Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: BOO/TDSS.o Befall - was kann ich tun

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 20.10.2014, 00:52   #1
Goldberry
 
BOO/TDSS.o Befall - was kann ich tun - Standard

BOO/TDSS.o Befall - was kann ich tun



Liebe User,

Mein Laptop (Win7) ist seit heute mit BOO/TDSS.o befallen. Avira hat die Malware zwar erkannt, kann sie aber nicht entfernen.

Ich habe bereits mit Malewarebytes und Kaspary TDSSKill versucht, das Problem zu beseitigen. Es wurden jeweils infizierte Dateinen gefunden, das Entfernen mit den Programmen hat aber leider nicht geholfen. Was kann ich tun?

Viele Grüße,
Goldberry

Alt 20.10.2014, 01:05   #2
Bootsektor
/// TB-Ausbilder
 
BOO/TDSS.o Befall - was kann ich tun - Standard

BOO/TDSS.o Befall - was kann ich tun





Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem
  • Führe bitte nur Scans durch zu denen Du von mir aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, ausser Du wurdest dazu aufgefordert.
  • Poste die Logfiles direkt in deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 2 Tagen nichts von mir hörst, dann schreibe mir bitte eine PM.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware lässt sich in den allermeisten Fällen problemlos entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist.

Posten in Code Tags
Bitte füge die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke.
Dazu:
  • Klicke über dem Antwortfenster auf die Raute #, dann steht dort in eckigen Klammern [] CODE /CODE.
  • Zwischen den beiden code-Bausteinen fügst Du dann deine Logfiles ein. Also CODE Logfile /CODE
  • Wenn die Logs zu lang sein sollten, dann teile sie bitte auf und poste sie dann hier in Deinem Thread, notfalls in mehreren Antworten.

Schritt 1
Bitte poste mir die Logs vom TDSS-Killer, Malwarebytes und von Avira

Schritt 2
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 20.10.2014, 01:21   #3
Goldberry
 
BOO/TDSS.o Befall - was kann ich tun - Standard

BOO/TDSS.o Befall - was kann ich tun



Hallo Sandra,

erst einmal vielen Dank, dass du mir helfen möchtest.

Wie kann ich Logfiles für Avira, Malwarebytes und TDSS-Killer erstellen?
__________________

Alt 20.10.2014, 01:27   #4
Bootsektor
/// TB-Ausbilder
 
BOO/TDSS.o Befall - was kann ich tun - Standard

BOO/TDSS.o Befall - was kann ich tun



Hallo,

du hast doch mit den entsprechenden Programmen / Tools gescannt

Für Malwarebytes:
  • Starte Malwarebytes
  • Gehe nun oben auf Verlauf
  • links findest du nun die Auswahl Quarantäne und Anwendungsprotokolle
  • Gehe auf Anwendungsprotokolle
  • suche hier das letzte Suchlaufsprotokoll und wähle das aus
  • nun gehe oben auf Ansicht, das Protokoll öffnet sich
  • unten links steht exportieren, wähle das aus und klicke auf Textdatei
  • speichere nun das Log unter mbam.txt ab
  • öffne das Log mit deinem Texteditor
  • poste mir den Inhalt

TDSS speichert die Logs unter C:\TDSSKiller_version_datum_zeit_log.txt

und bei Avira musst du mal unter den Ereignisprotokollen schauen und dir das Log anzeigen lassen

und nun geh ich erstmal schlafen

Alt 20.10.2014, 01:45   #5
Goldberry
 
BOO/TDSS.o Befall - was kann ich tun - Standard

BOO/TDSS.o Befall - was kann ich tun



Es gibt auf C:\ nur einen Ordner TDSSKiller_Quarantine, der Ordner mit Datum/Uhrzeit meiner beiden Suchläufe enthält, deren Inhalt sind .ini und .dta Dateien. Was sind davon die Logfiles?

Unter Malwarebytes habe ich das von dir beschriebene Menü leider nicht gefunden, ich benutze Malwarebytes Anti-Rootkit BETA v1.07.0.1012.

Unter Avira gibt es die Möglichkeit, Ereignisse zu exportieren. Ich habe das mal mit einigen der Fehlermeldungen gemacht, die ich von Avira erhalten habe. Falls das die falschen Daten sind oder ich noch mehr hier reinschreiben soll, sag Bescheid!

Code:
ATTFilter
16.10.2014 18:44 [Echtzeit-Scanner] Malware in Bootsektor gefunden
      Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder 
      unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
      Ausgeführte Aktion: Zugriff verweigern

19.10.2014 16:15 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Melanie\Downloads\NotepadPlusPlusPortable_6.5.4.paf-Downloader.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/ShareW.Gen' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

19.10.2014 16:57 [Echtzeit-Scanner] Malware gefunden
      In der Datei 
      'C:\Users\Melanie\Downloads\NotepadPlusPlusPortable_6.5.4.paf-Downloader.exe'
      wurde ein Virus oder unerwünschtes Programm 'ADWARE/ShareW.Gen' [adware] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern
         
Avira hat übrigens zwei Dateien in Quarantäne verschoben und in einem zweiten Suchlauf nichts mehr gefunden. Die Malware ist aber sicher noch da, in meinem Browser kommen immer noch komische Add-Ons und das Suchfeld ist nicht Google, sondern 'Trovi-Search'.


Alt 20.10.2014, 11:14   #6
Bootsektor
/// TB-Ausbilder
 
BOO/TDSS.o Befall - was kann ich tun - Standard

BOO/TDSS.o Befall - was kann ich tun



Hallo,

der TDSS hat aber nichts mit trovi zu tun, das ist lediglich Adware.

MBAR erstellt eine Logfile in dem Ordner in dem du es installiert hast:
( mbar-log-<Jahr-Monat-Tag>.txt ) . Bitte poste diese hier.

Schritt 1
Mache bitte erneut einen Scan mit dem TDSS-Killer
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.


Schritt 2
Bitte noch den FRST-Scan machen
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
--> BOO/TDSS.o Befall - was kann ich tun

Alt 20.10.2014, 18:16   #7
Goldberry
 
BOO/TDSS.o Befall - was kann ich tun - Standard

BOO/TDSS.o Befall - was kann ich tun



Ok, danke für deine Geduld!

mbar-Logfiles (ich hatte zwei Scans gemacht):
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.07.0.1012
www.malwarebytes.org

Database version: v2014.10.19.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17239
Melanie :: MELANIE-PC [administrator]

19.10.2014 16:02:48
mbar-log-2014-10-19 (16-02-48).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 331374
Time elapsed: 22 minute(s), 13 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 2
C:\ProgramData\374311380 (Rogue.Multiple) -> Delete on reboot. [6466df3680fc22149dfaefee15ed18e8]
C:\Users\Melanie\M-1-52-5782-8752-5245 (Trojan.Agent.Gen) -> Delete on reboot. [0fbb2beab8c4c17586fe589317ebde22]

Files Detected: 2
C:\Users\Melanie\AppData\Roaming\msnsvconfig.txt (Malware.Trace) -> Delete on reboot. [cdfdf61f3a421f177a9fbfc061a2d828]
C:\ProgramData\374311380\BIT36C.tmp (Rogue.Multiple) -> Delete on reboot. [6466df3680fc22149dfaefee15ed18e8]

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.07.0.1012
www.malwarebytes.org

Database version: v2014.10.19.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17239
Melanie :: MELANIE-PC [administrator]

19.10.2014 16:43:00
mbar-log-2014-10-19 (16-43-00).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 330708
Time elapsed: 23 minute(s), 14 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
TDSS-Killer (Anzeige: No threats found.):

