-4240.log
2015-01-24 12:20 - 2015-01-24 12:23 - 00000247 _____ () C:\Windows\system32\2015-01-24-11-20-52.027-aswFe.exe-3908.log
2015-01-24 12:20 - 2015-01-24 12:20 - 00000197 _____ () C:\Windows\system32\2015-01-24-11-20-48.046-AvastVBoxSVC.exe-5580.log
2015-01-23 17:06 - 2015-01-23 17:07 - 00000197 _____ () C:\Windows\system32\2015-01-23-16-06-57.039-AvastVBoxSVC.exe-3168.log
2015-01-23 12:09 - 2015-01-23 12:09 - 00000197 _____ () C:\Windows\system32\2015-01-23-11-09-21.051-AvastVBoxSVC.exe-3516.log
2015-01-22 16:58 - 2015-01-09 23:27 - 00621200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-01-22 16:55 - 2015-01-13 05:15 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 32102544 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 25459856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 24765584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 20465296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 13295552 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 13210248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 10774544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 10714488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 10274448 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-01-22 16:55 - 2015-01-10 09:07 - 03607184 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 03245712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434725.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 01556808 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434725.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 00994712 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 00969360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 00942736 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 00929424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 00906384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 00877488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 00353040 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 00305320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 00177624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-01-22 16:24 - 2015-01-22 16:25 - 00000197 _____ () C:\Windows\system32\2015-01-22-15-24-20.000-AvastVBoxSVC.exe-3768.log
2015-01-21 16:29 - 2015-01-21 16:30 - 00000197 _____ () C:\Windows\system32\2015-01-21-15-29-49.029-AvastVBoxSVC.exe-4252.log
2015-01-20 16:45 - 2015-01-20 16:45 - 00000247 _____ () C:\Windows\system32\2015-01-20-15-45-38.083-aswFe.exe-6124.log
2015-01-20 16:40 - 2015-01-20 16:45 - 00000247 _____ () C:\Windows\system32\2015-01-20-15-40-48.064-aswFe.exe-5324.log
2015-01-20 16:40 - 2015-01-20 16:40 - 00000197 _____ () C:\Windows\system32\2015-01-20-15-40-44.060-AvastVBoxSVC.exe-6064.log
2015-01-19 16:32 - 2015-01-19 16:32 - 00000197 _____ () C:\Windows\system32\2015-01-19-15-32-01.098-AvastVBoxSVC.exe-3140.log
2015-01-18 21:45 - 2015-01-18 21:46 - 07818296 _____ () C:\Users\Nagel\Downloads\2013_11_21.bmp
2015-01-18 15:55 - 2015-01-18 15:55 - 00000000 __SHD () C:\Users\Nagel\AppData\Local\EmieBrowserModeList
2015-01-18 15:15 - 2015-01-18 15:15 - 00000197 _____ () C:\Windows\system32\2015-01-18-14-15-18.049-AvastVBoxSVC.exe-3144.log
2015-01-15 16:31 - 2015-01-15 16:32 - 00000197 _____ () C:\Windows\system32\2015-01-15-15-31-25.077-AvastVBoxSVC.exe-2836.log
2015-01-14 11:27 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 11:27 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 11:27 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 11:27 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 11:27 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 11:27 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 11:27 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 11:27 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 11:27 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 11:27 - 2014-12-11 18:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 11:27 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 11:27 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 11:27 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 11:17 - 2015-01-14 11:17 - 00000197 _____ () C:\Windows\system32\2015-01-14-10-17-07.099-AvastVBoxSVC.exe-4952.log
2015-01-13 11:37 - 2015-01-13 11:38 - 00000197 _____ () C:\Windows\system32\2015-01-13-10-37-49.032-AvastVBoxSVC.exe-3320.log
2015-01-12 19:58 - 2015-01-12 19:58 - 00000197 _____ () C:\Windows\system32\2015-01-12-18-57-57.028-AvastVBoxSVC.exe-3292.log
2015-01-12 09:35 - 2015-01-12 09:36 - 00000247 _____ () C:\Windows\system32\2015-01-12-08-35-58.034-aswFe.exe-3456.log
2015-01-12 09:30 - 2015-01-12 09:35 - 00000247 _____ () C:\Windows\system32\2015-01-12-08-30-00.085-aswFe.exe-5276.log
2015-01-12 09:29 - 2015-01-12 09:29 - 00000197 _____ () C:\Windows\system32\2015-01-12-08-29-54.084-AvastVBoxSVC.exe-5992.log
2015-01-12 09:22 - 2015-01-12 09:22 - 00000197 _____ () C:\Windows\system32\2015-01-12-08-22-31.010-AvastVBoxSVC.exe-2844.log
2015-01-08 18:18 - 2015-01-08 18:18 - 00000000 ____D () C:\Users\Nagel\AppData\Roaming\TeamViewer
2015-01-08 17:12 - 2015-01-08 17:12 - 00001064 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-01-08 17:12 - 2015-01-08 17:12 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-01-08 17:11 - 2015-01-08 17:11 - 07718224 _____ (TeamViewer GmbH) C:\Users\Nagel\Downloads\TeamViewer_Setup_de.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-03 00:09 - 2014-05-19 18:02 - 00000000 ____D () C:\FRST
2015-02-02 23:51 - 2012-04-02 14:55 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-02 23:42 - 2012-09-02 11:35 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2764538219-2713831469-2866569616-1000UA.job
2015-02-02 23:34 - 2011-12-29 16:33 - 00000000 ____D () C:\Users\Nagel\AppData\Roaming\TS3Client
2015-02-02 23:31 - 2011-12-20 03:12 - 01397346 _____ () C:\Windows\WindowsUpdate.log
2015-02-02 23:29 - 2011-12-20 17:29 - 00000000 ____D () C:\Users\Nagel\AppData\Roaming\Skype
2015-02-02 23:20 - 2013-03-10 12:50 - 00000858 _____ () C:\Windows\client.config.ini
2015-02-02 22:48 - 2012-06-01 16:01 - 00000000 ____D () C:\Users\Nagel\AppData\Local\Deployment
2015-02-02 19:33 - 2012-02-12 17:35 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-02 19:32 - 2014-10-27 17:11 - 00000000 ____D () C:\Windows\Minidump
2015-02-02 19:32 - 2011-12-20 17:13 - 00000000 ____D () C:\Users\Nagel\AppData\Local\CrashDumps
2015-02-02 19:32 - 2011-12-20 03:08 - 00000000 ____D () C:\Windows\Panther
2015-02-02 17:42 - 2012-09-02 11:35 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2764538219-2713831469-2866569616-1000Core.job
2015-02-02 16:32 - 2009-07-14 05:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-02 16:32 - 2009-07-14 05:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-02 16:29 - 2013-10-15 16:55 - 00000000 ___RD () C:\Users\Nagel\Dropbox
2015-02-02 16:29 - 2013-10-15 16:53 - 00000000 ____D () C:\Users\Nagel\AppData\Roaming\Dropbox
2015-02-02 16:26 - 2011-12-20 14:09 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-02 16:26 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-01 15:42 - 2012-07-10 11:35 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-29 23:50 - 2011-12-20 23:20 - 00000000 ____D () C:\Users\Nagel\AppData\Roaming\vlc
2015-01-27 16:25 - 2012-04-27 12:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-26 23:08 - 2012-07-16 16:44 - 00000000 ____D () C:\Users\Nagel\Documents\Sozialversicherungen
2015-01-25 12:34 - 2014-03-23 20:57 - 00000075 _____ () C:\Users\Nagel\Desktop\Dias-RoM.txt
2015-01-24 23:51 - 2012-04-02 14:55 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-24 23:51 - 2012-04-02 14:55 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-24 23:51 - 2011-12-20 17:34 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-22 22:56 - 2014-06-15 14:43 - 00000000 ____D () C:\Program Files\Java
2015-01-22 22:56 - 2013-10-17 17:40 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-22 22:54 - 2014-07-20 17:18 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-01-22 22:54 - 2014-07-20 17:18 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-01-22 22:54 - 2014-07-20 17:18 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-01-22 22:54 - 2014-06-15 14:43 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-01-22 16:58 - 2014-11-04 17:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-01-19 18:23 - 2009-07-14 18:58 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2015-01-19 18:23 - 2009-07-14 18:58 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2015-01-19 18:23 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-15 00:06 - 2013-08-14 21:37 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 00:01 - 2011-12-20 18:48 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-11 16:15 - 2009-07-14 05:45 - 00299040 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-10 09:07 - 2014-12-23 19:46 - 16009120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-01-10 09:07 - 2014-12-23 19:46 - 02902456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-01-10 09:07 - 2014-11-19 17:46 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-01-10 09:07 - 2012-12-19 19:50 - 17250776 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-01-10 09:07 - 2011-12-20 14:07 - 18566296 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-01-10 09:07 - 2011-12-20 14:07 - 14115944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-01-10 09:07 - 2011-12-20 14:07 - 03298816 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-01-10 00:30 - 2011-03-20 17:33 - 06860432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-01-10 00:30 - 2011-03-20 17:33 - 03517256 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-01-10 00:29 - 2011-03-20 17:34 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-01-10 00:29 - 2011-03-20 17:34 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-01-10 00:29 - 2011-03-20 17:34 - 00385352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-01-10 00:29 - 2011-03-20 17:34 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-01-09 20:47 - 2012-03-15 22:52 - 04173527 _____ () C:\Windows\system32\nvcoproc.bin
2015-01-08 19:00 - 2011-12-20 18:23 - 00065152 _____ () C:\Users\Nagel\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-08 09:55 - 2011-12-19 21:32 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2012-02-13 19:24 - 2012-07-16 16:52 - 0000600 _____ () C:\Users\Nagel\AppData\Roaming\winscp.rnd
2012-01-05 22:35 - 2012-01-05 22:35 - 0000017 _____ () C:\Users\Nagel\AppData\Local\resmon.resmoncfg
2012-02-13 18:55 - 2011-12-15 18:55 - 0000032 ____R () C:\ProgramData\hash.dat

Files to move or delete:
====================
C:\ProgramData\hash.dat


Some content of TEMP:
====================
C:\Users\Nagel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpi1gxu2.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-24 19:03

==================== End Of Log ============================
         
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015
Ran by Nagel at 2015-02-03 00:10:36
Running from C:\Users\Nagel\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader 3.4 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.4.5.1525 - Open Media LLC)
64 Bit HP CIO Components Installer (Version: 8.2.4 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
ASRock App Charger v1.0.4 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
ASUS nVidia Driver (x32 Version: 1.00.0000 - ASUSTek) Hidden
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.0.0 - Auslogics Labs Pty Ltd)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Call of Duty: Advanced Warfare - Multiplayer (HKLM-x32\...\Steam App 209660) (Version:  - Sledgehammer Games)
Call of Duty: Advanced Warfare (HKLM-x32\...\Steam App 209650) (Version:  - Sledgehammer Games)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Curse Client (HKU\S-1-5-21-2764538219-2713831469-2866569616-1000\...\090215de958f1060) (Version: 4.0.1.260 - Curse)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - )
Dropbox (HKU\S-1-5-21-2764538219-2713831469-2866569616-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.96 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.96 - Etron Technology) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
F-Stream Tuning v0.1.27.13 (HKLM-x32\...\F-Stream Tuning_is1) (Version:  - )
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
Google Chrome (HKU\S-1-5-21-2764538219-2713831469-2866569616-1000\...\Google Chrome) (Version: 40.0.2214.94 - Google Inc.)
Hama Flashlight Pad (HKLM-x32\...\Hama Flashlight Pad) (Version:  - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of Newerth (HKLM-x32\...\hon) (Version: 2.3.0 - S2 Games)
InstantBoot (HKLM-x32\...\InstantBoot_is1) (Version:  - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Logitech GamePanel Software 3.06.109 (HKLM\...\{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}) (Version: 3.06.109 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.25 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.25 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
QIP 2012 4.0.7000 (HKU\S-1-5-21-2764538219-2713831469-2866569616-1000\...\QIP 2012) (Version: 4.0.7000 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6167 - Realtek Semiconductor Corp.)
Runes of Magic (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 5.0.5.2592 - Gameforge Productions GmbH)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Shutdown Timer (HKLM\...\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}) (Version: 3.3.4 - Sinvise Systems)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sound Blaster X-Fi MB (HKLM-x32\...\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}) (Version: 1.0 - Creative Technology Limited)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - Blizzard Entertainment)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WinSCP 4.3.6 (HKLM-x32\...\winscp3_is1) (Version: 4.3.6 - Martin Prikryl)
XFastUsb (HKLM-x32\...\XFastUsb) (Version:  - )
YTD Video Downloader 4.6 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.6 - GreenTree Applications SRL) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Nagel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Nagel\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Nagel\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{39049a7d-0377-4db1-aeb5-db60b76870a8}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Nagel\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Nagel\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Nagel\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Nagel\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================

13-01-2015 12:13:56 Geplanter Prüfpunkt
15-01-2015 00:00:08 Windows Update
18-01-2015 15:20:27 Windows Update
21-01-2015 16:32:17 Windows Update
27-01-2015 16:37:15 Windows Update
01-02-2015 15:48:12 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {38DC76CE-6A6A-4FA1-8A2B-C46D841009E3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {5C1D1930-75D7-4882-942D-EC8EF7646021} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {66AE9055-19FC-4919-8C45-212F6F492A3E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2764538219-2713831469-2866569616-1000UA => C:\Users\Nagel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-02] (Google Inc.)
Task: {A39C6A1B-D397-413A-8EA5-B1B0E12DCF08} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-24] (Adobe Systems Incorporated)
Task: {AEBFCDDB-156A-4184-BE56-31FBA81D96E8} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-11] (AVAST Software)
Task: {D3756E5F-1C96-4648-9CE7-CA80D031DA4E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2764538219-2713831469-2866569616-1000Core => C:\Users\Nagel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-02] (Google Inc.)
Task: {D9BFDBA4-A9F5-4F54-99D7-9CE653E3ED7C} - System32\Tasks\{84F65B50-34CB-4863-90DF-5BDB963DD700} => pcalua.exe -a C:\Users\Nagel\Downloads\setup.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2764538219-2713831469-2866569616-1000Core.job => C:\Users\Nagel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2764538219-2713831469-2866569616-1000UA.job => C:\Users\Nagel\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-03-20 17:33 - 2015-01-10 00:29 - 00117392 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-02-01 15:43 - 2015-02-01 15:43 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020100\algo.dll
2015-02-02 16:27 - 2015-02-02 16:27 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020200\algo.dll
2015-02-02 20:32 - 2015-02-02 20:32 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020201\algo.dll
2011-12-20 04:05 - 2009-02-06 18:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2011-12-20 04:05 - 2009-04-20 11:55 - 00148480 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2014-11-11 18:21 - 2014-11-11 18:21 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-01-26 18:59 - 2015-01-26 18:59 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-01-24 23:51 - 2015-01-24 23:51 - 16844976 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:05EE1EEF

