| |
| |||||||
Log-Analyse und Auswertung: 3 Tabs werden in Chrome geöffnetWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
08.03.2015, 13:31
| #1 |
 |  3 Tabs werden in Chrome geöffnet Hallo, ich habe das hier befolgt und ein ähnliches Problem http://www.trojaner-board.de/153860-...hinweisen.html Es ist ein relativ neu aufgesetzter win8.1 Rechner Acer 64bit, 32bit win mit Bing. Ich habe von Anfang an in srwareIron (chrome) das Problem, dass bei anklicken eines Weblinks sich gleich 3 Tabs öffnen. da ich relativ gut gegen Werbung geschützt bin durch die Hosts Datei, kommt zwar keine Werbung durch, aber lästig ist es trotzdem. Der erste Tab hat ein - in der Adresszeile, der zweite will den Cache öffnen, das gelingt aber nicht, es kommt aber ein Icon von T-Online davor. Und der dritte zeigt die angeklickte URL an. Es ist mir wohl gelungen diesen Effekt bei einfachen Weblinks zu eliminieren, aber in Alert-Boxen u Hinweisblasen des Betriebsssystems führt das Anklicken eines Links zu dem beschriebenen Effekt. Die Suchläufe haben schon folgendes entfernt: Malewarebyte: Code:
ATTFilter Registrierungsschlüssel: 1
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\avnotify.exe, In Quarantäne, [91b96bae6a206dc981b744036e96ed13],
Code:
ATTFilter Registrierungsdaten: 1
PUM.Hijack.HomePageControl, HKU\S-1-5-21-2704919929-3204641014-941289941-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\POLICIES\MICROSOFT\INTERNET EXPLORER\CONTROL PANEL|Homepage, 1, Gut: (0), Schlecht: (1),Löschen bei Neustart,[555432f0b1d93ef8c55cb52513f22cd4]
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.3 (03.01.2015:1)
OS: Windows 8.1 Connected x86
Ran by spiesarchiv on 08.03.2015 at 12:35:09,44
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2704919929-3204641014-941289941-1001
Successfully deleted: [File] C:\windows\System32\Tasks\Driver Booster Scan
Successfully deleted: [File] C:\windows\System32\Tasks\Driver Booster SkipUAC (spiesarchiv)
Successfully deleted: [File] C:\windows\System32\Tasks\Driver Booster Update
Successfully deleted: [File] C:\windows\prefetch\DRIVERBOOSTER.EXE-D482C02E.pf
~~~ Folders
Successfully deleted: [Folder] "C:\Program Files\hosts"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.03.2015 at 12:39:24,31
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Frst.txt Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-03-2015
Ran by spiesarchiv (administrator) on SWITCH on 07-03-2015 22:24:06
Running from C:\Program Files\FaberRecoveryScan
Loaded Profiles: spiesarchiv (Available profiles: spiesarchiv)
Platform: Microsoft Windows 8.1 mit Bing (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Kingsoft Corporation) C:\Program Files\cmcm\Clean Master\cmcore.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(IObit) C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Secunia) C:\Program Files\Secunia\PSI\psia.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(StarWind Software) C:\Program Files\RAM Disk\StarRAMService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Touch Tools\TouchToolsLaunchSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Glarysoft Ltd) C:\Program Files\Glary Utilities 5\Integrator.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
() C:\Program Files\DSL Soforthilfe\DSL_Soforthilfe.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Glarysoft Ltd) C:\Program Files\Glary Utilities 5\memdefrag.exe
(Nenad Hrg SoftwareOK) C:\Program Files\Tools\DesktopOK.exe
(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
( ) C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Acer Incorporated) C:\Program Files\Acer\Screen Grasp\GestureDetection.exe
(Acer Incorporated) C:\Program Files\Acer\Screen Grasp\Launch Screen Grasp.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(FreeDownloadManager.ORG) C:\Program Files\Free Download Manager\Chrome\fdm_nativehost.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(eM Client, Inc.) C:\Program Files\eM Client\MailClient.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\windows\System32\DptfPolicyLpmServiceHelper.exe [81336 2014-05-08] (Intel Corporation)
HKLM\...\Run: [RtkNGUI] => C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe [7761920 2014-09-22] (Realtek Semiconductor)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [702768 2014-11-24] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [126712 2014-12-31] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM\...\Run: [DSL Soforthilfe] => C:\Program Files\DSL Soforthilfe\DSL_Soforthilfe.exe [20585888 2013-11-21] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [37152 2015-03-02] (Glarysoft Ltd)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\...\Run: [Glary Memory Optimizer] => C:\Program Files\Glary Utilities 5\memdefrag.exe [122656 2015-03-02] (Glarysoft Ltd)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\...\Run: [eM Client] => C:\Program Files\eM Client\MailClient.exe [15612200 2014-12-22] (eM Client, Inc.)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\...\Run: [DesktopOK] => C:\Program Files\Tools\DesktopOK.exe [174080 2014-12-23] (Nenad Hrg SoftwareOK)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [780288 2013-08-22] (Microsoft Corporation)
IFEO\apnstub.exe: [Debugger] dllhost.exe
IFEO\ipmgui.exe: [Debugger] dllhost.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SpyderUtility.lnk
ShortcutTarget: SpyderUtility.lnk -> C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility.exe ( )
BootExecute: autocheck autochk *
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\Software\Microsoft\Internet Explorer\Main,Start Page = google.de
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2015-01-27] (IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-22] (Oracle Corporation)
BHO: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files\Free Download Manager\iefdm2.dll [2014-11-13] (FreeDownloadManager.ORG)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-22] (Oracle Corporation)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-07] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw_1216156.dll [2015-01-09] (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-22] (Oracle Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF HKLM\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\Program Files\Free Download Manager\Firefox\Extension
FF Extension: Free Download Manager plugin - C:\Program Files\Free Download Manager\Firefox\Extension [2015-01-27]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [178424 2014-12-31] (Avira Operations GmbH & Co. KG)
R2 BTDevManager; C:\Program Files\REALTEK\REALTEK Bluetooth\BTDevMgr.exe [70144 2014-03-12] () [File not signed]
R2 cmcore; c:\program files\cmcm\Clean Master\cmcore.exe [315240 2015-01-27] (Kingsoft Corporation)
S3 cphs; C:\windows\system32\IntelCpHeciSvc.exe [280680 2014-12-29] (Intel Corporation)
R2 DptfParticipantProcessorService; C:\windows\system32\DptfParticipantProcessorService.exe [83384 2014-05-08] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\windows\system32\DptfPolicyCriticalService.exe [97208 2014-05-08] (Intel Corporation)
R2 DptfPolicyLpmService; C:\windows\system32\DptfPolicyLpmService.exe [90552 2014-05-08] (Intel Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [1974504 2014-07-22] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [280680 2014-12-29] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2635552 2015-01-27] (IObit)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [452840 2014-12-30] (Acer Incorporate)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [169800 2014-04-04] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [179600 2014-04-04] (McAfee, Inc.)
S3 SandraAgentSrv; C:\Program Files\SiSoftware Sandra Lite 2015x\RpcAgentSrv.exe [73200 2014-12-17] (SiSoftware) [File not signed]
S3 ScDeviceEnum; C:\windows\System32\ScDeviceEnum.dll [105472 2013-08-22] (Microsoft Corporation)
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
R2 StarRAMService; C:\Program Files\RAM Disk\StarRAMService.exe [89088 2010-03-29] (StarWind Software) [File not signed]
R2 TouchToolsLaunchService; C:\Program Files\Acer\Acer Touch Tools\TouchToolsLaunchSvc.exe [247040 2014-12-29] (Acer Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [288128 2014-09-22] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\windows\system32\wephostsvc.dll [20992 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22192 2014-09-22] (Microsoft Corporation)
S3 workfolderssvc; C:\windows\system32\workfolderssvc.dll [1222144 2014-07-24] (Microsoft Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~1\mcafee\siteadvisor\mcsacore.exe [X]
S2 mfecore; "C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACC_SensorDriver; C:\windows\System32\drivers\ACC_SensorDriver.sys [12800 2014-12-29] (Intel Corporation)
S3 ALS_SensorDriver; C:\windows\System32\drivers\ALS_SensorDriver.sys [11264 2014-12-29] (Intel Corporation)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [98160 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\system32\DRIVERS\avipbb.sys [136216 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [37352 2014-11-24] (Avira Operations GmbH & Co. KG)
S3 AX88179; C:\windows\system32\DRIVERS\ax88179_178a.sys [60816 2013-07-08] (ASIX Electronics Corp.)
R1 BasicRender; C:\windows\System32\drivers\BasicRender.sys [25600 2014-03-18] (Microsoft Corporation)
S3 BCMSDH43XX; C:\windows\system32\DRIVERS\bcmdhd63.sys [296664 2013-08-13] (Broadcom Corp)
R3 BthLEEnum; C:\windows\system32\DRIVERS\BthLEEnum.sys [186880 2014-03-18] (Microsoft Corporation)
R3 BthMini; C:\windows\System32\Drivers\BTHMINI.sys [24064 2013-08-22] (Microsoft Corporation)
R3 camera; C:\windows\system32\DRIVERS\camera.sys [462336 2014-12-29] (Intel Corporation)
S3 cfwids; C:\windows\System32\drivers\cfwids.sys [61400 2014-04-04] (McAfee, Inc.)
R3 CM3218x; C:\windows\system32\DRIVERS\WUDFRd.sys [188416 2014-12-29] (Microsoft Corporation)
R3 CPLMACPI; C:\windows\system32\DRIVERS\CPLMACPI.sys [16488 2014-12-29] (Capella Microsystems, Inc.)
S3 DptfDevAmbient; C:\windows\System32\drivers\DptfDevAmbient.sys [44472 2014-05-08] (Intel Corporation)
R3 DptfDevDBPT; C:\windows\System32\drivers\DptfDevPower.sys [25528 2014-05-08] (Intel Corporation)
R3 DptfDevDisplay; C:\windows\System32\drivers\DptfDevDisplay.sys [28088 2014-05-08] (Intel Corporation)
R3 DptfDevGen; C:\windows\System32\drivers\DptfDevGen.sys [36280 2014-05-08] (Intel Corporation)
R3 DptfDevProc; C:\windows\System32\drivers\DptfDevProc.sys [80824 2014-05-08] (Intel Corporation)
R3 DptfManager; C:\windows\System32\drivers\DptfManager.sys [182200 2014-05-08] (Intel Corporation)
R3 GPIO; C:\windows\System32\drivers\iaiogpioe.sys [23552 2014-05-05] (Intel Corporation)
R3 GpioVirtual; C:\windows\System32\drivers\iaiogpiovirtual.sys [16896 2014-03-22] (Intel Corporation)
R1 GUBootStartup; C:\windows\System32\drivers\GUBootStartup.sys [17344 2015-02-02] (Glarysoft Ltd)
S3 GYRO_SensorDriver; C:\windows\System32\drivers\GYRO_SensorDriver.sys [12800 2014-12-29] (Intel Corporation)
R1 HWiNFO32; C:\windows\system32\drivers\HWiNFO32.SYS [23840 2015-01-24] (REALiX(tm))
R3 iaioi2c; C:\windows\System32\drivers\iaioi2ce.sys [58368 2014-03-22] (Intel Corporation)
R3 iaiouart; C:\windows\System32\drivers\iaiouart.sys [87552 2015-01-24] (Intel Corporation)
S3 intaud_WaveExtensible; C:\windows\system32\drivers\intelaud.sys [32152 2014-12-29] (Intel Corporation)
R3 IntelSST; C:\windows\system32\drivers\isstrtc.sys [257024 2014-12-29] (Intel(R) Corporation)
R3 INVN_MotionApps; C:\windows\system32\DRIVERS\WUDFRd.sys [188416 2014-12-29] (Microsoft Corporation)
R3 iwdbus; C:\windows\System32\drivers\iwdbus.sys [23448 2014-12-29] (Intel Corporation)
R3 ksapi; C:\windows\system32\drivers\ksapi.sys [81768 2015-01-27] (Kingsoft Corporation)
R3 LMDriver; C:\windows\System32\drivers\LMDriver.sys [18232 2014-12-29] (Acer Incorporated)
S3 MAG_SensorDriver; C:\windows\System32\drivers\MAG_SensorDriver.sys [12288 2014-12-29] (Intel Corporation)
R0 MBI; C:\windows\System32\drivers\MBI.sys [21968 2014-03-16] (Intel Corporation)
S3 mfeapfk; C:\windows\System32\drivers\mfeapfk.sys [134600 2014-04-04] (McAfee, Inc.)
R3 mfeavfk; C:\windows\System32\drivers\mfeavfk.sys [236672 2014-04-04] (McAfee, Inc.)
S3 mfebopk; C:\windows\System32\drivers\mfebopk.sys [66408 2014-04-04] (McAfee, Inc.)
S0 mfeelamk; C:\windows\System32\drivers\mfeelamk.sys [58376 2014-04-04] (McAfee, Inc.)
R3 mfefirek; C:\windows\System32\drivers\mfefirek.sys [367776 2014-04-04] (McAfee, Inc.)
R0 mfehidk; C:\windows\System32\drivers\mfehidk.sys [574576 2014-04-04] (McAfee, Inc.)
R3 mfencbdc; C:\windows\system32\DRIVERS\mfencbdc.sys [345584 2014-03-18] (McAfee, Inc.)
S3 mfencrk; C:\windows\system32\DRIVERS\mfencrk.sys [81264 2014-03-18] (McAfee, Inc.)
R0 mfewfpk; C:\windows\System32\drivers\mfewfpk.sys [215624 2014-04-04] (McAfee, Inc.)
R3 ov2722; C:\windows\System32\drivers\ov2722.sys [49152 2014-12-29] (Intel Corporation)
R3 PMIC; C:\windows\System32\drivers\PMIC.sys [48128 2014-03-16] (Intel Corporation)
R3 PSI; C:\windows\System32\DRIVERS\psi_mf_x86.sys [16024 2014-11-28] (Secunia)
R3 RadioShim; C:\windows\System32\drivers\RadioShim.sys [13112 2014-12-29] (Acer Incorporated)
R3 rtii2sac; C:\windows\system32\DRIVERS\rtii2sac.sys [174808 2014-12-29] (Realtek Semiconductor Corp.)
R3 RtkUart; C:\windows\System32\drivers\RtkUart.sys [507608 2014-12-29] (Realtek Semiconductor Corporation)
R3 RtlWlans; C:\windows\system32\DRIVERS\rtwlans.sys [2748120 2014-07-18] (Realtek Semiconductor Corporation )
S3 SANDRA; C:\Program Files\SiSoftware Sandra Lite 2015x\WNt600x86\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 SensorFusion; C:\windows\System32\drivers\HIDFusion.sys [52736 2014-12-29] (Intel Corporation)
R3 SensorsServiceDriver; C:\windows\system32\DRIVERS\WUDFRd.sys [188416 2014-12-29] (Microsoft Corporation)
S3 Spyder4; C:\windows\System32\drivers\dccmtr.sys [12288 2011-06-02] (Datacolor)
S1 ssmdrv; C:\windows\system32\DRIVERS\ssmdrv.sys [28520 2014-11-24] (Avira GmbH)
R1 StarRAM; C:\windows\System32\drivers\StarRAM.sys [54744 2010-03-29] (StarWind Software)
R3 SynRMIHID; C:\windows\System32\drivers\SynRMIHID.sys [36080 2014-02-20] (Synaptics Incorporated)
R3 TXEI; C:\windows\System32\drivers\TXEI.sys [75792 2015-01-24] (Intel Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [84800 2014-09-22] (Microsoft Corporation)
R0 Wof; C:\windows\system32\Drivers\Wof.sys [138584 2014-03-13] (Microsoft Corporation)
U4 RAMDiskVE; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-07 22:21 - 2015-03-07 22:24 - 00000000 ____D () C:\Program Files\FaberRecoveryScan
2015-03-06 02:22 - 2015-03-06 02:22 - 00002149 _____ () C:\Users\spiesarchiv\Desktop\Spyder4Express 4.5.4.lnk
2015-03-06 02:22 - 2015-03-06 02:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Datacolor
2015-03-06 02:22 - 2008-01-30 17:36 - 00090112 _____ (MindVision Software) C:\windows\unvise32.exe
2015-03-06 02:21 - 2015-03-06 02:22 - 00000000 ____D () C:\Program Files\Datacolor
2015-03-04 00:49 - 2015-03-06 15:33 - 00001027 _____ () C:\windows\setupact.log
2015-03-04 00:49 - 2015-03-04 00:49 - 00404976 _____ () C:\windows\system32\FNTCACHE.DAT
2015-03-04 00:49 - 2015-03-04 00:49 - 00000000 _____ () C:\windows\setuperr.log
2015-03-04 00:06 - 2015-03-04 00:07 - 00000000 ____D () C:\Program Files\Tools
2015-03-03 17:03 - 2015-03-03 17:06 - 00000000 ____D () C:\Program Files\TempClean
2015-03-03 17:01 - 2015-03-03 17:01 - 00448512 _____ (OldTimer Tools) C:\Users\spiesarchiv\Desktop\TFC.exe
2015-03-03 16:00 - 2015-03-03 16:08 - 00000000 ____D () C:\ProgramData\TEMP
2015-03-03 16:00 - 2015-03-03 16:07 - 00000000 ____D () C:\Program Files\SpywareBlaster
2015-03-03 16:00 - 2015-03-03 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2015-03-03 16:00 - 2015-03-03 16:00 - 00000000 ____D () C:\ProgramData\Licenses
2015-03-03 16:00 - 2011-11-04 05:13 - 01070352 _____ (Microsoft Corporation) C:\windows\system32\MSCOMCTL.OCX
2015-03-03 16:00 - 2009-03-24 12:52 - 00129872 _____ (Microsoft Corporation) C:\windows\system32\MSSTDFMT.DLL
2015-03-03 15:58 - 2015-03-03 15:58 - 00001047 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2015-03-03 15:58 - 2015-03-03 15:58 - 00000000 ____D () C:\Program Files\Secunia
2015-03-03 15:46 - 2015-03-03 17:54 - 00001864 _____ () C:\Users\spiesarchiv\Desktop\Deinstall.jpg.lnk
2015-03-03 15:45 - 2015-03-03 15:45 - 00000000 ____D () C:\Program Files\Delfix
2015-03-03 15:43 - 2015-03-03 15:43 - 00000523 ____C () C:\DelFix.txt
2015-03-03 15:43 - 2015-03-03 15:43 - 00000000 ____D () C:\windows\ERUNT
2015-03-03 13:55 - 2015-03-03 13:55 - 00001621 _____ () C:\Users\spiesarchiv\Desktop\JRT.txt
2015-03-03 13:53 - 2015-03-03 13:58 - 00000000 ____D () C:\Program Files\JRT
2015-03-03 00:50 - 2015-03-03 00:52 - 00035317 _____ () C:\Users\spiesarchiv\Downloads\Addition.txt
2015-03-03 00:49 - 2015-03-03 00:52 - 00043947 _____ () C:\Users\spiesarchiv\Downloads\FRST.txt
2015-03-03 00:48 - 2015-03-07 22:24 - 00000000 ___DC () C:\FRST
2015-03-03 00:47 - 2015-03-03 00:47 - 00000567 _____ () C:\Users\spiesarchiv\Desktop\Download.lnk
2015-03-03 00:38 - 2015-03-03 00:38 - 01132032 _____ (Farbar) C:\Users\spiesarchiv\Downloads\FRST.exe
2015-03-02 00:17 - 2015-03-02 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOfficeDev 4.4
2015-03-02 00:16 - 2015-03-02 00:16 - 00000000 ____D () C:\Program Files\LibreOfficeDev 4
2015-03-01 17:21 - 2014-11-17 21:23 - 00529352 _____ (Microsoft Corporation) C:\windows\system32\MDMAgent.exe
2015-03-01 17:21 - 2014-11-17 21:23 - 00224168 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlows.exe
2015-03-01 17:21 - 2014-11-14 06:04 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsDatabase.dll
2015-03-01 17:21 - 2014-11-14 06:01 - 00366592 _____ (Microsoft Corporation) C:\windows\system32\SystemSettings.Handlers.dll
2015-03-01 17:21 - 2014-11-14 05:55 - 01619968 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlowUI.dll
2015-03-01 17:21 - 2014-11-14 05:53 - 00790528 _____ (Microsoft Corporation) C:\windows\system32\MrmCoreR.dll
2015-03-01 17:21 - 2014-11-14 05:51 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers.dll
2015-02-28 22:42 - 2015-02-28 22:42 - 130961408 _____ () C:\Users\spiesarchiv\Downloads\libo-44~2015-02-28_20.24.37_LibreOfficeDev_4.4.2.0.0_Win_x86.msi
2015-02-28 12:57 - 2015-03-07 22:23 - 00000000 ____D () C:\Users\spiesarchiv\Desktop\Service
2015-02-28 11:26 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-02-28 11:26 - 2015-01-19 19:36 - 01192552 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2015-02-28 11:26 - 2014-10-13 03:37 - 00108864 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2015-02-28 11:26 - 2014-10-11 01:53 - 03607040 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2015-02-28 11:26 - 2014-10-08 07:44 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2015-02-28 11:26 - 2014-10-08 07:27 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2015-02-28 11:26 - 2014-10-08 06:19 - 02459136 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-02-28 11:26 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\windows\system32\aspnet_counters.dll
2015-02-28 11:25 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-02-28 11:25 - 2014-12-13 22:29 - 00513488 _____ () C:\windows\system32\locale.nls
2015-02-28 11:25 - 2014-12-09 00:11 - 00391526 _____ () C:\windows\system32\ApnDatabase.xml
2015-02-28 11:25 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\DeviceSetupStatusProvider.dll
2015-02-28 11:25 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-02-28 11:25 - 2014-10-29 02:04 - 00868352 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2015-02-28 11:25 - 2014-10-29 02:04 - 00200704 _____ (Microsoft Corporation) C:\windows\system32\GlobCollationHost.dll
2015-02-27 10:25 - 2015-03-01 16:11 - 00000000 ____D () C:\Users\spiesarchiv\AppData\Roaming\Familienbande
2015-02-27 10:25 - 2015-02-27 10:25 - 00001472 _____ () C:\Users\spiesarchiv\Desktop\Familienbande.lnk
2015-02-27 10:20 - 2015-02-27 23:34 - 00000000 ____D () C:\Program Files\Familienbande
2015-02-22 19:51 - 2015-02-22 20:00 - 33782255 _____ () C:\Users\spiesarchiv\Downloads\Wireless LAN_Broadcom_5.93.99.204_W81x86_A.zip
2015-02-22 19:10 - 2015-02-22 19:11 - 00000000 ____D () C:\Users\spiesarchiv\Documents\Archiv
2015-02-22 17:52 - 2015-02-22 17:52 - 00000000 ____D () C:\windows\Sun
2015-02-22 17:14 - 2015-02-22 17:14 - 00096680 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge.dll
2015-02-22 17:14 - 2015-02-22 17:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-22 17:14 - 2015-02-22 17:14 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-02-22 17:13 - 2015-02-22 17:13 - 00001090 _____ () C:\Users\spiesarchiv\Desktop\notepad.exe.lnk
2015-02-22 17:13 - 2015-02-22 17:13 - 00000000 ____D () C:\Program Files\Java
2015-02-22 17:02 - 2015-02-22 17:03 - 00676624 _____ (RealNetworks, Inc.) C:\Users\spiesarchiv\Downloads\RealPlayer_de.exe
2015-02-17 14:13 - 2015-02-17 14:19 - 00000000 ____D () C:\ProgramData\mquadr.at
2015-02-17 14:10 - 2015-02-17 14:12 - 00000000 __HDC () C:\ProgramData\{CD3330DC-8B86-4AE3-B2E4-09E56CB3E702}
2015-02-17 14:10 - 2015-02-17 14:10 - 00001139 _____ () C:\Users\spiesarchiv\AppData\Roaming\Microsoft\Windows\Start Menu\DSL Soforthilfe.lnk
2015-02-17 14:10 - 2015-02-17 14:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\o2
2015-02-17 14:10 - 2015-02-17 14:10 - 00000000 ____D () C:\Program Files\DSL Soforthilfe
2015-02-17 14:10 - 2013-11-21 21:56 - 03748800 ____N (mquadr.at software engineering und consulting GmbH) C:\windows\system32\M2ElevatedCalls.dll
2015-02-17 14:10 - 2013-11-21 21:56 - 00962528 ____N (mquadr.at software engineering) C:\windows\system32\M2ElevatedNetworkAdapters.dll
2015-02-17 14:10 - 2012-12-03 14:57 - 00238592 ____N (Nicomsoft Ltd.) C:\windows\system32\WiFiMan.dll
2015-02-15 11:38 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-02-15 11:38 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-02-15 11:38 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-02-15 11:38 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-02-15 11:38 - 2015-01-12 02:55 - 00664064 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-02-15 11:38 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-02-15 11:38 - 2015-01-12 02:34 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2015-02-15 11:38 - 2015-01-12 02:30 - 00880128 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-02-15 11:38 - 2015-01-12 02:25 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-02-15 11:38 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-02-15 11:38 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-02-15 11:38 - 2015-01-12 02:23 - 00684544 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-02-15 11:38 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-02-15 11:38 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-02-15 11:38 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-02-15 11:38 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-02-15 11:38 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-02-15 11:37 - 2015-01-15 23:37 - 00478776 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-02-15 11:37 - 2015-01-15 23:37 - 00148288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-02-15 11:37 - 2015-01-13 23:04 - 01489072 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-02-15 11:37 - 2015-01-10 09:28 - 05769024 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-02-15 11:37 - 2015-01-10 09:28 - 01468408 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-02-15 11:37 - 2015-01-10 08:38 - 03550720 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-02-15 11:37 - 2015-01-10 07:38 - 00359424 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-02-15 11:37 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-02-15 11:37 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2015-02-15 11:37 - 2014-10-29 03:06 - 00736768 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-02-15 11:37 - 2014-10-29 03:06 - 00154112 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-02-15 11:37 - 2014-10-29 02:03 - 01117696 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-02-12 18:46 - 2015-02-12 18:46 - 00001401 _____ () C:\Users\spiesarchiv\Desktop\Em-Client.lnk
2015-02-12 18:21 - 2015-03-07 13:08 - 00000000 ____D () C:\Users\spiesarchiv\AppData\Roaming\eM Client
2015-02-12 18:17 - 2015-02-12 18:17 - 00000940 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
2015-02-12 18:17 - 2015-02-12 18:17 - 00000000 ____D () C:\Program Files\eM Client
2015-02-08 23:40 - 2015-02-08 23:40 - 00000000 ____D () C:\Users\spiesarchiv\AppData\Roaming\Apple Computer
2015-02-08 23:28 - 2015-02-08 23:28 - 00000000 ___SD () C:\Program Files\SiSoftware Sandra Lite 2015x
2015-02-08 23:28 - 2015-02-08 23:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware
2015-02-08 23:28 - 2014-12-12 14:11 - 14397440 _____ () C:\Users\spiesarchiv\AppData\Roaming\Sandra.mdb
2015-02-07 23:41 - 2015-02-07 23:41 - 00000000 ____D () C:\ProgramData\GlarySoft
2015-02-07 23:33 - 2015-02-08 23:40 - 00000000 ____D () C:\Users\spiesarchiv\Desktop\Media
2015-02-07 23:31 - 2015-02-07 23:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Alternative
2015-02-07 23:31 - 2015-02-07 23:31 - 00000000 ____D () C:\Program Files\Real Alternative
2015-02-07 23:31 - 2010-02-15 19:00 - 00278528 _____ (Real Networks, Inc) C:\windows\system32\pncrt.dll
2015-02-07 23:31 - 2010-02-15 19:00 - 00185920 _____ (RealNetworks, Inc.) C:\windows\system32\rmoc3260.dll
2015-02-07 23:31 - 2010-02-15 19:00 - 00006656 _____ (RealNetworks, Inc.) C:\windows\system32\pndx5016.dll
2015-02-07 23:31 - 2010-02-15 19:00 - 00005632 _____ (RealNetworks, Inc.) C:\windows\system32\pndx5032.dll
2015-02-07 23:31 - 2004-01-11 23:00 - 00348160 _____ (Microsoft Corporation) C:\windows\system32\msvcr71.dll
2015-02-07 23:31 - 2003-03-19 04:14 - 00499712 _____ (Microsoft Corporation) C:\windows\system32\msvcp71.dll
2015-02-07 23:02 - 2015-02-07 23:07 - 00000000 ____D () C:\Users\spiesarchiv\AppData\Roaming\DivX
2015-02-07 23:02 - 2015-02-07 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2015-02-07 23:02 - 2015-02-07 23:02 - 00000000 ____D () C:\Program Files\Common Files\DivX Shared
2015-02-07 22:46 - 2015-02-07 22:46 - 00000000 ____D () C:\Users\spiesarchiv\AppData\Roaming\Real
2015-02-07 22:35 - 2015-02-07 22:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-02-07 22:35 - 2015-02-07 22:35 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-02-07 22:35 - 2015-02-07 22:35 - 00000000 ____D () C:\Program Files\QuickTime
2015-02-07 22:34 - 2015-02-07 22:34 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-02-07 22:34 - 2015-02-07 22:34 - 00000000 ____D () C:\ProgramData\Apple
2015-02-07 22:34 - 2015-02-07 22:34 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-07 22:34 - 2015-02-07 22:34 - 00000000 ____D () C:\Program Files\Apple Software Update
2015-02-07 22:10 - 2015-02-07 23:03 - 00000000 ____D () C:\Program Files\DivX
2015-02-07 22:09 - 2015-02-07 23:05 - 00000000 ____D () C:\ProgramData\DivX
2015-02-07 21:48 - 2015-03-07 21:55 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-07 22:00 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\system32\sru
2015-03-07 21:36 - 2015-01-24 22:06 - 01997481 _____ () C:\windows\WindowsUpdate.log
2015-03-06 20:12 - 2014-03-18 08:40 - 01776918 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-06 15:34 - 2015-02-02 01:02 - 00000348 _____ () C:\windows\Tasks\GlaryInitialize 5.job
2015-03-06 15:34 - 2015-02-02 01:02 - 00000000 ____D () C:\Program Files\Glary Utilities 5
2015-03-06 15:33 - 2015-01-24 22:16 - 00000000 ____D () C:\Users\spiesarchiv
2015-03-06 15:33 - 2013-08-22 08:23 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-06 05:59 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\Microsoft.NET
2015-03-06 01:48 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\system32\NDF
2015-03-05 05:40 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\AppReadiness
2015-03-04 22:21 - 2014-10-17 02:52 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-03-04 01:17 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\rescache
2015-03-04 00:48 - 2013-08-22 07:13 - 00262144 ___SH () C:\windows\system32\config\BBI
2015-03-03 23:18 - 2015-01-27 22:38 - 00000000 ____D () C:\Users\spiesarchiv\AppData\Roaming\Free Download Manager
2015-03-03 22:50 - 2014-10-17 02:51 - 00000000 __HDC () C:\OEM
2015-03-03 22:49 - 2014-10-17 02:52 - 00000000 ____D () C:\Program Files\Acer
2015-03-03 21:29 - 2013-08-22 09:05 - 00000000 ____D () C:\windows\CbsTemp
2015-03-03 20:48 - 2015-02-03 22:38 - 00000000 ____D () C:\Users\spiesarchiv\AppData\Roaming\Foxit Software
2015-03-03 20:41 - 2014-10-17 02:52 - 00000000 ____D () C:\ProgramData\OEM
2015-03-03 20:23 - 2015-01-27 21:24 - 00000292 _____ () C:\windows\Tasks\Uninstaller_SkipUac_spiesarchiv.job
2015-03-03 13:33 - 2015-02-02 01:02 - 00001066 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-03-03 13:25 - 2013-08-22 09:17 - 00000000 ___RD () C:\windows\ImmersiveControlPanel
2015-03-03 13:25 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\system32\de-DE
2015-03-03 13:24 - 2015-02-01 21:48 - 00000000 ___DC () C:\AdwCleaner
2015-03-03 11:27 - 2015-02-01 22:09 - 00114904 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-03 00:28 - 2015-01-24 20:20 - 00000000 ____D () C:\ProgramData\ProductData
2015-03-02 00:52 - 2015-01-25 05:29 - 00000000 ____D () C:\Program Files\SRWare Iron
2015-02-28 23:37 - 2013-08-22 09:17 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-28 11:41 - 2015-01-27 21:11 - 00000000 ____D () C:\windows\system32\MRT
2015-02-28 11:32 - 2015-01-27 21:11 - 113756392 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-02-22 17:15 - 2015-01-29 00:24 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-22 16:59 - 2015-02-01 18:37 - 00000000 ____D () C:\ProgramData\{fa9afc74-19df-1381-fa9a-afc7419df1d0}
2015-02-18 13:41 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\system32\sr-Latn-RS
2015-02-18 13:41 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\system32\sr-Latn-CS
2015-02-15 11:39 - 2015-02-02 01:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2015-02-09 12:06 - 2015-01-24 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-02-07 23:37 - 2015-02-01 21:15 - 00000000 ____D () C:\Users\spiesarchiv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Download.am
2015-02-07 17:35 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\system32\LogFiles
==================== Files in the root of some directories =======
2015-02-08 23:28 - 2014-12-12 14:11 - 14397440 _____ () C:\Users\spiesarchiv\AppData\Roaming\Sandra.mdb
2015-03-03 22:56 - 2015-03-03 22:59 - 0008665 _____ () C:\Users\spiesarchiv\AppData\Local\HWVendorDetection.log
2015-01-28 16:08 - 2015-01-28 16:08 - 0000000 _____ () C:\Users\spiesarchiv\AppData\Local\StarPort.log
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-04 01:00
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-03-2015
Ran by spiesarchiv at 2015-03-07 22:25:17
Running from C:\Program Files\FaberRecoveryScan
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3012 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8115 - Acer Incorporated)
Acer Power Management (HKLM\...\{89943901-4CD5-42AB-A55B-E5395FE27748}) (Version: 7.00.8106.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{D6B57AF2-2406-49E4-B219-EAA8B0B9F3CF}) (Version: 6.00.8108 - Acer Incorporated)
Acer Screen Grasp (HKLM\...\{84443E5D-0767-438B-B1C8-6A52FAB2101B}) (Version: 1.02.3006 - Acer Incorporated)
Acer System Information (HKLM\...\{72199E33-4F2A-4B7F-8E25-95DDDD50A678}) (Version: 1.0.0 - Acer)
Acer Touch Tools (HKLM\...\{BB1F8130-3CB3-4896-9D28-770DFFFDE59C}) (Version: 1.01.3001 - Acer Incorporated)
Acer Video Player (HKLM\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2010.3 - Acer Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.6.156 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM\...\{2c18809c-4097-4b51-a4d0-3deade730ef3}) (Version: 1.1.29.22350 - Avira Operations & Co. KG)
Avira (Version: 1.1.29.22350 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Clean Master (HKLM\...\Clean Master) (Version: 1.0 - Cheetah Mobile)
Copernic Agent Personal (HKLM\...\Copernic Agent Personal) (Version: - Copernic)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Driver Booster 2.2 (HKLM\...\Driver Booster_is1) (Version: 2.2 - IObit)
DSL Soforthilfe (HKLM\...\DSL Soforthilfe) (Version: 1.1.0.51 - Telefónica Germany GmbH & Co. OHG)
eM Client (HKLM\...\{BD061BFF-676B-443C-88FC-6376BB322317}) (Version: 6.0.21372.0 - eM Client Inc.)
Free Download Manager 3.9.4 (HKLM\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG)
FreeCommander XE (HKLM\...\FreeCommander XE_is1) (Version: Preview - Marek Jasinski)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Glary Utilities 5.20 (HKLM\...\Glary Utilities 5) (Version: 5.20.0.35 - Glarysoft Ltd)
HostsServer 2.1.62 (32-bit) (HKLM\...\{7BD0B841-7498-4B2B-80A3-2BF301D1D06F}_is1) (Version: 2.1.62.0 - abelhadigital.com)
HUAWEI DataCard Driver 4.25.38.04 (HKLM\...\HUAWEI DataCard Driver) (Version: 4.25.38.04 - Huawei technologies Co., Ltd.)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3910 - Intel Corporation)
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 4.2.6.1 - IObit)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
LibreOffice 4.4.0.3 (HKLM\...\{8BEE1CDD-F95D-4759-952D-6B38DF99D1F0}) (Version: 4.4.0.3 - The Document Foundation)
LibreOfficeDev 4.4.2.0.0 (HKLM\...\{34181EDA-9B6C-4554-8C61-3136F51797F9}) (Version: 4.4.2.0.0 - tinderbox)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Office (HKLM\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Paragon Partition Manager™ 14 Free (HKLM\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Real Alternative 2.0.2 (HKLM\...\RealAlt_is1) (Version: 2.0.2 - )
REALTEK Bluetooth (HKLM\...\InstallShield_{192979A0-37F4-4703-B1BB-62052142CE44}) (Version: 1.0.53.40723 - Realtek Semiconductor Corp.)
REALTEK Bluetooth (Version: 1.0.53.40723 - Ihr Firmenname) Hidden
Realtek I2S Audio (HKLM\...\{89A448AA-3301-46AA-AFC3-34F2D7C670E8}) (Version: 0.27 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM\...\{33AABC60-A52F-41FF-B2B9-17321240CD5}) (Version: 1.01.0243 - REALTEK Semiconductor Corp.)