Code:
ATTFilter
10:11:04.0368 0x1670  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
10:11:08.0428 0x1670  ============================================================
10:11:08.0428 0x1670  Current date / time: 2014/10/20 10:11:08.0428
10:11:08.0428 0x1670  SystemInfo:
10:11:08.0428 0x1670  
10:11:08.0428 0x1670  OS Version: 6.1.7601 ServicePack: 1.0
10:11:08.0428 0x1670  Product type: Workstation
10:11:08.0428 0x1670  ComputerName: MELANIE-PC
10:11:08.0428 0x1670  UserName: Melanie
10:11:08.0428 0x1670  Windows directory: C:\Windows
10:11:08.0428 0x1670  System windows directory: C:\Windows
10:11:08.0428 0x1670  Running under WOW64
10:11:08.0428 0x1670  Processor architecture: Intel x64
10:11:08.0428 0x1670  Number of processors: 4
10:11:08.0428 0x1670  Page size: 0x1000
10:11:08.0428 0x1670  Boot type: Normal boot
10:11:08.0428 0x1670  ============================================================
10:11:09.0870 0x1670  KLMD registered as C:\Windows\system32\drivers\91928178.sys
10:11:10.0960 0x1670  System UUID: {90A4D009-4984-46AD-0777-CC9F1ABD7F0C}
10:11:12.0940 0x1670  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:11:12.0950 0x1670  ============================================================
10:11:12.0950 0x1670  \Device\Harddisk0\DR0:
10:11:12.0950 0x1670  MBR partitions:
10:11:12.0950 0x1670  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2000800, BlocksNum 0x32000
10:11:12.0950 0x1670  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2032800, BlocksNum 0x38353000
10:11:12.0950 0x1670  ============================================================
10:11:12.0980 0x1670  C: <-> \Device\Harddisk0\DR0\Partition2
10:11:12.0980 0x1670  ============================================================
10:11:12.0980 0x1670  Initialize success
10:11:12.0980 0x1670  ============================================================
10:11:15.0120 0x1284  ============================================================
10:11:15.0120 0x1284  Scan started
10:11:15.0120 0x1284  Mode: Manual; 
10:11:15.0120 0x1284  ============================================================
10:11:15.0120 0x1284  KSN ping started
10:11:15.0330 0x1284  KSN ping finished: true
10:11:16.0150 0x1284  ================ Scan system memory ========================
10:11:16.0150 0x1284  System memory - ok
10:11:16.0150 0x1284  ================ Scan services =============================
10:11:16.0930 0x1284  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:11:16.0970 0x1284  1394ohci - ok
10:11:17.0040 0x1284  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:11:17.0050 0x1284  ACPI - ok
10:11:17.0080 0x1284  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
10:11:17.0090 0x1284  AcpiPmi - ok
10:11:17.0290 0x1284  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:11:17.0290 0x1284  AdobeARMservice - ok
10:11:17.0390 0x1284  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
10:11:17.0440 0x1284  adp94xx - ok
10:11:17.0480 0x1284  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
10:11:17.0500 0x1284  adpahci - ok
10:11:17.0510 0x1284  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
10:11:17.0520 0x1284  adpu320 - ok
10:11:17.0560 0x1284  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:11:17.0580 0x1284  AeLookupSvc - ok
10:11:17.0640 0x1284  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
10:11:17.0690 0x1284  AFD - ok
10:11:17.0730 0x1284  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
10:11:17.0730 0x1284  agp440 - ok
10:11:17.0760 0x1284  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
10:11:17.0770 0x1284  ALG - ok
10:11:17.0790 0x1284  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:11:17.0790 0x1284  aliide - ok
10:11:17.0820 0x1284  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
10:11:17.0830 0x1284  amdide - ok
10:11:17.0850 0x1284  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
10:11:17.0870 0x1284  AmdK8 - ok
10:11:17.0890 0x1284  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
10:11:17.0900 0x1284  AmdPPM - ok
10:11:17.0920 0x1284  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:11:17.0930 0x1284  amdsata - ok
10:11:17.0950 0x1284  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
10:11:17.0960 0x1284  amdsbs - ok
10:11:17.0980 0x1284  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:11:17.0980 0x1284  amdxata - ok
10:11:18.0240 0x1284  [ FCFCD84A3F84375CF2EADA10650C3289, A5AC6E167C60451B2EC9561FA83C9DA5ADDF4152E1AD01A38C80D00B3118EE9A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
10:11:18.0250 0x1284  AntiVirSchedulerService - ok
10:11:18.0350 0x1284  [ FCFCD84A3F84375CF2EADA10650C3289, A5AC6E167C60451B2EC9561FA83C9DA5ADDF4152E1AD01A38C80D00B3118EE9A ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
10:11:18.0360 0x1284  AntiVirService - ok
10:11:18.0450 0x1284  [ D62CB48F2FA06D7A243928F2D09470D7, 650618F397C2C20C4C00B3BC2A3A1DABBFB20818B365CEDBA7D04353F97FE001 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
10:11:18.0550 0x1284  AntiVirWebService - ok
10:11:18.0600 0x1284  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
10:11:18.0610 0x1284  AppID - ok
10:11:18.0630 0x1284  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:11:18.0640 0x1284  AppIDSvc - ok
10:11:18.0690 0x1284  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
10:11:18.0710 0x1284  Appinfo - ok
10:11:18.0841 0x1284  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:11:18.0851 0x1284  Apple Mobile Device - ok
10:11:18.0891 0x1284  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
10:11:18.0901 0x1284  arc - ok
10:11:18.0931 0x1284  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
10:11:18.0931 0x1284  arcsas - ok
10:11:19.0131 0x1284  [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:11:19.0341 0x1284  aspnet_state - ok
10:11:19.0371 0x1284  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:11:19.0381 0x1284  AsyncMac - ok
10:11:19.0411 0x1284  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
10:11:19.0421 0x1284  atapi - ok
10:11:19.0451 0x1284  [ CBE61B4494165F458BD87E37181EE934, E95654DCC0F977A3604B6BE435BEE109AC8F9F7494FD3A132F5FB477BBF7B105 ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
10:11:19.0461 0x1284  AthBTPort - ok
10:11:19.0511 0x1284  [ 18771E700DB2B729AF506B946058DD4F, 992C2028E08B467B6269420F98DE4A9E271344EC7FC8B2CA785CE910F391CDAE ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
10:11:19.0521 0x1284  AtherosSvc - ok
10:11:19.0751 0x1284  [ E642491F64E58CD5BC8FB8B347DCF65F, D457175EF3A0552CEA3DA78E7116D54BC2BF157857A8B764597B51FB4E29C033 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
10:11:19.0801 0x1284  athr - ok
10:11:19.0911 0x1284  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:11:19.0931 0x1284  AudioEndpointBuilder - ok
10:11:19.0951 0x1284  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:11:19.0971 0x1284  AudioSrv - ok
10:11:20.0051 0x1284  [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
10:11:20.0071 0x1284  avgntflt - ok
10:11:20.0121 0x1284  [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
10:11:20.0131 0x1284  avipbb - ok
10:11:20.0261 0x1284  [ 485B85B3FF68FB7454984CB92A0532D9, 287F6C6ADF3D96C8AC1BD1FFAD82563DA72A26CF0DECDEA7E987A020EBE06552 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
10:11:20.0281 0x1284  Avira.OE.ServiceHost - ok
10:11:20.0331 0x1284  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
10:11:20.0331 0x1284  avkmgr - ok
10:11:20.0421 0x1284  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:11:20.0441 0x1284  AxInstSV - ok
10:11:20.0541 0x1284  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
10:11:20.0561 0x1284  b06bdrv - ok
10:11:20.0601 0x1284  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:11:20.0611 0x1284  b57nd60a - ok
10:11:20.0671 0x1284  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:11:20.0681 0x1284  BDESVC - ok
10:11:20.0691 0x1284  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:11:20.0701 0x1284  Beep - ok
10:11:20.0791 0x1284  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
10:11:20.0811 0x1284  BFE - ok
10:11:20.0881 0x1284  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
10:11:20.0921 0x1284  BITS - ok
10:11:20.0931 0x1284  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
10:11:20.0941 0x1284  blbdrive - ok
10:11:21.0031 0x1284  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:11:21.0051 0x1284  Bonjour Service - ok
10:11:21.0091 0x1284  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:11:21.0101 0x1284  bowser - ok
10:11:21.0101 0x1284  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:11:21.0111 0x1284  BrFiltLo - ok
10:11:21.0111 0x1284  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:11:21.0121 0x1284  BrFiltUp - ok
10:11:21.0171 0x1284  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
10:11:21.0181 0x1284  Browser - ok
10:11:21.0191 0x1284  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
10:11:21.0211 0x1284  Brserid - ok
10:11:21.0221 0x1284  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:11:21.0221 0x1284  BrSerWdm - ok
10:11:21.0231 0x1284  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:11:21.0231 0x1284  BrUsbMdm - ok
10:11:21.0231 0x1284  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:11:21.0241 0x1284  BrUsbSer - ok
10:11:21.0301 0x1284  [ FE70889A85C57A9268101B2DB0474509, 9E957390A52BE4E5642724FEC06A201682F93DD1C6F2C00A5F57351460CF5AE0 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
10:11:21.0361 0x1284  BTATH_A2DP - ok
10:11:21.0441 0x1284  [ A83A91D07D1FE6BBE7A9DB46CA00434B, 9EF851047189E13954C0F6A325E4843914C423C0D1EDAE21A34AB3A962BBD5AC ] BTATH_BUS       C:\Windows\system32\DRIVERS\btath_bus.sys
10:11:21.0451 0x1284  BTATH_BUS - ok
10:11:21.0551 0x1284  [ C864FF85EE16D61C2BDD5EF76824625F, 6D2FE57688D9E8B4277BF6DA9C219DEB367274364FBE17EFC353CEDB2D7EA35D ] BTATH_HCRP      C:\Windows\system32\DRIVERS\btath_hcrp.sys
10:11:21.0571 0x1284  BTATH_HCRP - ok
10:11:21.0601 0x1284  [ 0DEA505EFB5D771826D177EF8B8A208F, FD8027DA791F04077490749AC5A08F73CCBA1731462579AA9008CD8DD82FBBBC ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
10:11:21.0611 0x1284  BTATH_LWFLT - ok
10:11:21.0641 0x1284  [ 724C8088C96EFE7A3E63FEC21D4681C0, 4F9B258BE0FEA634A0D93B3892F2F039A7CAD184C9A81DFC2B67B0D4B39C5035 ] BTATH_RCP       C:\Windows\system32\DRIVERS\btath_rcp.sys
10:11:21.0651 0x1284  BTATH_RCP - ok
10:11:21.0721 0x1284  [ DCE0798FD5BB4E452227EC58700956F5, 7A32824F7AFF47C907CE0F84994CEF15A38A60722533058C8AC014691DFE72F4 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
10:11:21.0771 0x1284  BtFilter - ok
10:11:21.0791 0x1284  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
10:11:21.0791 0x1284  BthEnum - ok
10:11:21.0811 0x1284  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
10:11:21.0821 0x1284  BTHMODEM - ok
10:11:21.0841 0x1284  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
10:11:21.0851 0x1284  BthPan - ok
10:11:21.0951 0x1284  [ 64C198198501F7560EE41D8D1EFA7952, 53CE5FDD1866FC8A0B91C7A620F7555D197488C4C8F3DEFD4398D8E3ED2AEBD0 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
10:11:21.0971 0x1284  BTHPORT - ok
10:11:22.0011 0x1284  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
10:11:22.0041 0x1284  bthserv - ok
10:11:22.0061 0x1284  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
10:11:22.0071 0x1284  BTHUSB - ok
10:11:22.0151 0x1284  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:11:22.0161 0x1284  cdfs - ok
10:11:22.0211 0x1284  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
10:11:22.0221 0x1284  cdrom - ok
10:11:22.0271 0x1284  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
10:11:22.0291 0x1284  CertPropSvc - ok
10:11:22.0321 0x1284  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
10:11:22.0321 0x1284  circlass - ok
10:11:22.0351 0x1284  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
10:11:22.0361 0x1284  CLFS - ok
10:11:22.0501 0x1284  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:11:22.0511 0x1284  clr_optimization_v2.0.50727_32 - ok
10:11:22.0681 0x1284  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:11:22.0691 0x1284  clr_optimization_v2.0.50727_64 - ok
10:11:22.0841 0x1284  [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:11:22.0961 0x1284  clr_optimization_v4.0.30319_32 - ok
10:11:22.0991 0x1284  [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:11:23.0001 0x1284  clr_optimization_v4.0.30319_64 - ok
10:11:23.0031 0x1284  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
10:11:23.0041 0x1284  CmBatt - ok
10:11:23.0061 0x1284  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:11:23.0071 0x1284  cmdide - ok
10:11:23.0141 0x1284  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
10:11:23.0171 0x1284  CNG - ok
10:11:23.0321 0x1284  [ 99B1B888B793DE320C5479B3C953781F, 6A499F916132998FBDFA587823A11C2ED1D27DED10374F6A41BA5861A2FF969E ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
10:11:23.0371 0x1284  CnxtHdAudService - ok
10:11:23.0401 0x1284  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
10:11:23.0401 0x1284  Compbatt - ok
10:11:23.0461 0x1284  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
10:11:23.0461 0x1284  CompositeBus - ok
10:11:23.0481 0x1284  COMSysApp - ok
10:11:23.0491 0x1284  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
10:11:23.0501 0x1284  crcdisk - ok
10:11:23.0541 0x1284  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:11:23.0551 0x1284  CryptSvc - ok
10:11:23.0731 0x1284  [ 61A86809B62769643892BC0812B204AA, 92FAC8176BE88D63C1DB1FF127F1BACD7D735A36DA42ABDE448D34B8D66F2BB9 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
10:11:23.0771 0x1284  cvhsvc - ok
10:11:23.0771 0x1284  CxAudMsg - ok
10:11:23.0871 0x1284  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:11:23.0911 0x1284  DcomLaunch - ok
10:11:24.0021 0x1284  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
10:11:24.0041 0x1284  defragsvc - ok
10:11:24.0121 0x1284  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:11:24.0141 0x1284  DfsC - ok
10:11:24.0161 0x1284  DgiVecp - ok
10:11:24.0221 0x1284  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:11:24.0231 0x1284  Dhcp - ok
10:11:24.0251 0x1284  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
10:11:24.0261 0x1284  discache - ok
10:11:24.0301 0x1284  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
10:11:24.0311 0x1284  Disk - ok
10:11:24.0391 0x1284  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:11:24.0411 0x1284  Dnscache - ok
10:11:24.0511 0x1284  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:11:24.0541 0x1284  dot3svc - ok
10:11:24.0591 0x1284  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
10:11:24.0601 0x1284  DPS - ok
10:11:24.0651 0x1284  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:11:24.0651 0x1284  drmkaud - ok
10:11:24.0781 0x1284  [ 4AB2A58816CC6BE771F1D8C768B804C5, 8D4D33D68D13A7EB0114959DAE841411961C18C6EDF8E1559649903D20BD3D50 ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
10:11:24.0791 0x1284  DsiWMIService - ok
10:11:24.0881 0x1284  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:11:24.0911 0x1284  DXGKrnl - ok
10:11:24.0951 0x1284  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
10:11:24.0981 0x1284  EapHost - ok
10:11:25.0411 0x1284  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
10:11:25.0571 0x1284  ebdrv - ok
10:11:25.0611 0x1284  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
10:11:25.0611 0x1284  EFS - ok
10:11:25.0661 0x1284  [ 03E6888DA1A85ACF14AC2A3C328A9E62, 120A7A10F6DAC991B91BFEC5430FD9F929E173AB513891B229F19A9BA4EC3998 ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
10:11:25.0671 0x1284  EgisTec Ticket Service - ok
10:11:25.0801 0x1284  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:11:25.0851 0x1284  ehRecvr - ok
10:11:25.0931 0x1284  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
10:11:25.0941 0x1284  ehSched - ok
10:11:26.0061 0x1284  [ A05FC7ECA0966EBB70E4D17B855A853B, 16A0C8138A3BBD8BE2658261131F9777940CFB1431018A10710E5C1A88AB70EA ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
10:11:26.0061 0x1284  ElbyCDIO - ok
10:11:26.0161 0x1284  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
10:11:26.0191 0x1284  elxstor - ok
10:11:26.0311 0x1284  [ EB1C213A8550F066B2CCC29C9F41E2AE, D23E92EA5389F4FD1B3157FD611AC5301384DB21BAE5E935D507548CB2E49CDC ] ePowerSvc       C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
10:11:26.0341 0x1284  ePowerSvc - ok
10:11:26.0351 0x1284  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:11:26.0361 0x1284  ErrDev - ok
10:11:26.0401 0x1284  [ 9D8739A2A2173C9D27C499A3FC6EDA3F, DB25F566A071FE935996CF6C63E1CDFB85162A92E9D3D5695A56900D54C83C76 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
10:11:26.0431 0x1284  ETD - ok
10:11:26.0501 0x1284  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
10:11:26.0521 0x1284  EventSystem - ok
10:11:26.0691 0x1284  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
10:11:26.0711 0x1284  exfat - ok
10:11:26.0751 0x1284  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:11:26.0761 0x1284  fastfat - ok
10:11:26.0821 0x1284  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
10:11:26.0841 0x1284  Fax - ok
10:11:26.0851 0x1284  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
10:11:26.0861 0x1284  fdc - ok
10:11:26.0881 0x1284  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
10:11:26.0881 0x1284  fdPHost - ok
10:11:26.0891 0x1284  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:11:26.0901 0x1284  FDResPub - ok
10:11:26.0911 0x1284  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:11:26.0921 0x1284  FileInfo - ok
10:11:26.0951 0x1284  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:11:26.0951 0x1284  Filetrace - ok
10:11:27.0071 0x1284  [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:11:27.0131 0x1284  FLEXnet Licensing Service - ok
10:11:27.0141 0x1284  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
10:11:27.0141 0x1284  flpydisk - ok
10:11:27.0211 0x1284  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:11:27.0251 0x1284  FltMgr - ok
10:11:27.0391 0x1284  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
10:11:27.0461 0x1284  FontCache - ok
10:11:27.0531 0x1284  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:11:27.0551 0x1284  FontCache3.0.0.0 - ok
10:11:27.0571 0x1284  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:11:27.0591 0x1284  FsDepends - ok
10:11:27.0621 0x1284  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:11:27.0631 0x1284  Fs_Rec - ok
10:11:27.0701 0x1284  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:11:27.0721 0x1284  fvevol - ok
10:11:27.0771 0x1284  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
10:11:27.0781 0x1284  gagp30kx - ok
10:11:27.0841 0x1284  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:11:27.0851 0x1284  GEARAspiWDM - ok
10:11:27.0911 0x1284  globalUpdate - ok
10:11:27.0951 0x1284  globalUpdatem - ok
10:11:28.0031 0x1284  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
10:11:28.0061 0x1284  gpsvc - ok
10:11:28.0131 0x1284  [ 0191DEE9B9EB7902AF2CF4F67301095D, 9E2E263E84167E1AD3FFCEA84066AF07CD6A653F5D8266A619E4973BC4B25460 ] GREGService     C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
10:11:28.0131 0x1284  GREGService - ok
10:11:28.0251 0x1284  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:11:28.0261 0x1284  gupdate - ok
10:11:28.0281 0x1284  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:11:28.0281 0x1284  gupdatem - ok
10:11:28.0301 0x1284  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:11:28.0311 0x1284  gusvc - ok
10:11:28.0341 0x1284  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:11:28.0351 0x1284  hcw85cir - ok
10:11:28.0401 0x1284  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:11:28.0421 0x1284  HdAudAddService - ok
10:11:28.0441 0x1284  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
10:11:28.0451 0x1284  HDAudBus - ok
10:11:28.0461 0x1284  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
10:11:28.0461 0x1284  HidBatt - ok
10:11:28.0481 0x1284  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
10:11:28.0481 0x1284  HidBth - ok
10:11:28.0501 0x1284  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
10:11:28.0511 0x1284  HidIr - ok
10:11:28.0561 0x1284  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
10:11:28.0571 0x1284  hidserv - ok
10:11:28.0621 0x1284  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
10:11:28.0631 0x1284  HidUsb - ok
10:11:28.0681 0x1284  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:11:28.0681 0x1284  hkmsvc - ok
10:11:28.0771 0x1284  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:11:28.0791 0x1284  HomeGroupListener - ok
10:11:28.0831 0x1284  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:11:28.0841 0x1284  HomeGroupProvider - ok
10:11:28.0871 0x1284  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:11:28.0881 0x1284  HpSAMD - ok
10:11:28.0971 0x1284  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:11:29.0001 0x1284  HTTP - ok
10:11:29.0061 0x1284  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:11:29.0071 0x1284  hwpolicy - ok
10:11:29.0161 0x1284  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
10:11:29.0171 0x1284  i8042prt - ok
10:11:29.0231 0x1284  [ D469B77687E12FE43E344806740B624D, DFDD486FD040813BF4E5DDB504CF9E0BFBF6D4E540DDDA4829F9B675ACF63E89 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
10:11:29.0241 0x1284  iaStor - ok
10:11:29.0321 0x1284  [ 983FC69644DDF0486C8DFEA262948D1A, 329EC95117C31E61F6D22D79CFF339D70A70522710E7DC0CED06EC95E6D4B34F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
10:11:29.0321 0x1284  IAStorDataMgrSvc - ok
10:11:29.0421 0x1284  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:11:29.0441 0x1284  iaStorV - ok