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Nagel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccip.Startup
MSCONFIG\startupfolder: C:^Users^Nagel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Nagel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Nagel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.lnk => C:\Windows\pss\OpenOffice.org 3.4.lnk.Startup
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Nagel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Launch LCDMon => "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
MSCONFIG\startupreg: Launch LGDCore => "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
MSCONFIG\startupreg: Launch LgDeviceAgent => "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-2764538219-2713831469-2866569616-500 - Administrator - Disabled)
Gast (S-1-5-21-2764538219-2713831469-2866569616-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2764538219-2713831469-2866569616-1006 - Limited - Enabled)
Nagel (S-1-5-21-2764538219-2713831469-2866569616-1000 - Administrator - Enabled) => C:\Users\Nagel

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/02/2015 06:27:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Client.exe, Version: 6.2.1.2729, Zeitstempel: 0x54ab519c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002defe
ID des fehlerhaften Prozesses: 0x165c
Startzeit der fehlerhaften Anwendung: 0xClient.exe0
Pfad der fehlerhaften Anwendung: Client.exe1
Pfad des fehlerhaften Moduls: Client.exe2
Berichtskennung: Client.exe3

Error: (02/01/2015 07:35:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: launcher.exe_BaseUpda Application, Version: 1.0.0.1, Zeitstempel: 0x4c233114
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00033e3d
ID des fehlerhaften Prozesses: 0x1344
Startzeit der fehlerhaften Anwendung: 0xlauncher.exe_BaseUpda Application0
Pfad der fehlerhaften Anwendung: launcher.exe_BaseUpda Application1
Pfad des fehlerhaften Moduls: launcher.exe_BaseUpda Application2
Berichtskennung: launcher.exe_BaseUpda Application3

Error: (02/01/2015 03:40:07 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (02/01/2015 03:40:07 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (02/01/2015 03:40:06 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (01/29/2015 09:23:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: launcher.exe_BaseUpda Application, Version: 1.0.0.1, Zeitstempel: 0x4c233114
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00037c2a
ID des fehlerhaften Prozesses: 0x1704
Startzeit der fehlerhaften Anwendung: 0xlauncher.exe_BaseUpda Application0
Pfad der fehlerhaften Anwendung: launcher.exe_BaseUpda Application1
Pfad des fehlerhaften Moduls: launcher.exe_BaseUpda Application2
Berichtskennung: launcher.exe_BaseUpda Application3

Error: (01/27/2015 07:28:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000019e9
ID des fehlerhaften Prozesses: 0x8e4
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (01/26/2015 05:27:17 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (01/26/2015 05:27:17 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (01/26/2015 05:27:17 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]


System errors:
=============
Error: (02/02/2015 04:27:37 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
AsrHidFilter

Error: (02/01/2015 03:40:08 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
AsrHidFilter

Error: (01/29/2015 04:27:23 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
AsrHidFilter

Error: (01/29/2015 04:25:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Adobe Acrobat Update Service erreicht.

Error: (01/28/2015 04:26:25 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1053

Error: (01/28/2015 04:26:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/28/2015 04:26:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Funktionssuche-Ressourcenveröffentlichung erreicht.

Error: (01/28/2015 04:25:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SSDP-Suche" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/28/2015 04:25:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SSDP-Suche erreicht.

Error: (01/28/2015 04:25:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AvastVBox COM Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


Microsoft Office Sessions:
=========================
Error: (02/02/2015 06:27:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Client.exe6.2.1.272954ab519cntdll.dll6.1.7601.18247521ea8e7c00000050002defe165c01d03f037b8aa7d6C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\Runes Of Magic\Client.exeC:\Windows\SysWOW64\ntdll.dllc3cf68a5-ab00-11e4-9c4a-002522c3ce18

Error: (02/01/2015 07:35:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: launcher.exe_BaseUpda Application1.0.0.14c233114ntdll.dll6.1.7601.18247521ea8e7c000000500033e3d134401d03e4dd7cbd5f5C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\Runes Of Magic\launcher.exeC:\Windows\SysWOW64\ntdll.dll17d33232-aa41-11e4-b2ae-002522c3ce18

Error: (02/01/2015 03:40:07 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (02/01/2015 03:40:07 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (02/01/2015 03:40:06 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (01/29/2015 09:23:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: launcher.exe_BaseUpda Application1.0.0.14c233114ntdll.dll6.1.7601.18247521ea8e7c000000500037c2a170401d03c0181febc92C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\Runes Of Magic\launcher.exeC:\Windows\SysWOW64\ntdll.dllc0e27c19-a7f4-11e4-b08f-002522c3ce18

Error: (01/27/2015 07:28:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000vlc.exe2.1.5.000000000c000000500000000000019e98e401d03a56c95740b5C:\Program Files\VideoLAN\VLC\vlc.exeC:\Program Files\VideoLAN\VLC\vlc.exe40dc0565-a652-11e4-b2c1-002522c3ce18

Error: (01/26/2015 05:27:17 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (01/26/2015 05:27:17 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (01/26/2015 05:27:17 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 36%
Total physical RAM: 8174.67 MB
Available physical RAM: 5198.79 MB
Total Pagefile: 16347.53 MB
Available Pagefile: 13192.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (System-reserviert) (Fixed) (Total:146.48 GB) (Free:17.46 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:319.28 GB) (Free:145.7 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 9D74F9CD)
Partition 1: (Active) - (Size=146.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=319.3 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Ich hoffe, dass ich schon einmal informationen, die bei der Aufklärung helfen, geben konnte.
Ich freue mich auf hilfreiche antworten .
Lg Troll

Alt 03.02.2015, 06:09   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner? - Standard

Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner?



Hi,

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 03.02.2015, 17:16   #3
Trollherbert
 
Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner? - Standard

Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner?