Registrar Registry Manager 7.70 (HKLM\...\RegistrarHome_is1) (Version: - Resplendence Software Projects Sp.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Secunia PSI (3.0.0.10004) (HKLM\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
SiSoftware Sandra Lite 2015x (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2496}_is1) (Version: 21.15.2015.1 - SiSoftware)
Spyder4Express (HKLM\...\Spyder4Express) (Version: - )
SpywareBlaster 5.0 (HKLM\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
SRWare Iron Version SRWare Iron 40.2150.0 (HKLM\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 40.2150.0 - SRWare)
StarWind RAM Disk (build 2010-03-10) (HKLM\...\StarWind RAM Disk_is1) (Version: - StarWind Software)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
04-03-2015 01:16:52 Geplanter Prüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 07:13 - 2015-02-28 03:58 - 00522709 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 fr.a2dfp.net
0.0.0.0 m.fr.a2dfp.net
0.0.0.0 mfr.a2dfp.net
0.0.0.0 ad.a8.net
0.0.0.0 asy.a8ww.net
0.0.0.0 static.a-ads.com
0.0.0.0 atlas.aamedia.ro
0.0.0.0 abcstats.com
0.0.0.0 ad4.abradio.cz
0.0.0.0 a.abv.bg
0.0.0.0 adserver.abv.bg
0.0.0.0 adv.abv.bg
0.0.0.0 bimg.abv.bg
0.0.0.0 ca.abv.bg
0.0.0.0 www2.a-counter.kiev.ua
0.0.0.0 track.acclaimnetwork.com
0.0.0.0 accuserveadsystem.com
0.0.0.0 www.accuserveadsystem.com
0.0.0.0 achmedia.com
0.0.0.0 csh.actiondesk.com
0.0.0.0 ads.activepower.net
0.0.0.0 app.activetrail.com
0.0.0.0 stat.active24stats.nl #[Tracking.Cookie]
0.0.0.0 traffic.acwebconnecting.com
0.0.0.0 office.ad1.ru
0.0.0.0 cms.ad2click.nl
0.0.0.0 ad2games.com
0.0.0.0 ads.ad2games.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {05706E77-7F9A-4229-B784-09CF41F292C2} - System32\Tasks\Driver Booster SkipUAC (spiesarchiv) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe [2015-02-05] (IObit)
Task: {07DEBE0A-EED4-4E80-BBA2-BFC9F7A5E009} - System32\Tasks\Driver Booster Update => C:\Program Files\IObit\Driver Booster\AutoUpdate.exe [2015-02-05] (IObit)
Task: {0C4FFD4A-056D-4E5E-8A6C-5B6F45C255B7} - System32\Tasks\Screen Grasp GestureDetection => C:\Program Files\Acer\Screen Grasp\GestureDetection.exe [2014-12-29] (Acer Incorporated)
Task: {0D2DC727-FDD9-4284-91F7-56FF1F6378AB} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-07] (Adobe Systems Incorporated)
Task: {0F1E2873-17D1-4E1A-9DD1-4DF0C3E87F40} - System32\Tasks\Driver Booster Scan => C:\Program Files\IObit\Driver Booster\Scheduler.exe [2015-02-04] (IObit)
Task: {2EA8154C-9A0F-4D49-BDEA-F49EC9CF9855} - System32\Tasks\Uninstaller_SkipUac_spiesarchiv => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-25] (IObit)
Task: {3BCF15F6-FDBD-42D0-B0CE-AE1B6641B51C} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-07-22] (Acer Incorporated)
Task: {423163BC-B830-49E2-A880-AB047D7B4C3E} - System32\Tasks\Prelauncher => C:\Program Files\Acer\Screen Grasp\InputTask.exe [2014-12-29] (Acer Incorporated)
Task: {541C069D-60F8-4456-A7FA-86B01B0D7027} - System32\Tasks\prelauncher_First => C:\Program Files\Acer\Screen Grasp\InputTask.exe [2014-12-29] (Acer Incorporated)
Task: {5F3564A8-6ABF-4074-BECD-B14DB766B369} - \Optimize Start Menu Cache Files-S-1-5-21-2704919929-3204641014-941289941-500 No Task File <==== ATTENTION
Task: {608CDFAD-2660-4734-8196-D099ABD4C679} - System32\Tasks\GU5SkipUAC => C:\Program Files\Glary Utilities 5\Integrator.exe [2015-03-02] (Glarysoft Ltd)
Task: {6E666CD1-D695-45B5-AD68-84F36262F6F0} - System32\Tasks\ACC => C:\Program Files\Acer\Care Center\LiveUpdateChecker.exe [2014-08-29] ()
Task: {70B7E71E-4B7C-409A-B51B-81F553169A10} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-12-30] (Acer Incorporate)
Task: {75E086DF-AF5D-4B68-8156-BF2D87C5E9D9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {86AB9AD4-D0FD-497E-B9DC-1B84A69A66B5} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-08] (Acer Incorporated)
Task: {A29BEC78-2625-410C-8364-47AB7FE8EC90} - System32\Tasks\ACCAgent => C:\Program Files\Acer\Care Center\LiveUpdateAgent.exe [2014-08-29] ()
Task: {AD2360F9-9873-4872-BD71-2E85AE1F1EE8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2015-02-28] (Microsoft Corporation)
Task: {C92A1BD2-113F-496A-93AD-3886490EB61A} - System32\Tasks\GlaryInitialize 5 => C:\Program Files\Glary Utilities 5\Initialize.exe [2015-03-02] (Glarysoft Ltd)
Task: {CE8DC38F-D8CA-432C-9EF1-29CFC5318C85} - System32\Tasks\Launch Screen Grasp_First => C:\Program Files\Acer\Screen Grasp\Launch Screen Grasp.exe [2014-12-29] (Acer Incorporated)
Task: {D66C2129-D6C8-497B-A835-0B2D9EF66528} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files\CHIP Updater\CHIPUpdater.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GlaryInitialize 5.job => C:\Program Files\Glary Utilities 5\Initialize.exe
Task: C:\windows\Tasks\Uninstaller_SkipUac_spiesarchiv.job => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
==================== Loaded Modules (whitelisted) ==============
2014-12-29 00:06 - 2014-03-12 13:31 - 00070144 _____ () C:\Program Files\REALTEK\REALTEK Bluetooth\BTDevMgr.exe
2015-01-25 01:25 - 2015-01-25 01:25 - 00622880 _____ () C:\Program Files\IObit\LiveUpdate\ProductStatistics.dll
2015-03-02 06:39 - 2015-03-02 06:39 - 00080160 _____ () C:\Program Files\Glary Utilities 5\zlib1.dll
2014-01-10 06:26 - 2014-01-10 06:26 - 01861968 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2014-01-10 06:28 - 2014-01-10 06:28 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2015-02-17 14:10 - 2013-11-21 21:57 - 20585888 ____N () C:\Program Files\DSL Soforthilfe\DSL_Soforthilfe.exe
2011-08-09 16:06 - 2012-02-07 14:59 - 00139264 _____ () C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility Libs\Appearance Pak.dll
2011-08-09 16:06 - 2012-02-07 14:59 - 00151552 _____ () C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility Libs\RegEx.dll
2011-08-09 16:06 - 2012-02-07 14:59 - 12977947 _____ () C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility Libs\RBScript.dll
2011-08-09 16:06 - 2012-02-07 14:59 - 00098304 _____ () C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility Libs\Shell.dll
2011-08-09 16:06 - 2012-02-07 14:59 - 00761856 _____ () C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility Libs\XML.dll
2011-08-09 16:06 - 2012-02-07 14:59 - 00274432 _____ () C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility Libs\CGamma.dll
2011-08-09 16:06 - 2012-02-07 14:59 - 00086016 _____ () C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility Libs\CSensor.dll
2011-09-22 15:22 - 2012-02-07 14:59 - 00039936 _____ () C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility Libs\MBSRegistrationPlugin16724.dll
2011-09-22 15:22 - 2012-02-07 14:59 - 00025600 _____ () C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility Libs\MBSPluginVersionPlugin16724.dll
2015-01-25 06:07 - 2015-01-27 17:54 - 01402368 _____ () C:\Program Files\SRWare Iron\libglesv2.dll
2015-01-25 06:07 - 2015-01-27 17:55 - 00212480 _____ () C:\Program Files\SRWare Iron\libegl.dll
2015-01-25 06:07 - 2015-02-03 11:43 - 09464320 _____ () C:\Program Files\SRWare Iron\pdf.dll
2015-03-01 00:27 - 2015-03-01 00:27 - 00132096 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\MailClient.1d52ed9e#\2f3f835083fdff55899aedd638369fd6\MailClient.Collections.ni.dll
2015-03-01 00:28 - 2015-03-01 00:28 - 00490496 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\MailClient.Mail\56176c034900af4f9a372fe98250fc26\MailClient.Mail.ni.dll
2015-03-01 00:28 - 2015-03-01 00:28 - 00933888 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\HTMLEditorControl\d62c5955a841b5e134fff4e0a42305df\HTMLEditorControl.ni.dll
2015-03-01 00:28 - 2015-03-01 00:28 - 00020992 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\MailClient.Interop\d9f02ae66580231508da8b27143116de\MailClient.Interop.ni.dll
2015-03-01 00:28 - 2015-03-01 00:28 - 00571392 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\MailClient.Common.UI\14c55713940be48e26407cef9c221e5e\MailClient.Common.UI.ni.dll
2015-03-01 00:27 - 2015-03-01 00:27 - 00548864 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\LinqBridge\e37aeb740348f40292457021e3ea52c3\LinqBridge.ni.dll
2014-11-21 16:47 - 2014-11-21 16:47 - 00642016 _____ () C:\Program Files\eM Client\SQLite\x86\sqlite3.dll
2015-03-01 00:28 - 2015-03-01 00:28 - 00097792 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\MailClient.Sasl\3050524841c7b64b2000008a857a7f80\MailClient.Sasl.ni.dll
2015-03-01 00:28 - 2015-03-01 00:28 - 00674304 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\HtmlInterop\b8c3145a295ad010eed1b8453a19fcf4\HtmlInterop.ni.dll
2015-03-01 00:28 - 2015-03-01 00:28 - 00083456 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\SystemCoreTimeZone\ddf0a1955afc96a8c94f12ff2ffd9bab\SystemCoreTimeZone.ni.dll
2015-03-01 00:29 - 2015-03-01 00:29 - 01575424 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsAPICodePack\3026e19236841bc6c0ddf9d2ea5f5513\WindowsAPICodePack.ni.dll
2015-03-01 00:28 - 2015-03-01 00:28 - 00249344 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\MailClient.Imap.Base\bfddb17bc56578422af6adbcdbd46039\MailClient.Imap.Base.ni.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\acer02.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "cmsc"
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\...\StartupApproved\StartupFolder: => "OptimizerProInstaller.lnk"
==================== Accounts: =============================
Administrator (S-1-5-21-2704919929-3204641014-941289941-500 - Administrator - Disabled)
Gast (S-1-5-21-2704919929-3204641014-941289941-501 - Limited - Disabled)
spiesarchiv (S-1-5-21-2704919929-3204641014-941289941-1001 - Administrator - Enabled) => C:\Users\spiesarchiv
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/06/2015 06:03:26 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (03/06/2015 06:03:14 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (03/06/2015 06:03:13 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (03/06/2015 06:01:31 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (03/06/2015 06:00:54 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (03/06/2015 06:00:51 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (03/04/2015 01:04:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (03/04/2015 01:03:04 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (03/04/2015 01:03:00 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (03/04/2015 01:02:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Ausnahmecode: 0xc0000409
Fehleroffset: 0x00093524
ID des fehlerhaften Prozesses: 0x280
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3
Vollständiger Name des fehlerhaften Pakets: PSIA.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: PSIA.exe5
System errors:
=============
Error: (03/07/2015 01:02:49 PM) (Source: DCOM) (EventID: 10010) (User: switch)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (03/06/2015 03:33:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Anti-Malware Core" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (03/06/2015 03:33:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (03/06/2015 03:33:21 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 06.03.2015 um 12:11:51 unerwartet heruntergefahren.
Error: (03/06/2015 06:00:01 AM) (Source: DCOM) (EventID: 10010) (User: switch)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (03/06/2015 05:59:31 AM) (Source: DCOM) (EventID: 10010) (User: switch)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (03/06/2015 02:21:18 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "WINDOWHUSCH",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{6FF25E66-F975-4E78-8EE6-B6520D-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (03/06/2015 02:15:57 AM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR10 gefunden.
Error: (03/06/2015 01:50:30 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "WINDOWHUSCH",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{6FF25E66-F975-4E78-8EE6-B6520D-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (03/05/2015 05:41:26 AM) (Source: DCOM) (EventID: 10010) (User: switch)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Microsoft Office Sessions:
=========================
Error: (03/06/2015 06:03:26 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\IObit\Driver Booster\DpInst\x64\dpinst.exe
Error: (03/06/2015 06:03:14 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Glary Utilities 5\DPInst64.exe
Error: (03/06/2015 06:03:13 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\SiSoftware Sandra Lite 2015x\WNt600x64\RpcSandraSrv.exe
Error: (03/06/2015 06:01:31 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\IObit\Driver Booster\DpInst\x64\dpinst.exe
Error: (03/06/2015 06:00:54 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Glary Utilities 5\DPInst64.exe
Error: (03/06/2015 06:00:51 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\SiSoftware Sandra Lite 2015x\WNt600x64\RpcSandraSrv.exe
Error: (03/04/2015 01:04:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\IObit\Driver Booster\DpInst\x64\dpinst.exe
Error: (03/04/2015 01:03:04 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Glary Utilities 5\DPInst64.exe
Error: (03/04/2015 01:03:00 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\SiSoftware Sandra Lite 2015x\WNt600x64\RpcSandraSrv.exe
Error: (03/04/2015 01:02:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a82c00004090009352428001d0560cb419ae98C:\Program Files\Secunia\PSI\PSIA.exeC:\Program Files\Secunia\PSI\PSIA.exec643da4b-c201-11e4-9758-40e2302dd396
CodeIntegrity Errors:
===================================
Date: 2015-03-06 15:33:04.279
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\Drivers\ssmdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-03-04 00:49:09.339
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\Drivers\ssmdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-03-03 17:10:15.418
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\Drivers\ssmdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-03-03 13:25:42.293
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\Drivers\ssmdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-02-28 23:38:25.433
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\Drivers\ssmdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-02-28 00:26:33.537
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\Drivers\ssmdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-02-23 13:44:24.819
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\Drivers\ssmdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-02-19 00:51:58.272
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\Drivers\ssmdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-02-19 00:37:50.333
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\Drivers\ssmdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-02-18 16:26:43.146
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\Drivers\ssmdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Atom(TM) CPU Z3735F @ 1.33GHz
Percentage of memory in use: 82%
Total physical RAM: 1953.49 MB
Available physical RAM: 332.57 MB
Total Pagefile: 3906.49 MB
Available Pagefile: 916.92 MB
Total Virtual: 2047.88 MB
Available Virtual: 1900.98 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:51.02 GB) (Free:37.58 GB) NTFS
Drive d: (RAM_DISK) (Fixed) (Total:0.2 GB) (Free:0.19 GB) FAT
Drive e: (DATA) (Fixed) (Total:465.76 GB) (Free:465.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 58.2 GB) (Disk ID: 8D23E77F)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 200 MB) (Disk ID: AC048DAC)
Partition 1: (Active) - (Size=200 MB) - (Type=06)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 618C0922)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter Farbar Recovery Scan Tool (x86) Version: 07-03-2015
Ran by spiesarchiv at 2015-03-08 01:53:39
Running from C:\Program Files\FaberRecoveryScan
Boot Mode: Normal
================== Search Registry: "HKU\S-1-5-21-2704919929-3204641014-941289941-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" ===========
====== End Of Search ======
Mit der herzlichen Bitte um Hilfe David |
|
08.03.2015, 13:52
| #2 |
| /// the machine /// TB-Ausbilder    | 3 Tabs werden in Chrome geöffnet hi,
__________________Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
und ein frisches FRST log bitte.
__________________ |
|
09.03.2015, 15:20
| #3 |
| | 3 Tabs werden in Chrome geöffnet Hallo, danke für die schnelle Antwort. Ich glaube nicht an Wunder. Ich habe beide Programme durchlaufen lassen, die Ergebnisse kennst Du. Was heißt in den vorgesehenen Pfad installieren? Das macht doch das Installprogramm automatisch. Ich downloade in meinen Download-Ordner und starte das Install. Das Programm liegt bei mir unter Programme in einem eigenen Ordner. Alles andere mache ich wie in der Anleitung.
__________________Oder muss es zwingend /user/Bootsector/Downloads sein? Ich erstelle also jetzt noch einmal die Logfiles. Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 09.03.2015 Suchlauf-Zeit: 14:35:48 Logdatei: MB.txt Administrator: Ja Version: 2.00.4.1028 Malware Datenbank: v2015.03.09.03 Rootkit Datenbank: v2015.02.25.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x86 Dateisystem: NTFS Benutzer: spiesarchiv Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 309756 Verstrichene Zeit: 10 Min, 1 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Warnen PUM: Warnen Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 0 (Keine schädliche Elemente erkannt) Registrierungswerte: 0 (Keine schädliche Elemente erkannt) Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 0 (Keine schädliche Elemente erkannt) Dateien: 0 (Keine schädliche Elemente erkannt) Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) Danke Code:
ATTFilter # AdwCleaner v4.111 - Bericht erstellt 09/03/2015 um 15:10:37
# Aktualisiert 18/02/2015 von Xplode
# Datenbank : 2015-03-05.1 [Server]
# Betriebssystem : Windows 8.1 Connected (x86)
# Benutzername : spiesarchiv - SWITCH
# Gestarted von : C:\Users\spiesarchiv\Desktop\Service\AdwCleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel [Homepage]
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Mozilla Firefox v
-\\ Chromium v
*************************
AdwCleaner[R0].txt - [2592 Bytes] - [01/02/2015 21:49:08]
AdwCleaner[R1].txt - [979 Bytes] - [01/02/2015 22:00:34]
AdwCleaner[R2].txt - [2386 Bytes] - [27/02/2015 23:43:10]
AdwCleaner[R3].txt - [1146 Bytes] - [03/03/2015 13:07:52]
AdwCleaner[R4].txt - [1357 Bytes] - [09/03/2015 15:04:48]
AdwCleaner[S0].txt - [2660 Bytes] - [01/02/2015 21:57:31]
AdwCleaner[S1].txt - [1039 Bytes] - [01/02/2015 22:04:16]
AdwCleaner[S2].txt - [2243 Bytes] - [28/02/2015 00:26:00]
AdwCleaner[S3].txt - [1208 Bytes] - [03/03/2015 13:24:50]
AdwCleaner[S4].txt - [1280 Bytes] - [09/03/2015 15:10:37]
########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1339 Bytes] ##########
 Jetzt noch das FRST FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-03-2015 03
Ran by spiesarchiv (administrator) on SWITCH on 09-03-2015 15:18:03
Running from C:\Program Files\FaberRecoveryScan
Loaded Profiles: spiesarchiv (Available profiles: spiesarchiv)
Platform: Microsoft Windows 8.1 mit Bing (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Kingsoft Corporation) C:\Program Files\cmcm\Clean Master\cmcore.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(IObit) C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Secunia) C:\Program Files\Secunia\PSI\psia.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(StarWind Software) C:\Program Files\RAM Disk\StarRAMService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Touch Tools\TouchToolsLaunchSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
() C:\Program Files\DSL Soforthilfe\DSL_Soforthilfe.exe
(Glarysoft Ltd) C:\Program Files\Glary Utilities 5\Integrator.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Glarysoft Ltd) C:\Program Files\Glary Utilities 5\memdefrag.exe
(eM Client, Inc.) C:\Program Files\eM Client\MailClient.exe
(Nenad Hrg SoftwareOK) C:\Program Files\Tools\DesktopOK.exe
(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
( ) C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Acer Incorporated) C:\Program Files\Acer\Screen Grasp\GestureDetection.exe
(Acer Incorporated) C:\Program Files\Acer\Screen Grasp\Launch Screen Grasp.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(FreeDownloadManager.ORG) C:\Program Files\Free Download Manager\Chrome\fdm_nativehost.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\windows\System32\DptfPolicyLpmServiceHelper.exe [81336 2014-05-08] (Intel Corporation)
HKLM\...\Run: [RtkNGUI] => C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe [7761920 2014-09-22] (Realtek Semiconductor)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [702768 2014-11-24] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [126712 2014-12-31] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM\...\Run: [DSL Soforthilfe] => C:\Program Files\DSL Soforthilfe\DSL_Soforthilfe.exe [20585888 2013-11-21] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [37152 2015-03-02] (Glarysoft Ltd)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\...\Run: [Glary Memory Optimizer] => C:\Program Files\Glary Utilities 5\memdefrag.exe [122656 2015-03-02] (Glarysoft Ltd)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\...\Run: [eM Client] => C:\Program Files\eM Client\MailClient.exe [15612200 2014-12-22] (eM Client, Inc.)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\...\Run: [DesktopOK] => C:\Program Files\Tools\DesktopOK.exe [174080 2014-12-23] (Nenad Hrg SoftwareOK)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [780288 2013-08-22] (Microsoft Corporation)
IFEO\apnstub.exe: [Debugger] dllhost.exe
IFEO\ipmgui.exe: [Debugger] dllhost.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SpyderUtility.lnk
ShortcutTarget: SpyderUtility.lnk -> C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility.exe ( )
BootExecute: autocheck autochk *
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\Software\Microsoft\Internet Explorer\Main,Start Page = google.de
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2015-01-27] (IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-22] (Oracle Corporation)
BHO: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files\Free Download Manager\iefdm2.dll [2014-11-13] (FreeDownloadManager.ORG)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-22] (Oracle Corporation)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-07] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw_1216156.dll [2015-01-09] (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-22] (Oracle Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF HKLM\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\Program Files\Free Download Manager\Firefox\Extension
FF Extension: Free Download Manager plugin - C:\Program Files\Free Download Manager\Firefox\Extension [2015-01-27]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [178424 2014-12-31] (Avira Operations GmbH & Co. KG)
R2 BTDevManager; C:\Program Files\REALTEK\REALTEK Bluetooth\BTDevMgr.exe [70144 2014-03-12] () [File not signed]
R2 cmcore; c:\program files\cmcm\Clean Master\cmcore.exe [315240 2015-01-27] (Kingsoft Corporation)
S3 cphs; C:\windows\system32\IntelCpHeciSvc.exe [280680 2014-12-29] (Intel Corporation)
R2 DptfParticipantProcessorService; C:\windows\system32\DptfParticipantProcessorService.exe [83384 2014-05-08] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\windows\system32\DptfPolicyCriticalService.exe [97208 2014-05-08] (Intel Corporation)
R2 DptfPolicyLpmService; C:\windows\system32\DptfPolicyLpmService.exe [90552 2014-05-08] (Intel Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [1974504 2014-07-22] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [280680 2014-12-29] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2635552 2015-01-27] (IObit)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [452840 2014-12-30] (Acer Incorporate)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [169800 2014-04-04] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [179600 2014-04-04] (McAfee, Inc.)
S3 SandraAgentSrv; C:\Program Files\SiSoftware Sandra Lite 2015x\RpcAgentSrv.exe [73200 2014-12-17] (SiSoftware) [File not signed]
S3 ScDeviceEnum; C:\windows\System32\ScDeviceEnum.dll [105472 2013-08-22] (Microsoft Corporation)
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
R2 StarRAMService; C:\Program Files\RAM Disk\StarRAMService.exe [89088 2010-03-29] (StarWind Software) [File not signed]
R2 TouchToolsLaunchService; C:\Program Files\Acer\Acer Touch Tools\TouchToolsLaunchSvc.exe [247040 2014-12-29] (Acer Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [288128 2014-09-22] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\windows\system32\wephostsvc.dll [20992 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22192 2014-09-22] (Microsoft Corporation)
S3 workfolderssvc; C:\windows\system32\workfolderssvc.dll [1222144 2014-07-24] (Microsoft Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~1\mcafee\siteadvisor\mcsacore.exe [X]
S2 mfecore; "C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACC_SensorDriver; C:\windows\System32\drivers\ACC_SensorDriver.sys [12800 2014-12-29] (Intel Corporation)
S3 ALS_SensorDriver; C:\windows\System32\drivers\ALS_SensorDriver.sys [11264 2014-12-29] (Intel Corporation)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [98160 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\system32\DRIVERS\avipbb.sys [136216 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [37352 2014-11-24] (Avira Operations GmbH & Co. KG)
S3 AX88179; C:\windows\system32\DRIVERS\ax88179_178a.sys [60816 2013-07-08] (ASIX Electronics Corp.)
R1 BasicRender; C:\windows\System32\drivers\BasicRender.sys [25600 2014-03-18] (Microsoft Corporation)
S3 BCMSDH43XX; C:\windows\system32\DRIVERS\bcmdhd63.sys [296664 2013-08-13] (Broadcom Corp)
R3 BthLEEnum; C:\windows\system32\DRIVERS\BthLEEnum.sys [186880 2014-03-18] (Microsoft Corporation)
R3 BthMini; C:\windows\System32\Drivers\BTHMINI.sys [24064 2013-08-22] (Microsoft Corporation)
R3 camera; C:\windows\system32\DRIVERS\camera.sys [462336 2014-12-29] (Intel Corporation)
S3 cfwids; C:\windows\System32\drivers\cfwids.sys [61400 2014-04-04] (McAfee, Inc.)
R3 CM3218x; C:\windows\system32\DRIVERS\WUDFRd.sys [188416 2014-12-29] (Microsoft Corporation)
R3 CPLMACPI; C:\windows\system32\DRIVERS\CPLMACPI.sys [16488 2014-12-29] (Capella Microsystems, Inc.)
S3 DptfDevAmbient; C:\windows\System32\drivers\DptfDevAmbient.sys [44472 2014-05-08] (Intel Corporation)
R3 DptfDevDBPT; C:\windows\System32\drivers\DptfDevPower.sys [25528 2014-05-08] (Intel Corporation)
R3 DptfDevDisplay; C:\windows\System32\drivers\DptfDevDisplay.sys [28088 2014-05-08] (Intel Corporation)
R3 DptfDevGen; C:\windows\System32\drivers\DptfDevGen.sys [36280 2014-05-08] (Intel Corporation)
R3 DptfDevProc; C:\windows\System32\drivers\DptfDevProc.sys [80824 2014-05-08] (Intel Corporation)
R3 DptfManager; C:\windows\System32\drivers\DptfManager.sys [182200 2014-05-08] (Intel Corporation)
R3 GPIO; C:\windows\System32\drivers\iaiogpioe.sys [23552 2014-05-05] (Intel Corporation)
R3 GpioVirtual; C:\windows\System32\drivers\iaiogpiovirtual.sys [16896 2014-03-22] (Intel Corporation)
R1 GUBootStartup; C:\windows\System32\drivers\GUBootStartup.sys [17344 2015-02-02] (Glarysoft Ltd)
S3 GYRO_SensorDriver; C:\windows\System32\drivers\GYRO_SensorDriver.sys [12800 2014-12-29] (Intel Corporation)
R1 HWiNFO32; C:\windows\system32\drivers\HWiNFO32.SYS [23840 2015-01-24] (REALiX(tm))
R3 iaioi2c; C:\windows\System32\drivers\iaioi2ce.sys [58368 2014-03-22] (Intel Corporation)
R3 iaiouart; C:\windows\System32\drivers\iaiouart.sys [87552 2015-01-24] (Intel Corporation)
S3 intaud_WaveExtensible; C:\windows\system32\drivers\intelaud.sys [32152 2014-12-29] (Intel Corporation)
R3 IntelSST; C:\windows\system32\drivers\isstrtc.sys [257024 2014-12-29] (Intel(R) Corporation)
R3 INVN_MotionApps; C:\windows\system32\DRIVERS\WUDFRd.sys [188416 2014-12-29] (Microsoft Corporation)
R3 iwdbus; C:\windows\System32\drivers\iwdbus.sys [23448 2014-12-29] (Intel Corporation)
R3 ksapi; C:\windows\system32\drivers\ksapi.sys [81768 2015-01-27] (Kingsoft Corporation)
R3 LMDriver; C:\windows\System32\drivers\LMDriver.sys [18232 2014-12-29] (Acer Incorporated)
S3 MAG_SensorDriver; C:\windows\System32\drivers\MAG_SensorDriver.sys [12288 2014-12-29] (Intel Corporation)
R0 MBI; C:\windows\System32\drivers\MBI.sys [21968 2014-03-16] (Intel Corporation)
S3 mfeapfk; C:\windows\System32\drivers\mfeapfk.sys [134600 2014-04-04] (McAfee, Inc.)
R3 mfeavfk; C:\windows\System32\drivers\mfeavfk.sys [236672 2014-04-04] (McAfee, Inc.)
S3 mfebopk; C:\windows\System32\drivers\mfebopk.sys [66408 2014-04-04] (McAfee, Inc.)
S0 mfeelamk; C:\windows\System32\drivers\mfeelamk.sys [58376 2014-04-04] (McAfee, Inc.)
R3 mfefirek; C:\windows\System32\drivers\mfefirek.sys [367776 2014-04-04] (McAfee, Inc.)
R0 mfehidk; C:\windows\System32\drivers\mfehidk.sys [574576 2014-04-04] (McAfee, Inc.)
R3 mfencbdc; C:\windows\system32\DRIVERS\mfencbdc.sys [345584 2014-03-18] (McAfee, Inc.)
S3 mfencrk; C:\windows\system32\DRIVERS\mfencrk.sys [81264 2014-03-18] (McAfee, Inc.)
R0 mfewfpk; C:\windows\System32\drivers\mfewfpk.sys [215624 2014-04-04] (McAfee, Inc.)
R3 ov2722; C:\windows\System32\drivers\ov2722.sys [49152 2014-12-29] (Intel Corporation)
R3 PMIC; C:\windows\System32\drivers\PMIC.sys [48128 2014-03-16] (Intel Corporation)
R3 PSI; C:\windows\System32\DRIVERS\psi_mf_x86.sys [16024 2014-11-28] (Secunia)
R3 RadioShim; C:\windows\System32\drivers\RadioShim.sys [13112 2014-12-29] (Acer Incorporated)
R3 rtii2sac; C:\windows\system32\DRIVERS\rtii2sac.sys [174808 2014-12-29] (Realtek Semiconductor Corp.)