10:11:29.0701 0x1284  [ E4693409D06785477A49FB34AFAE1B92, 3855CE03672D73084BBAC219F2B350CF22608A82828F82A9E842034F6A975F14 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
10:11:34.0042 0x1284  IconMan_R - ok
10:11:34.0232 0x1284  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:11:34.0292 0x1284  idsvc - ok
10:11:34.0362 0x1284  IEEtwCollectorService - ok
10:11:35.0392 0x1284  [ 38A74E208945A2C30C35C999AE184A79, FF01E2E7AF05A31A6ECFFA7FF04B2F300947A79F41BC0A9D6CE3F638B5C72ADA ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
10:11:35.0862 0x1284  igfx - ok
10:11:35.0922 0x1284  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
10:11:35.0922 0x1284  iirsp - ok
10:11:36.0042 0x1284  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
10:11:36.0072 0x1284  IKEEXT - ok
10:11:36.0242 0x1284  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
10:11:36.0272 0x1284  IntcDAud - ok
10:11:36.0312 0x1284  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:11:36.0312 0x1284  intelide - ok
10:11:36.0352 0x1284  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:11:36.0352 0x1284  intelppm - ok
10:11:36.0392 0x1284  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:11:36.0412 0x1284  IPBusEnum - ok
10:11:36.0472 0x1284  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:11:36.0482 0x1284  IpFilterDriver - ok
10:11:36.0522 0x1284  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:11:36.0542 0x1284  iphlpsvc - ok
10:11:36.0602 0x1284  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
10:11:36.0622 0x1284  IPMIDRV - ok
10:11:36.0672 0x1284  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:11:36.0682 0x1284  IPNAT - ok
10:11:36.0982 0x1284  [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
10:11:37.0012 0x1284  iPod Service - ok
10:11:37.0032 0x1284  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:11:37.0032 0x1284  IRENUM - ok
10:11:37.0072 0x1284  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:11:37.0082 0x1284  isapnp - ok
10:11:37.0202 0x1284  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:11:37.0222 0x1284  iScsiPrt - ok
10:11:37.0452 0x1284  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
10:11:37.0462 0x1284  kbdclass - ok
10:11:37.0522 0x1284  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
10:11:37.0522 0x1284  kbdhid - ok
10:11:37.0542 0x1284  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
10:11:37.0542 0x1284  KeyIso - ok
10:11:37.0582 0x1284  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:11:37.0602 0x1284  KSecDD - ok
10:11:37.0662 0x1284  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:11:37.0672 0x1284  KSecPkg - ok
10:11:37.0702 0x1284  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:11:37.0702 0x1284  ksthunk - ok
10:11:37.0762 0x1284  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:11:37.0812 0x1284  KtmRm - ok
10:11:37.0852 0x1284  [ EBED8B3FF4A823C1A6EEBEED7B29353F, 0942200EEDEDA1FF4E634CDC5182D8EDC9BC9F66E89A5DAB8DF82C3FBB2F0D59 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
10:11:37.0862 0x1284  L1C - ok
10:11:37.0942 0x1284  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:11:37.0962 0x1284  LanmanServer - ok
10:11:38.0012 0x1284  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:11:38.0022 0x1284  LanmanWorkstation - ok
10:11:38.0092 0x1284  [ 6BCEE9C766815BFFF89DE7D81AF34CE1, E10B9EFAF5D1E6596CFC7E3C9D5C3904EC8E82B16133B59BBC636F5E4D0AEB7F ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
10:11:38.0122 0x1284  Live Updater Service - ok
10:11:38.0222 0x1284  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:11:38.0232 0x1284  lltdio - ok
10:11:38.0412 0x1284  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:11:38.0462 0x1284  lltdsvc - ok
10:11:38.0482 0x1284  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:11:38.0492 0x1284  lmhosts - ok
10:11:38.0582 0x1284  [ D75C4B4A8FE6D7FD74A7EECDBAEC729F, 9BB0A3BE7CCDF62CF0A67CB67019364965F6567BE29BA6D153B8E36F88058302 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:11:38.0602 0x1284  LMS - ok
10:11:38.0662 0x1284  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
10:11:38.0672 0x1284  LSI_FC - ok
10:11:38.0692 0x1284  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
10:11:38.0702 0x1284  LSI_SAS - ok
10:11:38.0742 0x1284  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:11:38.0752 0x1284  LSI_SAS2 - ok
10:11:38.0782 0x1284  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:11:38.0802 0x1284  LSI_SCSI - ok
10:11:38.0872 0x1284  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
10:11:38.0892 0x1284  luafv - ok
10:11:38.0962 0x1284  [ 1A243DAD23BB639D47F25AB9EC51FCAD, 596A9676F38730B520F36BDA964C555F31FD9CD1A45CD5280A534C6336E344AF ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
10:11:38.0982 0x1284  mbamchameleon - ok
10:11:39.0022 0x1284  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:11:39.0052 0x1284  Mcx2Svc - ok
10:11:39.0072 0x1284  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
10:11:39.0072 0x1284  megasas - ok
10:11:39.0102 0x1284  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
10:11:39.0122 0x1284  MegaSR - ok
10:11:39.0172 0x1284  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
10:11:39.0202 0x1284  MEIx64 - ok
10:11:39.0242 0x1284  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
10:11:39.0252 0x1284  MMCSS - ok
10:11:39.0272 0x1284  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
10:11:39.0282 0x1284  Modem - ok
10:11:39.0312 0x1284  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:11:39.0312 0x1284  monitor - ok
10:11:39.0362 0x1284  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:11:39.0382 0x1284  mouclass - ok
10:11:39.0412 0x1284  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:11:39.0412 0x1284  mouhid - ok
10:11:39.0472 0x1284  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:11:39.0482 0x1284  mountmgr - ok
10:11:39.0572 0x1284  [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:11:39.0592 0x1284  MozillaMaintenance - ok
10:11:39.0682 0x1284  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:11:39.0702 0x1284  mpio - ok
10:11:39.0742 0x1284  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:11:39.0762 0x1284  mpsdrv - ok
10:11:39.0873 0x1284  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:11:39.0913 0x1284  MpsSvc - ok
10:11:39.0953 0x1284  [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:11:39.0963 0x1284  MRxDAV - ok
10:11:40.0033 0x1284  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:11:40.0063 0x1284  mrxsmb - ok
10:11:40.0103 0x1284  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:11:40.0123 0x1284  mrxsmb10 - ok
10:11:40.0173 0x1284  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:11:40.0173 0x1284  mrxsmb20 - ok
10:11:40.0203 0x1284  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:11:40.0213 0x1284  msahci - ok
10:11:40.0293 0x1284  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:11:40.0303 0x1284  msdsm - ok
10:11:40.0323 0x1284  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
10:11:40.0333 0x1284  MSDTC - ok
10:11:40.0373 0x1284  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:11:40.0383 0x1284  Msfs - ok
10:11:40.0413 0x1284  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:11:40.0413 0x1284  mshidkmdf - ok
10:11:40.0423 0x1284  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:11:40.0433 0x1284  msisadrv - ok
10:11:40.0463 0x1284  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:11:40.0473 0x1284  MSiSCSI - ok
10:11:40.0483 0x1284  msiserver - ok
10:11:40.0513 0x1284  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:11:40.0513 0x1284  MSKSSRV - ok
10:11:40.0533 0x1284  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:11:40.0533 0x1284  MSPCLOCK - ok
10:11:40.0543 0x1284  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:11:40.0543 0x1284  MSPQM - ok
10:11:40.0603 0x1284  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:11:40.0643 0x1284  MsRPC - ok
10:11:40.0893 0x1284  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
10:11:40.0893 0x1284  mssmbios - ok
10:11:40.0923 0x1284  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:11:40.0923 0x1284  MSTEE - ok
10:11:40.0953 0x1284  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
10:11:40.0963 0x1284  MTConfig - ok
10:11:40.0993 0x1284  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
10:11:41.0003 0x1284  Mup - ok
10:11:41.0033 0x1284  [ 9B1EAC6FAF6F37305E822F5588DC8056, AE0DC044159BB03EE8A39AE0682C8F6A78D89AD5A6192E7006D75850ECD50E9D ] mwlPSDFilter    C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
10:11:41.0043 0x1284  mwlPSDFilter - ok
10:11:41.0073 0x1284  [ AD55C1524B296280ED9C6E0D730D35DA, 8E5F9652CFCB325E131CEB2E4871126EB6F940DF7894B2E7F8241F1EF69920ED ] mwlPSDNServ     C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
10:11:41.0083 0x1284  mwlPSDNServ - ok
10:11:41.0103 0x1284  [ 2B599E6EC8843637BDD62E7F8F3BA201, 51EE657FC6CA4F2BCC24573B27379231EF30920A559423A860A278C59F4B9F98 ] mwlPSDVDisk     C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
10:11:41.0113 0x1284  mwlPSDVDisk - ok
10:11:41.0233 0x1284  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
10:11:41.0253 0x1284  napagent - ok
10:11:41.0323 0x1284  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:11:41.0353 0x1284  NativeWifiP - ok
10:11:41.0433 0x1284  [ C38B8AE57F78915905064A9A24DC1586, 5A24A490AC5DB4FCC745182BDBAEA8836E8FBEC635609AE4CF51DAC3A30A8221 ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:11:41.0483 0x1284  NDIS - ok
10:11:41.0493 0x1284  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:11:41.0503 0x1284  NdisCap - ok
10:11:41.0533 0x1284  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:11:41.0533 0x1284  NdisTapi - ok
10:11:41.0573 0x1284  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:11:41.0593 0x1284  Ndisuio - ok
10:11:41.0663 0x1284  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:11:41.0683 0x1284  NdisWan - ok
10:11:41.0733 0x1284  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:11:41.0743 0x1284  NDProxy - ok
10:11:41.0753 0x1284  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:11:41.0763 0x1284  NetBIOS - ok
10:11:41.0833 0x1284  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:11:41.0843 0x1284  NetBT - ok
10:11:41.0873 0x1284  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
10:11:41.0873 0x1284  Netlogon - ok
10:11:42.0013 0x1284  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
10:11:42.0023 0x1284  Netman - ok
10:11:42.0333 0x1284  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:11:42.0423 0x1284  NetMsmqActivator - ok
10:11:42.0453 0x1284  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:11:42.0463 0x1284  NetPipeActivator - ok
10:11:42.0493 0x1284  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
10:11:42.0513 0x1284  netprofm - ok
10:11:42.0523 0x1284  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:11:42.0533 0x1284  NetTcpActivator - ok
10:11:42.0533 0x1284  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:11:42.0533 0x1284  NetTcpPortSharing - ok
10:11:42.0623 0x1284  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
10:11:42.0643 0x1284  nfrd960 - ok
10:11:42.0693 0x1284  [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:11:42.0753 0x1284  NlaSvc - ok
10:11:43.0243 0x1284  [ 5839A8027D6D324A7CD494051A96628C, 474F2D0BB463ABE68D7C4D2C630860AED4B722EC62C616C91EE00AA965378382 ] NOBU            C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
10:11:43.0333 0x1284  NOBU - ok
10:11:43.0353 0x1284  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:11:43.0353 0x1284  Npfs - ok
10:11:43.0433 0x1284  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
10:11:43.0443 0x1284  nsi - ok
10:11:43.0463 0x1284  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:11:43.0463 0x1284  nsiproxy - ok
10:11:43.0783 0x1284  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:11:43.0883 0x1284  Ntfs - ok
10:11:44.0003 0x1284  [ 773EED20BBF50809437373C0285BFA5E, 09D2A16431527FF1075ED1B8B5C8783A82F8697D35F7F84E25166024EAA6F6D0 ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
10:11:44.0033 0x1284  NTI IScheduleSvc - ok
10:11:44.0053 0x1284  [ EE3BA1024594D5D09E314F206B94069E, 34C8EC3DF1C3088D8A0442CAA4F5506665AFB2DF016709457ED2AB7DA45F53A6 ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
10:11:44.0053 0x1284  NTIDrvr - ok
10:11:44.0073 0x1284  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
10:11:44.0073 0x1284  Null - ok
10:11:44.0113 0x1284  [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
10:11:44.0123 0x1284  nusb3hub - ok
10:11:44.0163 0x1284  [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
10:11:44.0183 0x1284  nusb3xhc - ok
10:11:44.0273 0x1284  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:11:44.0293 0x1284  nvraid - ok
10:11:44.0343 0x1284  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:11:44.0363 0x1284  nvstor - ok
10:11:44.0413 0x1284  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:11:44.0423 0x1284  nv_agp - ok
10:11:44.0453 0x1284  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:11:44.0463 0x1284  ohci1394 - ok
10:11:44.0563 0x1284  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:11:44.0593 0x1284  ose - ok
10:11:44.0983 0x1284  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:11:45.0153 0x1284  osppsvc - ok
10:11:45.0193 0x1284  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:11:45.0203 0x1284  p2pimsvc - ok
10:11:45.0233 0x1284  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
10:11:45.0263 0x1284  p2psvc - ok
10:11:45.0303 0x1284  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
10:11:45.0313 0x1284  Parport - ok
10:11:45.0353 0x1284  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:11:45.0373 0x1284  partmgr - ok
10:11:45.0403 0x1284  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:11:45.0423 0x1284  PcaSvc - ok
10:11:45.0463 0x1284  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
10:11:45.0473 0x1284  pci - ok
10:11:45.0513 0x1284  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
10:11:45.0513 0x1284  pciide - ok
10:11:45.0533 0x1284  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
10:11:45.0553 0x1284  pcmcia - ok
10:11:45.0563 0x1284  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:11:45.0573 0x1284  pcw - ok
10:11:45.0633 0x1284  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:11:45.0663 0x1284  PEAUTH - ok
10:11:45.0783 0x1284  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:11:45.0803 0x1284  PerfHost - ok
10:11:46.0003 0x1284  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
10:11:46.0053 0x1284  pla - ok
10:11:46.0103 0x1284  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:11:46.0133 0x1284  PlugPlay - ok
10:11:46.0163 0x1284  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:11:46.0173 0x1284  PNRPAutoReg - ok
10:11:46.0243 0x1284  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:11:46.0253 0x1284  PNRPsvc - ok
10:11:46.0333 0x1284  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:11:46.0373 0x1284  PolicyAgent - ok
10:11:46.0433 0x1284  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
10:11:46.0443 0x1284  Power - ok
10:11:46.0523 0x1284  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:11:46.0543 0x1284  PptpMiniport - ok
10:11:46.0583 0x1284  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
10:11:46.0603 0x1284  Processor - ok
10:11:46.0683 0x1284  [ 5C78838B4D166D1A27DB3A8A820C799A, BBF7E1D0B6754CF06BF3936671FDF5BF6E845CA5678D0940EA54E9212B539B7F ] ProfSvc         C:\Windows\system32\profsvc.dll
10:11:46.0703 0x1284  ProfSvc - ok
10:11:46.0723 0x1284  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:11:46.0723 0x1284  ProtectedStorage - ok
10:11:46.0763 0x1284  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:11:46.0773 0x1284  Psched - ok
10:11:47.0143 0x1284  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
10:11:47.0203 0x1284  ql2300 - ok
10:11:47.0233 0x1284  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
10:11:47.0243 0x1284  ql40xx - ok
10:11:47.0293 0x1284  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
10:11:47.0323 0x1284  QWAVE - ok
10:11:47.0333 0x1284  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:11:47.0343 0x1284  QWAVEdrv - ok
10:11:47.0373 0x1284  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:11:47.0373 0x1284  RasAcd - ok
10:11:47.0403 0x1284  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
10:11:47.0423 0x1284  RasAgileVpn - ok
10:11:47.0463 0x1284  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
10:11:47.0493 0x1284  RasAuto - ok
10:11:47.0553 0x1284  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:11:47.0563 0x1284  Rasl2tp - ok
10:11:47.0643 0x1284  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
10:11:47.0663 0x1284  RasMan - ok
10:11:47.0683 0x1284  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:11:47.0683 0x1284  RasPppoe - ok
10:11:47.0703 0x1284  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:11:47.0723 0x1284  RasSstp - ok
10:11:47.0763 0x1284  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:11:47.0773 0x1284  rdbss - ok
10:11:47.0793 0x1284  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
10:11:47.0793 0x1284  rdpbus - ok
10:11:47.0824 0x1284  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:11:47.0824 0x1284  RDPCDD - ok
10:11:47.0864 0x1284  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:11:47.0874 0x1284  RDPENCDD - ok
10:11:47.0884 0x1284  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:11:47.0884 0x1284  RDPREFMP - ok
10:11:47.0994 0x1284  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:11:48.0024 0x1284  RDPWD - ok
10:11:48.0064 0x1284  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:11:48.0084 0x1284  rdyboost - ok
10:11:48.0104 0x1284  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:11:48.0114 0x1284  RemoteAccess - ok
10:11:48.0164 0x1284  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:11:48.0184 0x1284  RemoteRegistry - ok
10:11:48.0274 0x1284  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
10:11:48.0294 0x1284  RFCOMM - ok
10:11:48.0344 0x1284  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:11:48.0354 0x1284  RpcEptMapper - ok
10:11:48.0394 0x1284  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
10:11:48.0394 0x1284  RpcLocator - ok
10:11:48.0494 0x1284  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
10:11:48.0514 0x1284  RpcSs - ok
10:11:48.0604 0x1284  [ D5C3E1629A3F7F0857D27949252B94CE, E6DC44D9A1325D61CEE9E76AE442988ED6EB29DE322844CF8689A1F5184C1E05 ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
10:11:48.0624 0x1284  RSPCIESTOR - ok
10:11:48.0644 0x1284  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:11:48.0664 0x1284  rspndr - ok
10:11:48.0854 0x1284  [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A, A6810A901620119E1809297A568DC903729471F4F4F813F1C60378E122D2358E ] RS_Service      C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
10:11:48.0884 0x1284  RS_Service - ok
10:11:48.0894 0x1284  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
10:11:48.0894 0x1284  SamSs - ok
10:11:48.0924 0x1284  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:11:48.0934 0x1284  sbp2port - ok
10:11:48.0994 0x1284  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:11:49.0024 0x1284  SCardSvr - ok
10:11:49.0074 0x1284  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:11:49.0084 0x1284  scfilter - ok
10:11:49.0234 0x1284  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
10:11:49.0324 0x1284  Schedule - ok
10:11:49.0464 0x1284  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:11:49.0464 0x1284  SCPolicySvc - ok
10:11:49.0554 0x1284  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
10:11:49.0574 0x1284  sdbus - ok
10:11:49.0644 0x1284  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:11:49.0674 0x1284  SDRSVC - ok
10:11:49.0724 0x1284  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:11:49.0724 0x1284  secdrv - ok
10:11:49.0764 0x1284  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
10:11:49.0774 0x1284  seclogon - ok
10:11:49.0934 0x1284  [ A1C2595D94B501AA9DE90D64BAAD4AAE, 40071D1284C762C39E64022E728E5C80E7880DFC5FBAC0D32A947963F29A8908 ] Securepoint VPN C:\Program Files (x86)\Securepoint SSL VPN\SPOpenVPNService.exe
10:11:49.0974 0x1284  Securepoint VPN - ok
10:11:49.0994 0x1284  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
10:11:49.0994 0x1284  SENS - ok
10:11:50.0014 0x1284  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:11:50.0024 0x1284  SensrSvc - ok
10:11:50.0044 0x1284  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
10:11:50.0044 0x1284  Serenum - ok
10:11:50.0084 0x1284  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
10:11:50.0094 0x1284  Serial - ok
10:11:50.0134 0x1284  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
10:11:50.0144 0x1284  sermouse - ok
10:11:50.0214 0x1284  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
10:11:50.0224 0x1284  SessionEnv - ok
10:11:50.0244 0x1284  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:11:50.0244 0x1284  sffdisk - ok
10:11:50.0254 0x1284  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:11:50.0264 0x1284  sffp_mmc - ok
10:11:50.0294 0x1284  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:11:50.0294 0x1284  sffp_sd - ok
10:11:50.0344 0x1284  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
10:11:50.0344 0x1284  sfloppy - ok
10:11:50.0484 0x1284  [ D5183ED285D2795491DC15BDDCBEE5AD, 607D208C730485B445EC80EEE5529A8E2BEF44FE2C8558E71A7FB47B0C8C7B56 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
10:11:50.0504 0x1284  Sftfs - ok