Hat ein bisschen gedauert, ich war auf Arbeit den Tag über.
Code:
ATTFilter
17:08:38.0141 0x1420  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
17:09:07.0491 0x1420  ============================================================
17:09:07.0491 0x1420  Current date / time: 2015/02/03 17:09:07.0491
17:09:07.0491 0x1420  SystemInfo:
17:09:07.0491 0x1420  
17:09:07.0491 0x1420  OS Version: 6.1.7601 ServicePack: 1.0
17:09:07.0491 0x1420  Product type: Workstation
17:09:07.0491 0x1420  ComputerName: NAGEL-PC
17:09:07.0491 0x1420  UserName: Nagel
17:09:07.0491 0x1420  Windows directory: C:\Windows
17:09:07.0491 0x1420  System windows directory: C:\Windows
17:09:07.0491 0x1420  Running under WOW64
17:09:07.0491 0x1420  Processor architecture: Intel x64
17:09:07.0491 0x1420  Number of processors: 8
17:09:07.0491 0x1420  Page size: 0x1000
17:09:07.0491 0x1420  Boot type: Normal boot
17:09:07.0491 0x1420  ============================================================
17:09:09.0591 0x1420  KLMD registered as C:\Windows\system32\drivers\30461112.sys
17:09:09.0871 0x1420  System UUID: {3BEDD1E2-A2CF-2450-CEAA-6DE534CD8D28}
17:09:10.0481 0x1420  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:09:10.0541 0x1420  ============================================================
17:09:10.0541 0x1420  \Device\Harddisk0\DR0:
17:09:10.0541 0x1420  MBR partitions:
17:09:10.0541 0x1420  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x124F8000
17:09:10.0541 0x1420  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x124F8800, BlocksNum 0x27E8D000
17:09:10.0541 0x1420  ============================================================
17:09:10.0561 0x1420  C: <-> \Device\Harddisk0\DR0\Partition1
17:09:10.0601 0x1420  D: <-> \Device\Harddisk0\DR0\Partition2
17:09:10.0601 0x1420  ============================================================
17:09:10.0601 0x1420  Initialize success
17:09:10.0601 0x1420  ============================================================
17:10:04.0981 0x14d4  ============================================================
17:10:04.0981 0x14d4  Scan started
17:10:04.0981 0x14d4  Mode: Manual; SigCheck; TDLFS; 
17:10:04.0981 0x14d4  ============================================================
17:10:04.0981 0x14d4  KSN ping started
17:10:07.0381 0x14d4  KSN ping finished: true
17:10:08.0471 0x14d4  ================ Scan system memory ========================
17:10:08.0471 0x14d4  System memory - ok
17:10:08.0471 0x14d4  ================ Scan services =============================
17:10:08.0701 0x14d4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:10:08.0781 0x14d4  1394ohci - ok
17:10:08.0841 0x14d4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:10:08.0881 0x14d4  ACPI - ok
17:10:08.0921 0x14d4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:10:09.0001 0x14d4  AcpiPmi - ok
17:10:09.0111 0x14d4  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:10:09.0131 0x14d4  AdobeARMservice - ok
17:10:09.0261 0x14d4  [ A2A9C100FE1BE20A76C0B80D4CA44103, C34B4A31C8563E29EC6A3D318C40075F43C891C23D156F53EE2102C959B7887F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:10:09.0291 0x14d4  AdobeFlashPlayerUpdateSvc - ok
17:10:09.0371 0x14d4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
17:10:09.0441 0x14d4  adp94xx - ok
17:10:09.0491 0x14d4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
17:10:09.0531 0x14d4  adpahci - ok
17:10:09.0561 0x14d4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
17:10:09.0601 0x14d4  adpu320 - ok
17:10:09.0691 0x14d4  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:10:09.0811 0x14d4  AeLookupSvc - ok
17:10:09.0871 0x14d4  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
17:10:09.0971 0x14d4  AFD - ok
17:10:10.0011 0x14d4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
17:10:10.0041 0x14d4  agp440 - ok
17:10:10.0061 0x14d4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
17:10:10.0131 0x14d4  ALG - ok
17:10:10.0191 0x14d4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:10:10.0221 0x14d4  aliide - ok
17:10:10.0251 0x14d4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
17:10:10.0281 0x14d4  amdide - ok
17:10:10.0341 0x14d4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
17:10:10.0401 0x14d4  AmdK8 - ok
17:10:10.0421 0x14d4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:10:10.0491 0x14d4  AmdPPM - ok
17:10:10.0551 0x14d4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:10:10.0581 0x14d4  amdsata - ok
17:10:10.0641 0x14d4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
17:10:10.0671 0x14d4  amdsbs - ok
17:10:10.0721 0x14d4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:10:10.0731 0x14d4  amdxata - ok
17:10:10.0781 0x14d4  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
17:10:10.0861 0x14d4  AppID - ok
17:10:10.0891 0x14d4  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:10:10.0951 0x14d4  AppIDSvc - ok
17:10:11.0001 0x14d4  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
17:10:11.0071 0x14d4  Appinfo - ok
17:10:11.0131 0x14d4  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
17:10:11.0191 0x14d4  AppMgmt - ok
17:10:11.0241 0x14d4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
17:10:11.0271 0x14d4  arc - ok
17:10:11.0291 0x14d4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
17:10:11.0311 0x14d4  arcsas - ok
17:10:11.0451 0x14d4  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:10:11.0491 0x14d4  aspnet_state - ok
17:10:11.0551 0x14d4  [ 912A215CE180A6E7C923C662D7EC777D, 2828D6403F693B1CF4AD4F47A4C096E6B31E680665F5BBCCAA69416FFA7FF2E0 ] AsrAppCharger   C:\Windows\system32\DRIVERS\AsrAppCharger.sys
17:10:11.0581 0x14d4  AsrAppCharger - ok
17:10:11.0621 0x14d4  [ EDC0C73FA41DF1C8B1FEA3852AED2848, A3FE7EE1AB15ED603403479CFD011DF9B506C1FE95730C0980F1410810C2F736 ] AsrHidFilter    C:\Windows\system32\DRIVERS\AsrHidFilter.sys
17:10:11.0651 0x14d4  AsrHidFilter - ok
17:10:11.0721 0x14d4  [ 9BE9F2B83DE80E2752B1405CC427E2EC, 6015CA66553B3B882083B33F24FB338249A110D9769831C3D3D3C681AAFA9411 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
17:10:11.0751 0x14d4  aswHwid - ok
17:10:11.0801 0x14d4  [ 2DA1C1AEDF454F8E32A863A1AEACDD8C, F02E4D197AE00B9A9507CF6007A7B7BEA54AF0F255B752FBA7174FA2596D1CA9 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
17:10:11.0831 0x14d4  aswMonFlt - ok
17:10:11.0891 0x14d4  [ 4750016EF9CC1DEC6DA3FE5AF9A7F095, C4CF46246D8A3FF9BD8D2FE899685654ADD45EB9B032F33804D0B8131882BC74 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
17:10:11.0911 0x14d4  aswRdr - ok
17:10:11.0971 0x14d4  [ 1323269A92645705DEFA053F3596829D, 83EC58E0577A1E45D1FCBC0C0AF182099FB70B9005B9F8161166EBB4E9F58F35 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
17:10:12.0001 0x14d4  aswRvrt - ok
17:10:12.0111 0x14d4  [ E74FD717476B30E23F45354B8F3ACB30, 951D1655E1FA4CF0ACB29F2EEDDB3B42522D392F46DD826C63DCA8941E17ABA8 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
17:10:12.0151 0x14d4  aswSnx - ok
17:10:12.0201 0x14d4  [ B1881A01E301990B671694CA1623F1B6, 5299C713EA7CF96F0550943DB37E963CDA09258F65C471CCEEAB44C4736B7A08 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
17:10:12.0221 0x14d4  aswSP - ok
17:10:12.0251 0x14d4  [ 7509F07BA6F84C1E3B2C0D78A1F6F782, A90A36E8E23F58E430DE98B3623688DC09D34B62906EF7796DFC90F581FC385F ] aswStm          C:\Windows\system32\drivers\aswStm.sys
17:10:12.0271 0x14d4  aswStm - ok
17:10:12.0301 0x14d4  [ 1A5BDDE65B648DC3AD48B6ECAA3AE9C8, 858F674C3B775F9C8C782B7AFAC0B02AE9410C9F3B7F5B3AE1C4AD3BF6448C14 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
17:10:12.0331 0x14d4  aswVmm - ok
17:10:12.0371 0x14d4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:10:12.0441 0x14d4  AsyncMac - ok
17:10:12.0471 0x14d4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
17:10:12.0501 0x14d4  atapi - ok
17:10:12.0571 0x14d4  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:10:12.0641 0x14d4  AudioEndpointBuilder - ok
17:10:12.0661 0x14d4  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:10:12.0691 0x14d4  AudioSrv - ok
17:10:12.0971 0x14d4  [ E3F7EC811923F3F1A77B185F22638E5E, 324041256314C1471B5F123FA8DECC8F374A6B497A6419D4CAF61E68E1733265 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:10:13.0051 0x14d4  avast! Antivirus - ok
17:10:13.0421 0x14d4  [ 4F4EBF6163D3A02D52A66BBD145B0069, 179B2FD2671F6BB8D3F77B39001F546A0DEBE85BFF9782060AF1DC50DFA071EF ] AvastVBoxSvc    C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
17:10:13.0591 0x14d4  AvastVBoxSvc - ok
17:10:13.0651 0x14d4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:10:13.0711 0x14d4  AxInstSV - ok
17:10:13.0771 0x14d4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
17:10:13.0831 0x14d4  b06bdrv - ok
17:10:13.0901 0x14d4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:10:13.0971 0x14d4  b57nd60a - ok
17:10:14.0031 0x14d4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:10:14.0091 0x14d4  BDESVC - ok
17:10:14.0111 0x14d4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:10:14.0191 0x14d4  Beep - ok
17:10:14.0391 0x14d4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
17:10:14.0461 0x14d4  BFE - ok
17:10:14.0551 0x14d4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
17:10:14.0641 0x14d4  BITS - ok
17:10:14.0681 0x14d4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:10:14.0731 0x14d4  blbdrive - ok
17:10:14.0771 0x14d4  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:10:14.0791 0x14d4  bowser - ok
17:10:14.0811 0x14d4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:10:14.0831 0x14d4  BrFiltLo - ok
17:10:14.0841 0x14d4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:10:14.0901 0x14d4  BrFiltUp - ok
17:10:14.0941 0x14d4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
17:10:14.0971 0x14d4  Browser - ok
17:10:14.0991 0x14d4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:10:15.0051 0x14d4  Brserid - ok
17:10:15.0071 0x14d4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:10:15.0121 0x14d4  BrSerWdm - ok
17:10:15.0141 0x14d4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:10:15.0231 0x14d4  BrUsbMdm - ok
17:10:15.0251 0x14d4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:10:15.0301 0x14d4  BrUsbSer - ok
17:10:15.0321 0x14d4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
17:10:15.0371 0x14d4  BTHMODEM - ok
17:10:15.0421 0x14d4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
17:10:15.0491 0x14d4  bthserv - ok
17:10:15.0521 0x14d4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:10:15.0571 0x14d4  cdfs - ok
17:10:15.0621 0x14d4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
17:10:15.0661 0x14d4  cdrom - ok
17:10:15.0711 0x14d4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
17:10:15.0791 0x14d4  CertPropSvc - ok
17:10:15.0831 0x14d4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
17:10:15.0881 0x14d4  circlass - ok
17:10:15.0941 0x14d4  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
17:10:15.0981 0x14d4  CLFS - ok
17:10:16.0051 0x14d4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:10:16.0081 0x14d4  clr_optimization_v2.0.50727_32 - ok
17:10:16.0141 0x14d4  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:10:16.0171 0x14d4  clr_optimization_v2.0.50727_64 - ok
17:10:16.0281 0x14d4  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:10:16.0331 0x14d4  clr_optimization_v4.0.30319_32 - ok
17:10:16.0361 0x14d4  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:10:16.0391 0x14d4  clr_optimization_v4.0.30319_64 - ok
17:10:16.0431 0x14d4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:10:16.0481 0x14d4  CmBatt - ok
17:10:16.0521 0x14d4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:10:16.0541 0x14d4  cmdide - ok
17:10:16.0741 0x14d4  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
17:10:16.0801 0x14d4  CNG - ok
17:10:16.0831 0x14d4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
17:10:16.0851 0x14d4  Compbatt - ok
17:10:16.0891 0x14d4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
17:10:16.0951 0x14d4  CompositeBus - ok
17:10:16.0971 0x14d4  COMSysApp - ok
17:10:17.0091 0x14d4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
17:10:17.0121 0x14d4  crcdisk - ok
17:10:17.0511 0x14d4  [ C8BD651E13895B93ED9EC5B4F1DF42BC, D86D6BF0BA3C09B49B3A52C86A7F3B3856A27F79EDD86A8FFA469D9A5F196E8D ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
17:10:17.0571 0x14d4  Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
17:10:20.0011 0x14d4  Detect skipped due to KSN trusted
17:10:20.0011 0x14d4  Creative ALchemy AL6 Licensing Service - ok
17:10:20.0051 0x14d4  [ C0EAD9F8AB83D41FF07303C75589C2B8, C89CAC39BCD2FA2DCC56D7EE84FF66127BCECCAE400E119FE41BF4C4D769504B ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
17:10:20.0101 0x14d4  Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
17:10:22.0641 0x14d4  Detect skipped due to KSN trusted
17:10:22.0641 0x14d4  Creative Audio Engine Licensing Service - ok
17:10:22.0751 0x14d4  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:10:22.0801 0x14d4  CryptSvc - ok
17:10:22.0851 0x14d4  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
17:10:22.0971 0x14d4  CSC - ok
17:10:23.0051 0x14d4  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
17:10:23.0121 0x14d4  CscService - ok
17:10:23.0201 0x14d4  [ 07BA6D17E66879018B30B6C3F976EBED, 1759CE25519358A47E1B1FA02A415DB5D3F6B511AD3820D0AE8A1533B5DC83CD ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
17:10:23.0271 0x14d4  CTAudSvcService - detected UnsignedFile.Multi.Generic ( 1 )
17:10:25.0711 0x14d4  Detect skipped due to KSN trusted
17:10:25.0711 0x14d4  CTAudSvcService - ok
17:10:25.0791 0x14d4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:10:25.0901 0x14d4  DcomLaunch - ok
17:10:26.0041 0x14d4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
17:10:26.0121 0x14d4  defragsvc - ok
17:10:26.0161 0x14d4  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:10:26.0271 0x14d4  DfsC - ok
17:10:26.0371 0x14d4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:10:26.0431 0x14d4  Dhcp - ok
17:10:26.0461 0x14d4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
17:10:26.0511 0x14d4  discache - ok
17:10:26.0551 0x14d4  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
17:10:26.0581 0x14d4  Disk - ok
17:10:26.0631 0x14d4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:10:26.0691 0x14d4  Dnscache - ok
17:10:26.0731 0x14d4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:10:26.0801 0x14d4  dot3svc - ok
17:10:26.0841 0x14d4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
17:10:26.0871 0x14d4  DPS - ok
17:10:26.0921 0x14d4  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:10:26.0951 0x14d4  drmkaud - ok
17:10:27.0031 0x14d4  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:10:27.0081 0x14d4  DXGKrnl - ok
17:10:27.0141 0x14d4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
17:10:27.0251 0x14d4  EapHost - ok
17:10:27.0561 0x14d4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
17:10:27.0741 0x14d4  ebdrv - ok
17:10:27.0781 0x14d4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
17:10:27.0821 0x14d4  EFS - ok
17:10:27.0901 0x14d4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:10:28.0011 0x14d4  ehRecvr - ok
17:10:28.0041 0x14d4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
17:10:28.0101 0x14d4  ehSched - ok
17:10:28.0171 0x14d4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
17:10:28.0221 0x14d4  elxstor - ok
17:10:28.0291 0x14d4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:10:28.0361 0x14d4  ErrDev - ok
17:10:28.0401 0x14d4  [ DF2F6C1E55F6E81CFC7F688380D85816, D9085466AA9D98AA01CD8ADEBD798CB326D4FD53A07BD199C3E6E500B4619355 ] EtronHub3       C:\Windows\system32\Drivers\EtronHub3.sys
17:10:28.0461 0x14d4  EtronHub3 - ok
17:10:28.0511 0x14d4  [ E093ABFB67A4B9D94F80611A7D0A8BB9, A23D58767F58CBDFAA4AD25779BBBC4FAD51CBD8FEB9C89284635631E4F084A6 ] EtronXHCI       C:\Windows\system32\Drivers\EtronXHCI.sys
17:10:28.0561 0x14d4  EtronXHCI - ok
17:10:28.0741 0x14d4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
17:10:28.0811 0x14d4  EventSystem - ok
17:10:28.0851 0x14d4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
17:10:28.0901 0x14d4  exfat - ok
17:10:28.0921 0x14d4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:10:28.0971 0x14d4  fastfat - ok
17:10:29.0041 0x14d4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
17:10:29.0121 0x14d4  Fax - ok
17:10:29.0141 0x14d4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:10:29.0181 0x14d4  fdc - ok
17:10:29.0221 0x14d4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
17:10:29.0311 0x14d4  fdPHost - ok
17:10:29.0331 0x14d4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:10:29.0361 0x14d4  FDResPub - ok
17:10:29.0401 0x14d4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:10:29.0431 0x14d4  FileInfo - ok
17:10:29.0441 0x14d4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:10:29.0521 0x14d4  Filetrace - ok
17:10:29.0571 0x14d4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:10:29.0581 0x14d4  flpydisk - ok
17:10:29.0681 0x14d4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:10:29.0711 0x14d4  FltMgr - ok
17:10:29.0781 0x14d4  [ FE95AE537B41A7E2F4CFE353064DC4AF, 1C354CAF4A8FB599BD252133C4C3845624C6F9B692E3F4C68573486FE8236EB3 ] FNETTBOH_305    C:\Windows\system32\drivers\FNETTBOH_305.SYS
17:10:29.0801 0x14d4  FNETTBOH_305 - ok
17:10:29.0841 0x14d4  [ 7C3C4B4C951EC1BDFD4F769D05E2CC68, 7B9DA195D3CF0E7BE6BB532CC5D058BC6658B7538B5C5CF09B1A4ABEF1ECACB4 ] FNETURPX        C:\Windows\system32\drivers\FNETURPX.SYS
17:10:29.0861 0x14d4  FNETURPX - ok
17:10:29.0981 0x14d4  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
17:10:30.0121 0x14d4  FontCache - ok
17:10:30.0201 0x14d4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:10:30.0231 0x14d4  FontCache3.0.0.0 - ok
17:10:30.0271 0x14d4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:10:30.0301 0x14d4  FsDepends - ok
17:10:30.0341 0x14d4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:10:30.0361 0x14d4  Fs_Rec - ok
17:10:30.0441 0x14d4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:10:30.0481 0x14d4  fvevol - ok
17:10:30.0521 0x14d4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
17:10:30.0541 0x14d4  gagp30kx - ok
17:10:30.0681 0x14d4  [ 0C52567F023D0F05F4EFC26F607D415B, 168D2AAB2F9CF8DE4A894DE3B2A5C67F1DAD758DBEC95FCFF4D752645BB37C38 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
17:10:30.0771 0x14d4  GfExperienceService - ok
17:10:30.0841 0x14d4  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
17:10:30.0981 0x14d4  gpsvc - ok
17:10:31.0001 0x14d4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:10:31.0041 0x14d4  hcw85cir - ok
17:10:31.0111 0x14d4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:10:31.0191 0x14d4  HdAudAddService - ok
17:10:31.0231 0x14d4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
17:10:31.0291 0x14d4  HDAudBus - ok
17:10:31.0311 0x14d4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
17:10:31.0381 0x14d4  HidBatt - ok
17:10:31.0421 0x14d4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
17:10:31.0471 0x14d4  HidBth - ok
17:10:31.0501 0x14d4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
17:10:31.0551 0x14d4  HidIr - ok
17:10:31.0571 0x14d4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
17:10:31.0651 0x14d4  hidserv - ok
17:10:31.0701 0x14d4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:10:31.0751 0x14d4  HidUsb - ok
17:10:31.0781 0x14d4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:10:31.0861 0x14d4  hkmsvc - ok
17:10:31.0901 0x14d4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:10:31.0951 0x14d4  HomeGroupListener - ok
17:10:31.0991 0x14d4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:10:32.0051 0x14d4  HomeGroupProvider - ok