R3 RtkUart; C:\windows\System32\drivers\RtkUart.sys [507608 2014-12-29] (Realtek Semiconductor Corporation)
R3 RtlWlans; C:\windows\system32\DRIVERS\rtwlans.sys [2748120 2014-07-18] (Realtek Semiconductor Corporation )
S3 SANDRA; C:\Program Files\SiSoftware Sandra Lite 2015x\WNt600x86\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 SensorFusion; C:\windows\System32\drivers\HIDFusion.sys [52736 2014-12-29] (Intel Corporation)
R3 SensorsServiceDriver; C:\windows\system32\DRIVERS\WUDFRd.sys [188416 2014-12-29] (Microsoft Corporation)
S3 Spyder4; C:\windows\System32\drivers\dccmtr.sys [12288 2011-06-02] (Datacolor)
S1 ssmdrv; C:\windows\system32\DRIVERS\ssmdrv.sys [28520 2014-11-24] (Avira GmbH)
R1 StarRAM; C:\windows\System32\drivers\StarRAM.sys [54744 2010-03-29] (StarWind Software)
R3 SynRMIHID; C:\windows\System32\drivers\SynRMIHID.sys [36080 2014-02-20] (Synaptics Incorporated)
R3 TXEI; C:\windows\System32\drivers\TXEI.sys [75792 2015-01-24] (Intel Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [84800 2014-09-22] (Microsoft Corporation)
R0 Wof; C:\windows\system32\Drivers\Wof.sys [138584 2014-03-13] (Microsoft Corporation)
U4 RAMDiskVE; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-09 14:51 - 2015-03-09 14:51 - 00001187 _____ () C:\Users\spiesarchiv\Desktop\mbam.txt
2015-03-09 14:47 - 2015-03-09 14:47 - 00001185 _____ () C:\Users\spiesarchiv\Desktop\MB.txt
2015-03-08 12:18 - 2015-03-08 12:18 - 00000350 _____ () C:\windows\PFRO.log
2015-03-07 22:21 - 2015-03-09 15:18 - 00000000 ____D () C:\Program Files\FaberRecoveryScan
2015-03-06 02:22 - 2015-03-06 02:22 - 00002149 _____ () C:\Users\spiesarchiv\Desktop\Spyder4Express 4.5.4.lnk
2015-03-06 02:22 - 2015-03-06 02:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Datacolor
2015-03-06 02:22 - 2008-01-30 17:36 - 00090112 _____ (MindVision Software) C:\windows\unvise32.exe
2015-03-06 02:21 - 2015-03-06 02:22 - 00000000 ____D () C:\Program Files\Datacolor
2015-03-04 00:49 - 2015-03-09 15:11 - 00001375 _____ () C:\windows\setupact.log
2015-03-04 00:49 - 2015-03-04 00:49 - 00404976 _____ () C:\windows\system32\FNTCACHE.DAT
2015-03-04 00:49 - 2015-03-04 00:49 - 00000000 _____ () C:\windows\setuperr.log
2015-03-04 00:06 - 2015-03-08 14:07 - 00000000 ____D () C:\Program Files\Tools
2015-03-03 17:03 - 2015-03-03 17:06 - 00000000 ____D () C:\Program Files\TempClean
2015-03-03 17:01 - 2015-03-03 17:01 - 00448512 _____ (OldTimer Tools) C:\Users\spiesarchiv\Desktop\TFC.exe
2015-03-03 16:00 - 2015-03-09 15:04 - 00000000 ____D () C:\ProgramData\TEMP
2015-03-03 16:00 - 2015-03-09 15:03 - 00000000 ____D () C:\Program Files\SpywareBlaster
2015-03-03 16:00 - 2015-03-03 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2015-03-03 16:00 - 2015-03-03 16:00 - 00000000 ____D () C:\ProgramData\Licenses
2015-03-03 16:00 - 2011-11-04 05:13 - 01070352 _____ (Microsoft Corporation) C:\windows\system32\MSCOMCTL.OCX
2015-03-03 16:00 - 2009-03-24 12:52 - 00129872 _____ (Microsoft Corporation) C:\windows\system32\MSSTDFMT.DLL
2015-03-03 15:58 - 2015-03-03 15:58 - 00001047 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2015-03-03 15:58 - 2015-03-03 15:58 - 00000000 ____D () C:\Program Files\Secunia
2015-03-03 15:46 - 2015-03-03 17:54 - 00001864 _____ () C:\Users\spiesarchiv\Desktop\Deinstall.jpg.lnk
2015-03-03 15:45 - 2015-03-03 15:45 - 00000000 ____D () C:\Program Files\Delfix
2015-03-03 15:43 - 2015-03-03 15:43 - 00000523 ____C () C:\DelFix.txt
2015-03-03 15:43 - 2015-03-03 15:43 - 00000000 ____D () C:\windows\ERUNT
2015-03-03 13:53 - 2015-03-03 13:58 - 00000000 ____D () C:\Program Files\JRT
2015-03-03 00:50 - 2015-03-03 00:52 - 00035317 _____ () C:\Users\spiesarchiv\Downloads\Addition.txt
2015-03-03 00:49 - 2015-03-03 00:52 - 00043947 _____ () C:\Users\spiesarchiv\Downloads\FRST.txt
2015-03-03 00:48 - 2015-03-09 15:18 - 00000000 ___DC () C:\FRST
2015-03-03 00:47 - 2015-03-03 00:47 - 00000567 _____ () C:\Users\spiesarchiv\Desktop\Download.lnk
2015-03-03 00:38 - 2015-03-03 00:38 - 01132032 _____ (Farbar) C:\Users\spiesarchiv\Downloads\FRST.exe
2015-03-02 00:17 - 2015-03-02 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOfficeDev 4.4
2015-03-02 00:16 - 2015-03-02 00:16 - 00000000 ____D () C:\Program Files\LibreOfficeDev 4
2015-03-01 17:21 - 2014-11-17 21:23 - 00529352 _____ (Microsoft Corporation) C:\windows\system32\MDMAgent.exe
2015-03-01 17:21 - 2014-11-17 21:23 - 00224168 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlows.exe
2015-03-01 17:21 - 2014-11-14 06:04 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsDatabase.dll
2015-03-01 17:21 - 2014-11-14 06:01 - 00366592 _____ (Microsoft Corporation) C:\windows\system32\SystemSettings.Handlers.dll
2015-03-01 17:21 - 2014-11-14 05:55 - 01619968 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlowUI.dll
2015-03-01 17:21 - 2014-11-14 05:53 - 00790528 _____ (Microsoft Corporation) C:\windows\system32\MrmCoreR.dll
2015-03-01 17:21 - 2014-11-14 05:51 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers.dll
2015-02-28 22:42 - 2015-02-28 22:42 - 130961408 _____ () C:\Users\spiesarchiv\Downloads\libo-44~2015-02-28_20.24.37_LibreOfficeDev_4.4.2.0.0_Win_x86.msi
2015-02-28 12:57 - 2015-03-08 14:02 - 00000000 ____D () C:\Users\spiesarchiv\Desktop\Service
2015-02-28 11:26 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-02-28 11:26 - 2015-01-19 19:36 - 01192552 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2015-02-28 11:26 - 2014-10-13 03:37 - 00108864 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2015-02-28 11:26 - 2014-10-11 01:53 - 03607040 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2015-02-28 11:26 - 2014-10-08 07:44 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2015-02-28 11:26 - 2014-10-08 07:27 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2015-02-28 11:26 - 2014-10-08 06:19 - 02459136 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-02-28 11:26 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\windows\system32\aspnet_counters.dll
2015-02-28 11:25 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-02-28 11:25 - 2014-12-13 22:29 - 00513488 _____ () C:\windows\system32\locale.nls
2015-02-28 11:25 - 2014-12-09 00:11 - 00391526 _____ () C:\windows\system32\ApnDatabase.xml
2015-02-28 11:25 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\DeviceSetupStatusProvider.dll
2015-02-28 11:25 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-02-28 11:25 - 2014-10-29 02:04 - 00868352 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2015-02-28 11:25 - 2014-10-29 02:04 - 00200704 _____ (Microsoft Corporation) C:\windows\system32\GlobCollationHost.dll
2015-02-27 10:25 - 2015-03-01 16:11 - 00000000 ____D () C:\Users\spiesarchiv\AppData\Roaming\Familienbande
2015-02-27 10:25 - 2015-02-27 10:25 - 00001472 _____ () C:\Users\spiesarchiv\Desktop\Familienbande.lnk
2015-02-27 10:20 - 2015-02-27 23:34 - 00000000 ____D () C:\Program Files\Familienbande
2015-02-22 19:51 - 2015-02-22 20:00 - 33782255 _____ () C:\Users\spiesarchiv\Downloads\Wireless LAN_Broadcom_5.93.99.204_W81x86_A.zip
2015-02-22 19:10 - 2015-02-22 19:11 - 00000000 ____D () C:\Users\spiesarchiv\Documents\Archiv
2015-02-22 17:52 - 2015-02-22 17:52 - 00000000 ____D () C:\windows\Sun
2015-02-22 17:14 - 2015-02-22 17:14 - 00096680 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge.dll
2015-02-22 17:14 - 2015-02-22 17:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-22 17:14 - 2015-02-22 17:14 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-02-22 17:13 - 2015-02-22 17:13 - 00001090 _____ () C:\Users\spiesarchiv\Desktop\notepad.exe.lnk
2015-02-22 17:13 - 2015-02-22 17:13 - 00000000 ____D () C:\Program Files\Java
2015-02-22 17:02 - 2015-02-22 17:03 - 00676624 _____ (RealNetworks, Inc.) C:\Users\spiesarchiv\Downloads\RealPlayer_de.exe
2015-02-17 14:13 - 2015-02-17 14:19 - 00000000 ____D () C:\ProgramData\mquadr.at
2015-02-17 14:10 - 2015-02-17 14:12 - 00000000 __HDC () C:\ProgramData\{CD3330DC-8B86-4AE3-B2E4-09E56CB3E702}
2015-02-17 14:10 - 2015-02-17 14:10 - 00001139 _____ () C:\Users\spiesarchiv\AppData\Roaming\Microsoft\Windows\Start Menu\DSL Soforthilfe.lnk
2015-02-17 14:10 - 2015-02-17 14:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\o2
2015-02-17 14:10 - 2015-02-17 14:10 - 00000000 ____D () C:\Program Files\DSL Soforthilfe
2015-02-17 14:10 - 2013-11-21 21:56 - 03748800 ____N (mquadr.at software engineering und consulting GmbH) C:\windows\system32\M2ElevatedCalls.dll
2015-02-17 14:10 - 2013-11-21 21:56 - 00962528 ____N (mquadr.at software engineering) C:\windows\system32\M2ElevatedNetworkAdapters.dll
2015-02-17 14:10 - 2012-12-03 14:57 - 00238592 ____N (Nicomsoft Ltd.) C:\windows\system32\WiFiMan.dll
2015-02-15 11:38 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-02-15 11:38 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-02-15 11:38 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-02-15 11:38 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-02-15 11:38 - 2015-01-12 02:55 - 00664064 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-02-15 11:38 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-02-15 11:38 - 2015-01-12 02:34 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2015-02-15 11:38 - 2015-01-12 02:30 - 00880128 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-02-15 11:38 - 2015-01-12 02:25 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-02-15 11:38 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-02-15 11:38 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-02-15 11:38 - 2015-01-12 02:23 - 00684544 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-02-15 11:38 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-02-15 11:38 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-02-15 11:38 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-02-15 11:38 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-02-15 11:38 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-02-15 11:37 - 2015-01-15 23:37 - 00478776 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-02-15 11:37 - 2015-01-15 23:37 - 00148288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-02-15 11:37 - 2015-01-13 23:04 - 01489072 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-02-15 11:37 - 2015-01-10 09:28 - 05769024 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-02-15 11:37 - 2015-01-10 09:28 - 01468408 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-02-15 11:37 - 2015-01-10 08:38 - 03550720 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-02-15 11:37 - 2015-01-10 07:38 - 00359424 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-02-15 11:37 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-02-15 11:37 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2015-02-15 11:37 - 2014-10-29 03:06 - 00736768 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-02-15 11:37 - 2014-10-29 03:06 - 00154112 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-02-15 11:37 - 2014-10-29 02:03 - 01117696 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-02-12 18:46 - 2015-02-12 18:46 - 00001401 _____ () C:\Users\spiesarchiv\Desktop\Em-Client.lnk
2015-02-12 18:21 - 2015-03-09 15:12 - 00000000 ____D () C:\Users\spiesarchiv\AppData\Roaming\eM Client
2015-02-12 18:17 - 2015-02-12 18:17 - 00000940 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
2015-02-12 18:17 - 2015-02-12 18:17 - 00000000 ____D () C:\Program Files\eM Client
2015-02-08 23:40 - 2015-02-08 23:40 - 00000000 ____D () C:\Users\spiesarchiv\AppData\Roaming\Apple Computer
2015-02-08 23:28 - 2015-02-08 23:28 - 00000000 ___SD () C:\Program Files\SiSoftware Sandra Lite 2015x
2015-02-08 23:28 - 2015-02-08 23:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware
2015-02-08 23:28 - 2014-12-12 14:11 - 14397440 _____ () C:\Users\spiesarchiv\AppData\Roaming\Sandra.mdb
2015-02-07 23:41 - 2015-02-07 23:41 - 00000000 ____D () C:\ProgramData\GlarySoft
2015-02-07 23:33 - 2015-02-08 23:40 - 00000000 ____D () C:\Users\spiesarchiv\Desktop\Media
2015-02-07 23:31 - 2015-02-07 23:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Alternative
2015-02-07 23:31 - 2015-02-07 23:31 - 00000000 ____D () C:\Program Files\Real Alternative
2015-02-07 23:31 - 2010-02-15 19:00 - 00278528 _____ (Real Networks, Inc) C:\windows\system32\pncrt.dll
2015-02-07 23:31 - 2010-02-15 19:00 - 00185920 _____ (RealNetworks, Inc.) C:\windows\system32\rmoc3260.dll
2015-02-07 23:31 - 2010-02-15 19:00 - 00006656 _____ (RealNetworks, Inc.) C:\windows\system32\pndx5016.dll
2015-02-07 23:31 - 2010-02-15 19:00 - 00005632 _____ (RealNetworks, Inc.) C:\windows\system32\pndx5032.dll
2015-02-07 23:31 - 2004-01-11 23:00 - 00348160 _____ (Microsoft Corporation) C:\windows\system32\msvcr71.dll
2015-02-07 23:31 - 2003-03-19 04:14 - 00499712 _____ (Microsoft Corporation) C:\windows\system32\msvcp71.dll
2015-02-07 23:02 - 2015-02-07 23:07 - 00000000 ____D () C:\Users\spiesarchiv\AppData\Roaming\DivX
2015-02-07 23:02 - 2015-02-07 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2015-02-07 23:02 - 2015-02-07 23:02 - 00000000 ____D () C:\Program Files\Common Files\DivX Shared
2015-02-07 22:46 - 2015-02-07 22:46 - 00000000 ____D () C:\Users\spiesarchiv\AppData\Roaming\Real
2015-02-07 22:35 - 2015-02-07 22:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-02-07 22:35 - 2015-02-07 22:35 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-02-07 22:35 - 2015-02-07 22:35 - 00000000 ____D () C:\Program Files\QuickTime
2015-02-07 22:34 - 2015-02-07 22:34 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-02-07 22:34 - 2015-02-07 22:34 - 00000000 ____D () C:\ProgramData\Apple
2015-02-07 22:34 - 2015-02-07 22:34 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-07 22:34 - 2015-02-07 22:34 - 00000000 ____D () C:\Program Files\Apple Software Update
2015-02-07 22:10 - 2015-02-07 23:03 - 00000000 ____D () C:\Program Files\DivX
2015-02-07 22:09 - 2015-02-07 23:05 - 00000000 ____D () C:\ProgramData\DivX
2015-02-07 21:48 - 2015-03-09 14:55 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-09 15:17 - 2014-03-18 08:40 - 01776918 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-09 15:12 - 2015-02-02 01:02 - 00000348 _____ () C:\windows\Tasks\GlaryInitialize 5.job
2015-03-09 15:12 - 2015-02-02 01:02 - 00000000 ____D () C:\Program Files\Glary Utilities 5
2015-03-09 15:11 - 2013-08-22 08:23 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-09 15:11 - 2013-08-22 07:13 - 00262144 ___SH () C:\windows\system32\config\BBI
2015-03-09 15:10 - 2015-02-01 21:48 - 00000000 ___DC () C:\AdwCleaner
2015-03-09 15:00 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\system32\sru
2015-03-09 14:56 - 2015-01-24 20:20 - 00000000 ____D () C:\ProgramData\ProductData
2015-03-09 14:49 - 2015-02-01 22:09 - 00114904 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-09 13:30 - 2015-01-24 22:06 - 01150876 _____ () C:\windows\WindowsUpdate.log
2015-03-09 09:34 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\LiveKernelReports
2015-03-08 12:17 - 2015-02-01 22:08 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2015-03-08 05:31 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\Microsoft.NET
2015-03-06 15:33 - 2015-01-24 22:16 - 00000000 ____D () C:\Users\spiesarchiv
2015-03-06 01:48 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\system32\NDF
2015-03-05 05:40 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\AppReadiness
2015-03-04 22:21 - 2014-10-17 02:52 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-03-04 01:17 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\rescache
2015-03-03 23:18 - 2015-01-27 22:38 - 00000000 ____D () C:\Users\spiesarchiv\AppData\Roaming\Free Download Manager
2015-03-03 22:50 - 2014-10-17 02:51 - 00000000 __HDC () C:\OEM
2015-03-03 22:49 - 2014-10-17 02:52 - 00000000 ____D () C:\Program Files\Acer
2015-03-03 21:29 - 2013-08-22 09:05 - 00000000 ____D () C:\windows\CbsTemp
2015-03-03 20:48 - 2015-02-03 22:38 - 00000000 ____D () C:\Users\spiesarchiv\AppData\Roaming\Foxit Software
2015-03-03 20:41 - 2014-10-17 02:52 - 00000000 ____D () C:\ProgramData\OEM
2015-03-03 20:23 - 2015-01-27 21:24 - 00000292 _____ () C:\windows\Tasks\Uninstaller_SkipUac_spiesarchiv.job
2015-03-03 13:33 - 2015-02-02 01:02 - 00001066 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-03-03 13:25 - 2013-08-22 09:17 - 00000000 ___RD () C:\windows\ImmersiveControlPanel
2015-03-03 13:25 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\system32\de-DE
2015-03-02 00:52 - 2015-01-25 05:29 - 00000000 ____D () C:\Program Files\SRWare Iron
2015-02-28 23:37 - 2013-08-22 09:17 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-28 11:41 - 2015-01-27 21:11 - 00000000 ____D () C:\windows\system32\MRT
2015-02-28 11:32 - 2015-01-27 21:11 - 113756392 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-02-22 17:15 - 2015-01-29 00:24 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-22 16:59 - 2015-02-01 18:37 - 00000000 ____D () C:\ProgramData\{fa9afc74-19df-1381-fa9a-afc7419df1d0}
2015-02-18 13:41 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\system32\sr-Latn-RS
2015-02-18 13:41 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\system32\sr-Latn-CS
2015-02-15 11:39 - 2015-02-02 01:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2015-02-09 12:06 - 2015-01-24 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-02-07 23:37 - 2015-02-01 21:15 - 00000000 ____D () C:\Users\spiesarchiv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Download.am
2015-02-07 17:35 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\system32\LogFiles
==================== Files in the root of some directories =======
2015-02-08 23:28 - 2014-12-12 14:11 - 14397440 _____ () C:\Users\spiesarchiv\AppData\Roaming\Sandra.mdb
2015-03-03 22:56 - 2015-03-03 22:59 - 0008665 _____ () C:\Users\spiesarchiv\AppData\Local\HWVendorDetection.log
2015-01-28 16:08 - 2015-01-28 16:08 - 0000000 _____ () C:\Users\spiesarchiv\AppData\Local\StarPort.log
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-04 01:00
==================== End Of Log ============================
--- --- --- Geändert von davsand (09.03.2015 um 14:53 Uhr) |
|
09.03.2015, 19:10
| #4 |
| /// the machine /// TB-Ausbilder | 3 Tabs werden in Chrome geöffnetESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.03.2015, 01:08
| #5 |
| | 3 Tabs werden in Chrome geöffnetCode:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=0
Code:
ATTFilter Results of screen317's Security Check version 0.99.97
x86 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Windows Defender
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
MVPS Hosts File
Spyder4Express
SpywareBlaster 5.0
Secunia PSI (3.0.0.10004)
HostsServer 2.1.62 (32-bit)
Java 8 Update 31
Java version 32-bit out of Date!
Java 64-bit 8 Update 31
Adobe Flash Player 16.0.0.305
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C::
````````````````````End of Log``````````````````````
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-03-2015 03
Ran by spiesarchiv (administrator) on SWITCH on 10-03-2015 00:48:39
Running from C:\Program Files\FaberRecoveryScan
Loaded Profiles: spiesarchiv (Available profiles: spiesarchiv)
Platform: Microsoft Windows 8.1 mit Bing (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Kingsoft Corporation) C:\Program Files\cmcm\Clean Master\cmcore.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(IObit) C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Secunia) C:\Program Files\Secunia\PSI\psia.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(StarWind Software) C:\Program Files\RAM Disk\StarRAMService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Touch Tools\TouchToolsLaunchSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
() C:\Program Files\DSL Soforthilfe\DSL_Soforthilfe.exe
(Glarysoft Ltd) C:\Program Files\Glary Utilities 5\Integrator.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Glarysoft Ltd) C:\Program Files\Glary Utilities 5\memdefrag.exe
(eM Client, Inc.) C:\Program Files\eM Client\MailClient.exe
(Nenad Hrg SoftwareOK) C:\Program Files\Tools\DesktopOK.exe
(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
( ) C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Acer Incorporated) C:\Program Files\Acer\Screen Grasp\GestureDetection.exe
(Acer Incorporated) C:\Program Files\Acer\Screen Grasp\Launch Screen Grasp.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(FreeDownloadManager.ORG) C:\Program Files\Free Download Manager\Chrome\fdm_nativehost.exe
(Kingsoft Corporation) C:\Program Files\cmcm\Clean Master\cmtray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(FreeDownloadManager.ORG) C:\Program Files\Free Download Manager\fdm.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x86__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe
() C:\Program Files\SecurityCheck\SecurityCheck.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\windows\System32\DptfPolicyLpmServiceHelper.exe [81336 2014-05-08] (Intel Corporation)
HKLM\...\Run: [RtkNGUI] => C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe [7761920 2014-09-22] (Realtek Semiconductor)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [702768 2014-11-24] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [126712 2014-12-31] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM\...\Run: [DSL Soforthilfe] => C:\Program Files\DSL Soforthilfe\DSL_Soforthilfe.exe [20585888 2013-11-21] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [37152 2015-03-02] (Glarysoft Ltd)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\...\Run: [Glary Memory Optimizer] => C:\Program Files\Glary Utilities 5\memdefrag.exe [122656 2015-03-02] (Glarysoft Ltd)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\...\Run: [eM Client] => C:\Program Files\eM Client\MailClient.exe [15612200 2014-12-22] (eM Client, Inc.)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\...\Run: [DesktopOK] => C:\Program Files\Tools\DesktopOK.exe [174080 2014-12-23] (Nenad Hrg SoftwareOK)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [780288 2013-08-22] (Microsoft Corporation)
IFEO\apnstub.exe: [Debugger] dllhost.exe
IFEO\ipmgui.exe: [Debugger] dllhost.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SpyderUtility.lnk
ShortcutTarget: SpyderUtility.lnk -> C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility.exe ( )
BootExecute: autocheck autochk *
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\Software\Microsoft\Internet Explorer\Main,Start Page = google.de
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2015-01-27] (IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-22] (Oracle Corporation)
BHO: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files\Free Download Manager\iefdm2.dll [2014-11-13] (FreeDownloadManager.ORG)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-22] (Oracle Corporation)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-07] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw_1216156.dll [2015-01-09] (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-22] (Oracle Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF HKLM\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\Program Files\Free Download Manager\Firefox\Extension
FF Extension: Free Download Manager plugin - C:\Program Files\Free Download Manager\Firefox\Extension [2015-01-27]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [178424 2014-12-31] (Avira Operations GmbH & Co. KG)
R2 BTDevManager; C:\Program Files\REALTEK\REALTEK Bluetooth\BTDevMgr.exe [70144 2014-03-12] () [File not signed]
R2 cmcore; c:\program files\cmcm\Clean Master\cmcore.exe [315240 2015-01-27] (Kingsoft Corporation)
S3 cphs; C:\windows\system32\IntelCpHeciSvc.exe [280680 2014-12-29] (Intel Corporation)
R2 DptfParticipantProcessorService; C:\windows\system32\DptfParticipantProcessorService.exe [83384 2014-05-08] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\windows\system32\DptfPolicyCriticalService.exe [97208 2014-05-08] (Intel Corporation)
R2 DptfPolicyLpmService; C:\windows\system32\DptfPolicyLpmService.exe [90552 2014-05-08] (Intel Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [1974504 2014-07-22] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [280680 2014-12-29] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2635552 2015-01-27] (IObit)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [452840 2014-12-30] (Acer Incorporate)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [169800 2014-04-04] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [179600 2014-04-04] (McAfee, Inc.)
S3 SandraAgentSrv; C:\Program Files\SiSoftware Sandra Lite 2015x\RpcAgentSrv.exe [73200 2014-12-17] (SiSoftware) [File not signed]
S3 ScDeviceEnum; C:\windows\System32\ScDeviceEnum.dll [105472 2013-08-22] (Microsoft Corporation)
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
R2 StarRAMService; C:\Program Files\RAM Disk\StarRAMService.exe [89088 2010-03-29] (StarWind Software) [File not signed]
R2 TouchToolsLaunchService; C:\Program Files\Acer\Acer Touch Tools\TouchToolsLaunchSvc.exe [247040 2014-12-29] (Acer Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [288128 2014-09-22] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\windows\system32\wephostsvc.dll [20992 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22192 2014-09-22] (Microsoft Corporation)
S3 workfolderssvc; C:\windows\system32\workfolderssvc.dll [1222144 2014-07-24] (Microsoft Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~1\mcafee\siteadvisor\mcsacore.exe [X]
S2 mfecore; "C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACC_SensorDriver; C:\windows\System32\drivers\ACC_SensorDriver.sys [12800 2014-12-29] (Intel Corporation)
S3 ALS_SensorDriver; C:\windows\System32\drivers\ALS_SensorDriver.sys [11264 2014-12-29] (Intel Corporation)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [98160 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\system32\DRIVERS\avipbb.sys [136216 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [37352 2014-11-24] (Avira Operations GmbH & Co. KG)
S3 AX88179; C:\windows\system32\DRIVERS\ax88179_178a.sys [60816 2013-07-08] (ASIX Electronics Corp.)
R1 BasicRender; C:\windows\System32\drivers\BasicRender.sys [25600 2014-03-18] (Microsoft Corporation)
S3 BCMSDH43XX; C:\windows\system32\DRIVERS\bcmdhd63.sys [296664 2013-08-13] (Broadcom Corp)
R3 BthLEEnum; C:\windows\system32\DRIVERS\BthLEEnum.sys [186880 2014-03-18] (Microsoft Corporation)
R3 BthMini; C:\windows\System32\Drivers\BTHMINI.sys [24064 2013-08-22] (Microsoft Corporation)
R3 camera; C:\windows\system32\DRIVERS\camera.sys [462336 2014-12-29] (Intel Corporation)
S3 cfwids; C:\windows\System32\drivers\cfwids.sys [61400 2014-04-04] (McAfee, Inc.)
R3 CM3218x; C:\windows\system32\DRIVERS\WUDFRd.sys [188416 2014-12-29] (Microsoft Corporation)
R3 CPLMACPI; C:\windows\system32\DRIVERS\CPLMACPI.sys [16488 2014-12-29] (Capella Microsystems, Inc.)
S3 DptfDevAmbient; C:\windows\System32\drivers\DptfDevAmbient.sys [44472 2014-05-08] (Intel Corporation)
R3 DptfDevDBPT; C:\windows\System32\drivers\DptfDevPower.sys [25528 2014-05-08] (Intel Corporation)
R3 DptfDevDisplay; C:\windows\System32\drivers\DptfDevDisplay.sys [28088 2014-05-08] (Intel Corporation)
R3 DptfDevGen; C:\windows\System32\drivers\DptfDevGen.sys [36280 2014-05-08] (Intel Corporation)
R3 DptfDevProc; C:\windows\System32\drivers\DptfDevProc.sys [80824 2014-05-08] (Intel Corporation)
R3 DptfManager; C:\windows\System32\drivers\DptfManager.sys [182200 2014-05-08] (Intel Corporation)
R3 GPIO; C:\windows\System32\drivers\iaiogpioe.sys [23552 2014-05-05] (Intel Corporation)
R3 GpioVirtual; C:\windows\System32\drivers\iaiogpiovirtual.sys [16896 2014-03-22] (Intel Corporation)
R1 GUBootStartup; C:\windows\System32\drivers\GUBootStartup.sys [17344 2015-02-02] (Glarysoft Ltd)
S3 GYRO_SensorDriver; C:\windows\System32\drivers\GYRO_SensorDriver.sys [12800 2014-12-29] (Intel Corporation)
R1 HWiNFO32; C:\windows\system32\drivers\HWiNFO32.SYS [23840 2015-01-24] (REALiX(tm))
R3 iaioi2c; C:\windows\System32\drivers\iaioi2ce.sys [58368 2014-03-22] (Intel Corporation)
R3 iaiouart; C:\windows\System32\drivers\iaiouart.sys [87552 2015-01-24] (Intel Corporation)
S3 intaud_WaveExtensible; C:\windows\system32\drivers\intelaud.sys [32152 2014-12-29] (Intel Corporation)
R3 IntelSST; C:\windows\system32\drivers\isstrtc.sys [257024 2014-12-29] (Intel(R) Corporation)
R3 INVN_MotionApps; C:\windows\system32\DRIVERS\WUDFRd.sys [188416 2014-12-29] (Microsoft Corporation)
R3 iwdbus; C:\windows\System32\drivers\iwdbus.sys [23448 2014-12-29] (Intel Corporation)
R3 ksapi; C:\windows\system32\drivers\ksapi.sys [81768 2015-01-27] (Kingsoft Corporation)
R3 LMDriver; C:\windows\System32\drivers\LMDriver.sys [18232 2014-12-29] (Acer Incorporated)
S3 MAG_SensorDriver; C:\windows\System32\drivers\MAG_SensorDriver.sys [12288 2014-12-29] (Intel Corporation)
R0 MBI; C:\windows\System32\drivers\MBI.sys [21968 2014-03-16] (Intel Corporation)
S3 mfeapfk; C:\windows\System32\drivers\mfeapfk.sys [134600 2014-04-04] (McAfee, Inc.)
R3 mfeavfk; C:\windows\System32\drivers\mfeavfk.sys [236672 2014-04-04] (McAfee, Inc.)
S3 mfebopk; C:\windows\System32\drivers\mfebopk.sys [66408 2014-04-04] (McAfee, Inc.)
S0 mfeelamk; C:\windows\System32\drivers\mfeelamk.sys [58376 2014-04-04] (McAfee, Inc.)
R3 mfefirek; C:\windows\System32\drivers\mfefirek.sys [367776 2014-04-04] (McAfee, Inc.)
R0 mfehidk; C:\windows\System32\drivers\mfehidk.sys [574576 2014-04-04] (McAfee, Inc.)
R3 mfencbdc; C:\windows\system32\DRIVERS\mfencbdc.sys [345584 2014-03-18] (McAfee, Inc.)
S3 mfencrk; C:\windows\system32\DRIVERS\mfencrk.sys [81264 2014-03-18] (McAfee, Inc.)
R0 mfewfpk; C:\windows\System32\drivers\mfewfpk.sys [215624 2014-04-04] (McAfee, Inc.)
R3 ov2722; C:\windows\System32\drivers\ov2722.sys [49152 2014-12-29] (Intel Corporation)
R3 PMIC; C:\windows\System32\drivers\PMIC.sys [48128 2014-03-16] (Intel Corporation)
R3 PSI; C:\windows\System32\DRIVERS\psi_mf_x86.sys [16024 2014-11-28] (Secunia)
R3 RadioShim; C:\windows\System32\drivers\RadioShim.sys [13112 2014-12-29] (Acer Incorporated)
R3 rtii2sac; C:\windows\system32\DRIVERS\rtii2sac.sys [174808 2014-12-29] (Realtek Semiconductor Corp.)
R3 RtkUart; C:\windows\System32\drivers\RtkUart.sys [507608 2014-12-29] (Realtek Semiconductor Corporation)
R3 RtlWlans; C:\windows\system32\DRIVERS\rtwlans.sys [2748120 2014-07-18] (Realtek Semiconductor Corporation )
S3 SANDRA; C:\Program Files\SiSoftware Sandra Lite 2015x\WNt600x86\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 SensorFusion; C:\windows\System32\drivers\HIDFusion.sys [52736 2014-12-29] (Intel Corporation)
R3 SensorsServiceDriver; C:\windows\system32\DRIVERS\WUDFRd.sys [188416 2014-12-29] (Microsoft Corporation)
S3 Spyder4; C:\windows\System32\drivers\dccmtr.sys [12288 2011-06-02] (Datacolor)
S1 ssmdrv; C:\windows\system32\DRIVERS\ssmdrv.sys [28520 2014-11-24] (Avira GmbH)
R1 StarRAM; C:\windows\System32\drivers\StarRAM.sys [54744 2010-03-29] (StarWind Software)
R3 SynRMIHID; C:\windows\System32\drivers\SynRMIHID.sys [36080 2014-02-20] (Synaptics Incorporated)
R3 TXEI; C:\windows\System32\drivers\TXEI.sys [75792 2015-01-24] (Intel Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [84800 2014-09-22] (Microsoft Corporation)
R0 Wof; C:\windows\system32\Drivers\Wof.sys [138584 2014-03-13] (Microsoft Corporation)
S3 pfldypow; D:\Temp\pfldypow.sys [104960 2015-03-09] (GMER) [File not signed]
U4 RAMDiskVE; No ImagePath
========================== Drivers MD5 =======================
C:\windows\System32\drivers\1394ohci.sys F7B9F821CF1C31B266F60A5733F8119A
C:\windows\System32\drivers\3ware.sys 57F7923ACC5009218F6591B3C0F62E07
C:\windows\System32\drivers\ACC_SensorDriver.sys 311AD5CBC6EF57C4FD114B82208FC0B1
C:\windows\System32\drivers\ACPI.sys 97E855ABBF94A5B979BB3070833AE71C
C:\windows\System32\Drivers\acpiex.sys DCA3C5F55150B3AEB8B75A5E8D1156DC
C:\windows\System32\drivers\acpipagr.sys EE103776F838AE570EDBB2C1FB1356AF
C:\windows\System32\drivers\acpipmi.sys AC1BAD06E47D090C553FDEEAD1A7C463
C:\windows\System32\drivers\acpitime.sys 519FA16CFE54F107861501D852322AEF
C:\windows\System32\drivers\ADP80XX.SYS D614199DF507F1047D2C9ADB89BDD49E
C:\windows\system32\drivers\afd.sys D75FB05E8DBF21FA0EF313C7503243F1
C:\windows\System32\drivers\agp440.sys 7A706DCF874214097A30694D3B686866
C:\windows\System32\DRIVERS\ahcache.sys C758755F80B98F9F7DD413DB870961B7
C:\windows\System32\drivers\ALS_SensorDriver.sys C350D67D47C914E81F76A7591E2A9870
C:\windows\System32\drivers\amdagp.sys E7E154969EEDB8E8FC2C80DF690A175A
C:\windows\System32\drivers\amdk8.sys D9707ECC59834964EBA0D9D6C87305F6
C:\windows\System32\drivers\amdppm.sys 7E4E0841365A02F77BD8497CCE347179
C:\windows\System32\drivers\amdsata.sys 5558A0EB3082EAC88C0578ABCE0C707D
C:\windows\System32\drivers\amdsbs.sys FB1A73A850C812F63BA9D174AB97BFB6
C:\windows\System32\drivers\amdxata.sys 43352B9C7917984404F893AD10468F63
C:\windows\system32\drivers\appid.sys 744F52D39EE8B38B85A047B6AFFE8696
C:\windows\System32\drivers\arcsas.sys 0554DE27A3B4527C000073CEA0E84D1B
C:\windows\System32\drivers\atapi.sys 72FCAE2CE6DFEAB2AB072435017F3417
C:\windows\System32\DRIVERS\avgntflt.sys F581D2F3E30C1CA7206D660FB7689F98
C:\windows\system32\DRIVERS\avipbb.sys A2EE407D6D3757A2FFD5095DD16AE1F2
C:\windows\system32\DRIVERS\avkmgr.sys D8C712305F73CD34D1B344810E522728
C:\windows\system32\DRIVERS\ax88179_178a.sys CCE70A0919BDAB17AB2B293CC8E320B8
C:\windows\System32\drivers\BasicDisplay.sys 235EAE5E6E5F3F0DD49DA9204F86976E
C:\windows\System32\drivers\BasicRender.sys 363392A3AF1630C9D3A7B9A31267B5B3
C:\windows\System32\drivers\bcmfn2.sys 596DB7E4D0DB6AC32DF142C861001979
C:\windows\system32\DRIVERS\bcmdhd63.sys 92C5F2AA3F72166385D74D29D0D8BF60
C:\windows\system32\Drivers\Beep.sys 38058AF65F15D0E9E1A5A9B8E75B0757
C:\windows\System32\DRIVERS\bowser.sys BC1FC15A5B1FAE717CE441537590FDD3
C:\windows\System32\drivers\BthAvrcpTg.sys 48590B2DBCE55AC0DF0F7A3F23204CBF
C:\windows\System32\drivers\BthEnum.sys 9CDC68D1B3D7EE582BA0550E738163B9
C:\windows\System32\drivers\bthhfenum.sys 84CF99F7190D54D4C72E0F5D008BF88C
C:\windows\System32\drivers\BthHFHid.sys 1C0791BC4DC2AE0B41F8E84CD3154929
C:\windows\system32\DRIVERS\BthLEEnum.sys 0957FAE86F9E920BF3727769D87002A8
C:\windows\System32\Drivers\BTHMINI.sys 0A5BD61C7D9225E5DB10EAA872B99501
C:\windows\System32\drivers\bthmodem.sys 46F0B06DE544DF0E270BCB345E1768AC
C:\windows\System32\drivers\bthpan.sys 986B6FB12E1583EAFC66B1714FD7B26C
C:\windows\System32\Drivers\BTHport.sys BAB1EC541CB36911D808F9E25D4736F6
C:\windows\system32\DRIVERS\camera.sys 1204C0A06E55984C22B63A32B48E7804
C:\windows\System32\DRIVERS\cdfs.sys CE232BB0965C0C0B786C3F976CCBFB7D
C:\windows\System32\drivers\cdrom.sys E2FC132D48EA4E8B04432C33EFB77801
C:\windows\System32\drivers\cfwids.sys 447C7F3CAAF90EFB5E8AE708A06D6DE8
C:\windows\System32\drivers\circlass.sys 98294CE233DE8687CEEC29BD632107D0
C:\windows\System32\drivers\CLFS.sys 7559018F0024F00AC00198F18C6A0426
C:\windows\system32\DRIVERS\WUDFRd.sys 39C5340AE404C9B566D406B8DF5CE758
C:\windows\System32\drivers\CmBatt.sys 6D46D1CCDA47E9B76F2D7FF4417D31AD
C:\windows\System32\Drivers\cng.sys E3CDD6B5299CC8DDF43FF6C1B6B1F221
C:\windows\System32\DRIVERS\cnghwassist.sys EC086CEEC479CEDAD294D64D819CAABE
C:\windows\System32\drivers\CompositeBus.sys F89853991E6A03526E17E4AE5239FD98
C:\windows\System32\drivers\condrv.sys C8A7949EBAC42923D59B2C2630D2AD84
C:\windows\system32\DRIVERS\CPLMACPI.sys 57EC5E1C637A833DBBB69BED80C8C7BB
C:\windows\System32\drivers\dam.sys 2ECC9D6E0104409B441EA7095233F323
C:\windows\System32\Drivers\dfsc.sys 55758EBBC45E1628161121D7CFEAD4A1
C:\windows\System32\drivers\disk.sys 832BDA661E26792B5512FC641A177F26
C:\windows\System32\drivers\dmvsc.sys 0357F5F7C542249D8EAA4E6FCC69EE91
C:\windows\System32\drivers\DptfDevAmbient.sys 9199DA496BBAEF21B840CEBE9A87E4CF
C:\windows\System32\drivers\DptfDevPower.sys 1EBCE2CB7AB9909785B9C17AB55F9296
C:\windows\System32\drivers\DptfDevDisplay.sys 4AD397CA6CAFD03E9DD3940A529D8E2F
C:\windows\System32\drivers\DptfDevGen.sys 3106244877EF55539F98F36AEFFB2409
C:\windows\System32\drivers\DptfDevProc.sys 10570653DD298C8924AF6114BD0F1A82
C:\windows\System32\drivers\DptfManager.sys 9A776DF1DBEDE2E67E9CFE41B4282FCA
C:\windows\system32\drivers\drmkaud.sys 115B0BCB58F274B46A9C6A5615C4B925
C:\windows\System32\drivers\dxgkrnl.sys 27FA5460CE08F69FE536399214E0ABBB
C:\windows\System32\drivers\EhStorClass.sys AECFDE05D120822452BA8F606841B3FE
C:\windows\System32\drivers\EhStorTcgDrv.sys BFDF5BA2B770B358CA607109240A739D
C:\windows\System32\drivers\errdev.sys 6E7FD164E20C50F5A2D49AD0218FF4AE
C:\windows\system32\Drivers\exfat.sys 630E4FAFAE692F2D2D3835A4F37A583C
C:\windows\system32\Drivers\fastfat.sys 2B731E0CF73B392B1923078F464D96DB
C:\windows\System32\drivers\fdc.sys F2D60D87B15FF8ABBDA27371EBBEFE0B
C:\windows\System32\drivers\fileinfo.sys 878BE2CD1B68000D4BEEE293267B19CB
C:\windows\System32\drivers\filetrace.sys 5C427FD4AFAEAC08882A70EDA5013AF8
C:\windows\System32\drivers\flpydisk.sys BB2091E613F6F06F24FF9507E0FAA20B
C:\windows\System32\drivers\fltmgr.sys 0E647295EA5573F06DDD42F0FDFF254A
C:\windows\System32\drivers\FsDepends.sys 73F944AA04157781172CAD535AB6E172
C:\windows\system32\Drivers\Fs_Rec.sys 6496F5E84CBC8C6D697939D6518D9B7A
C:\windows\System32\DRIVERS\fvevol.sys A58318CA9F98AAB207D4C84868490D1D
C:\windows\System32\drivers\fxppm.sys B3CDDF19F6201210B8785FFD642A1632
C:\windows\System32\drivers\gagp30kx.sys 2DC88A077B783AFD416CDEE7BDE63868
C:\windows\System32\drivers\vmgencounter.sys 2156802A56276A97FB6892412A0B899D