10:11:50.0644 0x1284  [ BFDB58616FF5EA540A5F58301D50641E, AFBF163938237C7E2578690BE71001016AF7FF61CD84594E7D76CDCBBD1FF4BD ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
10:11:50.0674 0x1284  sftlist - ok
10:11:50.0694 0x1284  [ 00F118B68C50D2206DD51634F9142B83, 5C5913ED0E3551DD5FD881830A6F7DBAEB0E9FA3904EE3BB13D8F1DA346EBCE7 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
10:11:50.0704 0x1284  Sftplay - ok
10:11:50.0714 0x1284  [ 76A827DF5640BFE16A0CDBB4108ADECA, E7D333A251E0F0DA729DA3CBE6B0F1E5DE2EE585E8B87B5EC78E78E129CA1112 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
10:11:50.0724 0x1284  Sftredir - ok
10:11:50.0734 0x1284  [ 1B4C9701645086BAB8CAFFFCE30ED284, B95C995EEB573B5C3D00DBA9D439CACCF3D3C9593E568D2D0F44245E7B09E3F5 ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
10:11:50.0734 0x1284  Sftvol - ok
10:11:50.0804 0x1284  [ B94C3C4DCA2093243C76CA218EDE2A97, 4D376F825AEEFD8F1BCE48180471C75BDA655B2D8BE6E4205E327D14D797DBF2 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
10:11:50.0824 0x1284  sftvsa - ok
10:11:50.0854 0x1284  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:11:50.0884 0x1284  SharedAccess - ok
10:11:50.0934 0x1284  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:11:50.0944 0x1284  ShellHWDetection - ok
10:11:50.0984 0x1284  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:11:50.0994 0x1284  SiSRaid2 - ok
10:11:51.0014 0x1284  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
10:11:51.0034 0x1284  SiSRaid4 - ok
10:11:51.0074 0x1284  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:11:51.0094 0x1284  Smb - ok
10:11:51.0134 0x1284  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:11:51.0144 0x1284  SNMPTRAP - ok
10:11:51.0164 0x1284  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:11:51.0174 0x1284  spldr - ok
10:11:51.0274 0x1284  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
10:11:51.0294 0x1284  Spooler - ok
10:11:51.0604 0x1284  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
10:11:51.0704 0x1284  sppsvc - ok
10:11:51.0734 0x1284  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
10:11:51.0734 0x1284  sppuinotify - ok
10:11:51.0794 0x1284  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:11:51.0825 0x1284  srv - ok
10:11:51.0885 0x1284  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:11:51.0915 0x1284  srv2 - ok
10:11:51.0955 0x1284  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:11:51.0965 0x1284  srvnet - ok
10:11:51.0985 0x1284  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:11:51.0995 0x1284  SSDPSRV - ok
10:11:52.0065 0x1284  [ 0211AB46B73A2623B86C1CFCB30579AB, 7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4 ] SSPORT          C:\Windows\system32\Drivers\SSPORT.sys
10:11:52.0065 0x1284  SSPORT - ok
10:11:52.0095 0x1284  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:11:52.0105 0x1284  SstpSvc - ok
10:11:52.0135 0x1284  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
10:11:52.0175 0x1284  stexstor - ok
10:11:52.0335 0x1284  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
10:11:52.0365 0x1284  stisvc - ok
10:11:52.0395 0x1284  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
10:11:52.0395 0x1284  swenum - ok
10:11:52.0465 0x1284  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
10:11:52.0495 0x1284  swprv - ok
10:11:52.0625 0x1284  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
10:11:52.0695 0x1284  SysMain - ok
10:11:52.0755 0x1284  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:11:52.0775 0x1284  TabletInputService - ok
10:11:52.0845 0x1284  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
10:11:52.0855 0x1284  tap0901 - ok
10:11:52.0945 0x1284  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:11:52.0985 0x1284  TapiSrv - ok
10:11:53.0015 0x1284  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
10:11:53.0015 0x1284  TBS - ok
10:11:53.0155 0x1284  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:11:53.0235 0x1284  Tcpip - ok
10:11:53.0365 0x1284  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:11:53.0405 0x1284  TCPIP6 - ok
10:11:53.0465 0x1284  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:11:53.0475 0x1284  tcpipreg - ok
10:11:53.0515 0x1284  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:11:53.0525 0x1284  TDPIPE - ok
10:11:53.0575 0x1284  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:11:53.0585 0x1284  TDTCP - ok
10:11:53.0635 0x1284  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:11:53.0655 0x1284  tdx - ok
10:11:54.0125 0x1284  [ 4ACFC5853A3F0C6C2F54E537C23EE90F, 47D81F471A250696A1A0D19294FC553EB88D813612A8351C89F65D7BF99C8532 ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
10:11:54.0245 0x1284  TeamViewer9 - ok
10:11:54.0285 0x1284  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
10:11:54.0305 0x1284  TermDD - ok
10:11:54.0475 0x1284  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
10:11:54.0505 0x1284  TermService - ok
10:11:54.0535 0x1284  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
10:11:54.0545 0x1284  Themes - ok
10:11:54.0565 0x1284  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
10:11:54.0565 0x1284  THREADORDER - ok
10:11:54.0585 0x1284  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
10:11:54.0595 0x1284  TrkWks - ok
10:11:54.0695 0x1284  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:11:54.0715 0x1284  TrustedInstaller - ok
10:11:54.0755 0x1284  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:11:54.0765 0x1284  tssecsrv - ok
10:11:54.0815 0x1284  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:11:54.0825 0x1284  TsUsbFlt - ok
10:11:54.0915 0x1284  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:11:54.0945 0x1284  tunnel - ok
10:11:54.0985 0x1284  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
10:11:54.0985 0x1284  uagp35 - ok
10:11:55.0001 0x1284  [ A17D5E1A6DF4EAB0A480F2C490DE4C9D, 1EA835F172B6BF3D7F496E079DF1CDF00122B2110C08D61427582BC9405D2B7B ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
10:11:55.0001 0x1284  UBHelper - ok
10:11:55.0094 0x1284  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:11:55.0110 0x1284  udfs - ok
10:11:55.0141 0x1284  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:11:55.0141 0x1284  UI0Detect - ok
10:11:55.0172 0x1284  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:11:55.0188 0x1284  uliagpkx - ok
10:11:55.0235 0x1284  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
10:11:55.0250 0x1284  umbus - ok
10:11:55.0250 0x1284  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
10:11:55.0266 0x1284  UmPass - ok
10:11:55.0500 0x1284  [ 758C2CE427C343F780A205E28555C98D, E3413BA433CD26DD61D3257B08B8354478A049A972EFAC53C303690BC71DD7E1 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
10:11:55.0594 0x1284  UNS - ok
10:11:55.0609 0x1284  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
10:11:55.0656 0x1284  upnphost - ok
10:11:55.0687 0x1284  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
10:11:55.0687 0x1284  USBAAPL64 - ok
10:11:55.0765 0x1284  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:11:55.0781 0x1284  usbccgp - ok
10:11:55.0828 0x1284  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:11:55.0843 0x1284  usbcir - ok
10:11:55.0937 0x1284  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
10:11:55.0952 0x1284  usbehci - ok
10:11:56.0015 0x1284  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:11:56.0062 0x1284  usbhub - ok
10:11:56.0108 0x1284  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
10:11:56.0108 0x1284  usbohci - ok
10:11:56.0155 0x1284  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:11:56.0171 0x1284  usbprint - ok
10:11:56.0202 0x1284  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
10:11:56.0202 0x1284  usbscan - ok
10:11:56.0218 0x1284  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:11:56.0233 0x1284  USBSTOR - ok
10:11:56.0249 0x1284  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
10:11:56.0249 0x1284  usbuhci - ok
10:11:56.0327 0x1284  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
10:11:56.0374 0x1284  usbvideo - ok
10:11:56.0389 0x1284  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
10:11:56.0405 0x1284  UxSms - ok
10:11:56.0420 0x1284  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
10:11:56.0420 0x1284  VaultSvc - ok
10:11:56.0467 0x1284  [ FD911873C0BB6945FA38C16E9A2B58F9, EF8C833321449A6E8B671890F2EBC82ABC276B890D274AADDB626D763EE98964 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
10:11:56.0467 0x1284  VClone - ok
10:11:56.0514 0x1284  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:11:56.0530 0x1284  vdrvroot - ok
10:11:56.0608 0x1284  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
10:11:56.0654 0x1284  vds - ok
10:11:56.0670 0x1284  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:11:56.0670 0x1284  vga - ok
10:11:56.0686 0x1284  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:11:56.0701 0x1284  VgaSave - ok
10:11:56.0748 0x1284  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
10:11:56.0764 0x1284  vhdmp - ok
10:11:56.0810 0x1284  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:11:56.0810 0x1284  viaide - ok
10:11:56.0888 0x1284  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:11:56.0904 0x1284  volmgr - ok
10:11:57.0013 0x1284  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:11:57.0060 0x1284  volmgrx - ok
10:11:57.0091 0x1284  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:11:57.0107 0x1284  volsnap - ok
10:11:57.0138 0x1284  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
10:11:57.0154 0x1284  vsmraid - ok
10:11:57.0247 0x1284  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
10:11:57.0310 0x1284  VSS - ok
10:11:57.0325 0x1284  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
10:11:57.0341 0x1284  vwifibus - ok
10:11:57.0356 0x1284  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
10:11:57.0356 0x1284  vwififlt - ok
10:11:57.0419 0x1284  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
10:11:57.0419 0x1284  vwifimp - ok
10:11:57.0466 0x1284  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
10:11:57.0466 0x1284  W32Time - ok
10:11:57.0497 0x1284  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
10:11:57.0497 0x1284  WacomPen - ok
10:11:57.0528 0x1284  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
10:11:57.0544 0x1284  WANARP - ok
10:11:57.0559 0x1284  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:11:57.0575 0x1284  Wanarpv6 - ok
10:11:57.0902 0x1284  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
10:11:57.0996 0x1284  WatAdminSvc - ok
10:11:58.0308 0x1284  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
10:11:58.0370 0x1284  wbengine - ok
10:11:58.0417 0x1284  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:11:58.0433 0x1284  WbioSrvc - ok
10:11:58.0526 0x1284  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:11:58.0558 0x1284  wcncsvc - ok
10:11:58.0573 0x1284  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:11:58.0589 0x1284  WcsPlugInService - ok
10:11:58.0604 0x1284  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
10:11:58.0604 0x1284  Wd - ok
10:11:58.0885 0x1284  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:11:58.0901 0x1284  Wdf01000 - ok
10:11:58.0932 0x1284  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:11:58.0948 0x1284  WdiServiceHost - ok
10:11:58.0948 0x1284  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:11:58.0948 0x1284  WdiSystemHost - ok
10:11:59.0026 0x1284  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
10:11:59.0057 0x1284  WebClient - ok
10:11:59.0072 0x1284  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:11:59.0088 0x1284  Wecsvc - ok
10:11:59.0104 0x1284  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:11:59.0119 0x1284  wercplsupport - ok
10:11:59.0135 0x1284  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:11:59.0150 0x1284  WerSvc - ok
10:11:59.0166 0x1284  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
10:11:59.0182 0x1284  WfpLwf - ok
10:11:59.0197 0x1284  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:11:59.0213 0x1284  WIMMount - ok
10:11:59.0228 0x1284  WinHttpAutoProxySvc - ok
10:11:59.0322 0x1284  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:11:59.0338 0x1284  Winmgmt - ok
10:11:59.0587 0x1284  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
10:11:59.0665 0x1284  WinRM - ok
10:11:59.0712 0x1284  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
10:11:59.0728 0x1284  WinUsb - ok
10:11:59.0790 0x1284  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:11:59.0837 0x1284  Wlansvc - ok
10:11:59.0931 0x1284  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:11:59.0931 0x1284  wlcrasvc - ok
10:12:00.0290 0x1284  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:12:00.0353 0x1284  wlidsvc - ok
10:12:00.0399 0x1284  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
10:12:00.0399 0x1284  WmiAcpi - ok
10:12:00.0477 0x1284  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:12:00.0509 0x1284  wmiApSrv - ok
10:12:00.0540 0x1284  WMPNetworkSvc - ok
10:12:00.0555 0x1284  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:12:00.0555 0x1284  WPCSvc - ok
10:12:00.0618 0x1284  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:12:00.0618 0x1284  WPDBusEnum - ok
10:12:00.0665 0x1284  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:12:00.0665 0x1284  ws2ifsl - ok
10:12:00.0665 0x1284  WSearch - ok
10:12:00.0836 0x1284  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:12:00.0946 0x1284  wuauserv - ok
10:12:01.0009 0x1284  [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:12:01.0024 0x1284  WudfPf - ok
10:12:01.0087 0x1284  [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:12:01.0102 0x1284  WUDFRd - ok
10:12:01.0134 0x1284  [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:12:01.0149 0x1284  wudfsvc - ok
10:12:01.0321 0x1284  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:12:01.0336 0x1284  WwanSvc - ok
10:12:01.0368 0x1284  ================ Scan global ===============================
10:12:01.0414 0x1284  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:12:01.0492 0x1284  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:12:01.0524 0x1284  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:12:01.0555 0x1284  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:12:01.0680 0x1284  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
10:12:01.0711 0x1284  [ Global ] - ok
10:12:01.0711 0x1284  ================ Scan MBR ==================================
10:12:01.0711 0x1284  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:12:02.0210 0x1284  \Device\Harddisk0\DR0 - ok
10:12:02.0210 0x1284  ================ Scan VBR ==================================
10:12:02.0210 0x1284  [ 522248D0266E19F58606D38C24FAF589 ] \Device\Harddisk0\DR0\Partition1
10:12:02.0241 0x1284  \Device\Harddisk0\DR0\Partition1 - ok
10:12:02.0241 0x1284  [ 721CB7DCE1AC66A1121B32239AB6049A ] \Device\Harddisk0\DR0\Partition2
10:12:02.0288 0x1284  \Device\Harddisk0\DR0\Partition2 - ok
10:12:02.0288 0x1284  ================ Scan generic autorun ======================
10:12:02.0397 0x1284  [ D71350F2E720D840999931EA99552C13, 087AB070C923DCEDEB1EDDA90CBE437596A4D82DC28BEF2FDB627E160482AC55 ] C:\Windows\system32\igfxtray.exe
10:12:02.0397 0x1284  IgfxTray - ok
10:12:02.0413 0x1284  [ 773DF8DBF9CF67C58D589DA35C784399, 06078A7FC5597EC404147A7A51DE34D024BA35C20A8D5AFC7F0EB2C74032476D ] C:\Windows\system32\hkcmd.exe
10:12:02.0428 0x1284  HotKeysCmds - ok
10:12:02.0444 0x1284  [ 7A70CF6BDCCE4367206BD0BB01650E12, 732756F4FF7CF3E4C68D3845971737A4D346A36A366C151A289F25E098DE05C8 ] C:\Windows\system32\igfxpers.exe
10:12:02.0460 0x1284  Persistence - ok
10:12:02.0460 0x1284  ETDCtrl - ok
10:12:02.0584 0x1284  [ F690A5E4DA1085920B6D805B16831D14, B952189D7437161C44250D311F448B34A6942CA7046D3C8BAD1065D5A52565D6 ] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
10:12:02.0600 0x1284  AtherosBtStack - ok
10:12:02.0678 0x1284  [ 35C694778D4A9D1913978EC3AA722389, A0FDCA5BAABF9F7EF0A8C57823CCD46F98A526D1FF681CD8ACB69786030BACBB ] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
10:12:02.0694 0x1284  AthBtTray - ok
10:12:02.0943 0x1284  [ 38AEA10E23EF79A685BF922EC9437F3E, 7C72270F92EC3F68AC5E6BF66CFFB9C113D25126C34223651F8E751E425FE33D ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
10:12:03.0006 0x1284  Power Management - ok
10:12:03.0052 0x1284  [ 41D1214B86A06FD29423A797EBDA17E4, ABC79107DDD5890C54B844CD5C69747121083DA69A77C02068D2B9C349FB1614 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
10:12:03.0068 0x1284  IAStorIcon - ok
10:12:03.0177 0x1284  [ 75AD45ED633B866D90AEAA296C21F7E8, 6211E788258298EAE520A0A0510E66BCA0E280F4958B454919C270D0F53931D9 ] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
10:12:03.0177 0x1284  SuiteTray - ok
10:12:03.0271 0x1284  [ E7EA57B35951D093A9647D8D5CE3340D, 7F88A5F07CF05E43BFA40A72C74DDDAB480C493E302A2532C2FA2A28D2F3D2D5 ] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
10:12:03.0286 0x1284  EgisTecPMMUpdate - ok
10:12:03.0318 0x1284  [ DC1AA3868108B8FF57F6C8045FCD4603, 6D32849D6296ABD24B56628161075299A2E0A5FF2071F3C1FD08DD4876C020F0 ] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
10:12:03.0333 0x1284  EgisUpdate - ok
10:12:03.0598 0x1284  [ D3E69D500466C17498AAF7F83D12FFF0, F5723FC28396489EADDDCAD67A0E46B56D859590823E3CFA7254BA6709DC5AE6 ] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
10:12:03.0630 0x1284  Norton Online Backup - ok
10:12:03.0770 0x1284  [ BAB849FD16C2E395E12B3BBCCDA85998, 2A137222C769475FD7A35B552D703969CB00EECB48DA2ECDD0179AE535A9F391 ] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
10:12:03.0770 0x1284  BackupManagerTray - ok
10:12:03.0895 0x1284  [ 51C8885B6A00904C0252704C9FB0F43A, BF2F58E6697DB10F3D6FB3859FADC2CE1D3CDD318E487E02FDC2BE171AF6CA29 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
10:12:03.0910 0x1284  NUSB3MON - ok
10:12:03.0988 0x1284  [ 2ADC102A6D92BFB1F092A1A165E24181, 08D8292916B5B1A24FC663924240675E540CEF7C14DF43ACFA021E9921FCC2A9 ] C:\Program Files (x86)\Launch Manager\LManager.exe
10:12:04.0035 0x1284  LManager - ok
10:12:04.0191 0x1284  [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe
10:12:04.0207 0x1284  MDS_Menu - ok
10:12:04.0269 0x1284  [ 494D391D603680F5D3FF966E6859E254, AB2ABF0446D5CD79E0CA96F0359F53D9A143AD5A0E8FCBDE9D4D740EC3870789 ] C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
10:12:04.0285 0x1284  ArcadeMovieService - ok
10:12:04.0410 0x1284  [ DBF9AE6C5C1DA2244061F95D61DD1723, 32E11EA50CC61FF9EEBE643B58B857BC60AAB473B6A9A9EC2F09A4D5AF0A516C ] C:\Windows\Samsung\PanelMgr\SSMMgr.exe
10:12:04.0425 0x1284  Samsung PanelMgr - ok
10:12:04.0519 0x1284  [ 2A21FE60A9BC5247BD8C57409A2B97F8, 6C9851684FB90AB6038A326F4B362C1948DF2173063CA198DCEAEA6BFAC636E0 ] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
10:12:04.0519 0x1284  VirtualCloneDrive - ok
10:12:04.0659 0x1284  [ 94A4D6915D4F572309DF6137E1846528, E46BDF83CAA6683AA655DBA3D2C8DC7AC06251E952466A20CFDA3A16B1840455 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
10:12:04.0659 0x1284  APSDaemon - ok
10:12:04.0800 0x1284  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
10:12:04.0831 0x1284  Adobe ARM - ok
10:12:05.0034 0x1284  [ 9ACCBC5891BA51B5B29C1A88F80D4CE3, 4EA3D9CB239874232AE0D7F824AF8CC7AD9BB4657CB9978B41067B4447FBE71B ] C:\Program Files (x86)\QuickTime\QTTask.exe
10:12:05.0049 0x1284  QuickTime Task - ok
10:12:05.0330 0x1284  [ DAA21DC0AA2E688370D356757892816D, 97EBF3B8A4B8544B6C1379A391AA4079F38EB4D507931249BC1427D961F58F8C ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
10:12:05.0346 0x1284  avgnt - ok
10:12:05.0486 0x1284  [ 79C28DDF889C26FDD6162F796FD49BC4, C1E2468B4F0F52BD707D16656F33CC438AF8E18A38BB6CFB64D11F23993F72F0 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
10:12:05.0502 0x1284  iTunesHelper - ok
10:12:05.0767 0x1284  [ B8A135B6A9B8C1DF6E0A777DA826AD7C, DE4167FF1598EA21D64251327057FF21B169DD251C33E287AA164A5CCB326BC3 ] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
10:12:05.0845 0x1284  Wondershare Helper Compact.exe - ok
10:12:06.0079 0x1284  [ 7632A6EA63FEEBC2798D3852CE754972, 291409858E75B7E84397EED3270E737958255E7F733A3B2FE7BD282A2604B247 ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
10:12:06.0079 0x1284  Avira Systray - ok
10:12:06.0250 0x1284  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:12:06.0344 0x1284  Sidebar - ok
10:12:06.0391 0x1284  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:12:06.0406 0x1284  mctadmin - ok
10:12:06.0406 0x1284  IsMyWinLockerReboot - ok
10:12:06.0500 0x1284  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:12:06.0531 0x1284  Sidebar - ok
10:12:06.0531 0x1284  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:12:06.0531 0x1284  mctadmin - ok
10:12:06.0531 0x1284  IsMyWinLockerReboot - ok
10:12:06.0734 0x1284  [ EF1ECB9DF42AF6BF7514BB5EBC5C59EC, 2ACB07A2D1FC6679C2F6146678BB74CAF4812E1DB417828602E63212B76F651D ] C:\Program Files (x86)\Picasa2\PicasaMediaDetector.exe
10:12:06.0750 0x1284  Picasa Media Detector - ok
10:12:06.0999 0x1284  studNET-Autologin - ok
10:12:07.0467 0x1284  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\Melanie\AppData\Local\Google\Update\GoogleUpdate.exe
10:12:07.0467 0x1284  Google Update - ok
10:12:07.0467 0x1284  Waiting for KSN requests completion. In queue: 15
10:12:08.0559 0x1284  Win FW state via NFP2: enabled
10:12:08.0856 0x1284  ============================================================
10:12:08.0856 0x1284  Scan finished
10:12:08.0856 0x1284  ============================================================
10:12:08.0856 0x0d6c  Detected object count: 0
10:12:08.0856 0x0d6c  Actual detected object count: 0
         