17:10:32.0091 0x14d4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:10:32.0111 0x14d4  HpSAMD - ok
17:10:32.0191 0x14d4  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:10:32.0261 0x14d4  HTTP - ok
17:10:32.0291 0x14d4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:10:32.0301 0x14d4  hwpolicy - ok
17:10:32.0361 0x14d4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
17:10:32.0421 0x14d4  i8042prt - ok
17:10:32.0481 0x14d4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:10:32.0541 0x14d4  iaStorV - ok
17:10:32.0631 0x14d4  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:10:32.0671 0x14d4  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
17:10:35.0111 0x14d4  Detect skipped due to KSN trusted
17:10:35.0111 0x14d4  IDriverT - ok
17:10:35.0191 0x14d4  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:10:35.0241 0x14d4  idsvc - ok
17:10:35.0291 0x14d4  IEEtwCollectorService - ok
17:10:35.0331 0x14d4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
17:10:35.0361 0x14d4  iirsp - ok
17:10:35.0421 0x14d4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
17:10:35.0491 0x14d4  IKEEXT - ok
17:10:35.0921 0x14d4  [ E8017F1662D9142F45CEAB694D013C00, 75EE9DF292C4D980B9461ABEB8810D22DD57EBBAD5A37FE7B046CBAD419EE9E0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:10:35.0981 0x14d4  IntcAzAudAddService - ok
17:10:36.0021 0x14d4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:10:36.0041 0x14d4  intelide - ok
17:10:36.0081 0x14d4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:10:36.0131 0x14d4  intelppm - ok
17:10:36.0171 0x14d4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:10:36.0231 0x14d4  IPBusEnum - ok
17:10:36.0261 0x14d4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:10:36.0331 0x14d4  IpFilterDriver - ok
17:10:36.0411 0x14d4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:10:36.0501 0x14d4  iphlpsvc - ok
17:10:36.0541 0x14d4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:10:36.0581 0x14d4  IPMIDRV - ok
17:10:36.0611 0x14d4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:10:36.0681 0x14d4  IPNAT - ok
17:10:36.0711 0x14d4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:10:36.0751 0x14d4  IRENUM - ok
17:10:36.0801 0x14d4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:10:36.0831 0x14d4  isapnp - ok
17:10:36.0891 0x14d4  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:10:36.0931 0x14d4  iScsiPrt - ok
17:10:36.0961 0x14d4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:10:36.0981 0x14d4  kbdclass - ok
17:10:36.0981 0x14d4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:10:37.0001 0x14d4  kbdhid - ok
17:10:37.0011 0x14d4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
17:10:37.0031 0x14d4  KeyIso - ok
17:10:37.0071 0x14d4  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:10:37.0081 0x14d4  KSecDD - ok
17:10:37.0131 0x14d4  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:10:37.0151 0x14d4  KSecPkg - ok
17:10:37.0181 0x14d4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
17:10:37.0261 0x14d4  ksthunk - ok
17:10:37.0301 0x14d4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:10:37.0381 0x14d4  KtmRm - ok
17:10:37.0431 0x14d4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:10:37.0511 0x14d4  LanmanServer - ok
17:10:37.0571 0x14d4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:10:37.0641 0x14d4  LanmanWorkstation - ok
17:10:37.0691 0x14d4  [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
17:10:37.0711 0x14d4  LGBusEnum - ok
17:10:37.0751 0x14d4  [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
17:10:37.0771 0x14d4  LGVirHid - ok
17:10:37.0791 0x14d4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:10:37.0861 0x14d4  lltdio - ok
17:10:37.0981 0x14d4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:10:38.0111 0x14d4  lltdsvc - ok
17:10:38.0161 0x14d4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:10:38.0231 0x14d4  lmhosts - ok
17:10:38.0301 0x14d4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
17:10:38.0351 0x14d4  LSI_FC - ok
17:10:38.0371 0x14d4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
17:10:38.0401 0x14d4  LSI_SAS - ok
17:10:38.0411 0x14d4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:10:38.0431 0x14d4  LSI_SAS2 - ok
17:10:38.0451 0x14d4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:10:38.0461 0x14d4  LSI_SCSI - ok
17:10:38.0481 0x14d4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
17:10:38.0541 0x14d4  luafv - ok
17:10:38.0591 0x14d4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:10:38.0641 0x14d4  Mcx2Svc - ok
17:10:38.0651 0x14d4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
17:10:38.0671 0x14d4  megasas - ok
17:10:38.0691 0x14d4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
17:10:38.0721 0x14d4  MegaSR - ok
17:10:38.0761 0x14d4  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
17:10:38.0791 0x14d4  MEIx64 - ok
17:10:38.0831 0x14d4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
17:10:38.0911 0x14d4  MMCSS - ok
17:10:38.0931 0x14d4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
17:10:38.0981 0x14d4  Modem - ok
17:10:39.0001 0x14d4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:10:39.0021 0x14d4  monitor - ok
17:10:39.0061 0x14d4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:10:39.0081 0x14d4  mouclass - ok
17:10:39.0111 0x14d4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:10:39.0151 0x14d4  mouhid - ok
17:10:39.0211 0x14d4  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:10:39.0241 0x14d4  mountmgr - ok
17:10:39.0331 0x14d4  [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:10:39.0361 0x14d4  MozillaMaintenance - ok
17:10:39.0451 0x14d4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:10:39.0481 0x14d4  mpio - ok
17:10:39.0521 0x14d4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:10:39.0581 0x14d4  mpsdrv - ok
17:10:39.0701 0x14d4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:10:39.0791 0x14d4  MpsSvc - ok
17:10:39.0821 0x14d4  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:10:39.0851 0x14d4  MRxDAV - ok
17:10:39.0891 0x14d4  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:10:39.0921 0x14d4  mrxsmb - ok
17:10:39.0951 0x14d4  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:10:39.0991 0x14d4  mrxsmb10 - ok
17:10:40.0001 0x14d4  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:10:40.0061 0x14d4  mrxsmb20 - ok
17:10:40.0091 0x14d4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:10:40.0121 0x14d4  msahci - ok
17:10:40.0131 0x14d4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:10:40.0161 0x14d4  msdsm - ok
17:10:40.0191 0x14d4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
17:10:40.0231 0x14d4  MSDTC - ok
17:10:40.0281 0x14d4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:10:40.0351 0x14d4  Msfs - ok
17:10:40.0381 0x14d4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:10:40.0401 0x14d4  mshidkmdf - ok
17:10:40.0451 0x14d4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:10:40.0481 0x14d4  msisadrv - ok
17:10:40.0531 0x14d4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:10:40.0621 0x14d4  MSiSCSI - ok
17:10:40.0621 0x14d4  msiserver - ok
17:10:40.0661 0x14d4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:10:40.0731 0x14d4  MSKSSRV - ok
17:10:40.0751 0x14d4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:10:40.0821 0x14d4  MSPCLOCK - ok
17:10:40.0831 0x14d4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:10:40.0891 0x14d4  MSPQM - ok
17:10:40.0991 0x14d4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:10:41.0031 0x14d4  MsRPC - ok
17:10:41.0061 0x14d4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
17:10:41.0081 0x14d4  mssmbios - ok
17:10:41.0081 0x14d4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:10:41.0131 0x14d4  MSTEE - ok
17:10:41.0151 0x14d4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
17:10:41.0171 0x14d4  MTConfig - ok
17:10:41.0191 0x14d4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
17:10:41.0201 0x14d4  Mup - ok
17:10:41.0251 0x14d4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
17:10:41.0311 0x14d4  napagent - ok
17:10:41.0371 0x14d4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:10:41.0431 0x14d4  NativeWifiP - ok
17:10:41.0501 0x14d4  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:10:41.0561 0x14d4  NDIS - ok
17:10:41.0581 0x14d4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:10:41.0631 0x14d4  NdisCap - ok
17:10:41.0691 0x14d4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:10:41.0731 0x14d4  NdisTapi - ok
17:10:41.0781 0x14d4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:10:41.0821 0x14d4  Ndisuio - ok
17:10:41.0861 0x14d4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:10:41.0941 0x14d4  NdisWan - ok
17:10:41.0971 0x14d4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:10:42.0031 0x14d4  NDProxy - ok
17:10:42.0091 0x14d4  [ 2C723E42FC8D7B0209492828F921FB50, 2ECF9F4D91F317432FB5A6D01D8271BB7E2A5B8A6CA9EF2F2036890D2B072E52 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:10:42.0151 0x14d4  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
17:10:44.0491 0x14d4  Detect skipped due to KSN trusted
17:10:44.0491 0x14d4  Net Driver HPZ12 - ok
17:10:44.0551 0x14d4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:10:44.0621 0x14d4  NetBIOS - ok
17:10:44.0661 0x14d4  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:10:44.0741 0x14d4  NetBT - ok
17:10:44.0761 0x14d4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
17:10:44.0781 0x14d4  Netlogon - ok
17:10:44.0821 0x14d4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
17:10:44.0921 0x14d4  Netman - ok
17:10:45.0001 0x14d4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:10:45.0031 0x14d4  NetMsmqActivator - ok
17:10:45.0071 0x14d4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:10:45.0091 0x14d4  NetPipeActivator - ok
17:10:45.0111 0x14d4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
17:10:45.0171 0x14d4  netprofm - ok
17:10:45.0191 0x14d4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:10:45.0211 0x14d4  NetTcpActivator - ok
17:10:45.0211 0x14d4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:10:45.0231 0x14d4  NetTcpPortSharing - ok
17:10:45.0281 0x14d4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
17:10:45.0311 0x14d4  nfrd960 - ok
17:10:45.0351 0x14d4  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:10:45.0401 0x14d4  NlaSvc - ok
17:10:45.0411 0x14d4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:10:45.0441 0x14d4  Npfs - ok
17:10:45.0491 0x14d4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
17:10:45.0581 0x14d4  nsi - ok
17:10:45.0601 0x14d4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:10:45.0651 0x14d4  nsiproxy - ok
17:10:45.0731 0x14d4  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:10:45.0821 0x14d4  Ntfs - ok
17:10:45.0831 0x14d4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
17:10:45.0861 0x14d4  Null - ok
17:10:45.0921 0x14d4  [ 7E4355930B28C2798D9F09AB9F81151F, 941C730F3B75BDF99639E76350031EDD15F18D8D860F3B1282C28B62096E7717 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
17:10:45.0951 0x14d4  NVHDA - ok
17:10:46.0301 0x14d4  [ 7F58A8A5F208557F1FF8D7F45D5811DB, D9999DAD9BBBC907C8633AD08D90E40D861E9941A74CCF3C6183C9E220FEA0E9 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:10:46.0521 0x14d4  nvlddmkm - ok
17:10:46.0831 0x14d4  [ DDF6920EBE96B0304279834F2EE2193E, F631974EE3659EC01863C2502FD26A45A237A59B9B005E5B1F9F78357CCBB974 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
17:10:46.0891 0x14d4  NvNetworkService - ok
17:10:46.0921 0x14d4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:10:46.0931 0x14d4  nvraid - ok
17:10:46.0971 0x14d4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:10:46.0981 0x14d4  nvstor - ok
17:10:47.0031 0x14d4  [ 0C4A0D577A6EF1B9D353851668779944, 70E866AD50809CC80F167796C516190918A542F7767A8841948E656F36877AFE ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
17:10:47.0041 0x14d4  NvStreamKms - ok
17:10:47.0621 0x14d4  [ BC00A5B3A9F759F7B1DD0A5868C4492F, 23058E56016B836339AACDB0D42E074FB4EF560C27831F6228A455D70585D1EE ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
17:10:48.0361 0x14d4  NvStreamSvc - ok
17:10:48.0461 0x14d4  [ 806069C408AE736E2182D2FF6C2FA8EE, 9C2D2309C4F4135772C53C10C7442BCA362657B062177B20C2F00DC2137E8362 ] NVSvc           C:\Windows\system32\nvvsvc.exe
17:10:48.0521 0x14d4  NVSvc - ok
17:10:48.0561 0x14d4  [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
17:10:48.0591 0x14d4  nvvad_WaveExtensible - ok
17:10:48.0631 0x14d4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:10:48.0661 0x14d4  nv_agp - ok
17:10:48.0691 0x14d4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:10:48.0731 0x14d4  ohci1394 - ok
17:10:48.0851 0x14d4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:10:48.0911 0x14d4  p2pimsvc - ok
17:10:49.0091 0x14d4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
17:10:49.0141 0x14d4  p2psvc - ok
17:10:49.0171 0x14d4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
17:10:49.0211 0x14d4  Parport - ok
17:10:49.0241 0x14d4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:10:49.0261 0x14d4  partmgr - ok
17:10:49.0271 0x14d4  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:10:49.0311 0x14d4  PcaSvc - ok
17:10:49.0321 0x14d4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
17:10:49.0341 0x14d4  pci - ok
17:10:49.0391 0x14d4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
17:10:49.0411 0x14d4  pciide - ok
17:10:49.0431 0x14d4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
17:10:49.0471 0x14d4  pcmcia - ok
17:10:49.0491 0x14d4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:10:49.0511 0x14d4  pcw - ok
17:10:49.0551 0x14d4  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:10:49.0631 0x14d4  PEAUTH - ok
17:10:49.0721 0x14d4  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
17:10:49.0831 0x14d4  PeerDistSvc - ok
17:10:50.0031 0x14d4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:10:50.0101 0x14d4  PerfHost - ok
17:10:50.0251 0x14d4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
17:10:50.0361 0x14d4  pla - ok
17:10:50.0421 0x14d4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:10:50.0491 0x14d4  PlugPlay - ok
17:10:50.0531 0x14d4  [ 171E6D91A20AAC8D02172A64E82CE90B, 0D51F00D6C0376CD12893620E0A15E687263048CFE20E953F6BB4B7D6CDC3F50 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:10:50.0561 0x14d4  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
17:10:52.0901 0x14d4  Detect skipped due to KSN trusted
17:10:52.0901 0x14d4  Pml Driver HPZ12 - ok
17:10:52.0921 0x14d4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:10:52.0971 0x14d4  PNRPAutoReg - ok
17:10:53.0001 0x14d4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:10:53.0041 0x14d4  PNRPsvc - ok
17:10:53.0261 0x14d4  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:10:53.0311 0x14d4  PolicyAgent - ok
17:10:53.0411 0x14d4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
17:10:53.0451 0x14d4  Power - ok
17:10:53.0521 0x14d4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:10:53.0591 0x14d4  PptpMiniport - ok
17:10:53.0601 0x14d4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
17:10:53.0631 0x14d4  Processor - ok
17:10:53.0671 0x14d4  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:10:53.0721 0x14d4  ProfSvc - ok
17:10:53.0741 0x14d4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:10:53.0761 0x14d4  ProtectedStorage - ok
17:10:53.0801 0x14d4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:10:53.0881 0x14d4  Psched - ok
17:10:53.0971 0x14d4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
17:10:54.0051 0x14d4  ql2300 - ok
17:10:54.0061 0x14d4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
17:10:54.0081 0x14d4  ql40xx - ok
17:10:54.0121 0x14d4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
17:10:54.0161 0x14d4  QWAVE - ok
17:10:54.0171 0x14d4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:10:54.0211 0x14d4  QWAVEdrv - ok
17:10:54.0231 0x14d4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:10:54.0271 0x14d4  RasAcd - ok
17:10:54.0311 0x14d4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:10:54.0371 0x14d4  RasAgileVpn - ok
17:10:54.0411 0x14d4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
17:10:54.0481 0x14d4  RasAuto - ok
17:10:54.0511 0x14d4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:10:54.0541 0x14d4  Rasl2tp - ok
17:10:54.0581 0x14d4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
17:10:54.0641 0x14d4  RasMan - ok
17:10:54.0661 0x14d4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:10:54.0711 0x14d4  RasPppoe - ok
17:10:54.0731 0x14d4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:10:54.0761 0x14d4  RasSstp - ok
17:10:54.0791 0x14d4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:10:54.0831 0x14d4  rdbss - ok
17:10:54.0841 0x14d4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:10:54.0871 0x14d4  rdpbus - ok
17:10:54.0901 0x14d4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:10:54.0921 0x14d4  RDPCDD - ok
17:10:54.0961 0x14d4  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
17:10:55.0011 0x14d4  RDPDR - ok
17:10:55.0041 0x14d4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:10:55.0111 0x14d4  RDPENCDD - ok
17:10:55.0131 0x14d4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:10:55.0191 0x14d4  RDPREFMP - ok
17:10:55.0291 0x14d4  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:10:55.0361 0x14d4  RdpVideoMiniport - ok
17:10:55.0401 0x17a0  Object required for P2P: [ 96BB922A0981BC7432C8CF52B5410FE6 ] iScsiPrt
17:10:55.0411 0x14d4  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:10:55.0501 0x14d4  RDPWD - ok
17:10:55.0561 0x14d4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:10:55.0591 0x14d4  rdyboost - ok
17:10:55.0631 0x14d4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:10:55.0681 0x14d4  RemoteAccess - ok
17:10:55.0711 0x14d4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:10:55.0761 0x14d4  RemoteRegistry - ok
17:10:55.0771 0x14d4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:10:55.0831 0x14d4  RpcEptMapper - ok
17:10:55.0851 0x14d4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
17:10:55.0891 0x14d4  RpcLocator - ok
17:10:55.0941 0x14d4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
17:10:56.0001 0x14d4  RpcSs - ok
17:10:56.0031 0x14d4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:10:56.0141 0x14d4  rspndr - ok
17:10:56.0211 0x14d4  [ ED5873F7DFB2F96D37F13322211B6BDC, 26CAE8FD1CFDB568D6A881CDE973F9929013EB0403347E5D19CABAA215012381 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
17:10:56.0261 0x14d4  RTL8167 - ok
17:10:56.0291 0x14d4  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
17:10:56.0361 0x14d4  s3cap - ok
17:10:56.0391 0x14d4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
17:10:56.0401 0x14d4  SamSs - ok
17:10:56.0471 0x14d4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:10:56.0511 0x14d4  sbp2port - ok
17:10:56.0561 0x14d4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:10:56.0621 0x14d4  SCardSvr - ok
17:10:56.0691 0x14d4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:10:56.0741 0x14d4  scfilter - ok
17:10:56.0821 0x14d4  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
17:10:56.0931 0x14d4  Schedule - ok
17:10:56.0961 0x14d4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:10:56.0981 0x14d4  SCPolicySvc - ok
17:10:57.0021 0x14d4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:10:57.0061 0x14d4  SDRSVC - ok
17:10:57.0111 0x14d4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:10:57.0131 0x14d4  secdrv - ok
17:10:57.0171 0x14d4  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