C:\windows\System32\drivers\iaiogpioe.sys C80C97E90041ED9F9A482352D4B9BCCB
C:\windows\System32\Drivers\msgpioclx.sys FB1DB2A2663D59FEB04F4311861C7022
C:\windows\System32\drivers\iaiogpiovirtual.sys 148B5ADE03272086B6936E219D4536F3
C:\windows\System32\drivers\GUBootStartup.sys E9CDEB631E63E83A7540CF6E81B5486B
C:\windows\System32\drivers\GYRO_SensorDriver.sys 3F4069FB4AFF90C0AE2E5681E7EF2B58
C:\windows\System32\drivers\HDAudBus.sys 7E0EDA9EE53E344D1604EB2A7E8DED47
C:\windows\System32\drivers\HidBatt.sys 5C5BF3E47BB6B07FAD8EA4565159659E
C:\windows\System32\drivers\hidbth.sys 4A59C5DAF29CC28DA966C57DB863655E
C:\windows\System32\drivers\hidi2c.sys 4AC33C5E591F9845E34DA8681E558A58
C:\windows\System32\drivers\hidir.sys 2E6CA4DE2AEDF7ABDFEA906F11EDC8B1
C:\windows\System32\drivers\hidusb.sys 71E4AD300E86C0754D6070FB92475CF7
C:\windows\System32\drivers\HpSAMD.sys BA073FD7F6C94FF18F97DF8F0297ED62
C:\windows\System32\drivers\HTTP.sys 4196BBF0725EF4E4F220D5E1539EF553
C:\windows\system32\drivers\HWiNFO32.SYS 6FFB351C9C9BB88E91785F4CD7396D31
C:\windows\System32\drivers\hwpolicy.sys FAEB94F3ACCDFDA16E5FA585369FDEC4
C:\windows\System32\drivers\hyperkbd.sys 2DDC60AD29D845A745C9ECAAE35FC477
C:\windows\system32\DRIVERS\HyperVideo.sys D360FFBA289307976BE1BBE7BE792F58
C:\windows\System32\drivers\i8042prt.sys 5043E69532392A43549E5D41E22638AA
C:\windows\System32\drivers\iaioi2ce.sys DD86B5E42AC72AD5B88331C21FCF8618
C:\windows\System32\drivers\iaiouart.sys 604D612710B5FED2E78E172188ADD9A4
C:\windows\System32\drivers\iaStorAV.sys 387637FC01BA30E95A2330DA3FFD0919
C:\windows\System32\drivers\iaStorV.sys D2E7F3611BB8F1C2661B8F7858D33A35
C:\windows\system32\DRIVERS\igdkmd32.sys 2B0364C301DFB19BA9E51F0A70D28187
C:\windows\system32\drivers\intelaud.sys BE37CE00B9ACDA579F799E61148C7624
C:\windows\System32\drivers\intelide.sys B0F92A795C7E48E2C5F908265C655458
C:\windows\System32\drivers\intelpep.sys 95BD617B467F746553AD1FC523F5D2B6
C:\windows\System32\drivers\intelppm.sys 6DD61D8AFB56C9F853210C49FD4D8C16
C:\windows\system32\drivers\isstrtc.sys 5395E9604D58FD9BE15DFAC04795FF1B
C:\windows\system32\DRIVERS\WUDFRd.sys 39C5340AE404C9B566D406B8DF5CE758
C:\windows\System32\DRIVERS\ipfltdrv.sys 23B5C10891B64FB4261F9FCADF24FE28
C:\windows\System32\drivers\IPMIDrv.sys 3DC0D272D298B3AC09794E89FFB78BCD
C:\windows\System32\drivers\ipnat.sys FA6C94C754A566EA8A61D658932F32DE
C:\windows\System32\drivers\irenum.sys ADF675CF9EB57229E9D13BC2F5D4719D
C:\windows\System32\drivers\isapnp.sys 2A0D17D431F13E87ADCB28DEEC84F252
C:\windows\System32\drivers\msiscsi.sys 74F452379260EA77CC59905AEDBD5AE7
C:\windows\System32\drivers\iwdbus.sys DC270EA3E059D38A2382A7D3760A91AE
C:\windows\System32\drivers\kbdclass.sys 4504C8B75A6B2E5BE800DE03B26891D3
C:\windows\System32\drivers\kbdhid.sys 8BAF1904393EACA7178A5EF962256D3F
C:\windows\system32\DRIVERS\kdnic.sys 7F896C99637CB0E48262F307FC0F3557
C:\windows\system32\drivers\ksapi.sys BF85D404851462FDF3157F49EA870725
C:\windows\System32\Drivers\ksecdd.sys 21719E6D6B4EDEB062F0A9D8F7720FEF
C:\windows\System32\Drivers\ksecpkg.sys 5E31F868190E2E5250237B45743BD6AB
C:\windows\system32\DRIVERS\lltdio.sys 369ED2626209D245BA1CEBB626F9A376
C:\windows\System32\drivers\LMDriver.sys 5990C446E92A78065E9A7A93866040BA
C:\windows\System32\drivers\lsi_sas.sys 876BA8550E9F1F4EF8A7D056E66678F6
C:\windows\System32\drivers\lsi_sas2.sys 6FB4E344E66F7243D23F0F52A9610790
C:\windows\System32\drivers\lsi_sas3.sys 2E61D97CA19BBECCCF7CDE9C0C7392B5
C:\windows\System32\drivers\lsi_sss.sys 3986C8FAA6E397725024E7189BAC69CE
C:\windows\system32\drivers\luafv.sys A1E31C77F407F629F430A070B8747A44
C:\windows\System32\drivers\MAG_SensorDriver.sys 7199A358B7E5D19A9A21BED07D339A15
C:\windows\System32\drivers\MBI.sys EBFB06184BE82D1316EDA56739AF6B94
C:\windows\System32\drivers\megasas.sys EE038F0B57FD34B872AE2ADD7679C1E2
C:\windows\System32\drivers\megasr.sys 2E3BE5DA8078B170DA14CE3181C5D3AC
C:\windows\System32\drivers\mfeapfk.sys 1E258C5E5E24721470A816164B8440F1
C:\windows\System32\drivers\mfeavfk.sys 5B7BC74792F3159C28B25C8EF9B078B9
C:\windows\System32\drivers\mfebopk.sys CEBFA5845F28863AF3602992C2550BB2
C:\windows\System32\drivers\mfeelamk.sys 27E05BCC6F4D815F797ADD142D2AB1AB
C:\windows\System32\drivers\mfefirek.sys 52C4AF8DC0A580BE970B6EAF6FD0BD14
C:\windows\System32\drivers\mfehidk.sys D4F45F1C6C4542D95FF8177C17F723F1
C:\windows\system32\DRIVERS\mfencbdc.sys 4EEC12CB9004DEB6A324FB6C28BB2F80
C:\windows\system32\DRIVERS\mfencrk.sys A82AA321F5A15F71AFAE3B0AF2816C5D
C:\windows\System32\drivers\mfewfpk.sys D4C415181FC5DE46210F82C8A63625EC
C:\windows\System32\drivers\modem.sys FFE175CCDA4BC0278E88149F183B6C5E
C:\windows\System32\drivers\monitor.sys 523C526BBB796FC2087C0C8AC2B669BD
C:\windows\System32\drivers\mouclass.sys 1B621475FA22B947B60EE004A8EE11F5
C:\windows\System32\drivers\mouhid.sys 64DAA33D69C4442AD4CC52D478895355
C:\windows\System32\drivers\mountmgr.sys 8CF63AB55709A9E415190219C226A855
C:\windows\System32\drivers\mpsdrv.sys 4B300E2D06B03410064CF443E1CE6B25
C:\windows\system32\drivers\mrxdav.sys D8E41C1A50FC1E51F3594EFCE56BE860
C:\windows\System32\DRIVERS\mrxsmb.sys E11D4B798CF0FF9F739CD9BDC552FF08
C:\windows\System32\DRIVERS\mrxsmb10.sys F37F40422662235AB5768C303E829602
C:\windows\System32\DRIVERS\mrxsmb20.sys F35CF1EC831812B3C6B05587734DE8A3
C:\windows\system32\DRIVERS\bridge.sys 1188DC48CB36F31A3624BB9504F77AEE
C:\windows\system32\Drivers\Msfs.sys D99C98D630C34A448A93DE552DC7DD68
C:\windows\System32\drivers\msgpiowin32.sys 22FFBD5F9BCE2E970C617B95103079DC
C:\windows\System32\drivers\mshidkmdf.sys 30DA16E72C4CB4D5F06D35D0DFA16E2C
C:\windows\System32\drivers\mshidumdf.sys 26B1961255650B59107FC4990B2CEF34
C:\windows\System32\drivers\msisadrv.sys BF7ABD4461576528028FB86633A7EA24
C:\windows\system32\drivers\MSKSSRV.sys 0B2A5AB2591D7F6E8E64A0516325F2AD
C:\windows\system32\DRIVERS\mslldp.sys 2B1E1DA9C5FA25DB8DAC2F34BCF10196
C:\windows\system32\drivers\MSPCLOCK.sys 86729EC40EB28DBBAB6A672B138B4DC5
C:\windows\system32\drivers\MSPQM.sys 4E5FB5BD76165A81EE181A82EB665C8A
C:\windows\system32\Drivers\MsRPC.sys C90BB8C3DC3F50FBA1A668B844C84315
C:\windows\System32\drivers\mssmbios.sys CF61A813430B7F12452BCED287135676
C:\windows\system32\drivers\MSTEE.sys C323F63D61AD8CEC79B3CF4B8463B208
C:\windows\System32\drivers\MTConfig.sys 06442D8CA4425EFF66F47D8F82493450
C:\windows\System32\Drivers\mup.sys 6CD6189DFA649EEBFCBE81CB30030355
C:\windows\System32\drivers\mvumis.sys 8122A46E9A5EBD2E001FF5FB34A12A47
C:\windows\system32\DRIVERS\nwifi.sys 11CC93A3FBCD7339EE316B3E7A870D77
C:\windows\System32\drivers\ndis.sys F0FB15EEEA93526ACE6D7CF042FC3144
C:\windows\system32\DRIVERS\ndiscap.sys 9FA562E35A0263FBD01D44559224D46B
C:\windows\system32\DRIVERS\NdisImPlatform.sys 873FCE0E787BC74059941D597BE630E0
C:\windows\system32\DRIVERS\ndistapi.sys BD856EB36898EFA1B11346996ECA764C
C:\windows\system32\DRIVERS\ndisuio.sys 1D34650E97E74DF51BD86E0A102DB241
C:\windows\System32\drivers\NdisVirtualBus.sys 53D21FFC20728406A20BCCF145DC2AD4
C:\windows\system32\DRIVERS\ndiswan.sys 11312D35028616E585DCF02AFAFA56DC
C:\windows\system32\DRIVERS\ndiswan.sys 11312D35028616E585DCF02AFAFA56DC
C:\windows\system32\Drivers\NDProxy.sys 9F76B41778F62A7E582ADA902E8D149E
C:\windows\System32\drivers\Ndu.sys C6003C8BB723B4D7FCDFB4C419D676A1
C:\windows\System32\DRIVERS\netbios.sys F0F2377D72E48EBCA9B9BE5F3DE3F355
C:\windows\System32\DRIVERS\netbt.sys BC242922B0D08F61CF7C87FD08FAFA8B
C:\windows\system32\DRIVERS\netvsc63.sys 6A90783186DA0F93D21C805F6FAFD9CE
C:\windows\system32\Drivers\Npfs.sys 6CB2336E1C247A8164ADFF8A0D2FBCA4
C:\windows\System32\drivers\npsvctrig.sys 1B134DECC25E59D0C8AD95B64D475297
C:\windows\System32\drivers\nsiproxy.sys 3D383D0C64FFC3D3DDE2ED4EF828CFAB
C:\windows\system32\Drivers\Ntfs.sys CE53EAE5F11E8546058AF20C39E5F259
C:\windows\system32\Drivers\Null.sys C68CBBB69A8C611EFA668FA36DE542D9
C:\windows\System32\drivers\nvraid.sys CE9BC6B9B2D5A9782B20B8EF1D48FC6E
C:\windows\System32\drivers\nvstor.sys 8BC42FC48C9DB301025D7A5C6B20ECD9
C:\windows\System32\drivers\nv_agp.sys 5FC39F8B065128F2A59F92EE9AE3F286
C:\windows\System32\drivers\ov2722.sys 8D61D59B502555B14B1FA6858B27707E
C:\windows\System32\drivers\parport.sys 4F30970F15ADCC382544B31D5D7E368E
C:\windows\System32\drivers\partmgr.sys C503DA12698E7F775F8252F7A6FEA47F
C:\windows\System32\drivers\parvdm.sys 60450D9CA16603770DFCA15E68D8EAD3
C:\windows\System32\drivers\pci.sys 0A2BBE5E87374A32E4B1A5EEE582AE6C
C:\windows\System32\drivers\pciide.sys 05C7426981598F0E45824BC912D5177B
C:\windows\System32\drivers\pcmcia.sys F404AA7E499C83117C7442C2C2801C03
C:\windows\System32\drivers\pcw.sys E0F759702BBA5095CB0AE570333B194B
C:\windows\System32\drivers\pdc.sys C4F65F945BB7B014DDB28B1254F6787D
C:\windows\System32\drivers\peauth.sys 1A9DFE5854BD66E28178431E9C96E77D
C:\windows\System32\drivers\PMIC.sys 42EA5B30C55F82FC7D77E186CB727E40
C:\windows\System32\drivers\processr.sys 0BE3706EE01AA76D1583E82AE2E680D6
C:\windows\system32\DRIVERS\pacer.sys 9F6173E6F8E4034C008FCE29BFD4FBB2
C:\windows\System32\DRIVERS\psi_mf_x86.sys 68B57D7C11277EA89F78255480376B4D
C:\windows\system32\drivers\qwavedrv.sys C619F26983C63B2BB1F6FDD6B52490E0
C:\windows\System32\drivers\RadioShim.sys 0DB868B3F54483999D0EB61ED06A84A9
C:\windows\System32\DRIVERS\rasacd.sys 91D50E991F182B40E10E06A9D21D8779
C:\windows\system32\DRIVERS\raspppoe.sys 1B6351227867FBD8917769479F7D84A3
C:\windows\System32\DRIVERS\rdbss.sys 8810FA3D36B8922B7BD1935378CD1667
C:\windows\System32\drivers\rdpbus.sys 4E3C895DB9831A925CAFAF9F04FE89CC
C:\windows\System32\drivers\rdpdr.sys 67E91843B0344411820A012063E876B2
C:\windows\System32\drivers\rdpvideominiport.sys C47CB2108AA791890FDD997CDCB6609D
C:\windows\System32\drivers\rdyboost.sys ED5DA057B5C00042CDF0E705C59B3CB1
C:\windows\System32\drivers\rfcomm.sys 5E3934F8ADC8D93064CC5E537637882C
C:\windows\system32\DRIVERS\rspndr.sys A7B0D780D365635525B8A2B10CE493C4
C:\windows\system32\DRIVERS\rtii2sac.sys 0F9049BA2180D0C11DDC8B2F779D039D
C:\windows\System32\drivers\RtkUart.sys 12AA514239517F356F49E9579B79580D
C:\windows\system32\DRIVERS\rtwlans.sys AD8F455125C770F592E159555C4DD29E
C:\windows\System32\drivers\vms3cap.sys 14FC57F255EB705ECA023FB85D70BF7B
C:\Program Files\SiSoftware Sandra Lite 2015x\WNt600x86\Sandra.sys 230FD3749904CA045EA5EC0AA14006E9
C:\windows\System32\drivers\sbp2port.sys 98A297A744DDF9B2E14B05E511439ABC
C:\windows\System32\DRIVERS\scfilter.sys 631F9D546CD6D206F2D1273EFDA8B048
C:\windows\System32\drivers\sdbus.sys 0FE8B0EFB24F1DF6054B6D400BDB4D93
C:\windows\System32\drivers\sdstor.sys 6A90C0C56CABEAA19779434BA6A9875B
C:\windows\system32\Drivers\secdrv.sys A8CC993CED4DF9710ADAABC9DA66B660
C:\windows\System32\drivers\HIDFusion.sys 50C693072652A7C7336F7ACA3D71FEAC
C:\windows\system32\DRIVERS\WUDFRd.sys 39C5340AE404C9B566D406B8DF5CE758
C:\windows\System32\drivers\SerCx.sys B9B7306D989D3B205EE9637ABB937978
C:\windows\System32\drivers\SerCx2.sys 617029159ED22EF9CB3F83FE5AF968CB
C:\windows\System32\drivers\serenum.sys DE87128CFA9AED45BC26B7422B06CE06
C:\windows\System32\drivers\serial.sys 8C86C60A471B4E6DF644B07FD30957C4
C:\windows\System32\drivers\sermouse.sys 83F70AC05D00530EFAE71C913AEB5F3B
C:\windows\System32\drivers\sfloppy.sys 4FC275DBBE9F48EB07418E066843058D
C:\windows\System32\drivers\sisagp.sys 0EFBAF5C195B78D7897701EA3084AFA8
C:\windows\System32\drivers\SiSRaid2.sys 447DAF85E9F4D53710636468AD9911EA
C:\windows\System32\drivers\sisraid4.sys 5C08041AA0DB4FE983D496D820AFACB7
C:\windows\System32\drivers\spaceport.sys 0B0AD9D5EBBFFF19A5D977FBAB8A8105
C:\windows\System32\drivers\SpbCx.sys E0A6F5DA31A1B0F3C8D8A4802F97667D
C:\windows\System32\drivers\dccmtr.sys 86F8CE773624E2058F12B70CF344E083
C:\windows\System32\DRIVERS\srv.sys 0564453D240C8D305491629301CFACBB
C:\windows\System32\DRIVERS\srv2.sys D5C2AE72DA22BDE19B9433F9BDCDCD18
C:\windows\System32\DRIVERS\srvnet.sys 63E914F0E4B81AD6A86940BA4447E15E
C:\windows\system32\DRIVERS\ssmdrv.sys A36EE93698802CD899F98BFD553D8185
C:\windows\System32\drivers\StarRAM.sys B0A0C221F56637BC090D340A5B862BF6
C:\windows\System32\drivers\stexstor.sys B4489EA5810BF73778CD8BDC305109CE
C:\windows\System32\drivers\storahci.sys BA47EC0DC91660274059C437DC53D82B
C:\windows\System32\DRIVERS\vmstorfl.sys FA5A48CAB745A7A8CB83ECFE26BD2A11
C:\windows\System32\drivers\stornvme.sys 54614BE0F68CD3E9C6DEB8E8FBD12397
C:\windows\System32\drivers\storvsc.sys 19AC4D3BB088AA4561036B220FEB99DE
C:\windows\System32\drivers\swenum.sys BDD8121BEB8227A65D83C87FD4BE5AFE
C:\windows\System32\drivers\SynRMIHID.sys 5862D3E4967752B08579255E8E0519FA
C:\windows\System32\drivers\tcpip.sys 1150C7096A208CAAA670BE17901A4D54
C:\windows\system32\DRIVERS\tcpip.sys 1150C7096A208CAAA670BE17901A4D54
C:\windows\System32\drivers\tcpipreg.sys 31D0E1BF76AA85F5A72F4FD488C3B508
C:\windows\system32\DRIVERS\tdx.sys DB0C184142CF9FA1746F598A16EE92B2
C:\windows\System32\drivers\terminpt.sys 87F4612CBEF6CD97043911BA43ABB53B
C:\windows\system32\drivers\tpm.sys 7441A1E10500AC6229DDCE369A953929
C:\windows\System32\drivers\tsusbflt.sys 3E87B8167BA1CA5274DFACC4856B3FD9
C:\windows\System32\drivers\TsUsbGD.sys 3F6FA4385342780468C0FEE5D09BB431
C:\windows\system32\DRIVERS\tunnel.sys C9AF1C4C24DA2FF092B1A4548EEC5ACB
C:\windows\System32\drivers\TXEI.sys 0534D2B2970F5886D76EB50D4567313C
C:\windows\System32\drivers\uagp35.sys 61FC1405334298EFE7D49970C5346551
C:\windows\System32\drivers\uaspstor.sys 0E919230A74FA541CC5C2D3F917340B7
C:\windows\System32\drivers\ucx01000.sys BC87FFF7ACB60F25CEE11C03856D2BFD
C:\windows\System32\DRIVERS\udfs.sys 070CDA00BE4D9E4E92F5471B8D24CBD8
C:\windows\System32\drivers\UEFI.sys 31C53FFBFD9977D3F2061627A69274D2
C:\windows\System32\drivers\uliagpkx.sys 202F1C6EBA7D84F59C03E708F45A28C3
C:\windows\System32\drivers\umbus.sys 8CB5D86BDB3890CFC4D94593935C2F4B
C:\windows\System32\drivers\umpass.sys C4115675F53E9E853294C15131D5EBBC
C:\windows\System32\drivers\usbccgp.sys 8A93F68EBAFE14D62895A09568BED30A
C:\windows\System32\drivers\usbcir.sys 9D941A00FD49FBC8670EFE0B48F41994
C:\windows\System32\drivers\usbehci.sys 5DB5AACE25B1E08E958AE2C001182B0F
C:\windows\System32\drivers\usbhub.sys 58EA28A06D4ACEE0B1BEA23EEAE85470
C:\windows\System32\drivers\UsbHub3.sys A0A51CFBE5BDBB62662BD4979A324166
C:\windows\System32\drivers\usbohci.sys B1E835C5F75F98B0439ED0A56B85C3E8
C:\windows\System32\drivers\usbprint.sys F4FA8FC5577F5F603FD79663BD8F3005
C:\windows\System32\drivers\USBSTOR.SYS B4A53FA9AF30243CC7EDFAC75A029624
C:\windows\System32\drivers\usbuhci.sys 4173F451FD9B78164F60D74265B16C77
C:\windows\System32\drivers\USBXHCI.SYS 0CEA7C4EC8BAB5DEFC8F7198BEE03850
C:\windows\System32\drivers\vdrvroot.sys 3D06B8D4A1ED1B91C8566DF7AC510AF2
C:\windows\System32\drivers\VerifierExt.sys E0915FFD3BDFB98B723C46FEB8070B8A
C:\windows\System32\drivers\vhdmp.sys 3AF00F5A0742B10CB10F54A4D6E17D8B
C:\windows\System32\drivers\viaagp.sys 33CA244E0808BBD784EA6938605FED28
C:\windows\System32\drivers\viac7.sys EBBBCBC27D7F391188CDF4196ED80D63
C:\windows\System32\drivers\viaide.sys 75B08537DCF231A7B536ACE2ED8E8A35
C:\windows\System32\drivers\vmbus.sys 744DBD744910FAB62EACD05F25471D61
C:\windows\System32\drivers\VMBusHID.sys 1F02B273254268F975612210D8CB6859
C:\windows\System32\drivers\volmgr.sys D78640FCD9043EEFE3DDE69855A72567
C:\windows\System32\drivers\volmgrx.sys 57566A1F8D39071BB56AA0B083A75544
C:\windows\System32\drivers\volsnap.sys 31A2AA48C1ECD390E2707E5C21B75DCE
C:\windows\System32\drivers\vsmraid.sys 10B78A2D45B1330C162FDE8FEE78F315
C:\windows\System32\drivers\vstxraid.sys 761B3F51660CD3D9F815E5C916235D0B
C:\windows\System32\drivers\vwifibus.sys 47BF83648E9FBD88A8CDB7C2A169D100
C:\windows\system32\DRIVERS\vwififlt.sys 937FC132094684F8F41DA89CECC1D427
C:\windows\system32\DRIVERS\vwifimp.sys 438082724F84703C00DA503131A89055
C:\windows\System32\drivers\wacompen.sys 67B211F7AB2D49C6403E7FD970421806
C:\windows\system32\drivers\WdBoot.sys DFB02E2DE7AD7F8CAE1B9FCFB34ACACC
C:\windows\System32\drivers\Wdf01000.sys C49F1B047C2080FC5AA662A769887631
C:\windows\system32\drivers\WdFilter.sys 4480114ADCCEADF181249A89A93493F5
C:\windows\System32\Drivers\WdNisDrv.sys 7459E6FD1357680AB0D88966E701D879
C:\windows\System32\DRIVERS\wfplwfs.sys CBF73734B883C712BC07796708FCB0CD
C:\windows\System32\drivers\wimmount.sys A4A63DD4E1B72B8C8189AD3F09914AF0
C:\windows\System32\drivers\wmiacpi.sys AF01C55490366930DFAF1D3655C763BD
C:\windows\system32\Drivers\Wof.sys DB3F0877E5C225693A131AE82C262957
C:\windows\System32\DRIVERS\wpcfltr.sys 7E7207FF951BDAA10781D758628EC1B9
C:\windows\System32\drivers\WpdUpFltr.sys 6D8FA63A8C9765A853264D3977EECC19
C:\windows\system32\drivers\ws2ifsl.sys 12BCBE7CA69586AF483C86255739793F
C:\windows\System32\drivers\WudfPf.sys C0D25C818F1B4F559442E3BC92B18F8D
C:\windows\System32\drivers\WUDFRd.sys 39C5340AE404C9B566D406B8DF5CE758
C:\windows\system32\DRIVERS\WUDFRd.sys 39C5340AE404C9B566D406B8DF5CE758
D:\Temp\pfldypow.sys 713FE6170460A0B38536020B515B7761
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-10 00:13 - 2015-03-10 00:35 - 00000000 ____D () C:\Program Files\SecurityCheck
2015-03-09 20:49 - 2015-03-09 20:49 - 00000000 ____D () C:\Program Files\ESET
2015-03-07 22:21 - 2015-03-10 00:48 - 00000000 ____D () C:\Program Files\FaberRecoveryScan
2015-03-06 02:22 - 2015-03-06 02:22 - 00002149 _____ () C:\Users\spiesarchiv\Desktop\Spyder4Express 4.5.4.lnk
2015-03-06 02:22 - 2015-03-06 02:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Datacolor
2015-03-06 02:22 - 2008-01-30 17:36 - 00090112 _____ (MindVision Software) C:\windows\unvise32.exe
2015-03-06 02:21 - 2015-03-06 02:22 - 00000000 ____D () C:\Program Files\Datacolor
2015-03-04 00:06 - 2015-03-08 14:07 - 00000000 ____D () C:\Program Files\Tools
2015-03-03 17:03 - 2015-03-03 17:06 - 00000000 ____D () C:\Program Files\TempClean
2015-03-03 17:01 - 2015-03-03 17:01 - 00448512 _____ (OldTimer Tools) C:\Users\spiesarchiv\Desktop\TFC.exe
2015-03-03 16:00 - 2015-03-09 15:04 - 00000000 ____D () C:\ProgramData\TEMP
2015-03-03 16:00 - 2015-03-09 15:03 - 00000000 ____D () C:\Program Files\SpywareBlaster
2015-03-03 16:00 - 2015-03-03 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2015-03-03 16:00 - 2015-03-03 16:00 - 00000000 ____D () C:\ProgramData\Licenses
2015-03-03 16:00 - 2011-11-04 05:13 - 01070352 _____ (Microsoft Corporation) C:\windows\system32\MSCOMCTL.OCX
2015-03-03 16:00 - 2009-03-24 12:52 - 00129872 _____ (Microsoft Corporation) C:\windows\system32\MSSTDFMT.DLL
2015-03-03 15:58 - 2015-03-03 15:58 - 00001047 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2015-03-03 15:58 - 2015-03-03 15:58 - 00000000 ____D () C:\Program Files\Secunia
2015-03-03 15:46 - 2015-03-03 17:54 - 00001864 _____ () C:\Users\spiesarchiv\Desktop\Deinstall.jpg.lnk
2015-03-03 15:45 - 2015-03-03 15:45 - 00000000 ____D () C:\Program Files\Delfix
2015-03-03 15:43 - 2015-03-03 15:43 - 00000523 ____C () C:\DelFix.txt
2015-03-03 15:43 - 2015-03-03 15:43 - 00000000 ____D () C:\windows\ERUNT
2015-03-03 13:53 - 2015-03-03 13:58 - 00000000 ____D () C:\Program Files\JRT
2015-03-03 00:50 - 2015-03-03 00:52 - 00035317 _____ () C:\Users\spiesarchiv\Downloads\Addition.txt
2015-03-03 00:49 - 2015-03-03 00:52 - 00043947 _____ () C:\Users\spiesarchiv\Downloads\FRST.txt
2015-03-03 00:48 - 2015-03-10 00:48 - 00000000 ___DC () C:\FRST
2015-03-03 00:47 - 2015-03-03 00:47 - 00000567 _____ () C:\Users\spiesarchiv\Desktop\Download.lnk
2015-03-03 00:38 - 2015-03-03 00:38 - 01132032 _____ (Farbar) C:\Users\spiesarchiv\Downloads\FRST.exe
2015-03-02 00:17 - 2015-03-02 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOfficeDev 4.4
2015-03-02 00:16 - 2015-03-02 00:16 - 00000000 ____D () C:\Program Files\LibreOfficeDev 4
2015-03-01 17:21 - 2014-11-17 21:23 - 00529352 _____ (Microsoft Corporation) C:\windows\system32\MDMAgent.exe
2015-03-01 17:21 - 2014-11-17 21:23 - 00224168 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlows.exe
2015-03-01 17:21 - 2014-11-14 06:04 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsDatabase.dll
2015-03-01 17:21 - 2014-11-14 06:01 - 00366592 _____ (Microsoft Corporation) C:\windows\system32\SystemSettings.Handlers.dll
2015-03-01 17:21 - 2014-11-14 05:55 - 01619968 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlowUI.dll
2015-03-01 17:21 - 2014-11-14 05:53 - 00790528 _____ (Microsoft Corporation) C:\windows\system32\MrmCoreR.dll
2015-03-01 17:21 - 2014-11-14 05:51 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers.dll
2015-02-28 22:42 - 2015-02-28 22:42 - 130961408 _____ () C:\Users\spiesarchiv\Downloads\libo-44~2015-02-28_20.24.37_LibreOfficeDev_4.4.2.0.0_Win_x86.msi
2015-02-28 12:57 - 2015-03-09 20:48 - 00000000 ____D () C:\Users\spiesarchiv\Desktop\Service
2015-02-28 11:26 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-02-28 11:26 - 2015-01-19 19:36 - 01192552 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2015-02-28 11:26 - 2014-10-13 03:37 - 00108864 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2015-02-28 11:26 - 2014-10-11 01:53 - 03607040 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2015-02-28 11:26 - 2014-10-08 07:44 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2015-02-28 11:26 - 2014-10-08 07:27 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2015-02-28 11:26 - 2014-10-08 06:19 - 02459136 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-02-28 11:26 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\windows\system32\aspnet_counters.dll
2015-02-28 11:25 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-02-28 11:25 - 2014-12-13 22:29 - 00513488 _____ () C:\windows\system32\locale.nls
2015-02-28 11:25 - 2014-12-09 00:11 - 00391526 _____ () C:\windows\system32\ApnDatabase.xml
2015-02-28 11:25 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\DeviceSetupStatusProvider.dll
2015-02-28 11:25 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-02-28 11:25 - 2014-10-29 02:04 - 00868352 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2015-02-28 11:25 - 2014-10-29 02:04 - 00200704 _____ (Microsoft Corporation) C:\windows\system32\GlobCollationHost.dll
2015-02-27 10:25 - 2015-03-01 16:11 - 00000000 ____D () C:\Users\spiesarchiv\AppData\Roaming\Familienbande
2015-02-27 10:25 - 2015-02-27 10:25 - 00001472 _____ () C:\Users\spiesarchiv\Desktop\Familienbande.lnk
2015-02-27 10:20 - 2015-02-27 23:34 - 00000000 ____D () C:\Program Files\Familienbande
2015-02-22 19:51 - 2015-02-22 20:00 - 33782255 _____ () C:\Users\spiesarchiv\Downloads\Wireless LAN_Broadcom_5.93.99.204_W81x86_A.zip
2015-02-22 19:10 - 2015-02-22 19:11 - 00000000 ____D () C:\Users\spiesarchiv\Documents\Archiv
2015-02-22 17:52 - 2015-02-22 17:52 - 00000000 ____D () C:\windows\Sun
2015-02-22 17:14 - 2015-02-22 17:14 - 00096680 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge.dll
2015-02-22 17:14 - 2015-02-22 17:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-22 17:14 - 2015-02-22 17:14 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-02-22 17:13 - 2015-02-22 17:13 - 00001090 _____ () C:\Users\spiesarchiv\Desktop\notepad.exe.lnk
2015-02-22 17:13 - 2015-02-22 17:13 - 00000000 ____D () C:\Program Files\Java
2015-02-22 17:02 - 2015-02-22 17:03 - 00676624 _____ (RealNetworks, Inc.) C:\Users\spiesarchiv\Downloads\RealPlayer_de.exe
2015-02-17 14:13 - 2015-02-17 14:19 - 00000000 ____D () C:\ProgramData\mquadr.at
2015-02-17 14:10 - 2015-02-17 14:12 - 00000000 __HDC () C:\ProgramData\{CD3330DC-8B86-4AE3-B2E4-09E56CB3E702}
2015-02-17 14:10 - 2015-02-17 14:10 - 00001139 _____ () C:\Users\spiesarchiv\AppData\Roaming\Microsoft\Windows\Start Menu\DSL Soforthilfe.lnk
2015-02-17 14:10 - 2015-02-17 14:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\o2
2015-02-17 14:10 - 2015-02-17 14:10 - 00000000 ____D () C:\Program Files\DSL Soforthilfe
2015-02-17 14:10 - 2013-11-21 21:56 - 03748800 ____N (mquadr.at software engineering und consulting GmbH) C:\windows\system32\M2ElevatedCalls.dll
2015-02-17 14:10 - 2013-11-21 21:56 - 00962528 ____N (mquadr.at software engineering) C:\windows\system32\M2ElevatedNetworkAdapters.dll
2015-02-17 14:10 - 2012-12-03 14:57 - 00238592 ____N (Nicomsoft Ltd.) C:\windows\system32\WiFiMan.dll
2015-02-15 11:38 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-02-15 11:38 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-02-15 11:38 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-02-15 11:38 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-02-15 11:38 - 2015-01-12 02:55 - 00664064 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-02-15 11:38 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-02-15 11:38 - 2015-01-12 02:34 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2015-02-15 11:38 - 2015-01-12 02:30 - 00880128 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-02-15 11:38 - 2015-01-12 02:25 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-02-15 11:38 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-02-15 11:38 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-02-15 11:38 - 2015-01-12 02:23 - 00684544 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-02-15 11:38 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-02-15 11:38 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-02-15 11:38 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-02-15 11:38 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-02-15 11:38 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-02-15 11:37 - 2015-01-15 23:37 - 00478776 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-02-15 11:37 - 2015-01-15 23:37 - 00148288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-02-15 11:37 - 2015-01-13 23:04 - 01489072 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-02-15 11:37 - 2015-01-10 09:28 - 05769024 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-02-15 11:37 - 2015-01-10 09:28 - 01468408 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-02-15 11:37 - 2015-01-10 08:38 - 03550720 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-02-15 11:37 - 2015-01-10 07:38 - 00359424 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-02-15 11:37 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-02-15 11:37 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2015-02-15 11:37 - 2014-10-29 03:06 - 00736768 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-02-15 11:37 - 2014-10-29 03:06 - 00154112 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-02-15 11:37 - 2014-10-29 02:03 - 01117696 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-02-12 18:46 - 2015-02-12 18:46 - 00001401 _____ () C:\Users\spiesarchiv\Desktop\Em-Client.lnk
2015-02-12 18:21 - 2015-03-09 15:12 - 00000000 ____D () C:\Users\spiesarchiv\AppData\Roaming\eM Client
2015-02-12 18:17 - 2015-02-12 18:17 - 00000940 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
2015-02-12 18:17 - 2015-02-12 18:17 - 00000000 ____D () C:\Program Files\eM Client
2015-02-08 23:40 - 2015-02-08 23:40 - 00000000 ____D () C:\Users\spiesarchiv\AppData\Roaming\Apple Computer
2015-02-08 23:28 - 2015-02-08 23:28 - 00000000 ___SD () C:\Program Files\SiSoftware Sandra Lite 2015x
2015-02-08 23:28 - 2015-02-08 23:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware
2015-02-08 23:28 - 2014-12-12 14:11 - 14397440 _____ () C:\Users\spiesarchiv\AppData\Roaming\Sandra.mdb
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-09 23:55 - 2015-02-07 21:48 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-03-09 23:11 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\system32\sru
2015-03-09 22:02 - 2015-01-27 22:38 - 00000000 ____D () C:\Users\spiesarchiv\AppData\Roaming\Free Download Manager
2015-03-09 21:38 - 2015-01-24 22:06 - 01208242 _____ () C:\windows\WindowsUpdate.log
2015-03-09 15:17 - 2014-03-18 08:40 - 01776918 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-09 15:12 - 2015-02-02 01:02 - 00000348 _____ () C:\windows\Tasks\GlaryInitialize 5.job
2015-03-09 15:12 - 2015-02-02 01:02 - 00000000 ____D () C:\Program Files\Glary Utilities 5
2015-03-09 15:11 - 2013-08-22 08:23 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-09 15:11 - 2013-08-22 07:13 - 00262144 ___SH () C:\windows\system32\config\BBI
2015-03-09 15:10 - 2015-02-01 21:48 - 00000000 ___DC () C:\AdwCleaner
2015-03-09 14:56 - 2015-01-24 20:20 - 00000000 ____D () C:\ProgramData\ProductData
2015-03-09 14:49 - 2015-02-01 22:09 - 00114904 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-09 09:34 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\LiveKernelReports
2015-03-08 12:17 - 2015-02-01 22:08 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2015-03-08 05:31 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\Microsoft.NET
2015-03-06 15:33 - 2015-01-24 22:16 - 00000000 ____D () C:\Users\spiesarchiv
2015-03-06 01:48 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\system32\NDF
2015-03-05 05:40 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\AppReadiness
2015-03-04 22:21 - 2014-10-17 02:52 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-03-04 01:17 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\rescache
2015-03-03 22:50 - 2014-10-17 02:51 - 00000000 __HDC () C:\OEM
2015-03-03 22:49 - 2014-10-17 02:52 - 00000000 ____D () C:\Program Files\Acer
2015-03-03 21:29 - 2013-08-22 09:05 - 00000000 ____D () C:\windows\CbsTemp
2015-03-03 20:48 - 2015-02-03 22:38 - 00000000 ____D () C:\Users\spiesarchiv\AppData\Roaming\Foxit Software
2015-03-03 20:41 - 2014-10-17 02:52 - 00000000 ____D () C:\ProgramData\OEM
2015-03-03 20:23 - 2015-01-27 21:24 - 00000292 _____ () C:\windows\Tasks\Uninstaller_SkipUac_spiesarchiv.job
2015-03-03 13:33 - 2015-02-02 01:02 - 00001066 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-03-03 13:25 - 2013-08-22 09:17 - 00000000 ___RD () C:\windows\ImmersiveControlPanel
2015-03-03 13:25 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\system32\de-DE
2015-03-02 00:52 - 2015-01-25 05:29 - 00000000 ____D () C:\Program Files\SRWare Iron
2015-02-28 23:37 - 2013-08-22 09:17 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-28 11:41 - 2015-01-27 21:11 - 00000000 ____D () C:\windows\system32\MRT
2015-02-28 11:32 - 2015-01-27 21:11 - 113756392 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-02-22 17:15 - 2015-01-29 00:24 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-22 16:59 - 2015-02-01 18:37 - 00000000 ____D () C:\ProgramData\{fa9afc74-19df-1381-fa9a-afc7419df1d0}
2015-02-18 13:41 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\system32\sr-Latn-RS
2015-02-18 13:41 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\system32\sr-Latn-CS
2015-02-15 11:39 - 2015-02-02 01:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2015-02-09 12:06 - 2015-01-24 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-02-08 23:40 - 2015-02-07 23:33 - 00000000 ____D () C:\Users\spiesarchiv\Desktop\Media
==================== Files in the root of some directories =======
2015-02-08 23:28 - 2014-12-12 14:11 - 14397440 _____ () C:\Users\spiesarchiv\AppData\Roaming\Sandra.mdb
2015-03-03 22:56 - 2015-03-03 22:59 - 0008665 _____ () C:\Users\spiesarchiv\AppData\Local\HWVendorDetection.log
2015-01-28 16:08 - 2015-01-28 16:08 - 0000000 _____ () C:\Users\spiesarchiv\AppData\Local\StarPort.log
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
==================== BCD ================================
Start-Manager fr Firmware
--------------------------
Bezeichner {fwbootmgr}
displayorder {bootmgr}
{b8f6ac39-8ee0-11e4-971f-806e6f6e6963}
{b8f6ac3a-8ee0-11e4-971f-806e6f6e6963}
{b8f6ac3b-8ee0-11e4-971f-806e6f6e6963}
timeout 0
Windows-Start-Manager
---------------------
Bezeichner {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale de-DE
inherit {globalsettings}
integrityservices Enable
default {current}
resumeobject {5f8c767c-8f39-11e4-9b87-bc20ab6116f9}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Firmwareanwendung (101fffff)
----------------------------
Bezeichner {b8f6ac39-8ee0-11e4-971f-806e6f6e6963}
description EFI USB Device
Firmwareanwendung (101fffff)
----------------------------
Bezeichner {b8f6ac3a-8ee0-11e4-971f-806e6f6e6963}
description EFI DVD/CDROM
Firmwareanwendung (101fffff)
----------------------------
Bezeichner {b8f6ac3b-8ee0-11e4-971f-806e6f6e6963}
description EFI Network
Windows-Startladeprogramm
-------------------------
Bezeichner {current}
device partition=C:
path \windows\system32\winload.efi
description Windows 8.1
locale de-DE
inherit {bootloadersettings}
recoverysequence {5f8c767e-8f39-11e4-9b87-bc20ab6116f9}
integrityservices Enable
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \windows
resumeobject {5f8c767c-8f39-11e4-9b87-bc20ab6116f9}
nx OptIn
bootmenupolicy Standard
detecthal Yes
Windows-Startladeprogramm
-------------------------
Bezeichner {5f8c767e-8f39-11e4-9b87-bc20ab6116f9}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{5f8c767f-8f39-11e4-9b87-bc20ab6116f9}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale en-us
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{5f8c767f-8f39-11e4-9b87-bc20ab6116f9}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner {5f8c767c-8f39-11e4-9b87-bc20ab6116f9}
device partition=C:
path \windows\system32\winresume.efi
description Windows Resume Application
locale de-DE
inherit {resumeloadersettings}
recoverysequence {5f8c767e-8f39-11e4-9b87-bc20ab6116f9}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
pae Yes
debugoptionenabled No
Windows-Speichertestprogramm
----------------------------
Bezeichner {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Windows Memory Diagnostic
locale de-DE
inherit {globalsettings}
badmemoryaccess Yes
EMS-Einstellungen
-----------------
Bezeichner {emssettings}
bootems No
Debuggereinstellungen
---------------------
Bezeichner {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
RAM-Defekte
-----------
Bezeichner {badmemory}
Globale Einstellungen
---------------------
Bezeichner {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Startladeprogramm-Einstellungen
-------------------------------
Bezeichner {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Hypervisoreinstellungen
-------------------
Bezeichner {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner {resumeloadersettings}
inherit {globalsettings}
Ger„teoptionen
--------------
Bezeichner {5f8c767f-8f39-11e4-9b87-bc20ab6116f9}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Optionen zum RAM-Datentr„gersetup
---------------------------------
Bezeichner {ramdiskoptions}
description Acer Recovery Management
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \boot\boot.sdi
LastRegBack: 2015-03-04 01:00
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 08-03-2015 03
Ran by spiesarchiv at 2015-03-10 00:49:58
Running from C:\Program Files\FaberRecoveryScan
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3012 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8115 - Acer Incorporated)
Acer Power Management (HKLM\...\{89943901-4CD5-42AB-A55B-E5395FE27748}) (Version: 7.00.8106.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{D6B57AF2-2406-49E4-B219-EAA8B0B9F3CF}) (Version: 6.00.8108 - Acer Incorporated)
Acer Screen Grasp (HKLM\...\{84443E5D-0767-438B-B1C8-6A52FAB2101B}) (Version: 1.02.3006 - Acer Incorporated)
Acer System Information (HKLM\...\{72199E33-4F2A-4B7F-8E25-95DDDD50A678}) (Version: 1.0.0 - Acer)
Acer Touch Tools (HKLM\...\{BB1F8130-3CB3-4896-9D28-770DFFFDE59C}) (Version: 1.01.3001 - Acer Incorporated)
Acer Video Player (HKLM\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2010.3 - Acer Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.6.156 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM\...\{2c18809c-4097-4b51-a4d0-3deade730ef3}) (Version: 1.1.29.22350 - Avira Operations & Co. KG)
Avira (Version: 1.1.29.22350 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Clean Master (HKLM\...\Clean Master) (Version: 1.0 - Cheetah Mobile)
Copernic Agent Personal (HKLM\...\Copernic Agent Personal) (Version: - Copernic)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Driver Booster 2.2 (HKLM\...\Driver Booster_is1) (Version: 2.2 - IObit)
DSL Soforthilfe (HKLM\...\DSL Soforthilfe) (Version: 1.1.0.51 - Telefónica Germany GmbH & Co. OHG)
eM Client (HKLM\...\{BD061BFF-676B-443C-88FC-6376BB322317}) (Version: 6.0.21372.0 - eM Client Inc.)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Free Download Manager 3.9.4 (HKLM\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG)
FreeCommander XE (HKLM\...\FreeCommander XE_is1) (Version: Preview - Marek Jasinski)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Glary Utilities 5.20 (HKLM\...\Glary Utilities 5) (Version: 5.20.0.35 - Glarysoft Ltd)
HostsServer 2.1.62 (32-bit) (HKLM\...\{7BD0B841-7498-4B2B-80A3-2BF301D1D06F}_is1) (Version: 2.1.62.0 - abelhadigital.com)
HUAWEI DataCard Driver 4.25.38.04 (HKLM\...\HUAWEI DataCard Driver) (Version: 4.25.38.04 - Huawei technologies Co., Ltd.)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3910 - Intel Corporation)
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 4.2.6.1 - IObit)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
LibreOffice 4.4.0.3 (HKLM\...\{8BEE1CDD-F95D-4759-952D-6B38DF99D1F0}) (Version: 4.4.0.3 - The Document Foundation)
LibreOfficeDev 4.4.2.0.0 (HKLM\...\{34181EDA-9B6C-4554-8C61-3136F51797F9}) (Version: 4.4.2.0.0 - tinderbox)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Office (HKLM\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Paragon Partition Manager™ 14 Free (HKLM\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Real Alternative 2.0.2 (HKLM\...\RealAlt_is1) (Version: 2.0.2 - )
REALTEK Bluetooth (HKLM\...\InstallShield_{192979A0-37F4-4703-B1BB-62052142CE44}) (Version: 1.0.53.40723 - Realtek Semiconductor Corp.)