Alt 20.10.2014, 18:24   #8
Goldberry
 
BOO/TDSS.o Befall - was kann ich tun - Standard

BOO/TDSS.o Befall - was kann ich tun



Hier FRST:

FRST.txt

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-10-2014
Ran by Melanie (administrator) on MELANIE-PC on 20-10-2014 10:17:41
Running from C:\Users\Melanie\Downloads
Loaded Profile: Melanie (Available profiles: Melanie)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
() C:\Program Files (x86)\Securepoint SSL VPN\SPOpenVPNService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Google Inc.) C:\Program Files (x86)\Picasa2\PicasaMediaDetector.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Dropbox, Inc.) C:\Users\Melanie\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Kaspersky Lab ZAO) C:\Users\Melanie\Downloads\tdsskiller.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2588968 2010-11-11] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-03-02] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-02] (Atheros Commnucations)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1796200 2011-02-22] (Acer Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340336 2010-09-27] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-09-17] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-09-17] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-02-15] (NTI Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-26] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-14] (Dritek System Inc.)
HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2010-12-09] (CyberLink Corp.)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [618496 2010-10-28] ()
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-04-30] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-20] (Apple Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-03] (Wondershare)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [165168 2014-09-23] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-928299268-3892372864-3771450075-1000\...\Run: [Picasa Media Detector] => C:\Program Files (x86)\Picasa2\PicasaMediaDetector.exe [443968 2008-08-20] (Google Inc.)
HKU\S-1-5-21-928299268-3892372864-3771450075-1000\...\Run: [studNET-Autologin] => C:\Windows\SysWOW64\studnet\studnet.exe /auto
HKU\S-1-5-21-928299268-3892372864-3771450075-1000\...\Run: [Google Update] => C:\Users\Melanie\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-10-03] (Google Inc.)
HKU\S-1-5-21-928299268-3892372864-3771450075-1000\...\MountPoints2: E - E:\LaunchU3.exe -a
HKU\S-1-5-21-928299268-3892372864-3771450075-1000\...\MountPoints2: {c1cd0502-f020-11e1-9a13-1c7508fe42fb} - E:\LaunchU3.exe -a
HKU\S-1-5-21-928299268-3892372864-3771450075-1000\...\Winlogon: [Shell] Explorer.exe <==== ATTENTION 
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
Startup: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Melanie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3331316&octid=EB_ORIGINAL_CTID&ISID=M588AD584-4A6E-40A5-96F3-1A599BC42A3F&SearchSource=55&CUI=&UM=6&UP=SP888B9F7B-62B1-4371-A1A1-A5FBEB7F20AD&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3331316&octid=EB_ORIGINAL_CTID&ISID=M588AD584-4A6E-40A5-96F3-1A599BC42A3F&SearchSource=58&CUI=&UM=6&UP=SP888B9F7B-62B1-4371-A1A1-A5FBEB7F20AD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3331316&octid=EB_ORIGINAL_CTID&ISID=M588AD584-4A6E-40A5-96F3-1A599BC42A3F&SearchSource=58&CUI=&UM=6&UP=SP888B9F7B-62B1-4371-A1A1-A5FBEB7F20AD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: TheHDvid-Codec V10 -> {11111111-1111-1111-1111-110611331115} -> C:\Program Files (x86)\TheHDvid-Codec V10\TheHDvid-Codec V10-bho64.dll (home)
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TheHDvid-Codec V10 -> {11111111-1111-1111-1111-110611331115} -> C:\Program Files (x86)\TheHDvid-Codec V10\TheHDvid-Codec V10-bho.dll (home)
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\progra~1\mcafee\msk\mskapbho.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Tcpip\Parameters: [DhcpNameServer] 128.95.120.1 128.95.112.1
Tcpip\..\Interfaces\{7004B3CA-E164-4EAC-8FC6-74F9604EA488}: [NameServer] 139.18.25.3,139.18.1.2

FireFox:
========
FF ProfilePath: C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\ndixjp5k.default
FF DefaultSearchEngine: Trovi search
FF SelectedSearchEngine: Trovi search
FF Homepage: hxxp://www.trovi.com/?gd=&ctid=CT3331316&octid=EB_ORIGINAL_CTID&ISID=M588AD584-4A6E-40A5-96F3-1A599BC42A3F&SearchSource=55&CUI=&UM=6&UP=SP888B9F7B-62B1-4371-A1A1-A5FBEB7F20AD&SSPV=
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 57737
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa2,version=2.0.0 -> C:\Program Files (x86)\Picasa2\npPicasa2.dll (Google, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Picasa2\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\10.0.1.5157423\npmathplugin.dll (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Melanie\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Melanie\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Melanie\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Melanie\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Melanie\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Melanie\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\ndixjp5k.default\searchplugins\avira-safesearch.xml
FF SearchPlugin: C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\ndixjp5k.default\searchplugins\trovi-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\ndixjp5k.default\Extensions\trash [2014-10-19]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-09-24]