17:10:57.0241 0x14d4  seclogon - ok
17:10:57.0281 0x14d4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
17:10:57.0341 0x14d4  SENS - ok
17:10:57.0371 0x14d4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:10:57.0391 0x14d4  SensrSvc - ok
17:10:57.0451 0x14d4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:10:57.0491 0x14d4  Serenum - ok
17:10:57.0551 0x14d4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:10:57.0621 0x14d4  Serial - ok
17:10:57.0691 0x14d4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
17:10:57.0741 0x14d4  sermouse - ok
17:10:57.0801 0x14d4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
17:10:57.0871 0x14d4  SessionEnv - ok
17:10:57.0881 0x17a0  Object send P2P result: true
17:10:57.0911 0x14d4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:10:57.0951 0x14d4  sffdisk - ok
17:10:57.0971 0x14d4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:10:58.0001 0x14d4  sffp_mmc - ok
17:10:58.0011 0x14d4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:10:58.0031 0x14d4  sffp_sd - ok
17:10:58.0071 0x14d4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
17:10:58.0111 0x14d4  sfloppy - ok
17:10:58.0201 0x14d4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:10:58.0271 0x14d4  SharedAccess - ok
17:10:58.0311 0x14d4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:10:58.0381 0x14d4  ShellHWDetection - ok
17:10:58.0411 0x14d4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:10:58.0441 0x14d4  SiSRaid2 - ok
17:10:58.0451 0x14d4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
17:10:58.0471 0x14d4  SiSRaid4 - ok
17:10:58.0511 0x14d4  [ 01ACB9228C303DE1FFF82B807D28B2B0, 0A66A09ECEE15645F16CF0A1A72BD9E7FED6EDBC52C03398578D87019414F5C5 ] skfiltv         C:\Windows\system32\drivers\skfiltv.sys
17:10:58.0551 0x14d4  skfiltv - ok
17:10:58.0631 0x14d4  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
17:10:58.0681 0x14d4  SkypeUpdate - ok
17:10:58.0721 0x14d4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:10:58.0801 0x14d4  Smb - ok
17:10:58.0861 0x14d4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:10:58.0901 0x14d4  SNMPTRAP - ok
17:10:59.0041 0x14d4  [ FFC5F7ED77AA59AA0A6B70F3D7A22A93, F0EF3A1A8C74CDD9EE0EF585F0489385573D764DE75E14FA8ADFEA05112935DA ] Sound Blaster X-Fi MB Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
17:10:59.0111 0x14d4  Sound Blaster X-Fi MB Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
17:11:01.0651 0x14d4  Detect skipped due to KSN trusted
17:11:01.0651 0x14d4  Sound Blaster X-Fi MB Licensing Service - ok
17:11:01.0681 0x14d4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:11:01.0711 0x14d4  spldr - ok
17:11:01.0771 0x14d4  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
17:11:01.0851 0x14d4  Spooler - ok
17:11:01.0981 0x14d4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
17:11:02.0091 0x14d4  sppsvc - ok
17:11:02.0141 0x14d4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:11:02.0221 0x14d4  sppuinotify - ok
17:11:02.0261 0x14d4  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:11:02.0371 0x14d4  srv - ok
17:11:02.0441 0x14d4  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:11:02.0531 0x14d4  srv2 - ok
17:11:02.0561 0x14d4  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:11:02.0611 0x14d4  srvnet - ok
17:11:02.0641 0x14d4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:11:02.0711 0x14d4  SSDPSRV - ok
17:11:02.0721 0x14d4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:11:02.0771 0x14d4  SstpSvc - ok
17:11:02.0861 0x14d4  [ CC7ED069C2FC82B5B1555C2044C765CC, CE43363544A3EE2C5133CD0D47BF34AFAFA4EAD6AC9EB9A772EE55E89D4D89D4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
17:11:02.0931 0x14d4  Steam Client Service - ok
17:11:03.0021 0x14d4  [ 8330F6741D4D8691B58663EBD831F8D7, 42452A69CD2EA7CCD50A7F0ACFB804AA7CC7F38F47111CB57EEB8E8EA07A4D73 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:11:03.0071 0x14d4  Stereo Service - ok
17:11:03.0101 0x14d4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
17:11:03.0111 0x14d4  stexstor - ok
17:11:03.0311 0x14d4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
17:11:03.0331 0x1404  Object required for P2P: [ 0557CF5A2556BD58E26384169D72438D ] Psched
17:11:03.0351 0x14d4  stisvc - ok
17:11:03.0391 0x14d4  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
17:11:03.0411 0x14d4  storflt - ok
17:11:03.0431 0x14d4  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
17:11:03.0461 0x14d4  storvsc - ok
17:11:03.0491 0x14d4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
17:11:03.0521 0x14d4  swenum - ok
17:11:03.0571 0x14d4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
17:11:03.0631 0x14d4  swprv - ok
17:11:03.0651 0x14d4  Synth3dVsc - ok
17:11:03.0751 0x14d4  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
17:11:03.0861 0x14d4  SysMain - ok
17:11:03.0881 0x14d4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:11:03.0941 0x14d4  TabletInputService - ok
17:11:03.0981 0x14d4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:11:04.0061 0x14d4  TapiSrv - ok
17:11:04.0091 0x14d4  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
17:11:04.0141 0x14d4  TBS - ok
17:11:04.0351 0x14d4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:11:04.0461 0x14d4  Tcpip - ok
17:11:04.0521 0x14d4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:11:04.0571 0x14d4  TCPIP6 - ok
17:11:04.0601 0x14d4  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:11:04.0651 0x14d4  tcpipreg - ok
17:11:04.0691 0x14d4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:11:04.0711 0x14d4  TDPIPE - ok
17:11:04.0741 0x14d4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:11:04.0771 0x14d4  TDTCP - ok
17:11:04.0801 0x14d4  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:11:04.0841 0x14d4  tdx - ok
17:11:05.0151 0x14d4  [ C0C121B537DA3AD87481C0502CACE462, E0FC2AC71B60C796DCD03217A510C47425FB7783713FCCC477130E69715D2B8D ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
17:11:05.0271 0x14d4  TeamViewer - ok
17:11:05.0321 0x14d4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
17:11:05.0341 0x14d4  TermDD - ok
17:11:05.0391 0x14d4  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
17:11:05.0471 0x14d4  TermService - ok
17:11:05.0501 0x14d4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
17:11:05.0551 0x14d4  Themes - ok
17:11:05.0581 0x14d4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
17:11:05.0641 0x14d4  THREADORDER - ok
17:11:05.0651 0x14d4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
17:11:05.0711 0x14d4  TrkWks - ok
17:11:05.0781 0x14d4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:11:05.0811 0x1404  Object send P2P result: true
17:11:05.0811 0x1404  Object required for P2P: [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan
17:11:05.0841 0x14d4  TrustedInstaller - ok
17:11:05.0901 0x14d4  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:11:05.0961 0x14d4  tssecsrv - ok
17:11:06.0011 0x14d4  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:11:06.0041 0x14d4  TsUsbFlt - ok
17:11:06.0041 0x14d4  tsusbhub - ok
17:11:06.0081 0x14d4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:11:06.0121 0x14d4  tunnel - ok
17:11:06.0151 0x14d4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
17:11:06.0171 0x14d4  uagp35 - ok
17:11:06.0211 0x14d4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:11:06.0291 0x14d4  udfs - ok
17:11:06.0331 0x14d4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:11:06.0381 0x14d4  UI0Detect - ok
17:11:06.0401 0x14d4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:11:06.0431 0x14d4  uliagpkx - ok
17:11:06.0471 0x14d4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
17:11:06.0501 0x14d4  umbus - ok
17:11:06.0511 0x14d4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
17:11:06.0541 0x14d4  UmPass - ok
17:11:06.0581 0x14d4  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
17:11:06.0601 0x14d4  UmRdpService - ok
17:11:06.0611 0x14d4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
17:11:06.0681 0x14d4  upnphost - ok
17:11:06.0711 0x14d4  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
17:11:06.0741 0x14d4  usbaudio - ok
17:11:06.0771 0x14d4  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:11:06.0811 0x14d4  usbccgp - ok
17:11:06.0861 0x14d4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:11:06.0911 0x14d4  usbcir - ok
17:11:06.0941 0x14d4  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
17:11:06.0981 0x14d4  usbehci - ok
17:11:07.0011 0x14d4  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:11:07.0081 0x14d4  usbhub - ok
17:11:07.0131 0x14d4  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
17:11:07.0141 0x14d4  usbohci - ok
17:11:07.0171 0x14d4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:11:07.0241 0x14d4  usbprint - ok
17:11:07.0261 0x14d4  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:11:07.0311 0x14d4  USBSTOR - ok
17:11:07.0331 0x14d4  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
17:11:07.0371 0x14d4  usbuhci - ok
17:11:07.0401 0x14d4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
17:11:07.0451 0x14d4  UxSms - ok
17:11:07.0461 0x14d4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
17:11:07.0471 0x14d4  VaultSvc - ok
17:11:07.0641 0x14d4  [ 1352B215BDC5807A5641E7C143796DD7, B54F95307253BB81E4CEE4F2033782210652364DE6A1E833B27ECE7E04A2BD51 ] VBoxAswDrv      C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
17:11:07.0671 0x14d4  VBoxAswDrv - ok
17:11:07.0691 0x14d4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:11:07.0701 0x14d4  vdrvroot - ok
17:11:07.0761 0x14d4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
17:11:07.0831 0x14d4  vds - ok
17:11:07.0871 0x14d4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:11:07.0891 0x14d4  vga - ok
17:11:07.0921 0x14d4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:11:07.0951 0x14d4  VgaSave - ok
17:11:07.0951 0x14d4  VGPU - ok
17:11:08.0011 0x14d4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:11:08.0061 0x14d4  vhdmp - ok
17:11:08.0111 0x14d4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:11:08.0131 0x14d4  viaide - ok
17:11:08.0181 0x14d4  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
17:11:08.0221 0x14d4  vmbus - ok
17:11:08.0251 0x14d4  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
17:11:08.0321 0x14d4  VMBusHID - ok
17:11:08.0371 0x14d4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:11:08.0401 0x14d4  volmgr - ok
17:11:08.0451 0x14d4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:11:08.0491 0x14d4  volmgrx - ok
17:11:08.0511 0x14d4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:11:08.0531 0x14d4  volsnap - ok
17:11:08.0571 0x14d4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
17:11:08.0611 0x14d4  vsmraid - ok
17:11:08.0691 0x14d4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
17:11:08.0831 0x14d4  VSS - ok
17:11:08.0851 0x14d4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
17:11:08.0881 0x14d4  vwifibus - ok
17:11:08.0921 0x1404  Object send P2P result: true
17:11:08.0931 0x14d4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
17:11:09.0011 0x14d4  W32Time - ok
17:11:09.0021 0x14d4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
17:11:09.0091 0x14d4  WacomPen - ok
17:11:09.0151 0x14d4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:11:09.0211 0x14d4  WANARP - ok
17:11:09.0211 0x14d4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:11:09.0241 0x14d4  Wanarpv6 - ok
17:11:09.0361 0x14d4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
17:11:09.0461 0x14d4  wbengine - ok
17:11:09.0501 0x14d4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:11:09.0541 0x14d4  WbioSrvc - ok
17:11:09.0581 0x14d4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:11:09.0621 0x14d4  wcncsvc - ok
17:11:09.0631 0x14d4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:11:09.0661 0x14d4  WcsPlugInService - ok
17:11:09.0711 0x14d4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
17:11:09.0731 0x14d4  Wd - ok
17:11:09.0841 0x14d4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:11:09.0941 0x14d4  Wdf01000 - ok
17:11:10.0031 0x14d4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:11:10.0101 0x14d4  WdiServiceHost - ok
17:11:10.0111 0x14d4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:11:10.0141 0x14d4  WdiSystemHost - ok
17:11:10.0221 0x14d4  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
17:11:10.0291 0x14d4  WebClient - ok
17:11:10.0381 0x14d4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:11:10.0471 0x14d4  Wecsvc - ok
17:11:10.0491 0x14d4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:11:10.0561 0x14d4  wercplsupport - ok
17:11:10.0591 0x14d4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:11:10.0631 0x14d4  WerSvc - ok
17:11:10.0671 0x14d4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:11:10.0741 0x14d4  WfpLwf - ok
17:11:10.0751 0x14d4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:11:10.0771 0x14d4  WIMMount - ok
17:11:10.0791 0x14d4  WinDefend - ok
17:11:10.0801 0x14d4  WinHttpAutoProxySvc - ok
17:11:10.0871 0x14d4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:11:10.0931 0x14d4  Winmgmt - ok
17:11:11.0031 0x14d4  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
17:11:11.0141 0x14d4  WinRM - ok
17:11:11.0211 0x14d4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
17:11:11.0251 0x14d4  WinUsb - ok
17:11:11.0601 0x14d4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:11:11.0651 0x14d4  Wlansvc - ok
17:11:11.0671 0x14d4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
17:11:11.0721 0x14d4  WmiAcpi - ok
17:11:11.0761 0x14d4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:11:11.0831 0x14d4  wmiApSrv - ok
17:11:11.0881 0x14d4  WMPNetworkSvc - ok
17:11:11.0921 0x14d4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:11:11.0951 0x14d4  WPCSvc - ok
17:11:11.0991 0x14d4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:11:12.0031 0x14d4  WPDBusEnum - ok
17:11:12.0061 0x14d4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:11:12.0101 0x14d4  ws2ifsl - ok
17:11:12.0111 0x14d4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
17:11:12.0141 0x14d4  wscsvc - ok
17:11:12.0141 0x14d4  WSearch - ok
17:11:12.0251 0x14d4  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:11:12.0361 0x14d4  wuauserv - ok
17:11:12.0431 0x14d4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:11:12.0501 0x14d4  WudfPf - ok
17:11:12.0551 0x14d4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:11:12.0611 0x14d4  WUDFRd - ok
17:11:12.0641 0x14d4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:11:12.0691 0x14d4  wudfsvc - ok
17:11:12.0771 0x14d4  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:11:12.0831 0x14d4  WwanSvc - ok
17:11:12.0841 0x14d4  ================ Scan global ===============================
17:11:12.0871 0x14d4  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
17:11:12.0911 0x14d4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:11:12.0931 0x14d4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:11:12.0981 0x14d4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
17:11:13.0031 0x14d4  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
17:11:13.0061 0x14d4  [ Global ] - ok
17:11:13.0061 0x14d4  ================ Scan MBR ==================================
17:11:13.0071 0x14d4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:11:13.0351 0x14d4  \Device\Harddisk0\DR0 - ok
17:11:13.0351 0x14d4  ================ Scan VBR ==================================
17:11:13.0351 0x14d4  [ 0A838D5760B12F2B167129048B9D3E2F ] \Device\Harddisk0\DR0\Partition1
17:11:13.0351 0x14d4  \Device\Harddisk0\DR0\Partition1 - ok
17:11:13.0351 0x14d4  [ 4CB79AB7C037EFB865A4A699447CA111 ] \Device\Harddisk0\DR0\Partition2
17:11:13.0361 0x14d4  \Device\Harddisk0\DR0\Partition2 - ok
17:11:13.0361 0x14d4  ================ Scan generic autorun ======================
17:11:13.0961 0x14d4  [ 798DF4955D7DE4552706B3ECB65B3C80, C0DD4999D8E5505EBC5ADB2B458339BA1444FE897C8568E872C9F8CCF7C5360B ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
17:11:14.0191 0x14d4  RtHDVCpl - ok
17:11:14.0221 0x14d4  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\RunDLL32.exe
17:11:14.0241 0x14d4  RunDLLEntry - ok
17:11:14.0361 0x14d4  [ 7304E21B92E538E2CC793EDF478AC034, 39992D4541E100E5D8199B2FB5B7C7DD7213F8BC84AEA1924C6EC46E8711BF28 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
17:11:14.0431 0x14d4  NvBackend - ok
17:11:14.0431 0x14d4  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
17:11:14.0451 0x14d4  ShadowPlay - ok
17:11:14.0921 0x14d4  [ 73CF56A3642DFBEBE4167772B6F422A6, F4F0BC4A745931E83C1B2D4D5E906A6899F6C062CB1001465D844003D7ACC6A2 ] C:\Program Files (x86)\XFastUsb\XFastUsb.exe
17:11:15.0091 0x14d4  XFastUsb - detected UnsignedFile.Multi.Generic ( 1 )
17:11:17.0621 0x14d4  XFastUsb ( UnsignedFile.Multi.Generic ) - warning
17:11:17.0621 0x14d4  Force sending object to P2P due to detect: C:\Program Files (x86)\XFastUsb\XFastUsb.exe
17:11:19.0961 0x167c  Object required for P2P: [ 008CD4EBFABCF78D0F19B3778492648C ] TermService
17:11:22.0431 0x167c  Object send P2P result: true
17:11:22.0431 0x167c  Object required for P2P: [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost
17:11:24.0881 0x167c  Object send P2P result: true
17:11:37.0701 0x14d4  Object send P2P result: false
17:11:40.0231 0x14d4  [ 43A4F52F7A38ED9EE0AACA36FE6DAC5D, 1701C050E18E98BB9AD29568B8A50D1F907E6F6EF53520D53EF281B847C5B0C9 ] C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
17:11:40.0271 0x14d4  VolPanel - detected UnsignedFile.Multi.Generic ( 1 )
17:11:42.0701 0x14d4  Detect skipped due to KSN trusted
17:11:42.0701 0x14d4  VolPanel - ok
17:11:42.0791 0x14d4  [ C419DF63E0121D72411285780C2FC6CC, F47F854D327C589D174D3BB5B55D5C05F5ACA73DF52A6BEF47596B9010190291 ] C:\Windows\UpdReg.EXE
17:11:42.0831 0x14d4  UpdReg - detected UnsignedFile.Multi.Generic ( 1 )
17:11:45.0171 0x14d4  Detect skipped due to KSN trusted
17:11:45.0171 0x14d4  UpdReg - ok
17:11:45.0351 0x14d4  [ 44ADDA5FB88EE14F57A246285775AC2F, 2776225BA9F22C553453541DA0285E093B4F2019DB6FE640D033BA45045299C8 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
17:11:45.0481 0x14d4  AvastUI.exe - ok
17:11:45.0611 0x14d4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:11:45.0701 0x14d4  Sidebar - ok
17:11:45.0751 0x14d4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:11:45.0821 0x14d4  mctadmin - ok
17:11:45.0871 0x14d4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:11:45.0921 0x14d4  Sidebar - ok
17:11:45.0921 0x14d4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:11:45.0941 0x14d4  mctadmin - ok
17:11:46.0061 0x14d4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\Nagel\AppData\Local\Google\Update\GoogleUpdate.exe
17:11:46.0091 0x14d4  Google Update - ok
17:11:46.0111 0x14d4  Skype - ok
17:11:46.0111 0x14d4  Waiting for KSN requests completion. In queue: 6
17:11:47.0111 0x14d4  Waiting for KSN requests completion. In queue: 6
17:11:48.0111 0x14d4  Waiting for KSN requests completion. In queue: 6
17:11:49.0141 0x14d4  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.0.2208.712 ), 0x41000 ( enabled : updated )
17:11:49.0151 0x14d4  Win FW state via NFP2: enabled
17:11:51.0521 0x14d4  ============================================================
17:11:51.0521 0x14d4  Scan finished
17:11:51.0521 0x14d4  ============================================================
17:11:51.0531 0x0528  Detected object count: 1
17:11:51.0531 0x0528  Actual detected object count: 1
17:12:40.0591 0x0528  XFastUsb ( UnsignedFile.Multi.Generic ) - skipped by user
17:12:40.0591 0x0528  XFastUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
Hoffe das stimmt so .
__________________