REALTEK Bluetooth (Version: 1.0.53.40723 - Ihr Firmenname) Hidden
Realtek I2S Audio (HKLM\...\{89A448AA-3301-46AA-AFC3-34F2D7C670E8}) (Version: 0.27 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM\...\{33AABC60-A52F-41FF-B2B9-17321240CD5}) (Version: 1.01.0243 - REALTEK Semiconductor Corp.)
Registrar Registry Manager 7.70 (HKLM\...\RegistrarHome_is1) (Version: - Resplendence Software Projects Sp.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Secunia PSI (3.0.0.10004) (HKLM\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
SiSoftware Sandra Lite 2015x (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2496}_is1) (Version: 21.15.2015.1 - SiSoftware)
Spyder4Express (HKLM\...\Spyder4Express) (Version: - )
SpywareBlaster 5.0 (HKLM\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
SRWare Iron Version SRWare Iron 40.2150.0 (HKLM\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 40.2150.0 - SRWare)
StarWind RAM Disk (build 2010-03-10) (HKLM\...\StarWind RAM Disk_is1) (Version: - StarWind Software)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
04-03-2015 01:16:52 Geplanter Prüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 07:13 - 2015-02-28 03:58 - 00522709 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 fr.a2dfp.net
0.0.0.0 m.fr.a2dfp.net
0.0.0.0 mfr.a2dfp.net
0.0.0.0 ad.a8.net
0.0.0.0 asy.a8ww.net
0.0.0.0 static.a-ads.com
0.0.0.0 atlas.aamedia.ro
0.0.0.0 abcstats.com
0.0.0.0 ad4.abradio.cz
0.0.0.0 a.abv.bg
0.0.0.0 adserver.abv.bg
0.0.0.0 adv.abv.bg
0.0.0.0 bimg.abv.bg
0.0.0.0 ca.abv.bg
0.0.0.0 www2.a-counter.kiev.ua
0.0.0.0 track.acclaimnetwork.com
0.0.0.0 accuserveadsystem.com
0.0.0.0 www.accuserveadsystem.com
0.0.0.0 achmedia.com
0.0.0.0 csh.actiondesk.com
0.0.0.0 ads.activepower.net
0.0.0.0 app.activetrail.com
0.0.0.0 stat.active24stats.nl #[Tracking.Cookie]
0.0.0.0 traffic.acwebconnecting.com
0.0.0.0 office.ad1.ru
0.0.0.0 cms.ad2click.nl
0.0.0.0 ad2games.com
0.0.0.0 ads.ad2games.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0C4FFD4A-056D-4E5E-8A6C-5B6F45C255B7} - System32\Tasks\Screen Grasp GestureDetection => C:\Program Files\Acer\Screen Grasp\GestureDetection.exe [2014-12-29] (Acer Incorporated)
Task: {0D2DC727-FDD9-4284-91F7-56FF1F6378AB} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-07] (Adobe Systems Incorporated)
Task: {2EA8154C-9A0F-4D49-BDEA-F49EC9CF9855} - System32\Tasks\Uninstaller_SkipUac_spiesarchiv => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-25] (IObit)
Task: {3BCF15F6-FDBD-42D0-B0CE-AE1B6641B51C} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-07-22] (Acer Incorporated)
Task: {423163BC-B830-49E2-A880-AB047D7B4C3E} - System32\Tasks\Prelauncher => C:\Program Files\Acer\Screen Grasp\InputTask.exe [2014-12-29] (Acer Incorporated)
Task: {44D00949-03F6-44F1-B612-860679464948} - System32\Tasks\Driver Booster Update => C:\Program Files\IObit\Driver Booster\AutoUpdate.exe [2015-02-05] (IObit)
Task: {541C069D-60F8-4456-A7FA-86B01B0D7027} - System32\Tasks\prelauncher_First => C:\Program Files\Acer\Screen Grasp\InputTask.exe [2014-12-29] (Acer Incorporated)
Task: {5F3564A8-6ABF-4074-BECD-B14DB766B369} - \Optimize Start Menu Cache Files-S-1-5-21-2704919929-3204641014-941289941-500 No Task File <==== ATTENTION
Task: {608CDFAD-2660-4734-8196-D099ABD4C679} - System32\Tasks\GU5SkipUAC => C:\Program Files\Glary Utilities 5\Integrator.exe [2015-03-02] (Glarysoft Ltd)
Task: {6E666CD1-D695-45B5-AD68-84F36262F6F0} - System32\Tasks\ACC => C:\Program Files\Acer\Care Center\LiveUpdateChecker.exe [2014-08-29] ()
Task: {6F29DA32-B4A1-489A-AAF9-DE09348D732A} - System32\Tasks\Driver Booster Scan => C:\Program Files\IObit\Driver Booster\Scheduler.exe [2015-02-04] (IObit)
Task: {70B7E71E-4B7C-409A-B51B-81F553169A10} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-12-30] (Acer Incorporate)
Task: {75E086DF-AF5D-4B68-8156-BF2D87C5E9D9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {86AB9AD4-D0FD-497E-B9DC-1B84A69A66B5} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-08] (Acer Incorporated)
Task: {9E38C1F5-2392-40BE-969E-DD1D429A91C6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2015-02-28] (Microsoft Corporation)
Task: {A29BEC78-2625-410C-8364-47AB7FE8EC90} - System32\Tasks\ACCAgent => C:\Program Files\Acer\Care Center\LiveUpdateAgent.exe [2014-08-29] ()
Task: {C92A1BD2-113F-496A-93AD-3886490EB61A} - System32\Tasks\GlaryInitialize 5 => C:\Program Files\Glary Utilities 5\Initialize.exe [2015-03-02] (Glarysoft Ltd)
Task: {CE8DC38F-D8CA-432C-9EF1-29CFC5318C85} - System32\Tasks\Launch Screen Grasp_First => C:\Program Files\Acer\Screen Grasp\Launch Screen Grasp.exe [2014-12-29] (Acer Incorporated)
Task: {D66C2129-D6C8-497B-A835-0B2D9EF66528} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files\CHIP Updater\CHIPUpdater.exe
Task: {F9F3EFB2-5EF6-4005-9F97-A93A74F30C7B} - System32\Tasks\Driver Booster SkipUAC (spiesarchiv) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe [2015-02-05] (IObit)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GlaryInitialize 5.job => C:\Program Files\Glary Utilities 5\Initialize.exe
Task: C:\windows\Tasks\Uninstaller_SkipUac_spiesarchiv.job => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
==================== Loaded Modules (whitelisted) ==============
2014-12-29 00:06 - 2014-03-12 13:31 - 00070144 _____ () C:\Program Files\REALTEK\REALTEK Bluetooth\BTDevMgr.exe
2015-01-25 01:25 - 2015-01-25 01:25 - 00622880 _____ () C:\Program Files\IObit\LiveUpdate\ProductStatistics.dll
2014-01-10 06:26 - 2014-01-10 06:26 - 01861968 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2014-01-10 06:28 - 2014-01-10 06:28 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2015-02-17 14:10 - 2013-11-21 21:57 - 20585888 ____N () C:\Program Files\DSL Soforthilfe\DSL_Soforthilfe.exe
2015-03-02 06:39 - 2015-03-02 06:39 - 00080160 _____ () C:\Program Files\Glary Utilities 5\zlib1.dll
2015-03-01 00:27 - 2015-03-01 00:27 - 00132096 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\MailClient.1d52ed9e#\2f3f835083fdff55899aedd638369fd6\MailClient.Collections.ni.dll
2015-03-01 00:28 - 2015-03-01 00:28 - 00490496 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\MailClient.Mail\56176c034900af4f9a372fe98250fc26\MailClient.Mail.ni.dll
2015-03-01 00:28 - 2015-03-01 00:28 - 00933888 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\HTMLEditorControl\d62c5955a841b5e134fff4e0a42305df\HTMLEditorControl.ni.dll
2015-03-01 00:28 - 2015-03-01 00:28 - 00020992 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\MailClient.Interop\d9f02ae66580231508da8b27143116de\MailClient.Interop.ni.dll
2015-03-01 00:28 - 2015-03-01 00:28 - 00571392 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\MailClient.Common.UI\14c55713940be48e26407cef9c221e5e\MailClient.Common.UI.ni.dll
2015-03-01 00:27 - 2015-03-01 00:27 - 00548864 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\LinqBridge\e37aeb740348f40292457021e3ea52c3\LinqBridge.ni.dll
2014-11-21 16:47 - 2014-11-21 16:47 - 00642016 _____ () C:\Program Files\eM Client\SQLite\x86\sqlite3.dll
2015-03-01 00:28 - 2015-03-01 00:28 - 00097792 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\MailClient.Sasl\3050524841c7b64b2000008a857a7f80\MailClient.Sasl.ni.dll
2015-03-01 00:28 - 2015-03-01 00:28 - 00674304 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\HtmlInterop\b8c3145a295ad010eed1b8453a19fcf4\HtmlInterop.ni.dll
2015-03-01 00:28 - 2015-03-01 00:28 - 00083456 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\SystemCoreTimeZone\ddf0a1955afc96a8c94f12ff2ffd9bab\SystemCoreTimeZone.ni.dll
2015-03-01 00:29 - 2015-03-01 00:29 - 01575424 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsAPICodePack\3026e19236841bc6c0ddf9d2ea5f5513\WindowsAPICodePack.ni.dll
2015-03-01 00:28 - 2015-03-01 00:28 - 00249344 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\MailClient.Imap.Base\bfddb17bc56578422af6adbcdbd46039\MailClient.Imap.Base.ni.dll
2014-10-17 02:54 - 2015-01-07 18:11 - 00494336 _____ () C:\Program Files\Acer\clear.fi plug-in\AcerSplitter.ax
2014-10-17 02:54 - 2015-01-07 18:11 - 01200384 _____ () C:\Program Files\Acer\clear.fi plug-in\avformat-lav-55.dll
2014-10-17 02:54 - 2015-01-07 18:11 - 00367872 _____ () C:\Program Files\Acer\clear.fi plug-in\avutil-lav-52.dll
2014-10-17 02:54 - 2015-01-07 18:11 - 08122112 _____ () C:\Program Files\Acer\clear.fi plug-in\avcodec-lav-55.dll
2014-10-17 02:54 - 2015-01-07 18:11 - 00833280 _____ () C:\Program Files\Acer\clear.fi plug-in\libbluray.dll
2014-10-17 02:54 - 2015-01-07 18:11 - 00965888 _____ () C:\Program Files\Acer\clear.fi plug-in\AcerSubtitle.dll
2014-10-17 02:54 - 2015-01-07 18:11 - 00374016 _____ () C:\Program Files\Acer\clear.fi plug-in\AcerFLVSplitter.ax
2014-10-17 02:54 - 2015-01-07 18:11 - 00519424 _____ () C:\Program Files\Acer\clear.fi plug-in\AcerMP4Splitter2.ax
2014-10-17 02:54 - 2015-01-07 18:11 - 00640256 _____ () C:\Program Files\Acer\clear.fi plug-in\AcerMP4Splitter.ax
2014-10-17 02:54 - 2015-01-07 18:11 - 00454400 _____ () C:\Program Files\Acer\clear.fi plug-in\AcerMKVSplitter.ax
2014-10-17 02:54 - 2015-01-07 18:11 - 00462592 _____ () C:\Program Files\Acer\clear.fi plug-in\AcerMpegAudioSplitter.ax
2014-10-17 02:54 - 2015-01-07 18:11 - 00385280 _____ () C:\Program Files\Acer\clear.fi plug-in\AcerMpegSplitter.ax
2011-08-09 16:06 - 2012-02-07 14:59 - 00139264 _____ () C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility Libs\Appearance Pak.dll
2011-08-09 16:06 - 2012-02-07 14:59 - 00151552 _____ () C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility Libs\RegEx.dll
2011-08-09 16:06 - 2012-02-07 14:59 - 12977947 _____ () C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility Libs\RBScript.dll
2011-08-09 16:06 - 2012-02-07 14:59 - 00098304 _____ () C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility Libs\Shell.dll
2011-08-09 16:06 - 2012-02-07 14:59 - 00761856 _____ () C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility Libs\XML.dll
2011-08-09 16:06 - 2012-02-07 14:59 - 00274432 _____ () C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility Libs\CGamma.dll
2011-08-09 16:06 - 2012-02-07 14:59 - 00086016 _____ () C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility Libs\CSensor.dll
2011-09-22 15:22 - 2012-02-07 14:59 - 00039936 _____ () C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility Libs\MBSRegistrationPlugin16724.dll
2011-09-22 15:22 - 2012-02-07 14:59 - 00025600 _____ () C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility Libs\MBSPluginVersionPlugin16724.dll
2015-01-25 06:07 - 2015-01-27 17:54 - 01402368 _____ () C:\Program Files\SRWare Iron\libglesv2.dll
2015-01-25 06:07 - 2015-01-27 17:55 - 00212480 _____ () C:\Program Files\SRWare Iron\libegl.dll
2015-01-25 06:07 - 2015-02-03 11:43 - 09464320 _____ () C:\Program Files\SRWare Iron\pdf.dll
2015-01-27 22:38 - 2014-11-13 11:55 - 03553280 _____ () C:\Program Files\Free Download Manager\fdmbtsupp.dll
2015-03-09 21:59 - 2015-03-09 21:59 - 00852604 _____ () C:\Program Files\SecurityCheck\SecurityCheck.exe
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\acer02.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "cmsc"
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\...\StartupApproved\StartupFolder: => "OptimizerProInstaller.lnk"
==================== Accounts: =============================
Administrator (S-1-5-21-2704919929-3204641014-941289941-500 - Administrator - Disabled)
Gast (S-1-5-21-2704919929-3204641014-941289941-501 - Limited - Disabled)
spiesarchiv (S-1-5-21-2704919929-3204641014-941289941-1001 - Administrator - Enabled) => C:\Users\spiesarchiv
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/08/2015 02:35:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Name des fehlerhaften Moduls: PSIA.exe, Version: 3.0.0.10004, Zeitstempel: 0x54784a82
Ausnahmecode: 0xc0000409
Fehleroffset: 0x00093524
ID des fehlerhaften Prozesses: 0x9dc
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3
Vollständiger Name des fehlerhaften Pakets: PSIA.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: PSIA.exe5
Error: (03/08/2015 02:03:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: switch)
Description: Bei der Aktivierung der App „FileManager_cw5n1h2txyewy!Microsoft.Windows.PhotoManager“ ist folgender Fehler aufgetreten: -2144927151. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (03/08/2015 02:02:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: switch)
Description: Bei der Aktivierung der App „FileManager_cw5n1h2txyewy!Microsoft.Windows.PhotoManager“ ist folgender Fehler aufgetreten: -2144927151. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
System errors:
=============
Error: (03/09/2015 08:56:49 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.54
registriert werden. Der Computer mit IP-Adresse 192.168.178.111 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (03/09/2015 06:26:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "pfldypow" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error: (03/09/2015 06:26:11 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "WINDOWHUSCH",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{6FF25E66-F975-4E78-8EE6-B6520D-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (03/09/2015 03:46:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/09/2015 03:11:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Anti-Malware Core" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (03/09/2015 03:11:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (03/09/2015 03:05:42 PM) (Source: DCOM) (EventID: 10010) (User: switch)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (03/09/2015 03:05:12 PM) (Source: DCOM) (EventID: 10010) (User: switch)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (03/09/2015 03:04:09 PM) (Source: DCOM) (EventID: 10010) (User: switch)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (03/09/2015 03:03:39 PM) (Source: DCOM) (EventID: 10010) (User: switch)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Microsoft Office Sessions:
=========================
Error: (03/08/2015 02:35:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a82c0000409000935249dc01d05991a97ea5f2C:\Program Files\Secunia\PSI\PSIA.exeC:\Program Files\Secunia\PSI\PSIA.exef2068a50-c597-11e4-975b-40e2302dd396
Error: (03/08/2015 02:03:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: switch)
Description: FileManager_cw5n1h2txyewy!Microsoft.Windows.PhotoManager-2144927151
Error: (03/08/2015 02:02:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: switch)
Description: FileManager_cw5n1h2txyewy!Microsoft.Windows.PhotoManager-2144927151
CodeIntegrity Errors:
===================================
Date: 2015-03-09 18:26:13.959
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Temp\pfldypow.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-03-09 18:26:13.943
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Temp\pfldypow.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-03-09 15:11:18.308
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\Drivers\ssmdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-03-08 12:18:36.525
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\Drivers\ssmdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-03-08 11:48:55.775
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\Drivers\ssmdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-03-06 15:33:04.279
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\Drivers\ssmdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-03-04 00:49:09.339
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\Drivers\ssmdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-03-03 17:10:15.418
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\Drivers\ssmdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-03-03 13:25:42.293
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\Drivers\ssmdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-02-28 23:38:25.433
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\Drivers\ssmdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Atom(TM) CPU Z3735F @ 1.33GHz
Percentage of memory in use: 75%
Total physical RAM: 1953.49 MB
Available physical RAM: 482.21 MB
Total Pagefile: 3906.49 MB
Available Pagefile: 695.05 MB
Total Virtual: 2047.88 MB
Available Virtual: 1905.39 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:51.02 GB) (Free:36.32 GB) NTFS
Drive d: (RAM_DISK) (Fixed) (Total:0.2 GB) (Free:0.19 GB) FAT
Drive e: (DATA) (Fixed) (Total:465.76 GB) (Free:465.08 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 58.2 GB) (Disk ID: 8D23E77F)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 200 MB) (Disk ID: 3A05F453)
Partition 1: (Active) - (Size=200 MB) - (Type=06)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 618C0922)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================
 |
|
10.03.2015, 19:41
| #6 |
| /// the machine /// TB-Ausbilder | 3 Tabs werden in Chrome geöffnet Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter IFEO\apnstub.exe: [Debugger] dllhost.exe
IFEO\ipmgui.exe: [Debugger] dllhost.exe
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Frisches FRST log bitte.
__________________ --> 3 Tabs werden in Chrome geöffnet |
|
10.03.2015, 23:31
| #7 |
| | 3 Tabs werden in Chrome geöffnetCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 08-03-2015 03
Ran by spiesarchiv at 2015-03-10 23:01:20 Run:1
Running from C:\Program Files\FaberRecoveryScan
Loaded Profiles: spiesarchiv (Available profiles: spiesarchiv)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
IFEO\apnstub.exe: [Debugger] dllhost.exe IFEO\ipmgui.exe: [Debugger] dllhost.exe Emptytemp:
*****************
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\apnstub.exe" => Key Deleted successfully.
==== End of Fixlog 23:01:21 ====
Neustart? FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-03-2015 03
Ran by spiesarchiv (administrator) on SWITCH on 10-03-2015 23:04:25
Running from C:\Program Files\FaberRecoveryScan
Loaded Profiles: spiesarchiv (Available profiles: spiesarchiv)
Platform: Microsoft Windows 8.1 mit Bing (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Kingsoft Corporation) C:\Program Files\cmcm\Clean Master\cmcore.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(IObit) C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Secunia) C:\Program Files\Secunia\PSI\psia.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(StarWind Software) C:\Program Files\RAM Disk\StarRAMService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Touch Tools\TouchToolsLaunchSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
() C:\Program Files\DSL Soforthilfe\DSL_Soforthilfe.exe
(Glarysoft Ltd) C:\Program Files\Glary Utilities 5\Integrator.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Glarysoft Ltd) C:\Program Files\Glary Utilities 5\memdefrag.exe
(eM Client, Inc.) C:\Program Files\eM Client\MailClient.exe
(Nenad Hrg SoftwareOK) C:\Program Files\Tools\DesktopOK.exe
(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
( ) C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Acer Incorporated) C:\Program Files\Acer\Screen Grasp\GestureDetection.exe
(Acer Incorporated) C:\Program Files\Acer\Screen Grasp\Launch Screen Grasp.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(Kingsoft Corporation) C:\Program Files\cmcm\Clean Master\cmtray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(FreeDownloadManager.ORG) C:\Program Files\Free Download Manager\fdm.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\SecurityCheck\SecurityCheck.exe
() D:\Temp\FRITZ!WLANRepeater310\fsetup.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(FreeDownloadManager.ORG) C:\Program Files\Free Download Manager\Chrome\fdm_nativehost.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\windows\System32\DptfPolicyLpmServiceHelper.exe [81336 2014-05-08] (Intel Corporation)
HKLM\...\Run: [RtkNGUI] => C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe [7761920 2014-09-22] (Realtek Semiconductor)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [702768 2014-11-24] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [126712 2014-12-31] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM\...\Run: [DSL Soforthilfe] => C:\Program Files\DSL Soforthilfe\DSL_Soforthilfe.exe [20585888 2013-11-21] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [37152 2015-03-02] (Glarysoft Ltd)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\...\Run: [Glary Memory Optimizer] => C:\Program Files\Glary Utilities 5\memdefrag.exe [122656 2015-03-02] (Glarysoft Ltd)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\...\Run: [eM Client] => C:\Program Files\eM Client\MailClient.exe [15612200 2014-12-22] (eM Client, Inc.)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\...\Run: [DesktopOK] => C:\Program Files\Tools\DesktopOK.exe [174080 2014-12-23] (Nenad Hrg SoftwareOK)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [780288 2013-08-22] (Microsoft Corporation)
IFEO\ipmgui.exe: [Debugger] dllhost.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SpyderUtility.lnk
ShortcutTarget: SpyderUtility.lnk -> C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility.exe ( )
BootExecute: autocheck autochk *
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\Software\Microsoft\Internet Explorer\Main,Start Page = google.de
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2015-01-27] (IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-10] (Oracle Corporation)
BHO: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files\Free Download Manager\iefdm2.dll [2014-11-13] (FreeDownloadManager.ORG)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-10] (Oracle Corporation)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.179.254 192.168.179.100
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-07] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw_1216156.dll [2015-01-09] (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-10] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF HKLM\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\Program Files\Free Download Manager\Firefox\Extension
FF Extension: Free Download Manager plugin - C:\Program Files\Free Download Manager\Firefox\Extension [2015-01-27]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [178424 2014-12-31] (Avira Operations GmbH & Co. KG)
R2 BTDevManager; C:\Program Files\REALTEK\REALTEK Bluetooth\BTDevMgr.exe [70144 2014-03-12] () [File not signed]
R2 cmcore; c:\program files\cmcm\Clean Master\cmcore.exe [315240 2015-01-27] (Kingsoft Corporation)
S3 cphs; C:\windows\system32\IntelCpHeciSvc.exe [280680 2014-12-29] (Intel Corporation)
R2 DptfParticipantProcessorService; C:\windows\system32\DptfParticipantProcessorService.exe [83384 2014-05-08] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\windows\system32\DptfPolicyCriticalService.exe [97208 2014-05-08] (Intel Corporation)
R2 DptfPolicyLpmService; C:\windows\system32\DptfPolicyLpmService.exe [90552 2014-05-08] (Intel Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [1974504 2014-07-22] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [280680 2014-12-29] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2635552 2015-01-27] (IObit)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [452840 2014-12-30] (Acer Incorporate)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [169800 2014-04-04] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [179600 2014-04-04] (McAfee, Inc.)
S3 SandraAgentSrv; C:\Program Files\SiSoftware Sandra Lite 2015x\RpcAgentSrv.exe [73200 2014-12-17] (SiSoftware) [File not signed]
S3 ScDeviceEnum; C:\windows\System32\ScDeviceEnum.dll [105472 2013-08-22] (Microsoft Corporation)
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
R2 StarRAMService; C:\Program Files\RAM Disk\StarRAMService.exe [89088 2010-03-29] (StarWind Software) [File not signed]
R2 TouchToolsLaunchService; C:\Program Files\Acer\Acer Touch Tools\TouchToolsLaunchSvc.exe [247040 2014-12-29] (Acer Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [288128 2014-09-22] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\windows\system32\wephostsvc.dll [20992 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22192 2014-09-22] (Microsoft Corporation)
S3 workfolderssvc; C:\windows\system32\workfolderssvc.dll [1222144 2014-07-24] (Microsoft Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~1\mcafee\siteadvisor\mcsacore.exe [X]
S2 mfecore; "C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACC_SensorDriver; C:\windows\System32\drivers\ACC_SensorDriver.sys [12800 2014-12-29] (Intel Corporation)
S3 ALS_SensorDriver; C:\windows\System32\drivers\ALS_SensorDriver.sys [11264 2014-12-29] (Intel Corporation)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [98160 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\system32\DRIVERS\avipbb.sys [136216 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [37352 2014-11-24] (Avira Operations GmbH & Co. KG)
S3 AX88179; C:\windows\system32\DRIVERS\ax88179_178a.sys [60816 2013-07-08] (ASIX Electronics Corp.)
R1 BasicRender; C:\windows\System32\drivers\BasicRender.sys [25600 2014-03-18] (Microsoft Corporation)
S3 BCMSDH43XX; C:\windows\system32\DRIVERS\bcmdhd63.sys [296664 2013-08-13] (Broadcom Corp)
R3 BthLEEnum; C:\windows\system32\DRIVERS\BthLEEnum.sys [186880 2014-03-18] (Microsoft Corporation)
R3 BthMini; C:\windows\System32\Drivers\BTHMINI.sys [24064 2013-08-22] (Microsoft Corporation)
R3 camera; C:\windows\system32\DRIVERS\camera.sys [462336 2014-12-29] (Intel Corporation)
S3 cfwids; C:\windows\System32\drivers\cfwids.sys [61400 2014-04-04] (McAfee, Inc.)
R3 CM3218x; C:\windows\system32\DRIVERS\WUDFRd.sys [188416 2014-12-29] (Microsoft Corporation)
R3 CPLMACPI; C:\windows\system32\DRIVERS\CPLMACPI.sys [16488 2014-12-29] (Capella Microsystems, Inc.)
S3 DptfDevAmbient; C:\windows\System32\drivers\DptfDevAmbient.sys [44472 2014-05-08] (Intel Corporation)
R3 DptfDevDBPT; C:\windows\System32\drivers\DptfDevPower.sys [25528 2014-05-08] (Intel Corporation)
R3 DptfDevDisplay; C:\windows\System32\drivers\DptfDevDisplay.sys [28088 2014-05-08] (Intel Corporation)
R3 DptfDevGen; C:\windows\System32\drivers\DptfDevGen.sys [36280 2014-05-08] (Intel Corporation)
R3 DptfDevProc; C:\windows\System32\drivers\DptfDevProc.sys [80824 2014-05-08] (Intel Corporation)
R3 DptfManager; C:\windows\System32\drivers\DptfManager.sys [182200 2014-05-08] (Intel Corporation)
R3 GPIO; C:\windows\System32\drivers\iaiogpioe.sys [23552 2014-05-05] (Intel Corporation)
R3 GpioVirtual; C:\windows\System32\drivers\iaiogpiovirtual.sys [16896 2014-03-22] (Intel Corporation)
R1 GUBootStartup; C:\windows\System32\drivers\GUBootStartup.sys [17344 2015-02-02] (Glarysoft Ltd)
S3 GYRO_SensorDriver; C:\windows\System32\drivers\GYRO_SensorDriver.sys [12800 2014-12-29] (Intel Corporation)
R1 HWiNFO32; C:\windows\system32\drivers\HWiNFO32.SYS [23840 2015-01-24] (REALiX(tm))
R3 iaioi2c; C:\windows\System32\drivers\iaioi2ce.sys [58368 2014-03-22] (Intel Corporation)
R3 iaiouart; C:\windows\System32\drivers\iaiouart.sys [87552 2015-01-24] (Intel Corporation)
S3 intaud_WaveExtensible; C:\windows\system32\drivers\intelaud.sys [32152 2014-12-29] (Intel Corporation)
R3 IntelSST; C:\windows\system32\drivers\isstrtc.sys [257024 2014-12-29] (Intel(R) Corporation)
R3 INVN_MotionApps; C:\windows\system32\DRIVERS\WUDFRd.sys [188416 2014-12-29] (Microsoft Corporation)
R3 iwdbus; C:\windows\System32\drivers\iwdbus.sys [23448 2014-12-29] (Intel Corporation)
R3 ksapi; C:\windows\system32\drivers\ksapi.sys [81768 2015-01-27] (Kingsoft Corporation)
R3 LMDriver; C:\windows\System32\drivers\LMDriver.sys [18232 2014-12-29] (Acer Incorporated)
S3 MAG_SensorDriver; C:\windows\System32\drivers\MAG_SensorDriver.sys [12288 2014-12-29] (Intel Corporation)
R0 MBI; C:\windows\System32\drivers\MBI.sys [21968 2014-03-16] (Intel Corporation)
S3 mfeapfk; C:\windows\System32\drivers\mfeapfk.sys [134600 2014-04-04] (McAfee, Inc.)
R3 mfeavfk; C:\windows\System32\drivers\mfeavfk.sys [236672 2014-04-04] (McAfee, Inc.)
S3 mfebopk; C:\windows\System32\drivers\mfebopk.sys [66408 2014-04-04] (McAfee, Inc.)
S0 mfeelamk; C:\windows\System32\drivers\mfeelamk.sys [58376 2014-04-04] (McAfee, Inc.)
R3 mfefirek; C:\windows\System32\drivers\mfefirek.sys [367776 2014-04-04] (McAfee, Inc.)