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3331316&octid=EB_ORIGINAL_CTID&ISID=M588AD584-4A6E-40A5-96F3-1A599BC42A3F&SearchSource=55&CUI=&UM=6&UP=SP888B9F7B-62B1-4371-A1A1-A5FBEB7F20AD&SSPV="
CHR Profile: C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-03]
CHR Extension: (Google Docs) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-03]
CHR Extension: (Google Drive) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-03]
CHR Extension: (YouTube) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-03]
CHR Extension: (Google Search) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-03]
CHR Extension: (Google Sheets) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-03]
CHR Extension: (Avira Browser Safety) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-10-06]
CHR Extension: (Skype Click to Call) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-10-03]
CHR Extension: (Google Wallet) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-30]
CHR Extension: (Gmail) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-03]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [994552 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [76448 2011-03-02] (Atheros Commnucations) [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160560 2014-09-23] (Avira Operations GmbH & Co. KG)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-19] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-19] (globalUpdate) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1817088 2010-12-27] (Realsil Microelectronics Inc.) [File not signed]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [257344 2011-02-15] (NTI Corporation)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-29] (Acer Incorporated)
R2 Securepoint VPN; C:\Program Files (x86)\Securepoint SSL VPN\SPOpenVPNService.exe [40840 2014-02-14] () [File not signed]
S2 CxAudMsg; C:\Windows\system32\CxAudMsg64.exe [X]
R3 WinHttpAutoProxySvc; winhttp.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-10-05] (Avira Operations GmbH & Co. KG)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [92888 2014-10-19] (Malwarebytes Corporation)
R2 SSPORT; C:\Windows\SysWOW64\Drivers\SSPORT.sys [11576 2009-10-27] (Samsung Electronics)
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-20 10:17 - 2014-10-20 10:18 - 00025458 _____ () C:\Users\Melanie\Downloads\FRST.txt
2014-10-20 10:17 - 2014-10-20 10:17 - 00000000 ____D () C:\FRST
2014-10-20 10:16 - 2014-10-20 10:16 - 02111488 _____ (Farbar) C:\Users\Melanie\Downloads\FRST64.exe
2014-10-20 10:09 - 2014-10-20 10:10 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Melanie\Downloads\tdsskiller.exe
2014-10-19 17:36 - 2014-10-19 17:36 - 00000532 _____ () C:\Users\Melanie\Desktop\Ereignisse0.txt
2014-10-19 17:35 - 2014-10-19 17:35 - 00000668 _____ () C:\Users\Melanie\Desktop\Ereignisse3.txt
2014-10-19 17:35 - 2014-10-19 17:35 - 00000668 _____ () C:\Users\Melanie\Desktop\Ereignisse1.txt
2014-10-19 17:35 - 2014-10-19 17:35 - 00000624 _____ () C:\Users\Melanie\Documents\Ereignisse2.txt
2014-10-19 17:34 - 2014-10-19 17:34 - 00000712 _____ () C:\Users\Melanie\Desktop\Ereignisse.txt
2014-10-19 16:02 - 2014-10-19 18:05 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-10-19 16:02 - 2014-10-19 16:42 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-19 16:02 - 2014-10-19 16:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-19 16:01 - 2014-10-19 16:41 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-19 16:00 - 2014-10-19 17:17 - 00000000 ____D () C:\Users\Melanie\Desktop\mbar
2014-10-19 15:59 - 2014-10-19 15:59 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Melanie\Downloads\mbar-1.07.0.1012.exe
2014-10-19 15:59 - 2014-10-19 15:59 - 01986072 _____ (SafeInstall, LLC) C:\Users\Melanie\Downloads\7zip_installer.exe
2014-10-19 15:40 - 2014-10-19 15:52 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-10-19 13:58 - 2014-10-19 13:58 - 00000000 ____D () C:\Users\Melanie\Documents\Optimizer Pro
2014-10-19 13:56 - 2014-10-19 16:39 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-10-19 13:56 - 2014-10-19 16:38 - 00000000 ____D () C:\Program Files (x86)\Bench
2014-10-19 13:55 - 2014-10-20 10:05 - 00002444 _____ () C:\Windows\Tasks\55051fd6-efb7-46b1-a551-6d3d7692967b-5_user.job
2014-10-19 13:55 - 2014-10-20 10:05 - 00002444 _____ () C:\Windows\Tasks\55051fd6-efb7-46b1-a551-6d3d7692967b-5.job
2014-10-19 13:55 - 2014-10-19 13:55 - 00005474 _____ () C:\Windows\System32\Tasks\55051fd6-efb7-46b1-a551-6d3d7692967b-5
2014-10-19 13:54 - 2014-10-20 10:05 - 00005182 _____ () C:\Windows\Tasks\55051fd6-efb7-46b1-a551-6d3d7692967b-11.job
2014-10-19 13:54 - 2014-10-20 10:05 - 00003458 _____ () C:\Windows\Tasks\55051fd6-efb7-46b1-a551-6d3d7692967b-1.job
2014-10-19 13:54 - 2014-10-20 10:05 - 00002108 _____ () C:\Windows\Tasks\55051fd6-efb7-46b1-a551-6d3d7692967b-2.job
2014-10-19 13:54 - 2014-10-20 10:05 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-10-19 13:54 - 2014-10-19 13:59 - 00000900 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-10-19 13:54 - 2014-10-19 13:55 - 00005138 _____ () C:\Windows\System32\Tasks\55051fd6-efb7-46b1-a551-6d3d7692967b-2
2014-10-19 13:54 - 2014-10-19 13:55 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-10-19 13:54 - 2014-10-19 13:54 - 00008212 _____ () C:\Windows\System32\Tasks\55051fd6-efb7-46b1-a551-6d3d7692967b-11
2014-10-19 13:54 - 2014-10-19 13:54 - 00006488 _____ () C:\Windows\System32\Tasks\55051fd6-efb7-46b1-a551-6d3d7692967b-1
2014-10-19 13:54 - 2014-10-19 13:54 - 00003898 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-10-19 13:54 - 2014-10-19 13:54 - 00003644 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-10-19 13:54 - 2014-10-19 13:54 - 00000000 ____D () C:\Users\Melanie\AppData\Local\globalUpdate
2014-10-19 13:54 - 2014-10-19 13:54 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-10-19 13:53 - 2014-10-19 13:53 - 00074656 _____ () C:\Users\Melanie\Downloads\FLVPlayer-Chrome.exe
2014-10-19 13:53 - 2014-10-19 13:53 - 00074656 _____ () C:\Users\Melanie\Downloads\FLVPlayer-Chrome (1).exe
2014-10-18 14:17 - 2014-10-18 14:17 - 06626832 _____ (TeamViewer GmbH) C:\Users\Melanie\Downloads\TeamViewer_Setup_de.exe
2014-10-18 14:17 - 2014-10-18 14:17 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-10-18 14:17 - 2014-10-18 14:17 - 00001166 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-10-18 14:17 - 2014-10-18 14:17 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-10-09 23:02 - 2014-10-09 23:02 - 00000000 ____D () C:\Users\Melanie\Documents\fox-ffv2
2014-10-09 23:01 - 2014-10-09 23:01 - 00000118 _____ () C:\Users\Melanie\mercurial.ini
2014-10-09 23:01 - 2013-10-18 18:04 - 00000236 _____ () C:\Users\Melanie\Documents\gitignore_global.txt
2014-10-09 23:01 - 2013-10-18 18:04 - 00000173 _____ () C:\Users\Melanie\Documents\hgignore_global.txt
2014-10-09 23:00 - 2014-10-09 23:00 - 00000000 ____D () C:\Users\Melanie\AppData\Local\Atlassian
2014-10-09 22:59 - 2014-10-09 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atlassian
2014-10-09 22:59 - 2014-10-09 22:59 - 00000000 ____D () C:\ProgramData\Caphyon
2014-10-09 22:59 - 2014-10-09 22:59 - 00000000 ____D () C:\Program Files (x86)\Atlassian
2014-10-09 22:58 - 2014-10-09 23:03 - 00000000 ____D () C:\ProgramData\Atlassian
2014-10-09 22:48 - 2014-10-09 22:48 - 10266464 _____ (Atlassian) C:\Users\Melanie\Downloads\SourceTreeSetup_1.6.5.exe
2014-10-09 21:43 - 2014-10-18 14:28 - 00009166 ____H () C:\Users\Melanie\_viminfo
2014-10-06 21:39 - 2014-10-07 11:22 - 00000000 ____D () C:\Users\Melanie\AppData\Local\Mathematica
2014-10-06 21:39 - 2014-10-06 21:39 - 00000000 ____D () C:\Users\Melanie\AppData\Roaming\Mathematica
2014-10-06 21:39 - 2014-10-06 21:39 - 00000000 ____D () C:\Users\Melanie\AppData\Local\Wolfram Research
2014-10-06 21:39 - 2014-10-06 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfram Mathematica
2014-10-06 21:39 - 2014-10-06 21:39 - 00000000 ____D () C:\ProgramData\Mathematica
2014-10-06 21:39 - 2014-10-06 21:39 - 00000000 ____D () C:\Program Files\Extras
2014-10-06 21:39 - 2014-10-06 21:39 - 00000000 ____D () C:\Program Files\Common Files\Wolfram Research
2014-10-06 21:28 - 2014-10-06 21:28 - 00000000 ____D () C:\Program Files\Wolfram Research
2014-10-06 21:03 - 2014-10-06 21:22 - 2034844000 _____ (Wolfram Research, Inc. ) C:\Users\Melanie\Downloads\Mathematica_10.0.1_WIN.exe
2014-10-06 18:05 - 2014-10-06 18:05 - 00918952 _____ (Oracle Corporation) C:\Users\Melanie\Downloads\jxpiinstall(2).exe
2014-10-06 09:39 - 2014-10-13 12:03 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-10-05 09:33 - 2014-10-19 17:43 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-928299268-3892372864-3771450075-1000UA.job
2014-10-05 09:33 - 2014-10-19 09:43 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-928299268-3892372864-3771450075-1000Core.job
2014-10-05 09:33 - 2014-10-19 09:38 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-928299268-3892372864-3771450075-1000UA
2014-10-05 09:33 - 2014-10-19 09:38 - 00003706 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-928299268-3892372864-3771450075-1000Core
2014-10-04 09:16 - 2014-10-04 09:16 - 00000000 ____D () C:\Users\Melanie\.plugman
2014-10-03 21:36 - 2014-10-20 10:05 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-03 21:36 - 2014-10-19 17:41 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-03 21:36 - 2014-10-18 09:47 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-03 21:36 - 2014-10-03 21:36 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-03 21:36 - 2014-10-03 21:36 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-03 21:36 - 2014-10-03 21:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-03 21:35 - 2014-10-03 21:35 - 00895120 _____ (Google Inc.) C:\Users\Melanie\Downloads\ChromeSetup.exe
2014-10-03 11:24 - 2014-10-03 11:24 - 17824398 _____ (The Git Development Community ) C:\Users\Melanie\Downloads\Git-1.9.4-preview20140929(1).exe
2014-10-02 22:00 - 2014-10-02 22:00 - 00000000 __SHD () C:\Users\Melanie\AppData\Local\EmieUserList
2014-10-02 22:00 - 2014-10-02 22:00 - 00000000 __SHD () C:\Users\Melanie\AppData\Local\EmieSiteList
2014-10-02 21:49 - 2014-10-18 13:18 - 00000000 ____D () C:\Users\Melanie\Desktop\firstfox
2014-09-30 23:10 - 2014-09-30 23:10 - 00000000 ____D () C:\Users\Melanie\.ionic
2014-09-30 23:06 - 2014-09-30 23:06 - 00000000 ____D () C:\Users\Melanie\.cordova
2014-09-30 22:21 - 2014-09-30 22:24 - 00000000 ____D () C:\Users\Melanie\.ssh
2014-09-30 22:18 - 2014-10-15 22:45 - 00000469 _____ () C:\Users\Melanie\AppData\Roaming\.arcrc
2014-09-30 19:25 - 2014-09-30 19:25 - 00001389 _____ () C:\Users\Melanie\Desktop\Git Bash.lnk
2014-09-30 18:54 - 2014-09-30 18:54 - 17824398 _____ (The Git Development Community ) C:\Users\Melanie\Downloads\Git-1.9.4-preview20140929.exe
2014-09-30 18:45 - 2014-09-30 18:45 - 00000000 ____D () C:\Program Files\Arcanist
2014-09-30 18:42 - 2014-10-13 12:03 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-30 18:41 - 2014-09-30 18:41 - 07188616 _____ (Microsoft Corporation) C:\Users\Melanie\Downloads\vcredist_x64.exe
2014-09-30 18:26 - 2014-09-30 18:31 - 00000000 ____D () C:\Program Files\php
2014-09-30 18:25 - 2014-09-30 18:26 - 20894725 _____ () C:\Users\Melanie\Downloads\php-5.6.0-nts-Win32-VC11-x64.zip
2014-09-30 18:24 - 2014-09-30 18:25 - 19632729 _____ () C:\Users\Melanie\Downloads\php-5.6.0-Win32-VC11-x86.zip
2014-09-29 22:17 - 2014-09-29 22:17 - 00001352 _____ () C:\Users\Melanie\Desktop\eclipse_Android.lnk
2014-09-29 22:07 - 2014-09-29 22:07 - 00000000 ____D () C:\Users\Melanie\workspaceAndroid
2014-09-29 22:03 - 2014-09-29 22:03 - 00000000 ____D () C:\Program Files\Android
2014-09-29 21:55 - 2014-09-29 21:55 - 00000000 ____D () C:\Users\Melanie\Downloads\adt-bundle-windows-x86_64-20140702
2014-09-29 21:46 - 2014-09-29 21:46 - 00000000 ____D () C:\Program Files\apache
2014-09-29 21:44 - 2014-09-29 21:44 - 00000000 ____D () C:\Users\Melanie\Documents\apache-ant-1.9.4-bin-1
2014-09-29 14:11 - 2014-10-17 11:48 - 00000000 ____D () C:\Users\Melanie\AppData\Roaming\npm-cache
2014-09-29 14:10 - 2014-10-17 11:48 - 00000000 ____D () C:\Users\Melanie\AppData\Roaming\npm
2014-09-29 14:02 - 2014-09-29 14:03 - 00000000 ____D () C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Node.js
2014-09-29 14:02 - 2014-09-29 14:03 - 00000000 ____D () C:\Program Files\nodejs
2014-09-29 14:01 - 2014-09-29 14:02 - 06184960 _____ () C:\Users\Melanie\Downloads\node-v0.10.32-x64(2).msi
2014-09-29 13:58 - 2014-09-29 13:58 - 00001317 _____ () C:\Users\Melanie\Desktop\Console.lnk
2014-09-29 13:46 - 2014-09-29 13:46 - 00000000 ____D () C:\Users\Melanie\Downloads\Console-2.00b148-Beta_src
2014-09-29 13:46 - 2014-09-29 13:46 - 00000000 ____D () C:\Program Files\Console2
2014-09-29 13:45 - 2014-09-29 13:45 - 03699684 _____ () C:\Users\Melanie\Downloads\Console-2.00b148-Beta_src.zip
2014-09-29 13:44 - 2014-09-29 13:44 - 01897882 _____ () C:\Users\Melanie\Downloads\Console-2.00b148-Beta_64bit.zip
2014-09-29 13:11 - 2014-09-29 13:13 - 181484960 _____ (Oracle Corporation) C:\Users\Melanie\Downloads\jdk-8u20-windows-x64(1).exe
2014-09-29 11:51 - 2014-10-03 11:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2014-09-29 11:51 - 2014-10-03 11:32 - 00000000 ____D () C:\Program Files (x86)\Git
2014-09-29 11:50 - 2014-09-29 11:50 - 17806885 _____ (The Git Development Community ) C:\Users\Melanie\Downloads\Git-1.9.4-preview20140815.exe
2014-09-27 21:22 - 2014-09-27 21:23 - 00000000 ____D () C:\Users\Melanie\Documents\Banking
2014-09-25 08:32 - 2014-09-25 08:37 - 00003190 _____ () C:\Users\Melanie\Wahlergebnisse.html
2014-09-25 08:20 - 2014-09-25 08:28 - 00000936 _____ () C:\Users\Melanie\new  3.html
2014-09-25 08:12 - 2014-09-25 08:12 - 00000800 _____ () C:\Users\Melanie\new.html
2014-09-24 17:22 - 2014-09-24 17:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-23 12:33 - 2014-09-23 12:35 - 06184960 _____ () C:\Users\Melanie\Downloads\node-v0.10.32-x64(1).msi
2014-09-23 11:41 - 2014-09-23 11:41 - 06184960 _____ () C:\Users\Melanie\Downloads\node-v0.10.32-x64.msi
2014-09-23 11:01 - 2014-09-23 11:03 - 181484960 _____ (Oracle Corporation) C:\Users\Melanie\Downloads\jdk-8u20-windows-x64.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-20 10:13 - 2009-07-13 21:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-20 10:13 - 2009-07-13 21:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-20 10:10 - 2011-04-06 20:18 - 01781994 _____ () C:\Windows\WindowsUpdate.log
2014-10-20 10:08 - 2013-09-11 04:14 - 00000000 ___RD () C:\Users\Melanie\Dropbox
2014-10-20 10:08 - 2013-08-02 13:03 - 00000000 ____D () C:\Users\Melanie\AppData\Roaming\Dropbox
2014-10-20 10:08 - 2011-07-13 11:20 - 00000000 ____D () C:\ProgramData\clear.fi
2014-10-20 10:05 - 2011-04-06 20:46 - 00000035 _____ () C:\Users\Public\Documents\AtherosServiceConfig.ini
2014-10-20 10:05 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-20 10:04 - 2009-07-13 21:51 - 00145529 _____ () C:\Windows\setupact.log
2014-10-19 17:52 - 2014-09-01 04:34 - 00000000 ____D () C:\Users\Melanie\AppData\Roaming\Securepoint SSL VPN
2014-10-19 16:38 - 2011-04-06 20:14 - 00324244 _____ () C:\Windows\PFRO.log
2014-10-19 16:25 - 2011-07-13 10:23 - 00000000 ____D () C:\Users\Melanie
2014-10-19 15:51 - 2011-04-07 06:08 - 00700126 _____ () C:\Windows\system32\perfh007.dat
2014-10-19 15:51 - 2011-04-07 06:08 - 00149976 _____ () C:\Windows\system32\perfc007.dat
2014-10-19 15:51 - 2009-07-13 22:13 - 01622196 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-19 13:56 - 2009-07-13 20:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-10-19 13:56 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-10-19 08:57 - 2011-07-13 10:23 - 00066104 _____ () C:\Users\Melanie\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-19 08:55 - 2009-07-13 21:45 - 00289408 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-14 16:56 - 2011-08-06 12:12 - 00000000 ____D () C:\Users\Melanie\AppData\Local\CrashDumps
2014-10-14 09:28 - 2013-10-21 00:12 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-14 09:28 - 2013-10-14 04:05 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-14 09:28 - 2013-10-14 04:05 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-13 12:03 - 2013-10-14 04:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-10-13 12:03 - 2013-10-14 04:05 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-10-10 18:54 - 2013-08-05 03:52 - 00000000 ____D () C:\Users\Melanie\Documents\MATLAB
2014-10-09 22:57 - 2012-03-14 12:34 - 01596476 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-10-09 14:39 - 2011-07-14 08:49 - 00000000 ____D () C:\Users\Melanie\AppData\Roaming\Mozilla
2014-10-06 09:39 - 2011-11-28 12:40 - 00000000 ____D () C:\ProgramData\Avira
2014-10-05 19:20 - 2013-10-14 04:05 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-10-05 09:34 - 2011-07-15 10:43 - 00000000 ____D () C:\Users\Melanie\AppData\Local\Google
2014-10-04 22:13 - 2011-07-15 10:43 - 00000000 ____D () C:\Program Files (x86)\Picasa2
2014-10-03 21:36 - 2011-07-15 10:43 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-03 14:09 - 2012-03-14 12:34 - 00000000 ____D () C:\Users\Melanie\AppData\Roaming\SoftGrid Client
2014-09-29 22:07 - 2013-04-15 07:15 - 00000000 ____D () C:\Users\Melanie\.eclipse
2014-09-29 13:33 - 2014-01-26 11:22 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-09-29 13:33 - 2011-10-22 07:39 - 00000000 ____D () C:\Program Files\Java
2014-09-29 13:19 - 2013-10-04 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-09-29 11:39 - 2014-07-22 11:42 - 00000000 ____D () C:\Users\Melanie\.android
2014-09-29 11:33 - 2009-07-13 22:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-29 10:28 - 2011-11-03 15:04 - 00002201 _____ () C:\Windows\wininit.ini
2014-09-28 23:15 - 2009-07-13 22:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-25 20:33 - 2012-04-22 08:16 - 00000000 ____D () C:\Users\Melanie\workspace2
2014-09-25 07:47 - 2012-05-06 13:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-23 11:11 - 2014-01-25 03:59 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-23 11:08 - 2013-10-04 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