Alt 03.02.2015, 21:09   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner? - Standard

Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner?



Scheint ein Fehlalarm zu sein, aber da ist noch Adware.

Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    YTD Video Downloader 4.6


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.02.2015, 22:35   #5
Trollherbert
 
Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner? - Standard

Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner?



Malwarebytes Anti-Malware

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 03.02.2015
Suchlauf-Zeit: 21:51:16
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.02.03.07
Rootkit Datenbank: v2015.02.03.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Nagel

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 335706
Verstrichene Zeit: 7 Min, 24 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         
AdwCleaner

Code:
ATTFilter
# AdwCleaner v4.109 - Bericht erstellt am 03/02/2015 um 22:19:15
# Aktualisiert 24/01/2015 von Xplode
# Database : 2015-02-03.1 [Live]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : Nagel - NAGEL-PC
# Gestartet von : C:\Users\Nagel\Downloads\AdwCleaner_4.109.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\DeviceVM
Ordner Gelöscht : C:\Program Files (x86)\GreenTree Applications
Ordner Gelöscht : C:\Users\Nagel\AppData\Local\CrashRpt
Ordner Gelöscht : C:\Users\Nagel\AppData\Roaming\DeviceVM
Datei Gelöscht : C:\Users\Nagel\AppData\Roaming\Mozilla\Firefox\Profiles\wzrs24v3.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\Nagel\AppData\Roaming\Mozilla\Firefox\Profiles\wzrs24v3.default\searchplugins\11-suche.xml

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\OCS

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v35.0.1 (x86 de)


-\\ Google Chrome v


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [1397 octets] - [03/02/2015 22:17:26]
AdwCleaner[S0].txt - [1272 octets] - [03/02/2015 22:19:15]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1332 octets] ##########
         
JRT

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Ultimate x64
Ran by Nagel on 03.02.2015 at 22:28:20,89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Nagel\AppData\Roaming\mozilla\firefox\profiles\wzrs24v3.default\minidumps [156 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.02.2015 at 22:31:31,15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Ich hoffe das hat alles soweit funktioniert.


Alt 04.02.2015, 18:55   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner? - Standard

Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner?




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
--> Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner?

Alt 04.02.2015, 22:55   #7
Trollherbert
 
Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner? - Standard

Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner?



Der ESET Online Scanner dauert echt ewig , das wird noch dauern mit der antwort.
Er hat allerdings schon 3 evtl. infizierte Dateien entdeckt:
Win32/DownloadSponsor.C

Die Logs sende ich, sobald alles komplett durchgelaufen ist und schon mal einen ganz großen Dank an dich für die Hilfe .

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=0a5915c831f33848ba757b8340c793a6
# engine=22308
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-02-04 09:40:55
# local_time=2015-02-04 10:40:55 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=779 16777213 85 72 631010 187506545 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 112203 174715905 0 0
# scanned=226252
# found=3
# cleaned=0
# scan_time=9806
sh=6FA9781311CD05B802636FE89337C71991AA6FDD ft=1 fh=b0b5a1b7309671ad vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nagel\Downloads\CCleaner - CHIP-Downloader.exe"
sh=742D24AB4EB0E31D434E00B66A08816B7E540904 ft=1 fh=922ed7085a0d95bc vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nagel\Downloads\Disk Defrag - CHIP-Downloader.exe"
sh=4985E3503CCDEE9882111076E24BF0818CBEC55D ft=1 fh=d9694632feacbe85 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nagel\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe"
         