R0 mfehidk; C:\windows\System32\drivers\mfehidk.sys [574576 2014-04-04] (McAfee, Inc.)
R3 mfencbdc; C:\windows\system32\DRIVERS\mfencbdc.sys [345584 2014-03-18] (McAfee, Inc.)
S3 mfencrk; C:\windows\system32\DRIVERS\mfencrk.sys [81264 2014-03-18] (McAfee, Inc.)
R0 mfewfpk; C:\windows\System32\drivers\mfewfpk.sys [215624 2014-04-04] (McAfee, Inc.)
R3 ov2722; C:\windows\System32\drivers\ov2722.sys [49152 2014-12-29] (Intel Corporation)
R3 PMIC; C:\windows\System32\drivers\PMIC.sys [48128 2014-03-16] (Intel Corporation)
R3 PSI; C:\windows\System32\DRIVERS\psi_mf_x86.sys [16024 2014-11-28] (Secunia)
R3 RadioShim; C:\windows\System32\drivers\RadioShim.sys [13112 2014-12-29] (Acer Incorporated)
R3 rtii2sac; C:\windows\system32\DRIVERS\rtii2sac.sys [174808 2014-12-29] (Realtek Semiconductor Corp.)
R3 RtkUart; C:\windows\System32\drivers\RtkUart.sys [507608 2014-12-29] (Realtek Semiconductor Corporation)
R3 RtlWlans; C:\windows\system32\DRIVERS\rtwlans.sys [2748120 2014-07-18] (Realtek Semiconductor Corporation )
S3 SANDRA; C:\Program Files\SiSoftware Sandra Lite 2015x\WNt600x86\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 SensorFusion; C:\windows\System32\drivers\HIDFusion.sys [52736 2014-12-29] (Intel Corporation)
R3 SensorsServiceDriver; C:\windows\system32\DRIVERS\WUDFRd.sys [188416 2014-12-29] (Microsoft Corporation)
S3 Spyder4; C:\windows\System32\drivers\dccmtr.sys [12288 2011-06-02] (Datacolor)
S1 ssmdrv; C:\windows\system32\DRIVERS\ssmdrv.sys [28520 2014-11-24] (Avira GmbH)
R1 StarRAM; C:\windows\System32\drivers\StarRAM.sys [54744 2010-03-29] (StarWind Software)
R3 SynRMIHID; C:\windows\System32\drivers\SynRMIHID.sys [36080 2014-02-20] (Synaptics Incorporated)
R3 TXEI; C:\windows\System32\drivers\TXEI.sys [75792 2015-01-24] (Intel Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [84800 2014-09-22] (Microsoft Corporation)
R0 Wof; C:\windows\system32\Drivers\Wof.sys [138584 2014-03-13] (Microsoft Corporation)
S3 pfldypow; D:\Temp\pfldypow.sys [104960 2015-03-09] (GMER) [File not signed]
U4 RAMDiskVE; No ImagePath
========================== Drivers MD5 =======================
C:\windows\System32\drivers\1394ohci.sys F7B9F821CF1C31B266F60A5733F8119A
C:\windows\System32\drivers\3ware.sys 57F7923ACC5009218F6591B3C0F62E07
C:\windows\System32\drivers\ACC_SensorDriver.sys 311AD5CBC6EF57C4FD114B82208FC0B1
C:\windows\System32\drivers\ACPI.sys 97E855ABBF94A5B979BB3070833AE71C
C:\windows\System32\Drivers\acpiex.sys DCA3C5F55150B3AEB8B75A5E8D1156DC
C:\windows\System32\drivers\acpipagr.sys EE103776F838AE570EDBB2C1FB1356AF
C:\windows\System32\drivers\acpipmi.sys AC1BAD06E47D090C553FDEEAD1A7C463
C:\windows\System32\drivers\acpitime.sys 519FA16CFE54F107861501D852322AEF
C:\windows\System32\drivers\ADP80XX.SYS D614199DF507F1047D2C9ADB89BDD49E
C:\windows\system32\drivers\afd.sys D75FB05E8DBF21FA0EF313C7503243F1
C:\windows\System32\drivers\agp440.sys 7A706DCF874214097A30694D3B686866
C:\windows\System32\DRIVERS\ahcache.sys C758755F80B98F9F7DD413DB870961B7
C:\windows\System32\drivers\ALS_SensorDriver.sys C350D67D47C914E81F76A7591E2A9870
C:\windows\System32\drivers\amdagp.sys E7E154969EEDB8E8FC2C80DF690A175A
C:\windows\System32\drivers\amdk8.sys D9707ECC59834964EBA0D9D6C87305F6
C:\windows\System32\drivers\amdppm.sys 7E4E0841365A02F77BD8497CCE347179
C:\windows\System32\drivers\amdsata.sys 5558A0EB3082EAC88C0578ABCE0C707D
C:\windows\System32\drivers\amdsbs.sys FB1A73A850C812F63BA9D174AB97BFB6
C:\windows\System32\drivers\amdxata.sys 43352B9C7917984404F893AD10468F63
C:\windows\system32\drivers\appid.sys 744F52D39EE8B38B85A047B6AFFE8696
C:\windows\System32\drivers\arcsas.sys 0554DE27A3B4527C000073CEA0E84D1B
C:\windows\System32\drivers\atapi.sys 72FCAE2CE6DFEAB2AB072435017F3417
C:\windows\System32\DRIVERS\avgntflt.sys F581D2F3E30C1CA7206D660FB7689F98
C:\windows\system32\DRIVERS\avipbb.sys A2EE407D6D3757A2FFD5095DD16AE1F2
C:\windows\system32\DRIVERS\avkmgr.sys D8C712305F73CD34D1B344810E522728
C:\windows\system32\DRIVERS\ax88179_178a.sys CCE70A0919BDAB17AB2B293CC8E320B8
C:\windows\System32\drivers\BasicDisplay.sys 235EAE5E6E5F3F0DD49DA9204F86976E
C:\windows\System32\drivers\BasicRender.sys 363392A3AF1630C9D3A7B9A31267B5B3
C:\windows\System32\drivers\bcmfn2.sys 596DB7E4D0DB6AC32DF142C861001979
C:\windows\system32\DRIVERS\bcmdhd63.sys 92C5F2AA3F72166385D74D29D0D8BF60
C:\windows\system32\Drivers\Beep.sys 38058AF65F15D0E9E1A5A9B8E75B0757
C:\windows\System32\DRIVERS\bowser.sys BC1FC15A5B1FAE717CE441537590FDD3
C:\windows\System32\drivers\BthAvrcpTg.sys 48590B2DBCE55AC0DF0F7A3F23204CBF
C:\windows\System32\drivers\BthEnum.sys 9CDC68D1B3D7EE582BA0550E738163B9
C:\windows\System32\drivers\bthhfenum.sys 84CF99F7190D54D4C72E0F5D008BF88C
C:\windows\System32\drivers\BthHFHid.sys 1C0791BC4DC2AE0B41F8E84CD3154929
C:\windows\system32\DRIVERS\BthLEEnum.sys 0957FAE86F9E920BF3727769D87002A8
C:\windows\System32\Drivers\BTHMINI.sys 0A5BD61C7D9225E5DB10EAA872B99501
C:\windows\System32\drivers\bthmodem.sys 46F0B06DE544DF0E270BCB345E1768AC
C:\windows\System32\drivers\bthpan.sys 986B6FB12E1583EAFC66B1714FD7B26C
C:\windows\System32\Drivers\BTHport.sys BAB1EC541CB36911D808F9E25D4736F6
C:\windows\system32\DRIVERS\camera.sys 1204C0A06E55984C22B63A32B48E7804
C:\windows\System32\DRIVERS\cdfs.sys CE232BB0965C0C0B786C3F976CCBFB7D
C:\windows\System32\drivers\cdrom.sys E2FC132D48EA4E8B04432C33EFB77801
C:\windows\System32\drivers\cfwids.sys 447C7F3CAAF90EFB5E8AE708A06D6DE8
C:\windows\System32\drivers\circlass.sys 98294CE233DE8687CEEC29BD632107D0
C:\windows\System32\drivers\CLFS.sys 7559018F0024F00AC00198F18C6A0426
C:\windows\system32\DRIVERS\WUDFRd.sys 39C5340AE404C9B566D406B8DF5CE758
C:\windows\System32\drivers\CmBatt.sys 6D46D1CCDA47E9B76F2D7FF4417D31AD
C:\windows\System32\Drivers\cng.sys E3CDD6B5299CC8DDF43FF6C1B6B1F221
C:\windows\System32\DRIVERS\cnghwassist.sys EC086CEEC479CEDAD294D64D819CAABE
C:\windows\System32\drivers\CompositeBus.sys F89853991E6A03526E17E4AE5239FD98
C:\windows\System32\drivers\condrv.sys C8A7949EBAC42923D59B2C2630D2AD84
C:\windows\system32\DRIVERS\CPLMACPI.sys 57EC5E1C637A833DBBB69BED80C8C7BB
C:\windows\System32\drivers\dam.sys 2ECC9D6E0104409B441EA7095233F323
C:\windows\System32\Drivers\dfsc.sys 55758EBBC45E1628161121D7CFEAD4A1
C:\windows\System32\drivers\disk.sys 832BDA661E26792B5512FC641A177F26
C:\windows\System32\drivers\dmvsc.sys 0357F5F7C542249D8EAA4E6FCC69EE91
C:\windows\System32\drivers\DptfDevAmbient.sys 9199DA496BBAEF21B840CEBE9A87E4CF
C:\windows\System32\drivers\DptfDevPower.sys 1EBCE2CB7AB9909785B9C17AB55F9296
C:\windows\System32\drivers\DptfDevDisplay.sys 4AD397CA6CAFD03E9DD3940A529D8E2F
C:\windows\System32\drivers\DptfDevGen.sys 3106244877EF55539F98F36AEFFB2409
C:\windows\System32\drivers\DptfDevProc.sys 10570653DD298C8924AF6114BD0F1A82
C:\windows\System32\drivers\DptfManager.sys 9A776DF1DBEDE2E67E9CFE41B4282FCA
C:\windows\system32\drivers\drmkaud.sys 115B0BCB58F274B46A9C6A5615C4B925
C:\windows\System32\drivers\dxgkrnl.sys 27FA5460CE08F69FE536399214E0ABBB
C:\windows\System32\drivers\EhStorClass.sys AECFDE05D120822452BA8F606841B3FE
C:\windows\System32\drivers\EhStorTcgDrv.sys BFDF5BA2B770B358CA607109240A739D
C:\windows\System32\drivers\errdev.sys 6E7FD164E20C50F5A2D49AD0218FF4AE
C:\windows\system32\Drivers\exfat.sys 630E4FAFAE692F2D2D3835A4F37A583C
C:\windows\system32\Drivers\fastfat.sys 2B731E0CF73B392B1923078F464D96DB
C:\windows\System32\drivers\fdc.sys F2D60D87B15FF8ABBDA27371EBBEFE0B
C:\windows\System32\drivers\fileinfo.sys 878BE2CD1B68000D4BEEE293267B19CB
C:\windows\System32\drivers\filetrace.sys 5C427FD4AFAEAC08882A70EDA5013AF8
C:\windows\System32\drivers\flpydisk.sys BB2091E613F6F06F24FF9507E0FAA20B
C:\windows\System32\drivers\fltmgr.sys 0E647295EA5573F06DDD42F0FDFF254A
C:\windows\System32\drivers\FsDepends.sys 73F944AA04157781172CAD535AB6E172
C:\windows\system32\Drivers\Fs_Rec.sys 6496F5E84CBC8C6D697939D6518D9B7A
C:\windows\System32\DRIVERS\fvevol.sys A58318CA9F98AAB207D4C84868490D1D
C:\windows\System32\drivers\fxppm.sys B3CDDF19F6201210B8785FFD642A1632
C:\windows\System32\drivers\gagp30kx.sys 2DC88A077B783AFD416CDEE7BDE63868
C:\windows\System32\drivers\vmgencounter.sys 2156802A56276A97FB6892412A0B899D
C:\windows\System32\drivers\iaiogpioe.sys C80C97E90041ED9F9A482352D4B9BCCB
C:\windows\System32\Drivers\msgpioclx.sys FB1DB2A2663D59FEB04F4311861C7022
C:\windows\System32\drivers\iaiogpiovirtual.sys 148B5ADE03272086B6936E219D4536F3
C:\windows\System32\drivers\GUBootStartup.sys E9CDEB631E63E83A7540CF6E81B5486B
C:\windows\System32\drivers\GYRO_SensorDriver.sys 3F4069FB4AFF90C0AE2E5681E7EF2B58
C:\windows\System32\drivers\HDAudBus.sys 7E0EDA9EE53E344D1604EB2A7E8DED47
C:\windows\System32\drivers\HidBatt.sys 5C5BF3E47BB6B07FAD8EA4565159659E
C:\windows\System32\drivers\hidbth.sys 4A59C5DAF29CC28DA966C57DB863655E
C:\windows\System32\drivers\hidi2c.sys 4AC33C5E591F9845E34DA8681E558A58
C:\windows\System32\drivers\hidir.sys 2E6CA4DE2AEDF7ABDFEA906F11EDC8B1
C:\windows\System32\drivers\hidusb.sys 71E4AD300E86C0754D6070FB92475CF7
C:\windows\System32\drivers\HpSAMD.sys BA073FD7F6C94FF18F97DF8F0297ED62
C:\windows\System32\drivers\HTTP.sys 4196BBF0725EF4E4F220D5E1539EF553
C:\windows\system32\drivers\HWiNFO32.SYS 6FFB351C9C9BB88E91785F4CD7396D31
C:\windows\System32\drivers\hwpolicy.sys FAEB94F3ACCDFDA16E5FA585369FDEC4
C:\windows\System32\drivers\hyperkbd.sys 2DDC60AD29D845A745C9ECAAE35FC477
C:\windows\system32\DRIVERS\HyperVideo.sys D360FFBA289307976BE1BBE7BE792F58
C:\windows\System32\drivers\i8042prt.sys 5043E69532392A43549E5D41E22638AA
C:\windows\System32\drivers\iaioi2ce.sys DD86B5E42AC72AD5B88331C21FCF8618
C:\windows\System32\drivers\iaiouart.sys 604D612710B5FED2E78E172188ADD9A4
C:\windows\System32\drivers\iaStorAV.sys 387637FC01BA30E95A2330DA3FFD0919
C:\windows\System32\drivers\iaStorV.sys D2E7F3611BB8F1C2661B8F7858D33A35
C:\windows\system32\DRIVERS\igdkmd32.sys 2B0364C301DFB19BA9E51F0A70D28187
C:\windows\system32\drivers\intelaud.sys BE37CE00B9ACDA579F799E61148C7624
C:\windows\System32\drivers\intelide.sys B0F92A795C7E48E2C5F908265C655458
C:\windows\System32\drivers\intelpep.sys 95BD617B467F746553AD1FC523F5D2B6
C:\windows\System32\drivers\intelppm.sys 6DD61D8AFB56C9F853210C49FD4D8C16
C:\windows\system32\drivers\isstrtc.sys 5395E9604D58FD9BE15DFAC04795FF1B
C:\windows\system32\DRIVERS\WUDFRd.sys 39C5340AE404C9B566D406B8DF5CE758
C:\windows\System32\DRIVERS\ipfltdrv.sys 23B5C10891B64FB4261F9FCADF24FE28
C:\windows\System32\drivers\IPMIDrv.sys 3DC0D272D298B3AC09794E89FFB78BCD
C:\windows\System32\drivers\ipnat.sys FA6C94C754A566EA8A61D658932F32DE
C:\windows\System32\drivers\irenum.sys ADF675CF9EB57229E9D13BC2F5D4719D
C:\windows\System32\drivers\isapnp.sys 2A0D17D431F13E87ADCB28DEEC84F252
C:\windows\System32\drivers\msiscsi.sys 74F452379260EA77CC59905AEDBD5AE7
C:\windows\System32\drivers\iwdbus.sys DC270EA3E059D38A2382A7D3760A91AE
C:\windows\System32\drivers\kbdclass.sys 4504C8B75A6B2E5BE800DE03B26891D3
C:\windows\System32\drivers\kbdhid.sys 8BAF1904393EACA7178A5EF962256D3F
C:\windows\system32\DRIVERS\kdnic.sys 7F896C99637CB0E48262F307FC0F3557
C:\windows\system32\drivers\ksapi.sys BF85D404851462FDF3157F49EA870725
C:\windows\System32\Drivers\ksecdd.sys 21719E6D6B4EDEB062F0A9D8F7720FEF
C:\windows\System32\Drivers\ksecpkg.sys 5E31F868190E2E5250237B45743BD6AB
C:\windows\system32\DRIVERS\lltdio.sys 369ED2626209D245BA1CEBB626F9A376
C:\windows\System32\drivers\LMDriver.sys 5990C446E92A78065E9A7A93866040BA
C:\windows\System32\drivers\lsi_sas.sys 876BA8550E9F1F4EF8A7D056E66678F6
C:\windows\System32\drivers\lsi_sas2.sys 6FB4E344E66F7243D23F0F52A9610790
C:\windows\System32\drivers\lsi_sas3.sys 2E61D97CA19BBECCCF7CDE9C0C7392B5
C:\windows\System32\drivers\lsi_sss.sys 3986C8FAA6E397725024E7189BAC69CE
C:\windows\system32\drivers\luafv.sys A1E31C77F407F629F430A070B8747A44
C:\windows\System32\drivers\MAG_SensorDriver.sys 7199A358B7E5D19A9A21BED07D339A15
C:\windows\System32\drivers\MBI.sys EBFB06184BE82D1316EDA56739AF6B94
C:\windows\System32\drivers\megasas.sys EE038F0B57FD34B872AE2ADD7679C1E2
C:\windows\System32\drivers\megasr.sys 2E3BE5DA8078B170DA14CE3181C5D3AC
C:\windows\System32\drivers\mfeapfk.sys 1E258C5E5E24721470A816164B8440F1
C:\windows\System32\drivers\mfeavfk.sys 5B7BC74792F3159C28B25C8EF9B078B9
C:\windows\System32\drivers\mfebopk.sys CEBFA5845F28863AF3602992C2550BB2
C:\windows\System32\drivers\mfeelamk.sys 27E05BCC6F4D815F797ADD142D2AB1AB
C:\windows\System32\drivers\mfefirek.sys 52C4AF8DC0A580BE970B6EAF6FD0BD14
C:\windows\System32\drivers\mfehidk.sys D4F45F1C6C4542D95FF8177C17F723F1
C:\windows\system32\DRIVERS\mfencbdc.sys 4EEC12CB9004DEB6A324FB6C28BB2F80
C:\windows\system32\DRIVERS\mfencrk.sys A82AA321F5A15F71AFAE3B0AF2816C5D
C:\windows\System32\drivers\mfewfpk.sys D4C415181FC5DE46210F82C8A63625EC
C:\windows\System32\drivers\modem.sys FFE175CCDA4BC0278E88149F183B6C5E
C:\windows\System32\drivers\monitor.sys 523C526BBB796FC2087C0C8AC2B669BD
C:\windows\System32\drivers\mouclass.sys 1B621475FA22B947B60EE004A8EE11F5
C:\windows\System32\drivers\mouhid.sys 64DAA33D69C4442AD4CC52D478895355
C:\windows\System32\drivers\mountmgr.sys 8CF63AB55709A9E415190219C226A855
C:\windows\System32\drivers\mpsdrv.sys 4B300E2D06B03410064CF443E1CE6B25
C:\windows\system32\drivers\mrxdav.sys D8E41C1A50FC1E51F3594EFCE56BE860
C:\windows\System32\DRIVERS\mrxsmb.sys E11D4B798CF0FF9F739CD9BDC552FF08
C:\windows\System32\DRIVERS\mrxsmb10.sys F37F40422662235AB5768C303E829602
C:\windows\System32\DRIVERS\mrxsmb20.sys F35CF1EC831812B3C6B05587734DE8A3
C:\windows\system32\DRIVERS\bridge.sys 1188DC48CB36F31A3624BB9504F77AEE
C:\windows\system32\Drivers\Msfs.sys D99C98D630C34A448A93DE552DC7DD68
C:\windows\System32\drivers\msgpiowin32.sys 22FFBD5F9BCE2E970C617B95103079DC
C:\windows\System32\drivers\mshidkmdf.sys 30DA16E72C4CB4D5F06D35D0DFA16E2C
C:\windows\System32\drivers\mshidumdf.sys 26B1961255650B59107FC4990B2CEF34
C:\windows\System32\drivers\msisadrv.sys BF7ABD4461576528028FB86633A7EA24
C:\windows\system32\drivers\MSKSSRV.sys 0B2A5AB2591D7F6E8E64A0516325F2AD
C:\windows\system32\DRIVERS\mslldp.sys 2B1E1DA9C5FA25DB8DAC2F34BCF10196
C:\windows\system32\drivers\MSPCLOCK.sys 86729EC40EB28DBBAB6A672B138B4DC5
C:\windows\system32\drivers\MSPQM.sys 4E5FB5BD76165A81EE181A82EB665C8A
C:\windows\system32\Drivers\MsRPC.sys C90BB8C3DC3F50FBA1A668B844C84315
C:\windows\System32\drivers\mssmbios.sys CF61A813430B7F12452BCED287135676
C:\windows\system32\drivers\MSTEE.sys C323F63D61AD8CEC79B3CF4B8463B208
C:\windows\System32\drivers\MTConfig.sys 06442D8CA4425EFF66F47D8F82493450
C:\windows\System32\Drivers\mup.sys 6CD6189DFA649EEBFCBE81CB30030355
C:\windows\System32\drivers\mvumis.sys 8122A46E9A5EBD2E001FF5FB34A12A47
C:\windows\system32\DRIVERS\nwifi.sys 11CC93A3FBCD7339EE316B3E7A870D77
C:\windows\System32\drivers\ndis.sys F0FB15EEEA93526ACE6D7CF042FC3144
C:\windows\system32\DRIVERS\ndiscap.sys 9FA562E35A0263FBD01D44559224D46B
C:\windows\system32\DRIVERS\NdisImPlatform.sys 873FCE0E787BC74059941D597BE630E0
C:\windows\system32\DRIVERS\ndistapi.sys BD856EB36898EFA1B11346996ECA764C
C:\windows\system32\DRIVERS\ndisuio.sys 1D34650E97E74DF51BD86E0A102DB241
C:\windows\System32\drivers\NdisVirtualBus.sys 53D21FFC20728406A20BCCF145DC2AD4
C:\windows\system32\DRIVERS\ndiswan.sys 11312D35028616E585DCF02AFAFA56DC
C:\windows\system32\DRIVERS\ndiswan.sys 11312D35028616E585DCF02AFAFA56DC
C:\windows\system32\Drivers\NDProxy.sys 9F76B41778F62A7E582ADA902E8D149E
C:\windows\System32\drivers\Ndu.sys C6003C8BB723B4D7FCDFB4C419D676A1
C:\windows\System32\DRIVERS\netbios.sys F0F2377D72E48EBCA9B9BE5F3DE3F355
C:\windows\System32\DRIVERS\netbt.sys BC242922B0D08F61CF7C87FD08FAFA8B
C:\windows\system32\DRIVERS\netvsc63.sys 6A90783186DA0F93D21C805F6FAFD9CE
C:\windows\system32\Drivers\Npfs.sys 6CB2336E1C247A8164ADFF8A0D2FBCA4
C:\windows\System32\drivers\npsvctrig.sys 1B134DECC25E59D0C8AD95B64D475297
C:\windows\System32\drivers\nsiproxy.sys 3D383D0C64FFC3D3DDE2ED4EF828CFAB
C:\windows\system32\Drivers\Ntfs.sys CE53EAE5F11E8546058AF20C39E5F259
C:\windows\system32\Drivers\Null.sys C68CBBB69A8C611EFA668FA36DE542D9
C:\windows\System32\drivers\nvraid.sys CE9BC6B9B2D5A9782B20B8EF1D48FC6E
C:\windows\System32\drivers\nvstor.sys 8BC42FC48C9DB301025D7A5C6B20ECD9
C:\windows\System32\drivers\nv_agp.sys 5FC39F8B065128F2A59F92EE9AE3F286
C:\windows\System32\drivers\ov2722.sys 8D61D59B502555B14B1FA6858B27707E
C:\windows\System32\drivers\parport.sys 4F30970F15ADCC382544B31D5D7E368E
C:\windows\System32\drivers\partmgr.sys C503DA12698E7F775F8252F7A6FEA47F
C:\windows\System32\drivers\parvdm.sys 60450D9CA16603770DFCA15E68D8EAD3
C:\windows\System32\drivers\pci.sys 0A2BBE5E87374A32E4B1A5EEE582AE6C
C:\windows\System32\drivers\pciide.sys 05C7426981598F0E45824BC912D5177B
C:\windows\System32\drivers\pcmcia.sys F404AA7E499C83117C7442C2C2801C03
C:\windows\System32\drivers\pcw.sys E0F759702BBA5095CB0AE570333B194B
C:\windows\System32\drivers\pdc.sys C4F65F945BB7B014DDB28B1254F6787D
C:\windows\System32\drivers\peauth.sys 1A9DFE5854BD66E28178431E9C96E77D
C:\windows\System32\drivers\PMIC.sys 42EA5B30C55F82FC7D77E186CB727E40
C:\windows\System32\drivers\processr.sys 0BE3706EE01AA76D1583E82AE2E680D6
C:\windows\system32\DRIVERS\pacer.sys 9F6173E6F8E4034C008FCE29BFD4FBB2
C:\windows\System32\DRIVERS\psi_mf_x86.sys 68B57D7C11277EA89F78255480376B4D
C:\windows\system32\drivers\qwavedrv.sys C619F26983C63B2BB1F6FDD6B52490E0
C:\windows\System32\drivers\RadioShim.sys 0DB868B3F54483999D0EB61ED06A84A9
C:\windows\System32\DRIVERS\rasacd.sys 91D50E991F182B40E10E06A9D21D8779
C:\windows\system32\DRIVERS\raspppoe.sys 1B6351227867FBD8917769479F7D84A3
C:\windows\System32\DRIVERS\rdbss.sys 8810FA3D36B8922B7BD1935378CD1667
C:\windows\System32\drivers\rdpbus.sys 4E3C895DB9831A925CAFAF9F04FE89CC
C:\windows\System32\drivers\rdpdr.sys 67E91843B0344411820A012063E876B2
C:\windows\System32\drivers\rdpvideominiport.sys C47CB2108AA791890FDD997CDCB6609D
C:\windows\System32\drivers\rdyboost.sys ED5DA057B5C00042CDF0E705C59B3CB1
C:\windows\System32\drivers\rfcomm.sys 5E3934F8ADC8D93064CC5E537637882C
C:\windows\system32\DRIVERS\rspndr.sys A7B0D780D365635525B8A2B10CE493C4
C:\windows\system32\DRIVERS\rtii2sac.sys 0F9049BA2180D0C11DDC8B2F779D039D
C:\windows\System32\drivers\RtkUart.sys 12AA514239517F356F49E9579B79580D
C:\windows\system32\DRIVERS\rtwlans.sys AD8F455125C770F592E159555C4DD29E
C:\windows\System32\drivers\vms3cap.sys 14FC57F255EB705ECA023FB85D70BF7B
C:\Program Files\SiSoftware Sandra Lite 2015x\WNt600x86\Sandra.sys 230FD3749904CA045EA5EC0AA14006E9
C:\windows\System32\drivers\sbp2port.sys 98A297A744DDF9B2E14B05E511439ABC
C:\windows\System32\DRIVERS\scfilter.sys 631F9D546CD6D206F2D1273EFDA8B048
C:\windows\System32\drivers\sdbus.sys 0FE8B0EFB24F1DF6054B6D400BDB4D93
C:\windows\System32\drivers\sdstor.sys 6A90C0C56CABEAA19779434BA6A9875B
C:\windows\system32\Drivers\secdrv.sys A8CC993CED4DF9710ADAABC9DA66B660
C:\windows\System32\drivers\HIDFusion.sys 50C693072652A7C7336F7ACA3D71FEAC
C:\windows\system32\DRIVERS\WUDFRd.sys 39C5340AE404C9B566D406B8DF5CE758
C:\windows\System32\drivers\SerCx.sys B9B7306D989D3B205EE9637ABB937978
C:\windows\System32\drivers\SerCx2.sys 617029159ED22EF9CB3F83FE5AF968CB
C:\windows\System32\drivers\serenum.sys DE87128CFA9AED45BC26B7422B06CE06
C:\windows\System32\drivers\serial.sys 8C86C60A471B4E6DF644B07FD30957C4
C:\windows\System32\drivers\sermouse.sys 83F70AC05D00530EFAE71C913AEB5F3B
C:\windows\System32\drivers\sfloppy.sys 4FC275DBBE9F48EB07418E066843058D
C:\windows\System32\drivers\sisagp.sys 0EFBAF5C195B78D7897701EA3084AFA8
C:\windows\System32\drivers\SiSRaid2.sys 447DAF85E9F4D53710636468AD9911EA
C:\windows\System32\drivers\sisraid4.sys 5C08041AA0DB4FE983D496D820AFACB7
C:\windows\System32\drivers\spaceport.sys 0B0AD9D5EBBFFF19A5D977FBAB8A8105
C:\windows\System32\drivers\SpbCx.sys E0A6F5DA31A1B0F3C8D8A4802F97667D
C:\windows\System32\drivers\dccmtr.sys 86F8CE773624E2058F12B70CF344E083
C:\windows\System32\DRIVERS\srv.sys 0564453D240C8D305491629301CFACBB
C:\windows\System32\DRIVERS\srv2.sys D5C2AE72DA22BDE19B9433F9BDCDCD18
C:\windows\System32\DRIVERS\srvnet.sys 63E914F0E4B81AD6A86940BA4447E15E
C:\windows\system32\DRIVERS\ssmdrv.sys A36EE93698802CD899F98BFD553D8185
C:\windows\System32\drivers\StarRAM.sys B0A0C221F56637BC090D340A5B862BF6
C:\windows\System32\drivers\stexstor.sys B4489EA5810BF73778CD8BDC305109CE
C:\windows\System32\drivers\storahci.sys BA47EC0DC91660274059C437DC53D82B
C:\windows\System32\DRIVERS\vmstorfl.sys FA5A48CAB745A7A8CB83ECFE26BD2A11
C:\windows\System32\drivers\stornvme.sys 54614BE0F68CD3E9C6DEB8E8FBD12397
C:\windows\System32\drivers\storvsc.sys 19AC4D3BB088AA4561036B220FEB99DE
C:\windows\System32\drivers\swenum.sys BDD8121BEB8227A65D83C87FD4BE5AFE
C:\windows\System32\drivers\SynRMIHID.sys 5862D3E4967752B08579255E8E0519FA
C:\windows\System32\drivers\tcpip.sys 1150C7096A208CAAA670BE17901A4D54
C:\windows\system32\DRIVERS\tcpip.sys 1150C7096A208CAAA670BE17901A4D54
C:\windows\System32\drivers\tcpipreg.sys 31D0E1BF76AA85F5A72F4FD488C3B508
C:\windows\system32\DRIVERS\tdx.sys DB0C184142CF9FA1746F598A16EE92B2
C:\windows\System32\drivers\terminpt.sys 87F4612CBEF6CD97043911BA43ABB53B
C:\windows\system32\drivers\tpm.sys 7441A1E10500AC6229DDCE369A953929
C:\windows\System32\drivers\tsusbflt.sys 3E87B8167BA1CA5274DFACC4856B3FD9
C:\windows\System32\drivers\TsUsbGD.sys 3F6FA4385342780468C0FEE5D09BB431
C:\windows\system32\DRIVERS\tunnel.sys C9AF1C4C24DA2FF092B1A4548EEC5ACB
C:\windows\System32\drivers\TXEI.sys 0534D2B2970F5886D76EB50D4567313C
C:\windows\System32\drivers\uagp35.sys 61FC1405334298EFE7D49970C5346551
C:\windows\System32\drivers\uaspstor.sys 0E919230A74FA541CC5C2D3F917340B7
C:\windows\System32\drivers\ucx01000.sys BC87FFF7ACB60F25CEE11C03856D2BFD
C:\windows\System32\DRIVERS\udfs.sys 070CDA00BE4D9E4E92F5471B8D24CBD8
C:\windows\System32\drivers\UEFI.sys 31C53FFBFD9977D3F2061627A69274D2
C:\windows\System32\drivers\uliagpkx.sys 202F1C6EBA7D84F59C03E708F45A28C3
C:\windows\System32\drivers\umbus.sys 8CB5D86BDB3890CFC4D94593935C2F4B
C:\windows\System32\drivers\umpass.sys C4115675F53E9E853294C15131D5EBBC
C:\windows\System32\drivers\usbccgp.sys 8A93F68EBAFE14D62895A09568BED30A
C:\windows\System32\drivers\usbcir.sys 9D941A00FD49FBC8670EFE0B48F41994
C:\windows\System32\drivers\usbehci.sys 5DB5AACE25B1E08E958AE2C001182B0F
C:\windows\System32\drivers\usbhub.sys 58EA28A06D4ACEE0B1BEA23EEAE85470
C:\windows\System32\drivers\UsbHub3.sys A0A51CFBE5BDBB62662BD4979A324166
C:\windows\System32\drivers\usbohci.sys B1E835C5F75F98B0439ED0A56B85C3E8
C:\windows\System32\drivers\usbprint.sys F4FA8FC5577F5F603FD79663BD8F3005
C:\windows\System32\drivers\USBSTOR.SYS B4A53FA9AF30243CC7EDFAC75A029624
C:\windows\System32\drivers\usbuhci.sys 4173F451FD9B78164F60D74265B16C77
C:\windows\System32\drivers\USBXHCI.SYS 0CEA7C4EC8BAB5DEFC8F7198BEE03850
C:\windows\System32\drivers\vdrvroot.sys 3D06B8D4A1ED1B91C8566DF7AC510AF2
C:\windows\System32\drivers\VerifierExt.sys E0915FFD3BDFB98B723C46FEB8070B8A
C:\windows\System32\drivers\vhdmp.sys 3AF00F5A0742B10CB10F54A4D6E17D8B
C:\windows\System32\drivers\viaagp.sys 33CA244E0808BBD784EA6938605FED28
C:\windows\System32\drivers\viac7.sys EBBBCBC27D7F391188CDF4196ED80D63
C:\windows\System32\drivers\viaide.sys 75B08537DCF231A7B536ACE2ED8E8A35
C:\windows\System32\drivers\vmbus.sys 744DBD744910FAB62EACD05F25471D61
C:\windows\System32\drivers\VMBusHID.sys 1F02B273254268F975612210D8CB6859
C:\windows\System32\drivers\volmgr.sys D78640FCD9043EEFE3DDE69855A72567
C:\windows\System32\drivers\volmgrx.sys 57566A1F8D39071BB56AA0B083A75544
C:\windows\System32\drivers\volsnap.sys 31A2AA48C1ECD390E2707E5C21B75DCE
C:\windows\System32\drivers\vsmraid.sys 10B78A2D45B1330C162FDE8FEE78F315
C:\windows\System32\drivers\vstxraid.sys 761B3F51660CD3D9F815E5C916235D0B
C:\windows\System32\drivers\vwifibus.sys 47BF83648E9FBD88A8CDB7C2A169D100
C:\windows\system32\DRIVERS\vwififlt.sys 937FC132094684F8F41DA89CECC1D427
C:\windows\system32\DRIVERS\vwifimp.sys 438082724F84703C00DA503131A89055
C:\windows\System32\drivers\wacompen.sys 67B211F7AB2D49C6403E7FD970421806
C:\windows\system32\drivers\WdBoot.sys DFB02E2DE7AD7F8CAE1B9FCFB34ACACC
C:\windows\System32\drivers\Wdf01000.sys C49F1B047C2080FC5AA662A769887631
C:\windows\system32\drivers\WdFilter.sys 4480114ADCCEADF181249A89A93493F5
C:\windows\System32\Drivers\WdNisDrv.sys 7459E6FD1357680AB0D88966E701D879
C:\windows\System32\DRIVERS\wfplwfs.sys CBF73734B883C712BC07796708FCB0CD
C:\windows\System32\drivers\wimmount.sys A4A63DD4E1B72B8C8189AD3F09914AF0
C:\windows\System32\drivers\wmiacpi.sys AF01C55490366930DFAF1D3655C763BD
C:\windows\system32\Drivers\Wof.sys DB3F0877E5C225693A131AE82C262957
C:\windows\System32\DRIVERS\wpcfltr.sys 7E7207FF951BDAA10781D758628EC1B9
C:\windows\System32\drivers\WpdUpFltr.sys 6D8FA63A8C9765A853264D3977EECC19
C:\windows\system32\drivers\ws2ifsl.sys 12BCBE7CA69586AF483C86255739793F
C:\windows\System32\drivers\WudfPf.sys C0D25C818F1B4F559442E3BC92B18F8D
C:\windows\System32\drivers\WUDFRd.sys 39C5340AE404C9B566D406B8DF5CE758
C:\windows\system32\DRIVERS\WUDFRd.sys 39C5340AE404C9B566D406B8DF5CE758
D:\Temp\pfldypow.sys 713FE6170460A0B38536020B515B7761
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-10 21:37 - 2015-03-10 21:38 - 00000000 ____D () C:\Program Files\AVM
2015-03-10 17:58 - 2015-03-10 17:58 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-03-10 13:30 - 2015-03-10 13:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-03-10 13:30 - 2015-03-10 13:30 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-03-10 00:13 - 2015-03-10 00:35 - 00000000 ____D () C:\Program Files\SecurityCheck
2015-03-09 20:49 - 2015-03-09 20:49 - 00000000 ____D () C:\Program Files\ESET
2015-03-07 22:21 - 2015-03-10 23:04 - 00000000 ____D () C:\Program Files\FaberRecoveryScan
2015-03-06 02:22 - 2015-03-06 02:22 - 00002149 _____ () C:\Users\spiesarchiv\Desktop\Spyder4Express 4.5.4.lnk
2015-03-06 02:22 - 2015-03-06 02:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Datacolor
2015-03-06 02:22 - 2008-01-30 17:36 - 00090112 _____ (MindVision Software) C:\windows\unvise32.exe
2015-03-06 02:21 - 2015-03-06 02:22 - 00000000 ____D () C:\Program Files\Datacolor
2015-03-04 00:06 - 2015-03-08 14:07 - 00000000 ____D () C:\Program Files\Tools
2015-03-03 17:03 - 2015-03-03 17:06 - 00000000 ____D () C:\Program Files\TempClean
2015-03-03 17:01 - 2015-03-03 17:01 - 00448512 _____ (OldTimer Tools) C:\Users\spiesarchiv\Desktop\TFC.exe
2015-03-03 16:00 - 2015-03-09 15:04 - 00000000 ____D () C:\ProgramData\TEMP
2015-03-03 16:00 - 2015-03-09 15:03 - 00000000 ____D () C:\Program Files\SpywareBlaster
2015-03-03 16:00 - 2015-03-03 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2015-03-03 16:00 - 2015-03-03 16:00 - 00000000 ____D () C:\ProgramData\Licenses
2015-03-03 16:00 - 2011-11-04 05:13 - 01070352 _____ (Microsoft Corporation) C:\windows\system32\MSCOMCTL.OCX
2015-03-03 16:00 - 2009-03-24 12:52 - 00129872 _____ (Microsoft Corporation) C:\windows\system32\MSSTDFMT.DLL
2015-03-03 15:58 - 2015-03-03 15:58 - 00001047 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2015-03-03 15:58 - 2015-03-03 15:58 - 00000000 ____D () C:\Program Files\Secunia
2015-03-03 15:46 - 2015-03-03 17:54 - 00001864 _____ () C:\Users\spiesarchiv\Desktop\Deinstall.jpg.lnk
2015-03-03 15:45 - 2015-03-03 15:45 - 00000000 ____D () C:\Program Files\Delfix
2015-03-03 15:43 - 2015-03-03 15:43 - 00000523 ____C () C:\DelFix.txt
2015-03-03 15:43 - 2015-03-03 15:43 - 00000000 ____D () C:\windows\ERUNT
2015-03-03 13:53 - 2015-03-03 13:58 - 00000000 ____D () C:\Program Files\JRT