Files to move or delete:
====================
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At3.job
C:\Windows\Tasks\At4.job


Some content of TEMP:
====================
C:\Users\Melanie\AppData\Local\Temp\AskSLib.dll
C:\Users\Melanie\AppData\Local\Temp\avgnt.exe
C:\Users\Melanie\AppData\Local\Temp\dl3darm2.dll
C:\Users\Melanie\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfppdr9.dll
C:\Users\Melanie\AppData\Local\Temp\i4jdel0.exe
C:\Users\Melanie\AppData\Local\Temp\MSNF05E.exe
C:\Users\Melanie\AppData\Local\Temp\optprosetup.exe
C:\Users\Melanie\AppData\Local\Temp\pyl1C08.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pyl2DC5.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pyl3226.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pyl46DF.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pyl4826.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pyl557E.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pyl5BE5.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pyl7493.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pyl8342.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pyl92BD.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pyl96F1.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pyl9B56.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pylA727.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pylAD6F.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pylB115.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pylB655.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pylC6A8.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pylD97C.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pylE60A.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pylEA9C.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Melanie\AppData\Local\Temp\WZCPlugin_VISTA.exe
C:\Users\Melanie\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Melanie\AppData\Local\Temp\_is2F2C.exe
C:\Users\Melanie\AppData\Local\Temp\_is473.exe
C:\Users\Melanie\AppData\Local\Temp\_is6EF9.exe
C:\Users\Melanie\AppData\Local\Temp\_isB598.exe
C:\Users\Melanie\AppData\Local\Temp\_isE6C5.exe
C:\Users\Melanie\AppData\Local\Temp\_isE926.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-16 08:30

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Addition.txt
FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-10-2014
Ran by Melanie at 2014-10-20 10:19:10
Running from C:\Users\Melanie\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.85 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1324 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1324 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3006 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3002 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3004 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0120.2011 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3005 - Acer Incorporated)
Acer USB Charge Manager (HKLM-x32\...\{F53A49E6-9FB1-4A5A-B1D9-82BA116196B7}) (Version: 1.00.3000 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3004 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.1.102.64 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.04) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2003385550.48.56.41291122 - Audible, Inc.)
Avira (HKLM-x32\...\{9bd9b85e-7792-483b-a318-cc51ff0877ed}) (Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
Backup Manager V3 (x32 Version: 3.0.0.85 - NTI Corporation) Hidden
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.61 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.1229.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1229.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.7209 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3008 - Acer Incorporated)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.1.55 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version:  - )
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
ETDWare PS/2-X64 8.0.6.0_WHQL (HKLM\...\Elantech) (Version: 8.0.6.0 - ELAN Microelectronic Corp.)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Git version 1.9.4-preview20140929 (HKLM-x32\...\Git_is1) (Version: 1.9.4-preview20140929 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F7770F7F-0ABC-30CB-95BC-93761A05CAB6}) (Version: 5.38.4.0 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3006 - Acer Incorporated)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2287 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.400 - Oracle)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.20.26 - Oracle Corporation) Hidden
Java SE Development Kit 7 Update 17 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170170}) (Version: 1.7.0.170 - Oracle)
Java SE Development Kit 8 Update 20 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180200}) (Version: 8.0.200.26 - Oracle Corporation)
Java(TM) 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.290 - Oracle)
Java(TM) SE Development Kit 7 Update 1 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170010}) (Version: 1.7.0.10 - Oracle)
Java-Editor 9.15f, 2010.11.27 (HKLM-x32\...\{65FBA21B-7F80-4E4E-B275-0958D2648F94}_is1) (Version:  - Gerhard Röhner)
Jpgfdraw version 0.5.6b (HKLM-x32\...\{90F3B25B-35A2-4B97-9879-278E2388898D}}_is1) (Version: 0.5.6b - Nicola L. C. Talbot)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.4 - Acer Inc.)
LingoPad 2.6 (Build 360) (HKLM-x32\...\LingoPad_is1) (Version: 2.6 - Lingo4you)
MATLAB R2011a Student Version (HKLM-x32\...\MatlabR2011a) (Version: 7.12 - The MathWorks, Inc.)
MediaEspresso (x32 Version: 1.0.1210_33255 - CyberLink Corp.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 DEU Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
MinGW-Get version 0.5-beta-20120426-1 (HKLM-x32\...\{AC2C1BDB-1E91-4F94-B99C-E716FE2E9C75}_is1) (Version: 0.5-beta-20120426-1 - MinGW)
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.1.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.1.0 (x86 de)) (Version: 24.1.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (Version: 4.0.14.11 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.11 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
Node.js (HKLM\...\{2FAE4331-AEA0-4A3D-B4B3-B1E78823BF1A}) (Version: 0.10.32 - Joyent, Inc. and other Node contributors)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.4 - Notepad++ Team)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8939 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.8939 - NTI Corporation) Hidden
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Origin8 (x32 Version: 8.00.000 - OriginLab) Hidden
OriginPro 8G (HKLM-x32\...\{A912021A-FEDD-4DA3-8DB4-245EBDA84778}) (Version: 8.00.000 - OriginLabCorporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PuTTY version 0.63 (HKLM-x32\...\PuTTY_is1) (Version: 0.63 - Simon Tatham)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
R for Windows 3.0.1 (HKLM\...\R for Windows 3.0.1_is1) (Version: 3.0.1 - R Core Team)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.74 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.26.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.26.0 - Renesas Electronics Corporation) Hidden
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version:  - Samsung Electronics Co., Ltd.)
Samsung SCX-3200 Series (HKLM-x32\...\Samsung SCX-3200 Series) (Version:  - Samsung Electronics Co., Ltd.)
Scan Assistant (HKLM-x32\...\{BF6CF460-40C3-49BA-800A-4B934B6498B1}) (Version: 1.01.014 - Samsung Electronics Co., Ltd.)
Securepoint SSL VPN (HKLM-x32\...\{3A903356-AFF9-4CAF-BCEA-78B99427006E}) (Version: 1.0.3 - Securepoint GmbH)
SecureW2 EAP Suite 1.1.3 for Windows (HKLM-x32\...\SecureW2 EAP Suite) (Version:  - )
SetIP (HKLM-x32\...\{C206015D-DAC5-407C-A54B-6D7776A0881C}) (Version: 1.00.000 - Samsung Electronics CO.,LTD)
Shredder (Version: 2.0.8.7 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.7 - Egis Technology Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
SourceTree (HKLM-x32\...\SourceTree 1.6.5) (Version: 1.6.5 - Atlassian)
SourceTree (x32 Version: 1.6.5 - Atlassian) Hidden
SSH Secure Shell (HKLM-x32\...\{74E2CD0C-D4A2-11D3-95A6-0000E86CFDE5}) (Version:  - )
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
TeXnicCenter Version 1.0 Stable RC1 (HKLM-x32\...\TeXnicCenter_is1) (Version: Version 1.0 Stable RC1 - TeXnicCenter.org)
TeXnicCenter Version 2.02 Stable (HKLM\...\TeXnicCenter_is1) (Version: 2.02 Stable - The TeXnicCenter Team)
Ubuntu (HKLM-x32\...\Wubi) (Version: 12.04-rev266 - Ubuntu)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3102 - Acer Incorporated)
Windows Live Argazki Galeria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Wolfram Extras 10.0 (5157423) (HKLM\...\A-WIN-Extras 10.0.1 5157423_is1) (Version: 10.0.1 - Wolfram Research, Inc.)
Wolfram Mathematica 10 (M-WIN-L 10.0.1 5157734) (HKLM\...\M-WIN-L 10.0.1 5157734_is1) (Version: 10.0.1 - Wolfram Research, Inc.)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-928299268-3892372864-3771450075-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Melanie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-928299268-3892372864-3771450075-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Melanie\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-928299268-3892372864-3771450075-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Melanie\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-928299268-3892372864-3771450075-1000_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-928299268-3892372864-3771450075-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Melanie\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-928299268-3892372864-3771450075-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Melanie\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-928299268-3892372864-3771450075-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Melanie\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-928299268-3892372864-3771450075-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Melanie\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-928299268-3892372864-3771450075-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Melanie\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-928299268-3892372864-3771450075-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Melanie\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-928299268-3892372864-3771450075-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Melanie\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-928299268-3892372864-3771450075-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Melanie\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-928299268-3892372864-3771450075-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Melanie\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

17-10-2014 16:50:42 Geplanter Prüfpunkt
19-10-2014 23:24:51 Malwarebytes Anti-Rootkit Restore Point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0B42B3A7-63BC-4BFE-AE7A-8FAD37CA693F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-928299268-3892372864-3771450075-1000Core => C:\Users\Melanie\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-03] (Google Inc.)
Task: {12AFAABA-CCC4-4C5A-8A8C-8382F18EFD8B} - System32\Tasks\At3 => Firefox.exe /help <==== ATTENTION
Task: {3F14F55B-8072-44ED-90C4-1ABF79D20D48} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-10-19] (globalUpdate) <==== ATTENTION
Task: {4251F5C0-8EFC-43E2-8D7C-33675B15868B} - System32\Tasks\55051fd6-efb7-46b1-a551-6d3d7692967b-5 => C:\Program Files (x86)\TheHDvid-Codec V10\55051fd6-efb7-46b1-a551-6d3d7692967b-5.exe [2014-10-19] (home) <==== ATTENTION
Task: {42728674-E8BF-4D45-A207-39043D82A333} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-03] (Google Inc.)
Task: {4771BF1F-D238-431E-9866-06627A51A402} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2010-12-29] (Acer Incorporated)
Task: {4A4B7594-105A-478A-9211-740AF3421EA1} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2010-12-29] (CyberLink)
Task: {4AF28F6E-6F6E-4AE7-9F97-600774AB3347} - System32\Tasks\55051fd6-efb7-46b1-a551-6d3d7692967b-2 => C:\Program Files (x86)\TheHDvid-Codec V10\55051fd6-efb7-46b1-a551-6d3d7692967b-2.exe [2014-10-19] (home) <==== ATTENTION
Task: {4E661215-36D2-482E-95B6-93A5ED72D137} - System32\Tasks\{B2C8AD2D-0B54-4B65-A253-A2F7545FA3C3} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.3.0.120.259&amp;LastError=12002
Task: {56CC8AA3-755B-449A-AB37-30E4D0C33485} - System32\Tasks\55051fd6-efb7-46b1-a551-6d3d7692967b-11 => C:\Program Files (x86)\TheHDvid-Codec V10\55051fd6-efb7-46b1-a551-6d3d7692967b-11.exe <==== ATTENTION
Task: {633546AE-1258-41DE-80D9-494DB754635D} - System32\Tasks\At2 => Firefox.exe /help <==== ATTENTION
Task: {6B0A9943-504C-4B7B-970C-7A2DF21DE53D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-03] (Google Inc.)
Task: {77FA6B28-B349-45D7-859D-65616427458B} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2010-12-29] (CyberLink Corp.)
Task: {91C4966C-B229-4FC0-BDDB-80F89C86B376} - System32\Tasks\55051fd6-efb7-46b1-a551-6d3d7692967b-5_user => C:\Program Files (x86)\TheHDvid-Codec V10\55051fd6-efb7-46b1-a551-6d3d7692967b-5.exe [2014-10-19] (home) <==== ATTENTION
Task: {929A854D-43DB-4779-97CD-174C506475FD} - System32\Tasks\At4 => Firefox.exe /help <==== ATTENTION
Task: {9C5FF017-904F-48F0-B193-F0B69C304D96} - System32\Tasks\At1 => Firefox.exe /help <==== ATTENTION
Task: {A1EA72F8-39F4-46DC-87FA-90B6B421A9AB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-928299268-3892372864-3771450075-1000UA => C:\Users\Melanie\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-03] (Google Inc.)
Task: {AB014C8F-5218-428B-96AB-75C7A8EBCEB2} - System32\Tasks\55051fd6-efb7-46b1-a551-6d3d7692967b-1 => C:\Program Files (x86)\TheHDvid-Codec V10\TheHDvid-Codec V10-codedownloader.exe [2014-10-19] (home) <==== ATTENTION
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {BD3BCC5E-FF42-43F4-A560-5C46B0B18979} - System32\Tasks\{F3AB340F-1D0B-47F4-AAB7-EC8C6A0D53D8} => C:\Program Files (x86)\Skype\\Phone\Skype.exe
Task: {C434A5D3-6BA7-4AE0-944F-6A415F183005} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-10-19] (globalUpdate) <==== ATTENTION
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {F9094924-98B8-439F-B604-2749C9995B30} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\55051fd6-efb7-46b1-a551-6d3d7692967b-1.job => C:\Program Files (x86)\TheHDvid-Codec V10\TheHDvid-Codec V10-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\55051fd6-efb7-46b1-a551-6d3d7692967b-11.job => C:\Program Files (x86)\TheHDvid-Codec V10\55051fd6-efb7-46b1-a551-6d3d7692967b-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\55051fd6-efb7-46b1-a551-6d3d7692967b-2.job => C:\Program Files (x86)\TheHDvid-Codec V10\55051fd6-efb7-46b1-a551-6d3d7692967b-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\55051fd6-efb7-46b1-a551-6d3d7692967b-5.job => C:\Program Files (x86)\TheHDvid-Codec V10\55051fd6-efb7-46b1-a551-6d3d7692967b-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\55051fd6-efb7-46b1-a551-6d3d7692967b-5_user.job => C:\Program Files (x86)\TheHDvid-Codec V10\55051fd6-efb7-46b1-a551-6d3d7692967b-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\At1.job => C:\Users\Melanie\AppData\Roaming\firefox.exe
Task: C:\Windows\Tasks\At2.job => C:\Users\Melanie\AppData\Roaming\firefox.exe
Task: C:\Windows\Tasks\At3.job => C:\Users\Melanie\AppData\Roaming\firefox.exe
Task: C:\Windows\Tasks\At4.job => C:\Users\Melanie\AppData\Roaming\firefox.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-928299268-3892372864-3771450075-1000Core.job => C:\Users\Melanie\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-928299268-3892372864-3771450075-1000UA.job => C:\Users\Melanie\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-04-13 17:41 - 2011-04-13 17:41 - 00034304 _____ () C:\Windows\System32\ssb3ml6.dll
2011-01-27 00:32 - 2011-01-27 00:32 - 00027648 _____ () C:\Windows\System32\ssb7mlm.dll
2014-02-14 05:18 - 2014-02-14 05:18 - 00040840 _____ () C:\Program Files (x86)\Securepoint SSL VPN\SPOpenVPNService.exe
2009-01-21 17:45 - 2009-01-21 17:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2014-09-29 11:51 - 2014-09-30 00:15 - 00737986 _____ () C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll
2012-06-18 08:24 - 2012-06-18 08:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2011-03-09 05:08 - 2011-01-20 11:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-10-17 07:01 - 2010-10-28 03:14 - 00618496 _____ () C:\Windows\Samsung\PanelMgr\SSMMgr.exe
2011-10-17 07:01 - 2009-11-19 02:15 - 00306688 _____ () C:\Windows\Samsung\PanelMgr\caller64.exe
2014-02-12 12:58 - 2014-02-12 12:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 12:58 - 2014-02-12 12:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-02-15 12:37 - 2011-02-15 12:37 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-02-15 12:36 - 2011-02-15 12:36 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-02-15 12:37 - 2011-02-15 12:37 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2014-10-20 10:06 - 2014-10-20 10:06 - 00043008 _____ () c:\users\melanie\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfppdr9.dll
2013-08-23 12:01 - 2013-08-23 12:01 - 25100288 _____ () C:\Users\Melanie\AppData\Roaming\Dropbox\bin\libcef.dll
2011-01-17 07:19 - 2011-07-15 10:39 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2010-12-29 05:56 - 2010-12-29 05:56 - 00210312 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2014-09-07 04:15 - 2014-09-03 04:48 - 01497600 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2014-09-07 04:15 - 2014-05-19 08:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2014-09-24 17:22 - 2014-09-24 17:22 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-08-13 14:40 - 2014-08-13 14:40 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1e70f9aada009e40c4f131cfdbe52126\IsdiInterop.ni.dll
2011-03-09 05:44 - 2011-01-12 18:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-10-14 03:57 - 2013-10-14 03:57 - 16233864 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\Users\Melanie\Downloads\Appointment_Confirmation.eml:OECustomProperty
AlternateDataStreams: C:\Users\Melanie\Downloads\Fwd_master_applied_mathematics_apllication_requirements.eml:OECustomProperty
AlternateDataStreams: C:\Users\Melanie\Downloads\IS_29_2013_Christliche_Spiritualität_-_Suchen_Entdecken_Erleben_vom_14_-17_06_2013_im_Kloster_Volkenroda.eml:OECustomProperty
AlternateDataStreams: C:\Users\Melanie\Downloads\Termin_Staatskanzlei.eml:OECustomProperty
AlternateDataStreams: C:\Users\Melanie\Downloads\Wolfgang_Wiechert_m_chte_StuSti_Kolleg_2013-15_f_r_Sie_freigeben.eml:OECustomProperty
AlternateDataStreams: C:\Users\Melanie\Downloads\Zusagebenachrichtigung_IS_06.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\56198676.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\71201959.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\56198676.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\71201959.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-928299268-3892372864-3771450075-500 - Administrator - Disabled)
Gast (S-1-5-21-928299268-3892372864-3771450075-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-928299268-3892372864-3771450075-1002 - Limited - Enabled)
Melanie (S-1-5-21-928299268-3892372864-3771450075-1000 - Administrator - Enabled) => C:\Users\Melanie

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/19/2014 03:35:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2903069

Error: (10/19/2014 03:35:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2903069

Error: (10/19/2014 03:35:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/19/2014 02:25:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 96690

Error: (10/19/2014 02:25:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 96690

Error: (10/19/2014 02:25:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/19/2014 01:54:57 PM) (Source: MsiInstaller) (EventID: 11309) (User: Melanie-PC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.