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.95  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java version 32-bit out of Date! 
  Java 64-bit 8 Update 31  
 Adobe Flash Player 16.0.0.296  
 Adobe Reader XI  
 Mozilla Firefox (35.0.1) 
 Google Chrome (40.0.2214.93) 
 Google Chrome (40.0.2214.94) 
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast ng vbox\AvastVBoxSVC.exe 
 AVAST Software Avast ng ngservice.exe 
 AVAST Software Avast avastui.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2015 01
Ran by Nagel (administrator) on NAGEL-PC on 04-02-2015 22:52:36
Running from C:\Users\Nagel\Desktop
Loaded Profiles: Nagel (Available profiles: Nagel)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Users\Nagel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUsb\XFastUsb.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-28] (Realtek Semiconductor)
HKLM\...\Run: [RunDLLEntry] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [XFastUsb] => C:\Program Files (x86)\XFastUsb\XFastUsb.exe [4838912 2011-12-20] (FNet Co., Ltd.)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe [241789 2009-05-04] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKU\S-1-5-21-2764538219-2713831469-2866569616-1000\...\Run: [Fatal1tySTU] => [X]
HKU\S-1-5-21-2764538219-2713831469-2866569616-1000\...\Run: [zASRockInstantBoot] => [X]
HKU\S-1-5-21-2764538219-2713831469-2866569616-1000\...\Run: [Google Update] => C:\Users\Nagel\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-02] (Google Inc.)
HKU\S-1-5-21-2764538219-2713831469-2866569616-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
Startup: C:\Users\Nagel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\Nagel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Nagel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2764538219-2713831469-2866569616-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Nagel\AppData\Roaming\Mozilla\Firefox\Profiles\wzrs24v3.default
FF DefaultSearchEngine: LEO Eng-Deu
FF SelectedSearchEngine: LEO Eng-Deu
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2764538219-2713831469-2866569616-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Nagel\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2764538219-2713831469-2866569616-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Nagel\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Nagel\AppData\Roaming\Mozilla\Firefox\Profiles\wzrs24v3.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Nagel\AppData\Roaming\Mozilla\Firefox\Profiles\wzrs24v3.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Nagel\AppData\Roaming\Mozilla\Firefox\Profiles\wzrs24v3.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Nagel\AppData\Roaming\Mozilla\Firefox\Profiles\wzrs24v3.default\searchplugins\webde-suche.xml
FF Extension: ProxTube - C:\Users\Nagel\AppData\Roaming\Mozilla\Firefox\Profiles\wzrs24v3.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2014-07-29]
FF Extension: Adblock Plus - C:\Users\Nagel\AppData\Roaming\Mozilla\Firefox\Profiles\wzrs24v3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-12-20]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-01-26]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-01-26]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-12-20]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Plugin: (Shockwave Flash) - C:\Users\Nagel\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Nagel\AppData\Local\Google\Chrome\Application\40.0.2214.94\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Nagel\AppData\Local\Google\Chrome\Application\40.0.2214.94\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Nagel\AppData\Local\Google\Chrome\Application\40.0.2214.94\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U35) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.350.10) - C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
CHR Plugin: (Google Update) - C:\Users\Nagel\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Profile: C:\Users\Nagel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Nagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-07-17]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-26]
CHR Extension: (AdBlock) - C:\Users\Nagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-09-02]
CHR Extension: (Google Wallet) - C:\Users\Nagel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-11]
StartMenuInternet: Google Chrome.MCGUFTJKQJOMCU353M63HDGSUI - C:\Users\Nagel\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-11] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-11] (Avast Software)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2011-12-20] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2011-12-20] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
S3 Sound Blaster X-Fi MB Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [79360 2011-12-20] (Creative Labs) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S1 AsrHidFilter; C:\Windows\System32\DRIVERS\AsrHidFilter.sys [17928 2011-02-17] (ASRock Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-11] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-11] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-11] ()
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [31808 2011-12-20] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2011-12-20] (FNet Co., Ltd.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 skfiltv; C:\Windows\System32\drivers\skfiltv.sys [24064 2008-08-14] (Creative Technology Ltd.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-11] (Avast Software)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-04 22:52 - 2015-02-04 22:53 - 00016514 _____ () C:\Users\Nagel\Desktop\FRST.txt
2015-02-04 22:52 - 2015-02-04 22:52 - 02131968 _____ (Farbar) C:\Users\Nagel\Desktop\FRST64.exe
2015-02-04 22:52 - 2015-02-04 22:52 - 00000000 ____D () C:\Users\Nagel\Desktop\FRST-OlderVersion
2015-02-04 22:44 - 2015-02-04 22:45 - 00852573 _____ () C:\Users\Nagel\Desktop\SecurityCheck.exe
2015-02-04 19:48 - 2015-02-04 19:48 - 02347384 _____ (ESET) C:\Users\Nagel\Desktop\esetsmartinstaller_deu.exe
2015-02-03 22:27 - 2015-02-03 22:27 - 01388274 _____ (Thisisu) C:\Users\Nagel\Downloads\JRT.exe
2015-02-03 22:20 - 2015-02-03 22:20 - 00000812 _____ () C:\Windows\PFRO.log
2015-02-03 22:17 - 2015-02-03 22:19 - 00000000 ____D () C:\AdwCleaner
2015-02-03 22:04 - 2015-02-03 22:04 - 02194432 _____ () C:\Users\Nagel\Downloads\AdwCleaner_4.109.exe
2015-02-03 21:32 - 2015-02-03 21:34 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Nagel\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-03 21:28 - 2015-02-03 21:28 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-02-03 21:27 - 2015-02-03 21:28 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Nagel\Downloads\revosetup95.exe
2015-02-03 16:26 - 2015-02-04 17:22 - 00000616 _____ () C:\Windows\setupact.log
2015-02-03 16:26 - 2015-02-03 16:26 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-26 23:09 - 2015-01-26 23:12 - 00000000 ____D () C:\Users\Nagel\Documents\Marvel The Agents of S.H.I.E.L.D
2015-01-26 23:09 - 2015-01-26 23:09 - 00000000 ____D () C:\Users\Nagel\Documents\Marvel Guardians of the Galaxy
2015-01-26 18:59 - 2015-01-26 18:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-24 12:34 - 2015-01-24 12:36 - 00000247 _____ () C:\Windows\system32\2015-01-24-11-34-05.078-aswFe.exe-5640.log
2015-01-24 12:34 - 2015-01-24 12:34 - 00000197 _____ () C:\Windows\system32\2015-01-24-11-34-03.060-AvastVBoxSVC.exe-5596.log
2015-01-24 12:28 - 2015-01-24 12:30 - 00000247 _____ () C:\Windows\system32\2015-01-24-11-28-07.092-aswFe.exe-2980.log
2015-01-24 12:28 - 2015-01-24 12:28 - 00000197 _____ () C:\Windows\system32\2015-01-24-11-28-06.010-AvastVBoxSVC.exe-4240.log
2015-01-24 12:20 - 2015-01-24 12:23 - 00000247 _____ () C:\Windows\system32\2015-01-24-11-20-52.027-aswFe.exe-3908.log
2015-01-24 12:20 - 2015-01-24 12:20 - 00000197 _____ () C:\Windows\system32\2015-01-24-11-20-48.046-AvastVBoxSVC.exe-5580.log
2015-01-23 17:06 - 2015-01-23 17:07 - 00000197 _____ () C:\Windows\system32\2015-01-23-16-06-57.039-AvastVBoxSVC.exe-3168.log
2015-01-23 12:09 - 2015-01-23 12:09 - 00000197 _____ () C:\Windows\system32\2015-01-23-11-09-21.051-AvastVBoxSVC.exe-3516.log
2015-01-22 16:58 - 2015-01-09 23:27 - 00621200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-01-22 16:55 - 2015-01-13 05:15 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 32102544 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 25459856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 24765584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 20465296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 13295552 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 13210248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 10774544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 10714488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 10274448 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-01-22 16:55 - 2015-01-10 09:07 - 03607184 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 03245712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434725.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 01556808 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434725.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 00994712 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 00969360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 00942736 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 00929424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 00906384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 00877488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 00353040 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 00305320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 00177624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-01-22 16:55 - 2015-01-10 09:07 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-01-22 16:24 - 2015-01-22 16:25 - 00000197 _____ () C:\Windows\system32\2015-01-22-15-24-20.000-AvastVBoxSVC.exe-3768.log
2015-01-21 16:29 - 2015-01-21 16:30 - 00000197 _____ () C:\Windows\system32\2015-01-21-15-29-49.029-AvastVBoxSVC.exe-4252.log
2015-01-20 16:45 - 2015-01-20 16:45 - 00000247 _____ () C:\Windows\system32\2015-01-20-15-45-38.083-aswFe.exe-6124.log
2015-01-20 16:40 - 2015-01-20 16:45 - 00000247 _____ () C:\Windows\system32\2015-01-20-15-40-48.064-aswFe.exe-5324.log
2015-01-20 16:40 - 2015-01-20 16:40 - 00000197 _____ () C:\Windows\system32\2015-01-20-15-40-44.060-AvastVBoxSVC.exe-6064.log
2015-01-19 16:32 - 2015-01-19 16:32 - 00000197 _____ () C:\Windows\system32\2015-01-19-15-32-01.098-AvastVBoxSVC.exe-3140.log
2015-01-18 21:45 - 2015-01-18 21:46 - 07818296 _____ () C:\Users\Nagel\Downloads\2013_11_21.bmp
2015-01-18 15:55 - 2015-01-18 15:55 - 00000000 __SHD () C:\Users\Nagel\AppData\Local\EmieBrowserModeList
2015-01-18 15:15 - 2015-01-18 15:15 - 00000197 _____ () C:\Windows\system32\2015-01-18-14-15-18.049-AvastVBoxSVC.exe-3144.log
2015-01-15 16:31 - 2015-01-15 16:32 - 00000197 _____ () C:\Windows\system32\2015-01-15-15-31-25.077-AvastVBoxSVC.exe-2836.log
2015-01-14 11:27 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 11:27 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 11:27 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 11:27 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 11:27 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 11:27 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 11:27 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 11:27 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 11:27 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 11:27 - 2014-12-11 18:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 11:27 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 11:27 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 11:27 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 11:17 - 2015-01-14 11:17 - 00000197 _____ () C:\Windows\system32\2015-01-14-10-17-07.099-AvastVBoxSVC.exe-4952.log
2015-01-13 11:37 - 2015-01-13 11:38 - 00000197 _____ () C:\Windows\system32\2015-01-13-10-37-49.032-AvastVBoxSVC.exe-3320.log
2015-01-12 19:58 - 2015-01-12 19:58 - 00000197 _____ () C:\Windows\system32\2015-01-12-18-57-57.028-AvastVBoxSVC.exe-3292.log
2015-01-12 09:35 - 2015-01-12 09:36 - 00000247 _____ () C:\Windows\system32\2015-01-12-08-35-58.034-aswFe.exe-3456.log
2015-01-12 09:30 - 2015-01-12 09:35 - 00000247 _____ () C:\Windows\system32\2015-01-12-08-30-00.085-aswFe.exe-5276.log
2015-01-12 09:29 - 2015-01-12 09:29 - 00000197 _____ () C:\Windows\system32\2015-01-12-08-29-54.084-AvastVBoxSVC.exe-5992.log
2015-01-12 09:22 - 2015-01-12 09:22 - 00000197 _____ () C:\Windows\system32\2015-01-12-08-22-31.010-AvastVBoxSVC.exe-2844.log
2015-01-08 18:18 - 2015-01-08 18:18 - 00000000 ____D () C:\Users\Nagel\AppData\Roaming\TeamViewer
2015-01-08 17:12 - 2015-01-08 17:12 - 00001064 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-01-08 17:12 - 2015-01-08 17:12 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-01-08 17:11 - 2015-01-08 17:11 - 07718224 _____ (TeamViewer GmbH) C:\Users\Nagel\Downloads\TeamViewer_Setup_de.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-04 22:52 - 2014-05-19 18:02 - 00000000 ____D () C:\FRST
2015-02-04 22:51 - 2012-04-02 14:55 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-04 22:50 - 2011-12-20 17:29 - 00000000 ____D () C:\Users\Nagel\AppData\Roaming\Skype
2015-02-04 22:49 - 2011-12-20 03:12 - 01506727 _____ () C:\Windows\WindowsUpdate.log
2015-02-04 22:42 - 2012-09-02 11:35 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2764538219-2713831469-2866569616-1000UA.job
2015-02-04 21:42 - 2013-03-10 12:50 - 00000859 _____ () C:\Windows\client.config.ini
2015-02-04 19:48 - 2012-02-12 17:35 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-04 19:47 - 2011-12-29 16:33 - 00000000 ____D () C:\Users\Nagel\AppData\Roaming\TS3Client
2015-02-04 19:40 - 2012-06-01 16:01 - 00000000 ____D () C:\Users\Nagel\AppData\Local\Deployment
2015-02-04 18:19 - 2009-07-14 05:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-04 18:19 - 2009-07-14 05:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-04 17:42 - 2012-09-02 11:35 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2764538219-2713831469-2866569616-1000Core.job
2015-02-04 16:27 - 2013-10-15 16:55 - 00000000 ___RD () C:\Users\Nagel\Dropbox
2015-02-04 16:27 - 2013-10-15 16:53 - 00000000 ____D () C:\Users\Nagel\AppData\Roaming\Dropbox
2015-02-04 16:27 - 2012-07-10 11:35 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-02-04 16:25 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-04 16:24 - 2011-12-20 14:09 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-03 21:38 - 2014-05-19 17:02 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-03 21:36 - 2014-05-19 17:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-02-03 21:36 - 2014-05-19 17:02 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-02-03 21:07 - 2011-12-20 17:13 - 00000000 ____D () C:\Users\Nagel\AppData\Local\CrashDumps
2015-02-03 18:47 - 2014-03-23 20:57 - 00000075 _____ () C:\Users\Nagel\Desktop\Dias-RoM.txt
2015-02-03 16:26 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-02 19:32 - 2014-10-27 17:11 - 00000000 ____D () C:\Windows\Minidump
2015-02-02 19:32 - 2011-12-20 03:08 - 00000000 ____D () C:\Windows\Panther
2015-01-29 23:50 - 2011-12-20 23:20 - 00000000 ____D () C:\Users\Nagel\AppData\Roaming\vlc
2015-01-27 16:25 - 2012-04-27 12:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-26 23:08 - 2012-07-16 16:44 - 00000000 ____D () C:\Users\Nagel\Documents\Sozialversicherungen
2015-01-24 23:51 - 2012-04-02 14:55 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-24 23:51 - 2012-04-02 14:55 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-24 23:51 - 2011-12-20 17:34 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-22 22:56 - 2014-06-15 14:43 - 00000000 ____D () C:\Program Files\Java
2015-01-22 22:56 - 2013-10-17 17:40 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-22 22:54 - 2014-07-20 17:18 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-01-22 22:54 - 2014-07-20 17:18 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-01-22 22:54 - 2014-07-20 17:18 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-01-22 22:54 - 2014-06-15 14:43 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-01-22 16:58 - 2014-11-04 17:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-01-19 18:23 - 2009-07-14 18:58 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2015-01-19 18:23 - 2009-07-14 18:58 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2015-01-19 18:23 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-15 00:06 - 2013-08-14 21:37 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 00:01 - 2011-12-20 18:48 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-11 16:15 - 2009-07-14 05:45 - 00299040 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-10 09:07 - 2014-12-23 19:46 - 16009120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-01-10 09:07 - 2014-12-23 19:46 - 02902456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-01-10 09:07 - 2014-11-19 17:46 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-01-10 09:07 - 2012-12-19 19:50 - 17250776 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-01-10 09:07 - 2011-12-20 14:07 - 18566296 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-01-10 09:07 - 2011-12-20 14:07 - 14115944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-01-10 09:07 - 2011-12-20 14:07 - 03298816 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-01-10 00:30 - 2011-03-20 17:33 - 06860432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-01-10 00:30 - 2011-03-20 17:33 - 03517256 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-01-10 00:29 - 2011-03-20 17:34 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-01-10 00:29 - 2011-03-20 17:34 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-01-10 00:29 - 2011-03-20 17:34 - 00385352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-01-10 00:29 - 2011-03-20 17:34 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-01-09 20:47 - 2012-03-15 22:52 - 04173527 _____ () C:\Windows\system32\nvcoproc.bin
2015-01-08 19:00 - 2011-12-20 18:23 - 00065152 _____ () C:\Users\Nagel\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-08 09:55 - 2011-12-19 21:32 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2012-02-13 19:24 - 2012-07-16 16:52 - 0000600 _____ () C:\Users\Nagel\AppData\Roaming\winscp.rnd
2012-01-05 22:35 - 2012-01-05 22:35 - 0000017 _____ () C:\Users\Nagel\AppData\Local\resmon.resmoncfg
2012-02-13 18:55 - 2011-12-15 18:55 - 0000032 ____R () C:\ProgramData\hash.dat

Files to move or delete:
====================
C:\ProgramData\hash.dat


Some content of TEMP:
====================
C:\Users\Nagel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpdmze4s.dll
C:\Users\Nagel\AppData\Local\Temp\Quarantine.exe
C:\Users\Nagel\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-24 19:03