2015-03-03 00:50 - 2015-03-03 00:52 - 00035317 _____ () C:\Users\spiesarchiv\Downloads\Addition.txt
2015-03-03 00:49 - 2015-03-03 00:52 - 00043947 _____ () C:\Users\spiesarchiv\Downloads\FRST.txt
2015-03-03 00:48 - 2015-03-10 23:04 - 00000000 ___DC () C:\FRST
2015-03-03 00:47 - 2015-03-03 00:47 - 00000567 _____ () C:\Users\spiesarchiv\Desktop\Download.lnk
2015-03-03 00:38 - 2015-03-03 00:38 - 01132032 _____ (Farbar) C:\Users\spiesarchiv\Downloads\FRST.exe
2015-03-02 00:17 - 2015-03-02 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOfficeDev 4.4
2015-03-02 00:16 - 2015-03-02 00:16 - 00000000 ____D () C:\Program Files\LibreOfficeDev 4
2015-03-01 17:21 - 2014-11-17 21:23 - 00529352 _____ (Microsoft Corporation) C:\windows\system32\MDMAgent.exe
2015-03-01 17:21 - 2014-11-17 21:23 - 00224168 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlows.exe
2015-03-01 17:21 - 2014-11-14 06:04 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsDatabase.dll
2015-03-01 17:21 - 2014-11-14 06:01 - 00366592 _____ (Microsoft Corporation) C:\windows\system32\SystemSettings.Handlers.dll
2015-03-01 17:21 - 2014-11-14 05:55 - 01619968 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlowUI.dll
2015-03-01 17:21 - 2014-11-14 05:53 - 00790528 _____ (Microsoft Corporation) C:\windows\system32\MrmCoreR.dll
2015-03-01 17:21 - 2014-11-14 05:51 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers.dll
2015-02-28 22:42 - 2015-02-28 22:42 - 130961408 _____ () C:\Users\spiesarchiv\Downloads\libo-44~2015-02-28_20.24.37_LibreOfficeDev_4.4.2.0.0_Win_x86.msi
2015-02-28 12:57 - 2015-03-09 20:48 - 00000000 ____D () C:\Users\spiesarchiv\Desktop\Service
2015-02-28 11:26 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-02-28 11:26 - 2015-01-19 19:36 - 01192552 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2015-02-28 11:26 - 2014-10-13 03:37 - 00108864 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2015-02-28 11:26 - 2014-10-11 01:53 - 03607040 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2015-02-28 11:26 - 2014-10-08 07:44 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2015-02-28 11:26 - 2014-10-08 07:27 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2015-02-28 11:26 - 2014-10-08 06:19 - 02459136 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-02-28 11:26 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\windows\system32\aspnet_counters.dll
2015-02-28 11:25 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-02-28 11:25 - 2014-12-13 22:29 - 00513488 _____ () C:\windows\system32\locale.nls
2015-02-28 11:25 - 2014-12-09 00:11 - 00391526 _____ () C:\windows\system32\ApnDatabase.xml
2015-02-28 11:25 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\DeviceSetupStatusProvider.dll
2015-02-28 11:25 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-02-28 11:25 - 2014-10-29 02:04 - 00868352 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2015-02-28 11:25 - 2014-10-29 02:04 - 00200704 _____ (Microsoft Corporation) C:\windows\system32\GlobCollationHost.dll
2015-02-27 10:25 - 2015-03-01 16:11 - 00000000 ____D () C:\Users\spiesarchiv\AppData\Roaming\Familienbande
2015-02-27 10:25 - 2015-02-27 10:25 - 00001472 _____ () C:\Users\spiesarchiv\Desktop\Familienbande.lnk
2015-02-27 10:20 - 2015-02-27 23:34 - 00000000 ____D () C:\Program Files\Familienbande
2015-02-22 19:51 - 2015-02-22 20:00 - 33782255 _____ () C:\Users\spiesarchiv\Downloads\Wireless LAN_Broadcom_5.93.99.204_W81x86_A.zip
2015-02-22 19:10 - 2015-02-22 19:11 - 00000000 ____D () C:\Users\spiesarchiv\Documents\Archiv
2015-02-22 17:52 - 2015-02-22 17:52 - 00000000 ____D () C:\windows\Sun
2015-02-22 17:14 - 2015-03-10 17:57 - 00096680 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge.dll
2015-02-22 17:14 - 2015-02-22 17:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-22 17:13 - 2015-03-10 17:57 - 00000000 ____D () C:\Program Files\Java
2015-02-22 17:13 - 2015-02-22 17:13 - 00001090 _____ () C:\Users\spiesarchiv\Desktop\notepad.exe.lnk
2015-02-22 17:02 - 2015-02-22 17:03 - 00676624 _____ (RealNetworks, Inc.) C:\Users\spiesarchiv\Downloads\RealPlayer_de.exe
2015-02-17 14:13 - 2015-02-17 14:19 - 00000000 ____D () C:\ProgramData\mquadr.at
2015-02-17 14:10 - 2015-02-17 14:12 - 00000000 __HDC () C:\ProgramData\{CD3330DC-8B86-4AE3-B2E4-09E56CB3E702}
2015-02-17 14:10 - 2015-02-17 14:10 - 00001139 _____ () C:\Users\spiesarchiv\AppData\Roaming\Microsoft\Windows\Start Menu\DSL Soforthilfe.lnk
2015-02-17 14:10 - 2015-02-17 14:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\o2
2015-02-17 14:10 - 2015-02-17 14:10 - 00000000 ____D () C:\Program Files\DSL Soforthilfe
2015-02-17 14:10 - 2013-11-21 21:56 - 03748800 ____N (mquadr.at software engineering und consulting GmbH) C:\windows\system32\M2ElevatedCalls.dll
2015-02-17 14:10 - 2013-11-21 21:56 - 00962528 ____N (mquadr.at software engineering) C:\windows\system32\M2ElevatedNetworkAdapters.dll
2015-02-17 14:10 - 2012-12-03 14:57 - 00238592 ____N (Nicomsoft Ltd.) C:\windows\system32\WiFiMan.dll
2015-02-15 11:38 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-02-15 11:38 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-02-15 11:38 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-02-15 11:38 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-02-15 11:38 - 2015-01-12 02:55 - 00664064 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-02-15 11:38 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-02-15 11:38 - 2015-01-12 02:34 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2015-02-15 11:38 - 2015-01-12 02:30 - 00880128 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-02-15 11:38 - 2015-01-12 02:25 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-02-15 11:38 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-02-15 11:38 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-02-15 11:38 - 2015-01-12 02:23 - 00684544 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-02-15 11:38 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-02-15 11:38 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-02-15 11:38 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-02-15 11:38 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-02-15 11:38 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-02-15 11:37 - 2015-01-15 23:37 - 00478776 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-02-15 11:37 - 2015-01-15 23:37 - 00148288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-02-15 11:37 - 2015-01-13 23:04 - 01489072 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-02-15 11:37 - 2015-01-10 09:28 - 05769024 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-02-15 11:37 - 2015-01-10 09:28 - 01468408 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-02-15 11:37 - 2015-01-10 08:38 - 03550720 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-02-15 11:37 - 2015-01-10 07:38 - 00359424 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-02-15 11:37 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-02-15 11:37 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2015-02-15 11:37 - 2014-10-29 03:06 - 00736768 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-02-15 11:37 - 2014-10-29 03:06 - 00154112 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-02-15 11:37 - 2014-10-29 02:03 - 01117696 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-02-12 18:46 - 2015-02-12 18:46 - 00001401 _____ () C:\Users\spiesarchiv\Desktop\Em-Client.lnk
2015-02-12 18:21 - 2015-03-09 15:12 - 00000000 ____D () C:\Users\spiesarchiv\AppData\Roaming\eM Client
2015-02-12 18:17 - 2015-02-12 18:17 - 00000940 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
2015-02-12 18:17 - 2015-02-12 18:17 - 00000000 ____D () C:\Program Files\eM Client
2015-02-08 23:40 - 2015-02-08 23:40 - 00000000 ____D () C:\Users\spiesarchiv\AppData\Roaming\Apple Computer
2015-02-08 23:28 - 2015-02-08 23:28 - 00000000 ___SD () C:\Program Files\SiSoftware Sandra Lite 2015x
2015-02-08 23:28 - 2015-02-08 23:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware
2015-02-08 23:28 - 2014-12-12 14:11 - 14397440 _____ () C:\Users\spiesarchiv\AppData\Roaming\Sandra.mdb
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-10 23:00 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\system32\sru
2015-03-10 22:55 - 2015-02-07 21:48 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-03-10 21:51 - 2015-01-24 22:06 - 01747013 _____ () C:\windows\WindowsUpdate.log
2015-03-10 02:05 - 2014-03-18 08:40 - 01776918 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-09 22:02 - 2015-01-27 22:38 - 00000000 ____D () C:\Users\spiesarchiv\AppData\Roaming\Free Download Manager
2015-03-09 15:12 - 2015-02-02 01:02 - 00000348 _____ () C:\windows\Tasks\GlaryInitialize 5.job
2015-03-09 15:12 - 2015-02-02 01:02 - 00000000 ____D () C:\Program Files\Glary Utilities 5
2015-03-09 15:11 - 2013-08-22 08:23 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-09 15:11 - 2013-08-22 07:13 - 00262144 ___SH () C:\windows\system32\config\BBI
2015-03-09 15:10 - 2015-02-01 21:48 - 00000000 ___DC () C:\AdwCleaner
2015-03-09 14:56 - 2015-01-24 20:20 - 00000000 ____D () C:\ProgramData\ProductData
2015-03-09 14:49 - 2015-02-01 22:09 - 00114904 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-09 09:34 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\LiveKernelReports
2015-03-08 12:17 - 2015-02-01 22:08 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2015-03-08 05:31 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\Microsoft.NET
2015-03-06 15:33 - 2015-01-24 22:16 - 00000000 ____D () C:\Users\spiesarchiv
2015-03-06 01:48 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\system32\NDF
2015-03-05 05:40 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\AppReadiness
2015-03-04 22:21 - 2014-10-17 02:52 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-03-04 01:17 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\rescache
2015-03-03 22:50 - 2014-10-17 02:51 - 00000000 __HDC () C:\OEM
2015-03-03 22:49 - 2014-10-17 02:52 - 00000000 ____D () C:\Program Files\Acer
2015-03-03 21:29 - 2013-08-22 09:05 - 00000000 ____D () C:\windows\CbsTemp
2015-03-03 20:48 - 2015-02-03 22:38 - 00000000 ____D () C:\Users\spiesarchiv\AppData\Roaming\Foxit Software
2015-03-03 20:41 - 2014-10-17 02:52 - 00000000 ____D () C:\ProgramData\OEM
2015-03-03 20:23 - 2015-01-27 21:24 - 00000292 _____ () C:\windows\Tasks\Uninstaller_SkipUac_spiesarchiv.job
2015-03-03 13:33 - 2015-02-02 01:02 - 00001066 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-03-03 13:25 - 2013-08-22 09:17 - 00000000 ___RD () C:\windows\ImmersiveControlPanel
2015-03-03 13:25 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\system32\de-DE
2015-03-02 00:52 - 2015-01-25 05:29 - 00000000 ____D () C:\Program Files\SRWare Iron
2015-02-28 23:37 - 2013-08-22 09:17 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-28 11:41 - 2015-01-27 21:11 - 00000000 ____D () C:\windows\system32\MRT
2015-02-28 11:32 - 2015-01-27 21:11 - 113756392 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-02-22 17:15 - 2015-01-29 00:24 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-22 16:59 - 2015-02-01 18:37 - 00000000 ____D () C:\ProgramData\{fa9afc74-19df-1381-fa9a-afc7419df1d0}
2015-02-18 13:41 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\system32\sr-Latn-RS
2015-02-18 13:41 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\system32\sr-Latn-CS
2015-02-15 11:39 - 2015-02-02 01:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2015-02-09 12:06 - 2015-01-24 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-02-08 23:40 - 2015-02-07 23:33 - 00000000 ____D () C:\Users\spiesarchiv\Desktop\Media
==================== Files in the root of some directories =======
2015-02-08 23:28 - 2014-12-12 14:11 - 14397440 _____ () C:\Users\spiesarchiv\AppData\Roaming\Sandra.mdb
2015-03-03 22:56 - 2015-03-03 22:59 - 0008665 _____ () C:\Users\spiesarchiv\AppData\Local\HWVendorDetection.log
2015-01-28 16:08 - 2015-01-28 16:08 - 0000000 _____ () C:\Users\spiesarchiv\AppData\Local\StarPort.log
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
==================== BCD ================================
Start-Manager fr Firmware
--------------------------
Bezeichner {fwbootmgr}
displayorder {bootmgr}
{b8f6ac39-8ee0-11e4-971f-806e6f6e6963}
{b8f6ac3a-8ee0-11e4-971f-806e6f6e6963}
{b8f6ac3b-8ee0-11e4-971f-806e6f6e6963}
timeout 0
Windows-Start-Manager
---------------------
Bezeichner {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale de-DE
inherit {globalsettings}
integrityservices Enable
default {current}
resumeobject {5f8c767c-8f39-11e4-9b87-bc20ab6116f9}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Firmwareanwendung (101fffff)
----------------------------
Bezeichner {b8f6ac39-8ee0-11e4-971f-806e6f6e6963}
description EFI USB Device
Firmwareanwendung (101fffff)
----------------------------
Bezeichner {b8f6ac3a-8ee0-11e4-971f-806e6f6e6963}
description EFI DVD/CDROM
Firmwareanwendung (101fffff)
----------------------------
Bezeichner {b8f6ac3b-8ee0-11e4-971f-806e6f6e6963}
description EFI Network
Windows-Startladeprogramm
-------------------------
Bezeichner {current}
device partition=C:
path \windows\system32\winload.efi
description Windows 8.1
locale de-DE
inherit {bootloadersettings}
recoverysequence {5f8c767e-8f39-11e4-9b87-bc20ab6116f9}
integrityservices Enable
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \windows
resumeobject {5f8c767c-8f39-11e4-9b87-bc20ab6116f9}
nx OptIn
bootmenupolicy Standard
detecthal Yes
Windows-Startladeprogramm
-------------------------
Bezeichner {5f8c767e-8f39-11e4-9b87-bc20ab6116f9}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{5f8c767f-8f39-11e4-9b87-bc20ab6116f9}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale en-us
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{5f8c767f-8f39-11e4-9b87-bc20ab6116f9}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner {5f8c767c-8f39-11e4-9b87-bc20ab6116f9}
device partition=C:
path \windows\system32\winresume.efi
description Windows Resume Application
locale de-DE
inherit {resumeloadersettings}
recoverysequence {5f8c767e-8f39-11e4-9b87-bc20ab6116f9}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
pae Yes
debugoptionenabled No
Windows-Speichertestprogramm
----------------------------
Bezeichner {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Windows Memory Diagnostic
locale de-DE
inherit {globalsettings}
badmemoryaccess Yes
EMS-Einstellungen
-----------------
Bezeichner {emssettings}
bootems No
Debuggereinstellungen
---------------------
Bezeichner {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
RAM-Defekte
-----------
Bezeichner {badmemory}
Globale Einstellungen
---------------------
Bezeichner {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Startladeprogramm-Einstellungen
-------------------------------
Bezeichner {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Hypervisoreinstellungen
-------------------
Bezeichner {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner {resumeloadersettings}
inherit {globalsettings}
Ger„teoptionen
--------------
Bezeichner {5f8c767f-8f39-11e4-9b87-bc20ab6116f9}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Optionen zum RAM-Datentr„gersetup
---------------------------------
Bezeichner {ramdiskoptions}
description Acer Recovery Management
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \boot\boot.sdi
LastRegBack: 2015-03-04 01:00
==================== End Of Log ============================
--- --- --- Sorry ich hatte zuerst nicht "Alles auswählen" genutzt, sondern das CLipboard, daher keine CRLF und ging in dei Hose. Aber nun Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 08-03-2015 03
Ran by spiesarchiv at 2015-03-10 23:13:19 Run:2
Running from C:\Program Files\FaberRecoveryScan
Loaded Profiles: spiesarchiv (Available profiles: spiesarchiv)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
IFEO\apnstub.exe: [Debugger] dllhost.exe
IFEO\ipmgui.exe: [Debugger] dllhost.exe
Emptytemp:
*****************
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\apnstub.exe => Key not found.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ipmgui.exe" => Key Deleted successfully.
EmptyTemp: => Removed 776 KB temporary data.
The system needed a reboot.
==== End of Fixlog 23:13:21 ====
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-03-2015 03
Ran by spiesarchiv (administrator) on SWITCH on 10-03-2015 23:24:05
Running from C:\Program Files\FaberRecoveryScan
Loaded Profiles: spiesarchiv (Available profiles: spiesarchiv)
Platform: Microsoft Windows 8.1 mit Bing (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Kingsoft Corporation) C:\Program Files\cmcm\Clean Master\cmcore.exe
() C:\Program Files\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(IObit) C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Secunia) C:\Program Files\Secunia\PSI\psia.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(StarWind Software) C:\Program Files\RAM Disk\StarRAMService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Touch Tools\TouchToolsLaunchSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe
(Glarysoft Ltd) C:\Program Files\Glary Utilities 5\Integrator.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Acer Incorporated) C:\Program Files\Acer\Screen Grasp\GestureDetection.exe
() C:\Program Files\DSL Soforthilfe\DSL_Soforthilfe.exe
(Acer Incorporated) C:\Program Files\Acer\Screen Grasp\Launch Screen Grasp.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Glarysoft Ltd) C:\Program Files\Glary Utilities 5\memdefrag.exe
(eM Client, Inc.) C:\Program Files\eM Client\MailClient.exe
(Nenad Hrg SoftwareOK) C:\Program Files\Tools\DesktopOK.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
( ) C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(FreeDownloadManager.ORG) C:\Program Files\Free Download Manager\Chrome\fdm_nativehost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\windows\System32\DptfPolicyLpmServiceHelper.exe [81336 2014-05-08] (Intel Corporation)
HKLM\...\Run: [RtkNGUI] => C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe [7761920 2014-09-22] (Realtek Semiconductor)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [703280 2015-03-10] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [126712 2014-12-31] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM\...\Run: [DSL Soforthilfe] => C:\Program Files\DSL Soforthilfe\DSL_Soforthilfe.exe [20585888 2013-11-21] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [37152 2015-03-02] (Glarysoft Ltd)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\...\Run: [Glary Memory Optimizer] => C:\Program Files\Glary Utilities 5\memdefrag.exe [122656 2015-03-02] (Glarysoft Ltd)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\...\Run: [eM Client] => C:\Program Files\eM Client\MailClient.exe [15612200 2014-12-22] (eM Client, Inc.)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\...\Run: [DesktopOK] => C:\Program Files\Tools\DesktopOK.exe [174080 2014-12-23] (Nenad Hrg SoftwareOK)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [780288 2013-08-22] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SpyderUtility.lnk
ShortcutTarget: SpyderUtility.lnk -> C:\Program Files\Datacolor\Spyder4Express\Utility\SpyderUtility.exe ( )
BootExecute: autocheck autochk *
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2704919929-3204641014-941289941-1001\Software\Microsoft\Internet Explorer\Main,Start Page = google.de
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2015-01-27] (IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-10] (Oracle Corporation)
BHO: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files\Free Download Manager\iefdm2.dll [2014-11-13] (FreeDownloadManager.ORG)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-10] (Oracle Corporation)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.179.254 192.168.179.100
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-07] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw_1216156.dll [2015-01-09] (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-10] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF HKLM\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\Program Files\Free Download Manager\Firefox\Extension
FF Extension: Free Download Manager plugin - C:\Program Files\Free Download Manager\Firefox\Extension [2015-01-27]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [432888 2015-03-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-10] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [178424 2014-12-31] (Avira Operations GmbH & Co. KG)
R2 BTDevManager; C:\Program Files\REALTEK\REALTEK Bluetooth\BTDevMgr.exe [70144 2014-03-12] () [File not signed]
R2 cmcore; c:\program files\cmcm\Clean Master\cmcore.exe [315240 2015-01-27] (Kingsoft Corporation)
S3 cphs; C:\windows\system32\IntelCpHeciSvc.exe [280680 2014-12-29] (Intel Corporation)
R2 DptfParticipantProcessorService; C:\windows\system32\DptfParticipantProcessorService.exe [83384 2014-05-08] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\windows\system32\DptfPolicyCriticalService.exe [97208 2014-05-08] (Intel Corporation)
R2 DptfPolicyLpmService; C:\windows\system32\DptfPolicyLpmService.exe [90552 2014-05-08] (Intel Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [1974504 2014-07-22] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [280680 2014-12-29] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2635552 2015-01-27] (IObit)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [452840 2014-12-30] (Acer Incorporate)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [169800 2014-04-04] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [179600 2014-04-04] (McAfee, Inc.)
S3 SandraAgentSrv; C:\Program Files\SiSoftware Sandra Lite 2015x\RpcAgentSrv.exe [73200 2014-12-17] (SiSoftware) [File not signed]
S3 ScDeviceEnum; C:\windows\System32\ScDeviceEnum.dll [105472 2013-08-22] (Microsoft Corporation)
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
R2 StarRAMService; C:\Program Files\RAM Disk\StarRAMService.exe [89088 2010-03-29] (StarWind Software) [File not signed]
R2 TouchToolsLaunchService; C:\Program Files\Acer\Acer Touch Tools\TouchToolsLaunchSvc.exe [247040 2014-12-29] (Acer Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [288128 2014-09-22] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\windows\system32\wephostsvc.dll [20992 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22192 2014-09-22] (Microsoft Corporation)
S3 workfolderssvc; C:\windows\system32\workfolderssvc.dll [1222144 2014-07-24] (Microsoft Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~1\mcafee\siteadvisor\mcsacore.exe [X]
S2 mfecore; "C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACC_SensorDriver; C:\windows\System32\drivers\ACC_SensorDriver.sys [12800 2014-12-29] (Intel Corporation)
S3 ALS_SensorDriver; C:\windows\System32\drivers\ALS_SensorDriver.sys [11264 2014-12-29] (Intel Corporation)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [105864 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\system32\DRIVERS\avipbb.sys [136216 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [37352 2014-11-24] (Avira Operations GmbH & Co. KG)
S3 AX88179; C:\windows\system32\DRIVERS\ax88179_178a.sys [60816 2013-07-08] (ASIX Electronics Corp.)
R1 BasicRender; C:\windows\System32\drivers\BasicRender.sys [25600 2014-03-18] (Microsoft Corporation)
S3 BCMSDH43XX; C:\windows\system32\DRIVERS\bcmdhd63.sys [296664 2013-08-13] (Broadcom Corp)
R3 BthLEEnum; C:\windows\system32\DRIVERS\BthLEEnum.sys [186880 2014-03-18] (Microsoft Corporation)
R3 BthMini; C:\windows\System32\Drivers\BTHMINI.sys [24064 2013-08-22] (Microsoft Corporation)
R3 camera; C:\windows\system32\DRIVERS\camera.sys [462336 2014-12-29] (Intel Corporation)
S3 cfwids; C:\windows\System32\drivers\cfwids.sys [61400 2014-04-04] (McAfee, Inc.)
R3 CM3218x; C:\windows\system32\DRIVERS\WUDFRd.sys [188416 2014-12-29] (Microsoft Corporation)
R3 CPLMACPI; C:\windows\system32\DRIVERS\CPLMACPI.sys [16488 2014-12-29] (Capella Microsystems, Inc.)
S3 DptfDevAmbient; C:\windows\System32\drivers\DptfDevAmbient.sys [44472 2014-05-08] (Intel Corporation)
R3 DptfDevDBPT; C:\windows\System32\drivers\DptfDevPower.sys [25528 2014-05-08] (Intel Corporation)
R3 DptfDevDisplay; C:\windows\System32\drivers\DptfDevDisplay.sys [28088 2014-05-08] (Intel Corporation)
R3 DptfDevGen; C:\windows\System32\drivers\DptfDevGen.sys [36280 2014-05-08] (Intel Corporation)
R3 DptfDevProc; C:\windows\System32\drivers\DptfDevProc.sys [80824 2014-05-08] (Intel Corporation)
R3 DptfManager; C:\windows\System32\drivers\DptfManager.sys [182200 2014-05-08] (Intel Corporation)
R3 GPIO; C:\windows\System32\drivers\iaiogpioe.sys [23552 2014-05-05] (Intel Corporation)
R3 GpioVirtual; C:\windows\System32\drivers\iaiogpiovirtual.sys [16896 2014-03-22] (Intel Corporation)
R1 GUBootStartup; C:\windows\System32\drivers\GUBootStartup.sys [17344 2015-02-02] (Glarysoft Ltd)
S3 GYRO_SensorDriver; C:\windows\System32\drivers\GYRO_SensorDriver.sys [12800 2014-12-29] (Intel Corporation)
R1 HWiNFO32; C:\windows\system32\drivers\HWiNFO32.SYS [23840 2015-01-24] (REALiX(tm))
R3 iaioi2c; C:\windows\System32\drivers\iaioi2ce.sys [58368 2014-03-22] (Intel Corporation)
R3 iaiouart; C:\windows\System32\drivers\iaiouart.sys [87552 2015-01-24] (Intel Corporation)
S3 intaud_WaveExtensible; C:\windows\system32\drivers\intelaud.sys [32152 2014-12-29] (Intel Corporation)
R3 IntelSST; C:\windows\system32\drivers\isstrtc.sys [257024 2014-12-29] (Intel(R) Corporation)
R3 INVN_MotionApps; C:\windows\system32\DRIVERS\WUDFRd.sys [188416 2014-12-29] (Microsoft Corporation)
R3 iwdbus; C:\windows\System32\drivers\iwdbus.sys [23448 2014-12-29] (Intel Corporation)
R3 ksapi; C:\windows\system32\drivers\ksapi.sys [81768 2015-01-27] (Kingsoft Corporation)
R3 LMDriver; C:\windows\System32\drivers\LMDriver.sys [18232 2014-12-29] (Acer Incorporated)
S3 MAG_SensorDriver; C:\windows\System32\drivers\MAG_SensorDriver.sys [12288 2014-12-29] (Intel Corporation)
R0 MBI; C:\windows\System32\drivers\MBI.sys [21968 2014-03-16] (Intel Corporation)
S3 mfeapfk; C:\windows\System32\drivers\mfeapfk.sys [134600 2014-04-04] (McAfee, Inc.)
R3 mfeavfk; C:\windows\System32\drivers\mfeavfk.sys [236672 2014-04-04] (McAfee, Inc.)
S3 mfebopk; C:\windows\System32\drivers\mfebopk.sys [66408 2014-04-04] (McAfee, Inc.)
S0 mfeelamk; C:\windows\System32\drivers\mfeelamk.sys [58376 2014-04-04] (McAfee, Inc.)
R3 mfefirek; C:\windows\System32\drivers\mfefirek.sys [367776 2014-04-04] (McAfee, Inc.)
R0 mfehidk; C:\windows\System32\drivers\mfehidk.sys [574576 2014-04-04] (McAfee, Inc.)
R3 mfencbdc; C:\windows\system32\DRIVERS\mfencbdc.sys [345584 2014-03-18] (McAfee, Inc.)
S3 mfencrk; C:\windows\system32\DRIVERS\mfencrk.sys [81264 2014-03-18] (McAfee, Inc.)
R0 mfewfpk; C:\windows\System32\drivers\mfewfpk.sys [215624 2014-04-04] (McAfee, Inc.)
R3 ov2722; C:\windows\System32\drivers\ov2722.sys [49152 2014-12-29] (Intel Corporation)
R3 PMIC; C:\windows\System32\drivers\PMIC.sys [48128 2014-03-16] (Intel Corporation)
R3 PSI; C:\windows\System32\DRIVERS\psi_mf_x86.sys [16024 2014-11-28] (Secunia)
R3 RadioShim; C:\windows\System32\drivers\RadioShim.sys [13112 2014-12-29] (Acer Incorporated)
R3 rtii2sac; C:\windows\system32\DRIVERS\rtii2sac.sys [174808 2014-12-29] (Realtek Semiconductor Corp.)
R3 RtkUart; C:\windows\System32\drivers\RtkUart.sys [507608 2014-12-29] (Realtek Semiconductor Corporation)
R3 RtlWlans; C:\windows\system32\DRIVERS\rtwlans.sys [2748120 2014-07-18] (Realtek Semiconductor Corporation )
S3 SANDRA; C:\Program Files\SiSoftware Sandra Lite 2015x\WNt600x86\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 SensorFusion; C:\windows\System32\drivers\HIDFusion.sys [52736 2014-12-29] (Intel Corporation)
R3 SensorsServiceDriver; C:\windows\system32\DRIVERS\WUDFRd.sys [188416 2014-12-29] (Microsoft Corporation)
S3 Spyder4; C:\windows\System32\drivers\dccmtr.sys [12288 2011-06-02] (Datacolor)
S1 ssmdrv; C:\windows\system32\DRIVERS\ssmdrv.sys [28520 2014-11-24] (Avira GmbH)
R1 StarRAM; C:\windows\System32\drivers\StarRAM.sys [54744 2010-03-29] (StarWind Software)
R3 SynRMIHID; C:\windows\System32\drivers\SynRMIHID.sys [36080 2014-02-20] (Synaptics Incorporated)
R3 TXEI; C:\windows\System32\drivers\TXEI.sys [75792 2015-01-24] (Intel Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [84800 2014-09-22] (Microsoft Corporation)
R0 Wof; C:\windows\system32\Drivers\Wof.sys [138584 2014-03-13] (Microsoft Corporation)
U4 RAMDiskVE; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-10 23:14 - 2015-03-10 23:14 - 00000116 _____ () C:\windows\setupact.log
2015-03-10 23:14 - 2015-03-10 23:14 - 00000000 _____ () C:\windows\setuperr.log
2015-03-10 23:13 - 2015-03-10 23:14 - 00404976 _____ () C:\windows\system32\FNTCACHE.DAT
2015-03-10 21:37 - 2015-03-10 21:38 - 00000000 ____D () C:\Program Files\AVM
2015-03-10 17:58 - 2015-03-10 17:58 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-03-10 13:30 - 2015-03-10 13:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-03-10 13:30 - 2015-03-10 13:30 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-03-10 00:13 - 2015-03-10 00:35 - 00000000 ____D () C:\Program Files\SecurityCheck
2015-03-09 20:49 - 2015-03-09 20:49 - 00000000 ____D () C:\Program Files\ESET
2015-03-07 22:21 - 2015-03-10 23:24 - 00000000 ____D () C:\Program Files\FaberRecoveryScan
2015-03-06 02:22 - 2015-03-06 02:22 - 00002149 _____ () C:\Users\spiesarchiv\Desktop\Spyder4Express 4.5.4.lnk
2015-03-06 02:22 - 2015-03-06 02:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Datacolor
2015-03-06 02:22 - 2008-01-30 17:36 - 00090112 _____ (MindVision Software) C:\windows\unvise32.exe
2015-03-06 02:21 - 2015-03-06 02:22 - 00000000 ____D () C:\Program Files\Datacolor
2015-03-04 00:06 - 2015-03-08 14:07 - 00000000 ____D () C:\Program Files\Tools
2015-03-03 17:03 - 2015-03-03 17:06 - 00000000 ____D () C:\Program Files\TempClean
2015-03-03 17:01 - 2015-03-03 17:01 - 00448512 _____ (OldTimer Tools) C:\Users\spiesarchiv\Desktop\TFC.exe
2015-03-03 16:00 - 2015-03-09 15:04 - 00000000 ____D () C:\ProgramData\TEMP
2015-03-03 16:00 - 2015-03-09 15:03 - 00000000 ____D () C:\Program Files\SpywareBlaster
2015-03-03 16:00 - 2015-03-03 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2015-03-03 16:00 - 2015-03-03 16:00 - 00000000 ____D () C:\ProgramData\Licenses
2015-03-03 16:00 - 2011-11-04 05:13 - 01070352 _____ (Microsoft Corporation) C:\windows\system32\MSCOMCTL.OCX
2015-03-03 16:00 - 2009-03-24 12:52 - 00129872 _____ (Microsoft Corporation) C:\windows\system32\MSSTDFMT.DLL
2015-03-03 15:58 - 2015-03-03 15:58 - 00001047 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2015-03-03 15:58 - 2015-03-03 15:58 - 00000000 ____D () C:\Program Files\Secunia
2015-03-03 15:46 - 2015-03-03 17:54 - 00001864 _____ () C:\Users\spiesarchiv\Desktop\Deinstall.jpg.lnk
2015-03-03 15:45 - 2015-03-03 15:45 - 00000000 ____D () C:\Program Files\Delfix
2015-03-03 15:43 - 2015-03-03 15:43 - 00000523 ____C () C:\DelFix.txt
2015-03-03 15:43 - 2015-03-03 15:43 - 00000000 ____D () C:\windows\ERUNT
2015-03-03 13:53 - 2015-03-03 13:58 - 00000000 ____D () C:\Program Files\JRT
2015-03-03 00:50 - 2015-03-03 00:52 - 00035317 _____ () C:\Users\spiesarchiv\Downloads\Addition.txt
2015-03-03 00:49 - 2015-03-03 00:52 - 00043947 _____ () C:\Users\spiesarchiv\Downloads\FRST.txt
2015-03-03 00:48 - 2015-03-10 23:24 - 00000000 ___DC () C:\FRST
2015-03-03 00:47 - 2015-03-03 00:47 - 00000567 _____ () C:\Users\spiesarchiv\Desktop\Download.lnk
2015-03-03 00:38 - 2015-03-03 00:38 - 01132032 _____ (Farbar) C:\Users\spiesarchiv\Downloads\FRST.exe
2015-03-02 00:17 - 2015-03-02 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOfficeDev 4.4
2015-03-02 00:16 - 2015-03-02 00:16 - 00000000 ____D () C:\Program Files\LibreOfficeDev 4
2015-03-01 17:21 - 2014-11-17 21:23 - 00529352 _____ (Microsoft Corporation) C:\windows\system32\MDMAgent.exe
2015-03-01 17:21 - 2014-11-17 21:23 - 00224168 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlows.exe
2015-03-01 17:21 - 2014-11-14 06:04 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsDatabase.dll
2015-03-01 17:21 - 2014-11-14 06:01 - 00366592 _____ (Microsoft Corporation) C:\windows\system32\SystemSettings.Handlers.dll
2015-03-01 17:21 - 2014-11-14 05:55 - 01619968 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlowUI.dll
2015-03-01 17:21 - 2014-11-14 05:53 - 00790528 _____ (Microsoft Corporation) C:\windows\system32\MrmCoreR.dll
2015-03-01 17:21 - 2014-11-14 05:51 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers.dll
2015-02-28 22:42 - 2015-02-28 22:42 - 130961408 _____ () C:\Users\spiesarchiv\Downloads\libo-44~2015-02-28_20.24.37_LibreOfficeDev_4.4.2.0.0_Win_x86.msi
2015-02-28 12:57 - 2015-03-09 20:48 - 00000000 ____D () C:\Users\spiesarchiv\Desktop\Service
2015-02-28 11:26 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-02-28 11:26 - 2015-01-19 19:36 - 01192552 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2015-02-28 11:26 - 2014-10-13 03:37 - 00108864 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2015-02-28 11:26 - 2014-10-11 01:53 - 03607040 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2015-02-28 11:26 - 2014-10-08 07:44 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2015-02-28 11:26 - 2014-10-08 07:27 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2015-02-28 11:26 - 2014-10-08 06:19 - 02459136 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-02-28 11:26 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\windows\system32\aspnet_counters.dll
2015-02-28 11:25 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-02-28 11:25 - 2014-12-13 22:29 - 00513488 _____ () C:\windows\system32\locale.nls
2015-02-28 11:25 - 2014-12-09 00:11 - 00391526 _____ () C:\windows\system32\ApnDatabase.xml
2015-02-28 11:25 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\DeviceSetupStatusProvider.dll
2015-02-28 11:25 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-02-28 11:25 - 2014-10-29 02:04 - 00868352 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2015-02-28 11:25 - 2014-10-29 02:04 - 00200704 _____ (Microsoft Corporation) C:\windows\system32\GlobCollationHost.dll
2015-02-27 10:25 - 2015-03-01 16:11 - 00000000 ____D () C:\Users\spiesarchiv\AppData\Roaming\Familienbande
2015-02-27 10:25 - 2015-02-27 10:25 - 00001472 _____ () C:\Users\spiesarchiv\Desktop\Familienbande.lnk
2015-02-27 10:20 - 2015-02-27 23:34 - 00000000 ____D () C:\Program Files\Familienbande
2015-02-22 19:51 - 2015-02-22 20:00 - 33782255 _____ () C:\Users\spiesarchiv\Downloads\Wireless LAN_Broadcom_5.93.99.204_W81x86_A.zip
2015-02-22 19:10 - 2015-02-22 19:11 - 00000000 ____D () C:\Users\spiesarchiv\Documents\Archiv
2015-02-22 17:52 - 2015-02-22 17:52 - 00000000 ____D () C:\windows\Sun
2015-02-22 17:14 - 2015-03-10 17:57 - 00096680 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge.dll
2015-02-22 17:14 - 2015-02-22 17:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-22 17:13 - 2015-03-10 17:57 - 00000000 ____D () C:\Program Files\Java
2015-02-22 17:13 - 2015-02-22 17:13 - 00001090 _____ () C:\Users\spiesarchiv\Desktop\notepad.exe.lnk
2015-02-22 17:02 - 2015-02-22 17:03 - 00676624 _____ (RealNetworks, Inc.) C:\Users\spiesarchiv\Downloads\RealPlayer_de.exe
2015-02-17 14:13 - 2015-02-17 14:19 - 00000000 ____D () C:\ProgramData\mquadr.at
2015-02-17 14:10 - 2015-02-17 14:12 - 00000000 __HDC () C:\ProgramData\{CD3330DC-8B86-4AE3-B2E4-09E56CB3E702}
2015-02-17 14:10 - 2015-02-17 14:10 - 00001139 _____ () C:\Users\spiesarchiv\AppData\Roaming\Microsoft\Windows\Start Menu\DSL Soforthilfe.lnk
2015-02-17 14:10 - 2015-02-17 14:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\o2
2015-02-17 14:10 - 2015-02-17 14:10 - 00000000 ____D () C:\Program Files\DSL Soforthilfe
2015-02-17 14:10 - 2013-11-21 21:56 - 03748800 ____N (mquadr.at software engineering und consulting GmbH) C:\windows\system32\M2ElevatedCalls.dll
2015-02-17 14:10 - 2013-11-21 21:56 - 00962528 ____N (mquadr.at software engineering) C:\windows\system32\M2ElevatedNetworkAdapters.dll
2015-02-17 14:10 - 2012-12-03 14:57 - 00238592 ____N (Nicomsoft Ltd.) C:\windows\system32\WiFiMan.dll
2015-02-15 11:38 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-02-15 11:38 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-02-15 11:38 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-02-15 11:38 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-02-15 11:38 - 2015-01-12 02:55 - 00664064 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-02-15 11:38 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-02-15 11:38 - 2015-01-12 02:34 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2015-02-15 11:38 - 2015-01-12 02:30 - 00880128 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-02-15 11:38 - 2015-01-12 02:25 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-02-15 11:38 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-02-15 11:38 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-02-15 11:38 - 2015-01-12 02:23 - 00684544 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-02-15 11:38 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-02-15 11:38 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-02-15 11:38 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-02-15 11:38 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-02-15 11:38 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-02-15 11:37 - 2015-01-15 23:37 - 00478776 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-02-15 11:37 - 2015-01-15 23:37 - 00148288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-02-15 11:37 - 2015-01-13 23:04 - 01489072 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-02-15 11:37 - 2015-01-10 09:28 - 05769024 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-02-15 11:37 - 2015-01-10 09:28 - 01468408 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-02-15 11:37 - 2015-01-10 08:38 - 03550720 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-02-15 11:37 - 2015-01-10 07:38 - 00359424 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-02-15 11:37 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-02-15 11:37 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2015-02-15 11:37 - 2014-10-29 03:06 - 00736768 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-02-15 11:37 - 2014-10-29 03:06 - 00154112 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-02-15 11:37 - 2014-10-29 02:03 - 01117696 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-02-12 18:46 - 2015-02-12 18:46 - 00001401 _____ () C:\Users\spiesarchiv\Desktop\Em-Client.lnk
2015-02-12 18:21 - 2015-03-10 23:15 - 00000000 ____D () C:\Users\spiesarchiv\AppData\Roaming\eM Client
2015-02-12 18:17 - 2015-02-12 18:17 - 00000940 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
2015-02-12 18:17 - 2015-02-12 18:17 - 00000000 ____D () C:\Program Files\eM Client
2015-02-08 23:40 - 2015-02-08 23:40 - 00000000 ____D () C:\Users\spiesarchiv\AppData\Roaming\Apple Computer
2015-02-08 23:28 - 2015-02-08 23:28 - 00000000 ___SD () C:\Program Files\SiSoftware Sandra Lite 2015x
2015-02-08 23:28 - 2015-02-08 23:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware
2015-02-08 23:28 - 2014-12-12 14:11 - 14397440 _____ () C:\Users\spiesarchiv\AppData\Roaming\Sandra.mdb
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-10 23:21 - 2014-03-18 08:40 - 01776918 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-10 23:19 - 2015-01-25 02:49 - 00037384 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2015-03-10 23:19 - 2015-01-25 02:43 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2015-03-10 23:19 - 2015-01-25 02:43 - 00105864 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2015-03-10 23:18 - 2015-01-24 22:06 - 01790814 _____ () C:\windows\WindowsUpdate.log
2015-03-10 23:15 - 2015-02-02 01:02 - 00000348 _____ () C:\windows\Tasks\GlaryInitialize 5.job
2015-03-10 23:14 - 2015-02-02 01:02 - 00000000 ____D () C:\Program Files\Glary Utilities 5
2015-03-10 23:14 - 2013-08-22 08:23 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-10 23:13 - 2013-08-22 07:13 - 00262144 ___SH () C:\windows\system32\config\BBI
2015-03-10 23:00 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\system32\sru
2015-03-10 22:55 - 2015-02-07 21:48 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-03-09 22:02 - 2015-01-27 22:38 - 00000000 ____D () C:\Users\spiesarchiv\AppData\Roaming\Free Download Manager
2015-03-09 15:10 - 2015-02-01 21:48 - 00000000 ___DC () C:\AdwCleaner
2015-03-09 14:56 - 2015-01-24 20:20 - 00000000 ____D () C:\ProgramData\ProductData
2015-03-09 14:49 - 2015-02-01 22:09 - 00114904 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-09 09:34 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\LiveKernelReports
2015-03-08 12:17 - 2015-02-01 22:08 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2015-03-08 05:31 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\Microsoft.NET
2015-03-06 15:33 - 2015-01-24 22:16 - 00000000 ____D () C:\Users\spiesarchiv
2015-03-06 01:48 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\system32\NDF
2015-03-05 05:40 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\AppReadiness
2015-03-04 22:21 - 2014-10-17 02:52 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-03-04 01:17 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\rescache
2015-03-03 22:50 - 2014-10-17 02:51 - 00000000 __HDC () C:\OEM
2015-03-03 22:49 - 2014-10-17 02:52 - 00000000 ____D () C:\Program Files\Acer
2015-03-03 21:29 - 2013-08-22 09:05 - 00000000 ____D () C:\windows\CbsTemp
2015-03-03 20:48 - 2015-02-03 22:38 - 00000000 ____D () C:\Users\spiesarchiv\AppData\Roaming\Foxit Software
2015-03-03 20:41 - 2014-10-17 02:52 - 00000000 ____D () C:\ProgramData\OEM
2015-03-03 20:23 - 2015-01-27 21:24 - 00000292 _____ () C:\windows\Tasks\Uninstaller_SkipUac_spiesarchiv.job
2015-03-03 13:33 - 2015-02-02 01:02 - 00001066 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-03-03 13:25 - 2013-08-22 09:17 - 00000000 ___RD () C:\windows\ImmersiveControlPanel
2015-03-03 13:25 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\system32\de-DE
2015-03-02 00:52 - 2015-01-25 05:29 - 00000000 ____D () C:\Program Files\SRWare Iron
2015-02-28 23:37 - 2013-08-22 09:17 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-28 11:41 - 2015-01-27 21:11 - 00000000 ____D () C:\windows\system32\MRT
2015-02-28 11:32 - 2015-01-27 21:11 - 113756392 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-02-22 17:15 - 2015-01-29 00:24 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-22 16:59 - 2015-02-01 18:37 - 00000000 ____D () C:\ProgramData\{fa9afc74-19df-1381-fa9a-afc7419df1d0}
2015-02-18 13:41 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\system32\sr-Latn-RS
2015-02-18 13:41 - 2013-08-22 09:17 - 00000000 ____D () C:\windows\system32\sr-Latn-CS
2015-02-15 11:39 - 2015-02-02 01:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2015-02-09 12:06 - 2015-01-24 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-02-08 23:40 - 2015-02-07 23:33 - 00000000 ____D () C:\Users\spiesarchiv\Desktop\Media
==================== Files in the root of some directories =======
2015-02-08 23:28 - 2014-12-12 14:11 - 14397440 _____ () C:\Users\spiesarchiv\AppData\Roaming\Sandra.mdb
2015-03-03 22:56 - 2015-03-03 22:59 - 0008665 _____ () C:\Users\spiesarchiv\AppData\Local\HWVendorDetection.log
2015-01-28 16:08 - 2015-01-28 16:08 - 0000000 _____ () C:\Users\spiesarchiv\AppData\Local\StarPort.log
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-04 01:00
==================== End Of Log ============================
--- --- --- --- --- --- So leicht geht's nicht weg.  |
|
11.03.2015, 12:13
| #8 |
| /// the machine /// TB-Ausbilder | 3 Tabs werden in Chrome geöffnet noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.03.2015, 12:59
| #9 |
| | 3 Tabs werden in Chrome geöffnet Ja, klar, das ATTENTION ist ja noch da und der Effekt auch. Gruß David |
|
11.03.2015, 20:19
| #10 |
| /// the machine /// TB-Ausbilder | 3 Tabs werden in Chrome geöffnet Die Policy im IE hat da null Aktien dran. Revo Uninstaller - Download - Filepony damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren. Dann: https://support.google.com/chrome/answer/3296214?hl=de
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.03.2015, 03:02
| #11 |
| | 3 Tabs werden in Chrome geöffnet  |
|
12.03.2015, 19:01
| #12 |
| /// the machine /// TB-Ausbilder | 3 Tabs werden in Chrome geöffnet Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst... und/oder das Forum mit einer kleinen Spende  unterstützen.   Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Empfehlung:  Emsisoft Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
13.03.2015, 11:19
| #13 |
| | 3 Tabs werden in Chrome geöffnet Leider ist der Effekt nicht weg. Er ist wieder da, macht sich immer erst bemerkbar, wenn man auf einen Link in einer Blase oder Box klickt. Habe den Rechner nun wirklich x-mal gereinigt. allerdings hat Avira noch einen Trojaner entdeckt, der tief in einem Treiber-Archiv steckte und ihn entfernt. "Superoptimizer" Code:
ATTFilter
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Donnerstag, 12. März 2015 11:40
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Avira Antivirus Free
Seriennummer : 0000149996-AVHOE-0000001
Plattform : Windows 8.1 Connected
Windowsversion : (plain) [6.2.9200]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : SWITCH
Versionsinformationen:
BUILD.DAT : 15.0.8.650 91859 Bytes 25.02.2015 17:54:00
AVSCAN.EXE : 15.0.8.650 1014064 Bytes 10.03.2015 22:19:58
AVSCANRC.DLL : 15.0.8.650 63792 Bytes 10.03.2015 22:19:58
LUKE.DLL : 15.0.8.650 60664 Bytes 10.03.2015 22:20:19
AVSCPLR.DLL : 15.0.8.650 94456 Bytes 10.03.2015 22:19:58
REPAIR.DLL : 15.0.8.650 366328 Bytes 10.03.2015 22:19:57
REPAIR.RDF : 1.0.6.22 787582 Bytes 11.03.2015 22:14:31
AVREG.DLL : 15.0.8.650 264496 Bytes 10.03.2015 22:19:57
AVLODE.DLL : 15.0.8.650 645368 Bytes 10.03.2015 22:19:56
AVLODE.RDF : 14.0.4.54 78895 Bytes 25.01.2015 01:47:32
XBV00017.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00018.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00019.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00020.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00021.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00022.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00023.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00024.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00025.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00026.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00027.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00028.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00029.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00030.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00031.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00032.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00033.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00034.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00035.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00036.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00037.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00038.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00039.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00040.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00041.VDF : 8.11.165.190 2048 Bytes 07.08.2014 09:23:34
XBV00108.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:17
XBV00109.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:17
XBV00110.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:17
XBV00111.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:18
XBV00112.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:18
XBV00113.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:18
XBV00114.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:18
XBV00115.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:18
XBV00116.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:18
XBV00117.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:18
XBV00118.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:18
XBV00119.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:18
XBV00120.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:18
XBV00121.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:18
XBV00122.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:18
XBV00123.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:18
XBV00124.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:18
XBV00125.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:18
XBV00126.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:18
XBV00127.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:18
XBV00128.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:18
XBV00129.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:18
XBV00130.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:18
XBV00131.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:18
XBV00132.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:18
XBV00133.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:19
XBV00134.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:19
XBV00135.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:19
XBV00136.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:19
XBV00137.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:19
XBV00138.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:19
XBV00139.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:19
XBV00140.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:19
XBV00141.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:19
XBV00142.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:19
XBV00143.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:19
XBV00144.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:19
XBV00145.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:19
XBV00146.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:19
XBV00147.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:19
XBV00148.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:19
XBV00149.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:19
XBV00150.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:19
XBV00151.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:19
XBV00152.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:19
XBV00153.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:19
XBV00154.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:20
XBV00155.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:20
XBV00156.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:20
XBV00157.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:20
XBV00158.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:20
XBV00159.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:20
XBV00160.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:20
XBV00161.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:20
XBV00162.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:20
XBV00163.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:20
XBV00164.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:20
XBV00165.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:20
XBV00166.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:20
XBV00167.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:20
XBV00168.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:20
XBV00169.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:20
XBV00170.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:20
XBV00171.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:20
XBV00172.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:20
XBV00173.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:20
XBV00174.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:20
XBV00175.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:21
XBV00176.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:21
XBV00177.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:21
XBV00178.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:21
XBV00179.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:21
XBV00180.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:21
XBV00181.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:21
XBV00182.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:21
XBV00183.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:21
XBV00184.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:21
XBV00185.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:21
XBV00186.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:21
XBV00187.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:21
XBV00188.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:21
XBV00189.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:21
XBV00190.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:21
XBV00191.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:21
XBV00192.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:21
XBV00193.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:21
XBV00194.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:21
XBV00195.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:22
XBV00196.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:22
XBV00197.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:22
XBV00198.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:22
XBV00199.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:22
XBV00200.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:22
XBV00201.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:22
XBV00202.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:22
XBV00203.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:22
XBV00204.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:22
XBV00205.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:22
XBV00206.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:22
XBV00207.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:22
XBV00208.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:22
XBV00209.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:22
XBV00210.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:22
XBV00211.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:22
XBV00212.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:22
XBV00213.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:22
XBV00214.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:22
XBV00215.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:22
XBV00216.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:23
XBV00217.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:23
XBV00218.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:23
XBV00219.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:23
XBV00220.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:23
XBV00221.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:23
XBV00222.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:23
XBV00223.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:23
XBV00224.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:23
XBV00225.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:23
XBV00226.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:23
XBV00227.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:23
XBV00228.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:23
XBV00229.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:23
XBV00230.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:23
XBV00231.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:23
XBV00232.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:23
XBV00233.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:23
XBV00234.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:23
XBV00235.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:23
XBV00236.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:23
XBV00237.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:24
XBV00238.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:24
XBV00239.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:24
XBV00240.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:24
XBV00241.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:24
XBV00242.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:24
XBV00243.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:24
XBV00244.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:24
XBV00245.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:24
XBV00246.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:24
XBV00247.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:24
XBV00248.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:24
XBV00249.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:24
XBV00250.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:24
XBV00251.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:24
XBV00252.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:24
XBV00253.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:24
XBV00254.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:24
XBV00255.VDF : 8.11.213.176 2048 Bytes 05.03.2015 10:52:24
XBV00000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 09:23:34
XBV00001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 09:23:34
XBV00002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 09:23:34
XBV00003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 09:23:34
XBV00004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 09:23:34
XBV00005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 09:23:34
XBV00006.VDF : 7.11.139.38 15708672 Bytes 27.03.2014 09:23:34
XBV00007.VDF : 7.11.152.100 4193792 Bytes 02.06.2014 09:23:34
XBV00008.VDF : 8.11.165.192 4251136 Bytes 07.08.2014 09:23:34
XBV00009.VDF : 8.11.172.30 2094080 Bytes 15.09.2014 09:23:34
XBV00010.VDF : 8.11.178.32 1581056 Bytes 14.10.2014 09:23:34
XBV00011.VDF : 8.11.184.50 2178560 Bytes 11.11.2014 09:23:34
XBV00012.VDF : 8.11.190.32 1876992 Bytes 03.12.2014 01:47:34
XBV00013.VDF : 8.11.201.28 2973696 Bytes 14.01.2015 01:47:36
XBV00014.VDF : 8.11.206.252 2695680 Bytes 04.02.2015 23:04:19
XBV00015.VDF : 8.11.213.84 3175936 Bytes 03.03.2015 01:45:15
XBV00016.VDF : 8.11.213.176 212480 Bytes 05.03.2015 10:52:13
XBV00042.VDF : 8.11.213.202 3584 Bytes 05.03.2015 10:52:13
XBV00043.VDF : 8.11.213.204 2048 Bytes 05.03.2015 10:52:13
XBV00044.VDF : 8.11.213.230 40960 Bytes 05.03.2015 10:52:13
XBV00045.VDF : 8.11.214.2 29184 Bytes 05.03.2015 10:52:13
XBV00046.VDF : 8.11.214.28 25088 Bytes 05.03.2015 10:52:14
XBV00047.VDF : 8.11.214.30 14848 Bytes 05.03.2015 10:52:14
XBV00048.VDF : 8.11.214.32 3072 Bytes 05.03.2015 10:52:14
XBV00049.VDF : 8.11.214.34 2048 Bytes 06.03.2015 10:52:14
XBV00050.VDF : 8.11.214.38 39424 Bytes 06.03.2015 10:52:14
XBV00051.VDF : 8.11.214.40 6656 Bytes 06.03.2015 10:52:14
XBV00052.VDF : 8.11.214.42 4608 Bytes 06.03.2015 10:52:14
XBV00053.VDF : 8.11.214.44 5120 Bytes 06.03.2015 10:52:14
XBV00054.VDF : 8.11.214.46 23552 Bytes 06.03.2015 10:52:14
XBV00055.VDF : 8.11.214.48 3072 Bytes 06.03.2015 10:52:14
XBV00056.VDF : 8.11.214.50 25600 Bytes 06.03.2015 10:52:14
XBV00057.VDF : 8.11.214.72 2048 Bytes 06.03.2015 10:52:14
XBV00058.VDF : 8.11.214.92 48128 Bytes 06.03.2015 10:52:15
XBV00059.VDF : 8.11.214.112 12800 Bytes 06.03.2015 10:52:15
XBV00060.VDF : 8.11.214.114 2560 Bytes 06.03.2015 10:52:15
XBV00061.VDF : 8.11.214.136 32256 Bytes 06.03.2015 10:52:15
XBV00062.VDF : 8.11.214.138 2048 Bytes 06.03.2015 10:52:15
XBV00063.VDF : 8.11.214.140 2048 Bytes 07.03.2015 10:52:15
XBV00064.VDF : 8.11.214.144 34304 Bytes 07.03.2015 10:52:15
XBV00065.VDF : 8.11.214.146 2048 Bytes 07.03.2015 10:52:15
XBV00066.VDF : 8.11.214.168 33792 Bytes 07.03.2015 10:52:15
XBV00067.VDF : 8.11.214.188 71168 Bytes 08.03.2015 14:00:14
XBV00068.VDF : 8.11.214.190 2048 Bytes 08.03.2015 14:00:14
XBV00069.VDF : 8.11.214.192 2048 Bytes 08.03.2015 14:00:14
XBV00070.VDF : 8.11.214.212 2048 Bytes 08.03.2015 14:00:14
XBV00071.VDF : 8.11.214.232 28672 Bytes 08.03.2015 14:00:14
XBV00072.VDF : 8.11.214.252 69120 Bytes 09.03.2015 14:00:14
XBV00073.VDF : 8.11.215.14 3584 Bytes 09.03.2015 14:00:14
XBV00074.VDF : 8.11.215.32 7168 Bytes 09.03.2015 14:00:14
XBV00075.VDF : 8.11.215.50 12800 Bytes 09.03.2015 14:00:14
XBV00076.VDF : 8.11.215.52 5120 Bytes 09.03.2015 14:00:14
XBV00077.VDF : 8.11.215.70 17920 Bytes 09.03.2015 22:20:22
XBV00078.VDF : 8.11.215.90 2048 Bytes 09.03.2015 22:20:22
XBV00079.VDF : 8.11.215.110 2048 Bytes 09.03.2015 22:20:22
XBV00080.VDF : 8.11.215.132 29696 Bytes 09.03.2015 22:20:22
XBV00081.VDF : 8.11.215.134 11264 Bytes 09.03.2015 22:20:22
XBV00082.VDF : 8.11.215.136 11264 Bytes 09.03.2015 22:20:22
XBV00083.VDF : 8.11.215.138 12288 Bytes 10.03.2015 22:20:22
XBV00084.VDF : 8.11.215.140 35840 Bytes 10.03.2015 22:20:22
XBV00085.VDF : 8.11.215.158 6144 Bytes 10.03.2015 22:20:22
XBV00086.VDF : 8.11.215.174 5632 Bytes 10.03.2015 22:20:22
XBV00087.VDF : 8.11.215.190 8704 Bytes 10.03.2015 22:20:22
XBV00088.VDF : 8.11.215.206 19968 Bytes 10.03.2015 22:20:22
XBV00089.VDF : 8.11.215.222 12800 Bytes 10.03.2015 22:20:22
XBV00090.VDF : 8.11.215.226 2048 Bytes 10.03.2015 22:20:22
XBV00091.VDF : 8.11.215.230 14336 Bytes 10.03.2015 22:20:22
XBV00092.VDF : 8.11.215.234 26112 Bytes 10.03.2015 22:20:22
XBV00093.VDF : 8.11.215.236 11776 Bytes 10.03.2015 22:14:24
XBV00094.VDF : 8.11.215.240 22016 Bytes 11.03.2015 22:14:24
XBV00095.VDF : 8.11.215.242 2048 Bytes 11.03.2015 22:14:24
XBV00096.VDF : 8.11.215.244 2048 Bytes 11.03.2015 22:14:24
XBV00097.VDF : 8.11.216.4 7680 Bytes 11.03.2015 22:14:24
XBV00098.VDF : 8.11.216.20 12800 Bytes 11.03.2015 22:14:24
XBV00099.VDF : 8.11.216.36 19968 Bytes 11.03.2015 22:14:24
XBV00100.VDF : 8.11.216.52 2560 Bytes 11.03.2015 22:14:24
XBV00101.VDF : 8.11.216.54 22016 Bytes 11.03.2015 22:14:24
XBV00102.VDF : 8.11.216.56 8192 Bytes 11.03.2015 22:14:24
XBV00103.VDF : 8.11.216.58 4608 Bytes 11.03.2015 22:14:24
XBV00104.VDF : 8.11.216.60 16896 Bytes 11.03.2015 22:14:24
XBV00105.VDF : 8.11.216.76 14336 Bytes 11.03.2015 01:44:07
XBV00106.VDF : 8.11.216.90 30208 Bytes 11.03.2015 01:44:07
XBV00107.VDF : 8.11.216.104 5632 Bytes 12.03.2015 01:44:08
LOCAL000.VDF : 8.11.216.104 124058624 Bytes 12.03.2015 01:44:46
Engineversion : 8.3.30.0
AEVDF.DLL : 8.3.1.6 133992 Bytes 24.11.2014 09:23:20
AESCRIPT.DLL : 8.2.2.56 554920 Bytes 15.02.2015 10:22:36
AESCN.DLL : 8.3.2.2 139456 Bytes 24.11.2014 09:23:20
AESBX.DLL : 8.2.20.34 1615784 Bytes 05.03.2015 01:45:12
AERDL.DLL : 8.2.1.20 731040 Bytes 12.02.2015 17:42:05
AEPACK.DLL : 8.4.0.62 793456 Bytes 22.02.2015 15:27:01
AEOFFICE.DLL : 8.3.1.14 354216 Bytes 10.03.2015 22:19:51
AEMOBILE.DLL : 8.1.7.0 281456 Bytes 10.03.2015 22:19:52
AEHEUR.DLL : 8.1.4.1578 8137584 Bytes 08.03.2015 10:52:12
AEHELP.DLL : 8.3.1.0 278728 Bytes 24.11.2014 09:23:20
AEGEN.DLL : 8.1.7.40 456608 Bytes 25.01.2015 01:47:27
AEEXP.DLL : 8.4.2.70 255904 Bytes 08.02.2015 13:05:45
AEEMU.DLL : 8.1.3.4 399264 Bytes 24.11.2014 09:23:20
AEDROID.DLL : 8.4.3.116 1050536 Bytes 10.03.2015 22:19:52
AECORE.DLL : 8.3.4.0 243624 Bytes 25.01.2015 01:47:27
AEBB.DLL : 8.1.2.0 60448 Bytes 24.11.2014 09:23:20
AVWINLL.DLL : 15.0.8.650 25904 Bytes 10.03.2015 22:19:50
AVPREF.DLL : 15.0.8.650 52016 Bytes 10.03.2015 22:19:56
AVREP.DLL : 15.0.8.650 221432 Bytes 10.03.2015 22:19:57
AVARKT.DLL : 15.0.8.650 227120 Bytes 10.03.2015 22:19:53
AVEVTLOG.DLL : 15.0.8.650 183600 Bytes 10.03.2015 22:19:55
SQLITE3.DLL : 15.0.8.650 455472 Bytes 10.03.2015 22:20:21
AVSMTP.DLL : 15.0.8.650 79096 Bytes 10.03.2015 22:19:58
NETNT.DLL : 15.0.8.650 15152 Bytes 10.03.2015 22:20:19
RCIMAGE.DLL : 15.0.8.650 4864816 Bytes 10.03.2015 22:19:50
RCTEXT.DLL : 15.0.8.650 75056 Bytes 10.03.2015 22:19:50
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:, E:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Abweichende Gefahrenkategorien........: +JOKE,+SPR,
Beginn des Suchlaufs: Donnerstag, 12. März 2015 11:40
Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C:)'
[INFO] Es wurde kein Virus gefunden!
Bootsektor 'HDD1(D:)'
[INFO] Es wurde kein Virus gefunden!
Bootsektor 'HDD2(E:)'
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf nach versteckten Objekten wird begonnen.
Fehler in der ARK Library
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '105' Modul(e) wurden durchsucht
Durchsuche Prozess 'sua.exe' - '19' Modul(e) wurden durchsucht
Durchsuche Prozess 'UninstallMonitor.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'Launch Screen Grasp.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'SpyderUtility.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'psi_tray.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'GestureDetection.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'fdm.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'DesktopOK.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'MailClient.exe' - '140' Modul(e) wurden durchsucht
Durchsuche Prozess 'memdefrag.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'DSL_Soforthilfe.exe' - '107' Modul(e) wurden durchsucht
Durchsuche Prozess 'ePowerWinMonitor.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'ePowerEvent.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'DivXUpdate.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'unsecapp.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxext.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'ePowerTray.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'ePowerSvc.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.OE.Systray.exe' - '134' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '94' Modul(e) wurden durchsucht
Durchsuche Prozess 'RtkNGUI.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMTray.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'DptfPolicyLpmServiceHelper.exe' - '13' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxTray.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxHK.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxEM.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'PresentationFontCache.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'Integrator.exe' - '89' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'unsecapp.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'unsecapp.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMLockHandler.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMEvent.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.OE.ServiceHost.exe' - '110' Modul(e) wurden durchsucht
Durchsuche Prozess 'TabTip.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'TouchToolsLaunchSvc.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'StarRAMService.exe' - '12' Modul(e) wurden durchsucht
Durchsuche Prozess 'tcpsvcs.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'dashost.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'PSIA.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMSvc.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'LiveUpdate.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'DptfPolicyLpmService.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'DptfPolicyCriticalService.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'DptfParticipantProcessorService.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'BTDevMgr.exe' - '10' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '128' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '193' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '84' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhostex.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'cmcore.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '101' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxCUIService.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '162' Modul(e) wurden durchsucht
Durchsuche Prozess 'dwm.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '15' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '3976' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\' <Acer>
C:\swapfile.sys
[WARNUNG] Die Datei konnte nicht geöffnet werden!
C:\ProgramData\{3af9fc9b-e84f-4a5b-3af9-9fc9be84f26f}\SuperOptimizer.exe
[0] Archivtyp: RSRC
--> C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVSCAN-20150312-114031-08F7BD77\00000000-126CB0A8
[1] Archivtyp: Inno Setup
--> {app}\SupOptStats.dll
[FUND] Ist das Trojanische Pferd TR/Bprotector.1645160
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
[0] Archivtyp: RSRC
--> C:\Program Files\HUAWEI Modem Driver\Driver\X86\winusbcoinstaller2.dll
[1] Archivtyp: RSRC
--> C:\ProgramData\{3af9fc9b-e84f-4a5b-3af9-9fc9be84f26f}\SuperOptimizer.exe
[2] Archivtyp: RSRC
--> C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVSCAN-20150312-114031-08F7BD77\00000000-80FCAC83
[3] Archivtyp: Inno Setup
--> {app}\SupOptStats.dll
[FUND] Ist das Trojanische Pferd TR/Bprotector.1645160
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
[FUND] Enthält Muster der Software PUA/OptimizerPro.Gen
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
C:\ProgramData\{3af9fc9b-e84f-4a5b-3af9-9fc9be84f26f}\SuperOptimizer.exe
[FUND] Enthält Muster der Software PUA/OptimizerPro.Gen
--> C:\Users\All Users\{3af9fc9b-e84f-4a5b-3af9-9fc9be84f26f}\SuperOptimizer.exe
[2] Archivtyp: RSRC
--> C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVSCAN-20150312-114031-08F7BD77\00000000-8BA7BC0A
[3] Archivtyp: Inno Setup
--> {app}\SupOptStats.dll
[FUND] Ist das Trojanische Pferd TR/Bprotector.1645160
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
[FUND] Enthält Muster der Software PUA/OptimizerPro.Gen
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
C:\Users\All Users\{3af9fc9b-e84f-4a5b-3af9-9fc9be84f26f}\SuperOptimizer.exe
[FUND] Enthält Muster der Software PUA/OptimizerPro.Gen
--> C:\Program Files\HUAWEI Modem Driver\Driver\X64\winusbcoinstaller2.dll
[2] Archivtyp: RSRC
--> C:\Program Files\HUAWEI Modem Driver\Driver\X86\winusbcoinstaller2.dll
[3] Archivtyp: RSRC
--> C:\ProgramData\{3af9fc9b-e84f-4a5b-3af9-9fc9be84f26f}\SuperOptimizer.exe
[4] Archivtyp: RSRC
--> C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVSCAN-20150312-114031-08F7BD77\0000000B-B1D9409D
[5] Archivtyp: Inno Setup
--> {app}\SupOptStats.dll
[FUND] Ist das Trojanische Pferd TR/Bprotector.1645160
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
[FUND] Enthält Muster der Software PUA/OptimizerPro.Gen
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
C:\ProgramData\{3af9fc9b-e84f-4a5b-3af9-9fc9be84f26f}\SuperOptimizer.exe
[FUND] Enthält Muster der Software PUA/OptimizerPro.Gen
--> C:\Users\All Users\{3af9fc9b-e84f-4a5b-3af9-9fc9be84f26f}\SuperOptimizer.exe
[4] Archivtyp: RSRC
--> C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVSCAN-20150312-114031-08F7BD77\0000000C-73FB8276
[5] Archivtyp: Inno Setup
--> {app}\SupOptStats.dll
[FUND] Ist das Trojanische Pferd TR/Bprotector.1645160
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
[FUND] Enthält Muster der Software PUA/OptimizerPro.Gen
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
C:\Users\All Users\{3af9fc9b-e84f-4a5b-3af9-9fc9be84f26f}\SuperOptimizer.exe
[FUND] Enthält Muster der Software PUA/OptimizerPro.Gen
Beginne mit der Suche in 'D:\' <RAM_DISK>
Beginne mit der Suche in 'E:\' <DATA>
Beginne mit der Desinfektion:
C:\Users\All Users\{3af9fc9b-e84f-4a5b-3af9-9fc9be84f26f}\SuperOptimizer.exe
[FUND] Enthält Muster der Software PUA/OptimizerPro.Gen
[WARNUNG] Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden!
[WARNUNG] Fehler in der ARK Library
[HINWEIS] Die Datei wurde zum Löschen nach einem Neustart markiert.
[HINWEIS] Für die abschliessende Reparatur wird ein Neustart des Computers eingeleitet.
C:\ProgramData\{3af9fc9b-e84f-4a5b-3af9-9fc9be84f26f}\SuperOptimizer.exe
[FUND] Enthält Muster der Software PUA/OptimizerPro.Gen
[WARNUNG] Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden!
[WARNUNG] Fehler in der ARK Library
[HINWEIS] Die Datei wurde zum Löschen nach einem Neustart markiert.
[HINWEIS] Für die abschliessende Reparatur wird ein Neustart des Computers eingeleitet.
Ende des Suchlaufs: Freitag, 13. März 2015 03:18
Benötigte Zeit: 12:05:39 Stunde(n)
Der Suchlauf wurde vollständig durchgeführt.
59938 Verzeichnisse wurden überprüft
1026478 Dateien wurden geprüft
13 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
0 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
1 Dateien konnten nicht durchsucht werden
1026464 Dateien ohne Befall
5867 Archive wurden durchsucht
12 Warnungen
2 Hinweise
1168 Objekte wurden beim Rootkitscan durchsucht
0 Versteckte Objekte wurden gefunden
Die Reparaturanweisungen wurden in die Datei 'C:\avrescue\rescue.avp' geschrieben.
|
|
13.03.2015, 15:24
| #14 |
| /// the machine /// TB-Ausbilder | 3 Tabs werden in Chrome geöffnet Verbindest Du Chrome mit einem Google Konto? Problem besteht nur in Chrome?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
14.03.2015, 03:24
| #15 |
| | 3 Tabs werden in Chrome geöffnet Ich meinte AdBlockPlus oder wie das heißt. Ich benutze kein Chrome, sondern Srware-Iron. Ich habe diesen Effekt bei keinem anderen Rechner (weder win7 noch Linux, noch XP). Ich melde mich nicht an. Srware-Iron habe ich neu installiert. Ob es auch bei anderen Browsern auftritt, kann ich nciht sagen. Da Iron als default eingestellt ist und ich kein wirkliches Testzenario habe. Ich weiß nicht recht, wie ich eine Box mit Link erzeugen kann. Es fällt immer erst auf, wenn sowieso eine erscheint und ich auf den Link klicke. Müsste ja dann IE oder Firefox als Default einrichten. Ich benutze Avira nur in der einfachen Form, ohne Skript-Blocking und Anti-Malware Programm, auch ohne surfschutz usw. Defogger und ComboFix habe ich noch nicht benutzt. Ich will mal versuchen ein Screenshot zu machen.  |
|
| Themen zu 3 Tabs werden in Chrome geöffnet |
| .dll, 3 tabs öffnen in chrome, administrator, adware, antivir, antivirus, avira, browser, cpu, defender, desktop, driver booster, dsl, explorer, fehler, flash player, free download, internet, internet explorer, launch, neustart, programm, realtek, registry, services.exe, siteadvisor, software, svchost.exe, winlogon.exe |
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