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-02-2015 01
Ran by Nagel at 2015-02-04 22:53:48
Running from C:\Users\Nagel\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader 3.4 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.4.5.1525 - Open Media LLC)
64 Bit HP CIO Components Installer (Version: 8.2.4 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
ASRock App Charger v1.0.4 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
ASUS nVidia Driver (x32 Version: 1.00.0000 - ASUSTek) Hidden
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.0.0 - Auslogics Labs Pty Ltd)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Call of Duty: Advanced Warfare - Multiplayer (HKLM-x32\...\Steam App 209660) (Version:  - Sledgehammer Games)
Call of Duty: Advanced Warfare (HKLM-x32\...\Steam App 209650) (Version:  - Sledgehammer Games)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Curse Client (HKU\S-1-5-21-2764538219-2713831469-2866569616-1000\...\090215de958f1060) (Version: 4.0.1.260 - Curse)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - )
Dropbox (HKU\S-1-5-21-2764538219-2713831469-2866569616-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.96 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.96 - Etron Technology) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
F-Stream Tuning v0.1.27.13 (HKLM-x32\...\F-Stream Tuning_is1) (Version:  - )
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
Google Chrome (HKU\S-1-5-21-2764538219-2713831469-2866569616-1000\...\Google Chrome) (Version: 40.0.2214.94 - Google Inc.)
Hama Flashlight Pad (HKLM-x32\...\Hama Flashlight Pad) (Version:  - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of Newerth (HKLM-x32\...\hon) (Version: 2.3.0 - S2 Games)
InstantBoot (HKLM-x32\...\InstantBoot_is1) (Version:  - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Logitech GamePanel Software 3.06.109 (HKLM\...\{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}) (Version: 3.06.109 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.25 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.25 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
QIP 2012 4.0.7000 (HKU\S-1-5-21-2764538219-2713831469-2866569616-1000\...\QIP 2012) (Version: 4.0.7000 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6167 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Runes of Magic (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 5.0.5.2592 - Gameforge Productions GmbH)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Shutdown Timer (HKLM\...\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}) (Version: 3.3.4 - Sinvise Systems)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sound Blaster X-Fi MB (HKLM-x32\...\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}) (Version: 1.0 - Creative Technology Limited)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - Blizzard Entertainment)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WinSCP 4.3.6 (HKLM-x32\...\winscp3_is1) (Version: 4.3.6 - Martin Prikryl)
XFastUsb (HKLM-x32\...\XFastUsb) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Nagel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Nagel\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Nagel\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{39049a7d-0377-4db1-aeb5-db60b76870a8}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Nagel\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Nagel\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Nagel\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nagel\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2764538219-2713831469-2866569616-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Nagel\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================

13-01-2015 12:13:56 Geplanter Prüfpunkt
15-01-2015 00:00:08 Windows Update
18-01-2015 15:20:27 Windows Update
21-01-2015 16:32:17 Windows Update
27-01-2015 16:37:15 Windows Update
01-02-2015 15:48:12 Windows Update
03-02-2015 21:29:58 Revo Uninstaller's restore point - YTD Video Downloader 4.6

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {38DC76CE-6A6A-4FA1-8A2B-C46D841009E3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {5C1D1930-75D7-4882-942D-EC8EF7646021} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {66AE9055-19FC-4919-8C45-212F6F492A3E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2764538219-2713831469-2866569616-1000UA => C:\Users\Nagel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-02] (Google Inc.)
Task: {A39C6A1B-D397-413A-8EA5-B1B0E12DCF08} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-24] (Adobe Systems Incorporated)
Task: {AEBFCDDB-156A-4184-BE56-31FBA81D96E8} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-11] (AVAST Software)
Task: {D3756E5F-1C96-4648-9CE7-CA80D031DA4E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2764538219-2713831469-2866569616-1000Core => C:\Users\Nagel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-02] (Google Inc.)
Task: {D9BFDBA4-A9F5-4F54-99D7-9CE653E3ED7C} - System32\Tasks\{84F65B50-34CB-4863-90DF-5BDB963DD700} => pcalua.exe -a C:\Users\Nagel\Downloads\setup.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2764538219-2713831469-2866569616-1000Core.job => C:\Users\Nagel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2764538219-2713831469-2866569616-1000UA.job => C:\Users\Nagel\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2011-03-20 17:33 - 2015-01-10 00:29 - 00117392 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-11 18:20 - 2014-11-11 18:20 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-11-11 18:20 - 2014-11-11 18:20 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-11-11 18:20 - 2014-11-11 18:20 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2015-02-04 16:26 - 2015-02-04 16:26 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020400\algo.dll
2015-02-04 20:31 - 2015-02-04 20:31 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020401\algo.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00750080 _____ () C:\Users\Nagel\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-02-04 16:27 - 2015-02-04 16:27 - 00043008 _____ () c:\users\nagel\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpdmze4s.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00047616 _____ () C:\Users\Nagel\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00863744 _____ () C:\Users\Nagel\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00200704 _____ () C:\Users\Nagel\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2011-12-20 04:05 - 2009-02-06 18:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2011-12-20 04:05 - 2009-04-20 11:55 - 00148480 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2014-11-11 18:21 - 2014-11-11 18:21 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-01-26 18:59 - 2015-01-26 18:59 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-01-24 23:51 - 2015-01-24 23:51 - 16844976 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:05EE1EEF

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Registry Areas =====================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2764538219-2713831469-2866569616-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Nagel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Nagel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccip.Startup
MSCONFIG\startupfolder: C:^Users^Nagel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Nagel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Nagel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.lnk => C:\Windows\pss\OpenOffice.org 3.4.lnk.Startup
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Nagel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Launch LCDMon => "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
MSCONFIG\startupreg: Launch LGDCore => "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
MSCONFIG\startupreg: Launch LgDeviceAgent => "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== Accounts: =============================

Administrator (S-1-5-21-2764538219-2713831469-2866569616-500 - Administrator - Disabled)
Gast (S-1-5-21-2764538219-2713831469-2866569616-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2764538219-2713831469-2866569616-1006 - Limited - Enabled)
Nagel (S-1-5-21-2764538219-2713831469-2866569616-1000 - Administrator - Enabled) => C:\Users\Nagel

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/04/2015 10:43:54 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/04/2015 07:50:32 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/04/2015 07:48:28 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/04/2015 07:48:24 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/04/2015 07:48:22 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (02/04/2015 04:25:18 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
AsrHidFilter


Microsoft Office Sessions:
=========================
Error: (02/04/2015 10:43:54 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (02/04/2015 07:50:32 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Nagel\Desktop\esetsmartinstaller_deu.exe

Error: (02/04/2015 07:48:28 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Nagel\Desktop\esetsmartinstaller_deu.exe

Error: (02/04/2015 07:48:24 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Nagel\Desktop\esetsmartinstaller_deu.exe

Error: (02/04/2015 07:48:22 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Nagel\Downloads\esetsmartinstaller_deu.exe


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 42%
Total physical RAM: 8174.67 MB
Available physical RAM: 4680.69 MB
Total Pagefile: 16347.53 MB
Available Pagefile: 12637.35 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (System-reserviert) (Fixed) (Total:146.48 GB) (Free:13.98 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:319.28 GB) (Free:145.7 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 9D74F9CD)
Partition 1: (Active) - (Size=146.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=319.3 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 05.02.2015, 10:25   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner? - Standard

Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner?



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Users\Nagel\Downloads\CCleaner - CHIP-Downloader.exe

C:\Users\Nagel\Downloads\Disk Defrag - CHIP-Downloader.exe

C:\Users\Nagel\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.02.2015, 16:56   #9
Trollherbert
 
Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner? - Standard

Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner?



Hier die Fixlog.txt

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-02-2015 01
Ran by Nagel at 2015-02-05 16:43:08 Run:1
Running from C:\Users\Nagel\Desktop
Loaded Profiles: Nagel (Available profiles: Nagel)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\Nagel\Downloads\CCleaner - CHIP-Downloader.exe

C:\Users\Nagel\Downloads\Disk Defrag - CHIP-Downloader.exe

C:\Users\Nagel\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe
Emptytemp:
*****************

C:\Users\Nagel\Downloads\CCleaner - CHIP-Downloader.exe => Moved successfully.
C:\Users\Nagel\Downloads\Disk Defrag - CHIP-Downloader.exe => Moved successfully.
C:\Users\Nagel\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe => Moved successfully.
EmptyTemp: => Removed 889.6 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 16:43:49 ====
         
Was wurde denn genau behoben/gemacht, bzw. was habe ich falsches runtergeladen?
War das Problem/die Ursache der "YTD Video Downloader 4.6"?
Gibt es ein besseres Antiviren Programm, welches auch kostenlos ist, oder bieten die kostenlosen Programme alle den gleichen Schutz?
Danke für deine Hilfe .

Alt 06.02.2015, 07:18   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner? - Standard

Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner?



Da war jede Menge Adware. Ich halte nix von Free-AV Programmen, aber kein AV kann dich 100% schützen, erst recht nicht wenn man sowas macht:

Zitat:
C:\Users\Nagel\Downloads\CCleaner - CHIP-Downloader.exe

C:\Users\Nagel\Downloads\Disk Defrag - CHIP-Downloader.exe

C:\Users\Nagel\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 06.02.2015, 09:23   #11
Trollherbert
 
Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner? - Standard

Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner?



Moin, geht's dabei um die Programme oder das ich das über Chip runtergeladen habe?
Dann würde ich das natürlich ändern.

Alt 06.02.2015, 10:49   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner? - Standard

Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner?



Chip, seit Einführung des Chip Downloadmanagers bekommt man damit gratis Adware mit.

Wenn Du was brauchst schau bei FilePony.de, wenn Dir da ein Download fehlt sag Bescheid.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 06.02.2015, 11:30   #13
Trollherbert
 
Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner? - Standard

Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner?



2 Fragen noch, dann kann das Thema geschlossen werden . Ich hatte mir früher mal Kaspersky gekauft gehabt, das kam für Ca 30€ pro Jahr. Welches antuvirenprogramm würdest du mir empfehlen, wenn ich wieder Ca 30€ investiere.
Kann es sein, dass mein System schneller läuft, hab seitdem ich einige deiner Sachen befolgt habe, so das Gefühl .
Danke dir das du mir so gut geholfen hast.

Alt 06.02.2015, 14:37   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner? - Standard

Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner?



Klar läuft das jetzt schneller

Ich empfehle immer Emsisoft, aber ich arbeite dort auch
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner?
adware, antivirus, browser, cpu, defender, downloader, failed, firefox, flash player, flashlight, google, helper, homepage, mozilla, realtek, registry, rundll, security, services.exe, software, svchost.exe, trojaner, trojaner?, usb, virus, windows




Ähnliche Themen: Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner?


  1. Avast erkennt Malware Prozess:prgramme32/svchost.exe
    Plagegeister aller Art und deren Bekämpfung - 16.07.2015 (8)
  2. Trojaner auf NAS in Archive ZIP/RAR und ISO einfach gelöscht, Sicherheit
    Diskussionsforum - 03.07.2015 (13)
  3. avast erkennt bgbutton finished.png-passwortgeschützte Archive
    Log-Analyse und Auswertung - 01.07.2015 (11)
  4. zonealarm programmdatei als virus? und kennwortgeschützte Archive
    Log-Analyse und Auswertung - 07.06.2014 (10)
  5. Windows 7: Avast erkennt Viren in Java Datei
    Log-Analyse und Auswertung - 07.02.2014 (11)
  6. Windows 7: Avast erkennt Win32:Evo-gen im Steam Ordner - Fehlalarm oder nicht?
    Log-Analyse und Auswertung - 13.01.2014 (7)
  7. avast erkennt eine datei im scan ordner von windows defender als trojaner. mbam nicht. fehlmeldung?
    Plagegeister aller Art und deren Bekämpfung - 17.11.2013 (5)
  8. AVAST! erkennt GVU Trojaner NICHT
    Antiviren-, Firewall- und andere Schutzprogramme - 22.12.2012 (19)
  9. Avast erkennt eigene Logdatei als Virus?
    Antiviren-, Firewall- und andere Schutzprogramme - 28.06.2012 (2)
  10. Avast: Kennwortgeschützte Archive
    Antiviren-, Firewall- und andere Schutzprogramme - 22.04.2012 (6)
  11. Kaspersky erkennt Virus,Trojaner o.ä. nicht , was nun?
    Plagegeister aller Art und deren Bekämpfung - 25.09.2010 (24)
  12. Was tun wenn die AV einen Virus oder Trojaner erkennt?
    Antiviren-, Firewall- und andere Schutzprogramme - 22.01.2010 (2)
  13. Avast anti virus trojaner alarm
    Antiviren-, Firewall- und andere Schutzprogramme - 22.11.2009 (4)
  14. Avast erkennt 57018be4.sys immer wieder als virus
    Log-Analyse und Auswertung - 08.04.2009 (1)
  15. Log File - archive.exe - Trojaner?
    Netzwerk und Hardware - 17.05.2007 (14)
  16. Avast erkennt Panda als virus !!!
    Plagegeister aller Art und deren Bekämpfung - 06.10.2005 (4)
  17. Avast erkennt Panda als virus !!!
    Mülltonne - 06.10.2005 (1)

Zum Thema Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner? - Guten Abend, Avast hat bei mir kennwortgeschützte Archive gefunden, ich bin unsicher welchen sinn diese Archive haben, die Archive heißen wie folgt: C:\Users\Nagel\Downloads\install_flashplayer11x32_mssd_aaa_aih.exe|>images\bgbutton.png C:\Users\Nagel\Downloads\install_flashplayer11x32_mssd_aaa_aih.exe|>images\bgbuttonfinished.png C:\Users\Nagel\Downloads\install_flashplayer11x32_mssd_aaa_aih.exe|>images\bgcloseprogram.png C:\Users\Nagel\Downloads\install_flashplayer11x32_mssd_aaa_aih.exe|>images\bgdownloadbarempty.png C:\Users\Nagel\Downloads\install_flashplayer11x32_mssd_aaa_aih.exe|>images\bgdownloadbarerror.png Systemscan mit FRST - Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner?...
Archiv
Du betrachtest: Avast erkennt kennwortgeschützte Archive (\bgbutton.png) Virus,Trojaner? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.