Error: (10/19/2014 11:42:02 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (10/19/2014 11:40:28 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "x64" des "processorArchitecture"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (10/19/2014 11:39:31 AM) (Source: SideBySide) (EventID: 75) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.


System errors:
=============
Error: (10/20/2014 10:05:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/20/2014 10:05:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CxAudMsg" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/19/2014 08:11:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/19/2014 08:11:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CxAudMsg" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/19/2014 04:39:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/19/2014 04:39:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CxAudMsg" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/19/2014 04:28:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/19/2014 04:28:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CxAudMsg" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/19/2014 03:45:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IconMan_R" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (10/19/2014 03:45:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst IconMan_R erreicht.


Microsoft Office Sessions:
=========================
Error: (10/19/2014 03:35:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2903069

Error: (10/19/2014 03:35:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2903069

Error: (10/19/2014 03:35:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/19/2014 02:25:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 96690

Error: (10/19/2014 02:25:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 96690

Error: (10/19/2014 02:25:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/19/2014 01:54:57 PM) (Source: MsiInstaller) (EventID: 11309) (User: Melanie-PC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/19/2014 11:42:02 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (10/19/2014 11:40:28 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityprocessorArchitecturex64c:\program files\R\r-3.0.1\Tcl\bin64\tk85.dllc:\program files\R\r-3.0.1\Tcl\bin64\tk85.dll9

Error: (10/19/2014 11:39:31 AM) (Source: SideBySide) (EventID: 75) (User: )
Description: C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exeC:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe2


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 45%
Total physical RAM: 3947.86 MB
Available physical RAM: 2170.97 MB
Total Pagefile: 7893.9 MB
Available Pagefile: 5848.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:449.66 GB) (Free:330.88 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: A4D16EF9)
Partition 1: (Not Active) - (Size=16 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---


Ich sollte vielleicht noch erwähnen, dass TDSS-Killer beim ersten Suchlauf infizierte Dateien gefunden hat. Ich habe 'Cure' gewählt und den Computer neu gestartet, beim zweiten Suchlauf wurde nichts mehr gefunden.

mbar hat dann nochmal vier infizierte Dateien beim ersten und keine weiteren beim zweiten Suchlauf gefunden.

Inzwischen findet Avira BOO/TDSS.o nicht mehr, heißt das, er ist weg?
Wie kann ich die trovi-Adware entfernen?

Vielen, vielen Dank für deine Mühe!

Alt 20.10.2014, 22:33   #9
Bootsektor
/// TB-Ausbilder
 
BOO/TDSS.o Befall - was kann ich tun - Standard

BOO/TDSS.o Befall - was kann ich tun



Hallo,

Zitat:
Ich sollte vielleicht noch erwähnen, dass TDSS-Killer beim ersten Suchlauf infizierte Dateien gefunden hat. Ich habe 'Cure' gewählt und den Computer neu gestartet, beim zweiten Suchlauf wurde nichts mehr gefunden.
Ok, danke

Zitat:
Inzwischen findet Avira BOO/TDSS.o nicht mehr, heißt das, er ist weg?
Ja, den wird dann der TDSS-Killer erlegt haben
Zitat:
Wie kann ich die trovi-Adware entfernen?
Machen wir jetzt Zuerst war es wichtig, dass wir der Bootsektoreninfektion nachgehen.

Schritt 1
Bitte deinstalliere folgende Programme (falls vorhanden) :

Java 7 Update 40
Java 7 Update 51
Java(TM) 6 Update 29

Dazu gehe auf:
den Windowsbutton in der Taskleiste --> Systemsteuerung --> Programme (Unterpunkt Programme deinstallieren) --> Programm auswählen --> entfernen

Falls du ein Programm nicht deinstallieren kannst, lade dir von hier den Revo-uninstaller herunter und deinstalliere es damit, wähle dabei den moderaten Modus.

Schritt 2
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 3

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKU\S-1-5-21-928299268-3892372864-3771450075-1000\...\Winlogon: [Shell] Explorer.exe <==== ATTENTION 
emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Schritt 4
Starte noch einmal FRST.
  • Setze den Haken bei addition.txt und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und addition.txt erstellt und auf dem Desktop (oder in dem Verzeichnis in dem FRST liegt) gespeichert.
  • Poste den Inhalt dieser Logfiles bitte hier in deinen Thread.

Alt 21.10.2014, 02:13   #10
Goldberry
 
BOO/TDSS.o Befall - was kann ich tun - Standard

BOO/TDSS.o Befall - was kann ich tun



Hallo,

Freut mich, dass der Boo/TDSs.o jetzt weg ist , vielen Dank!

Zur trovi-Entfernung:

Schritt 1: ist erledigt.

Schritt 2: Wenn ich dem Link folge und die .exe herunterlade, kommt die Meldung, dass die version veraltet ist und es öffnet sich automatisch im Browser eine Downloadseite für die neuste Version (v4.001). Wenn ich diese downloade, kommt die Fehlermeldung "Systemressourcen nicht ausreichend", Avira meldet, dass ein als Virus eingestuftes Programm versucht, auf awdCleaner zu zugreifen.

Was kann ich machen?

Alt 21.10.2014, 11:37   #11
Bootsektor
/// TB-Ausbilder
 
BOO/TDSS.o Befall - was kann ich tun - Standard

BOO/TDSS.o Befall - was kann ich tun



Hallo,

dann bitte vorübergehend das Antivirus ausschalten, downloaden, ausführen und Antivirus anschalten.

Alt 21.10.2014, 17:35   #12
Goldberry
 
BOO/TDSS.o Befall - was kann ich tun - Standard

BOO/TDSS.o Befall - was kann ich tun



Hallo,

ich habe beide Schritte ausgeführt, die trovi-Adware ist aber weder in Firefox noch Google-Chrome verschwunden.

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v4.001 - Bericht erstellt am 21/10/2014 um 09:16:56
# DB v2014-10-20.3
# Aktualisiert 20/10/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Melanie - MELANIE-PC
# Gestartet von : C:\Users\Melanie\Downloads\adwcleaner_4.001(1).exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : globalUpdate
[#] Dienst Gelöscht : globalUpdatem

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Melanie\AppData\Local\Temp\AskSearch
Ordner Gelöscht : C:\Program Files (x86)\Bench
Ordner Gelöscht : C:\Users\Melanie\AppData\Local\DownloadGuide
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Users\Melanie\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\Melanie\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Melanie\Documents\Optimizer Pro
Ordner Gelöscht : C:\Program Files (x86)\TheHDvid-Codec V10
Ordner Gelöscht : C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Datei Gelöscht : C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\ndixjp5k.default\searchplugins\trovi-search.xml

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_avira-antivir(1)_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_avira-antivir(1)_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_avira-antivir_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_avira-antivir_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_data-crow_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_data-crow_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_dev-c_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_dev-c_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_oxygenoffice-professional_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_oxygenoffice-professional_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611331115}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622332215}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655335515}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666336615}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644334415}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611331115}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{06E58E5E-F8CB-4049-991E-A41C03BD419E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B29-F830-49DE-A31B-5BB9D7F6B407}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{DCC70A83-E184-40A3-906B-779AF5E941C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611331115}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622332215}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655335515}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666336615}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611331115}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{06E58E5E-F8CB-4049-991E-A41C03BD419E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B29-F830-49DE-A31B-5BB9D7F6B407}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{DCC70A83-E184-40A3-906B-779AF5E941C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\1ClickDownload
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\TheHDvid-Codec V10
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\AdvertisingSupport
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : HKLM\SOFTWARE\Browser Champion
Schlüssel Gelöscht : HKLM\SOFTWARE\TheHDvid-Codec V10
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17239

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v32.0.3 (x86 de)


-\\ Google Chrome v38.0.2125.104


*************************

AdwCleaner[R0].txt - [17458 octets] - [21/10/2014 09:13:54]
AdwCleaner[S0].txt - [16105 octets] - [21/10/2014 09:16:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16166 octets] ##########
         
--- --- ---

[/CODE]

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v4.001 - Bericht erstellt am 21/10/2014 um 09:27:37
# DB v2014-10-20.3
# Aktualisiert 20/10/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Melanie - MELANIE-PC
# Gestartet von : C:\Users\Melanie\Downloads\adwcleaner_4.001.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17239


-\\ Mozilla Firefox v32.0.3 (x86 de)


-\\ Google Chrome v38.0.2125.104


*************************

AdwCleaner[R0].txt - [17458 octets] - [21/10/2014 09:13:54]
AdwCleaner[R1].txt - [1455 octets] - [21/10/2014 09:25:20]
AdwCleaner[S0].txt - [16351 octets] - [21/10/2014 09:16:56]
AdwCleaner[S1].txt - [982 octets] - [21/10/2014 09:27:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1041 octets] ##########
         
--- --- ---



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-10-2014
Ran by Melanie (administrator) on MELANIE-PC on 21-10-2014 09:21:51
Running from C:\Users\Melanie\Downloads
Loaded Profile: Melanie (Available profiles: Melanie)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
() C:\Program Files (x86)\Securepoint SSL VPN\SPOpenVPNService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira) C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Google Inc.) C:\Program Files (x86)\Picasa2\PicasaMediaDetector.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Dropbox, Inc.) C:\Users\Melanie\AppData\Roaming\Dropbox\bin\Dropbox.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2588968 2010-11-11] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-03-02] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-02] (Atheros Commnucations)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1796200 2011-02-22] (Acer Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340336 2010-09-27] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-09-17] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-09-17] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-02-15] (NTI Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-26] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-14] (Dritek System Inc.)
HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2010-12-09] (CyberLink Corp.)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [618496 2010-10-28] ()
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-04-30] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-20] (Apple Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-03] (Wondershare)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [165168 2014-09-23] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-928299268-3892372864-3771450075-1000\...\Run: [Picasa Media Detector] => C:\Program Files (x86)\Picasa2\PicasaMediaDetector.exe [443968 2008-08-20] (Google Inc.)
HKU\S-1-5-21-928299268-3892372864-3771450075-1000\...\Run: [studNET-Autologin] => C:\Windows\SysWOW64\studnet\studnet.exe /auto
HKU\S-1-5-21-928299268-3892372864-3771450075-1000\...\Run: [Google Update] => C:\Users\Melanie\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-10-03] (Google Inc.)
HKU\S-1-5-21-928299268-3892372864-3771450075-1000\...\Run: [AviraSpeedup] => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe [5395192 2014-10-20] (Avira)
HKU\S-1-5-21-928299268-3892372864-3771450075-1000\...\MountPoints2: E - E:\LaunchU3.exe -a
HKU\S-1-5-21-928299268-3892372864-3771450075-1000\...\MountPoints2: {c1cd0502-f020-11e1-9a13-1c7508fe42fb} - E:\LaunchU3.exe -a
HKU\S-1-5-21-928299268-3892372864-3771450075-1000\...\Winlogon: [Shell] Explorer.exe <==== ATTENTION 
HKU\S-1-5-18\...\Run: [AviraSpeedup] => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe [5395192 2014-10-20] (Avira)
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
Startup: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Melanie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\progra~1\mcafee\msk\mskapbho.dll No File
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Tcpip\Parameters: [DhcpNameServer] 128.95.120.1 128.95.112.1
Tcpip\..\Interfaces\{7004B3CA-E164-4EAC-8FC6-74F9604EA488}: [NameServer] 139.18.25.3,139.18.1.2

FireFox:
========
FF ProfilePath: C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\ndixjp5k.default
FF DefaultSearchEngine: Trovi search
FF SelectedSearchEngine: Trovi search
FF Homepage: hxxp://www.trovi.com/?gd=&ctid=CT3331316&octid=EB_ORIGINAL_CTID&ISID=M588AD584-4A6E-40A5-96F3-1A599BC42A3F&SearchSource=55&CUI=&UM=6&UP=SP888B9F7B-62B1-4371-A1A1-A5FBEB7F20AD&SSPV=
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 57737
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa2,version=2.0.0 -> C:\Program Files (x86)\Picasa2\npPicasa2.dll (Google, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Picasa2\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\10.0.1.5157423\npmathplugin.dll (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Melanie\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Melanie\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Melanie\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Melanie\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Melanie\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Melanie\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\ndixjp5k.default\searchplugins\avira-safesearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\ndixjp5k.default\Extensions\trash [2014-10-19]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-09-24]

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3331316&octid=EB_ORIGINAL_CTID&ISID=M588AD584-4A6E-40A5-96F3-1A599BC42A3F&SearchSource=55&CUI=&UM=6&UP=SP888B9F7B-62B1-4371-A1A1-A5FBEB7F20AD&SSPV="
CHR Profile: C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-03]
CHR Extension: (Google Docs) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-03]
CHR Extension: (Google Drive) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-03]
CHR Extension: (YouTube) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-03]
CHR Extension: (Google Search) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-03]
CHR Extension: (Google Sheets) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-03]
CHR Extension: (Avira Browser Safety) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-10-06]
CHR Extension: (No Name) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-10-03]
CHR Extension: (Google Wallet) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-30]
CHR Extension: (Gmail) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-03]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [994552 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [76448 2011-03-02] (Atheros Commnucations) [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160560 2014-09-23] (Avira Operations GmbH & Co. KG)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1817088 2010-12-27] (Realsil Microelectronics Inc.) [File not signed]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [257344 2011-02-15] (NTI Corporation)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-29] (Acer Incorporated)
R2 Securepoint VPN; C:\Program Files (x86)\Securepoint SSL VPN\SPOpenVPNService.exe [40840 2014-02-14] () [File not signed]
S2 CxAudMsg; C:\Windows\system32\CxAudMsg64.exe [X]
R3 WinHttpAutoProxySvc; winhttp.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-10-05] (Avira Operations GmbH & Co. KG)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [92888 2014-10-19] (Malwarebytes Corporation)
R2 SSPORT; C:\Windows\SysWOW64\Drivers\SSPORT.sys [11576 2009-10-27] (Samsung Electronics)
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-21 09:21 - 2014-10-21 09:21 - 00000000 ____D () C:\Users\Melanie\Downloads\FRST-OlderVersion
2014-10-21 09:19 - 2014-10-21 09:19 - 00016351 _____ () C:\Users\Melanie\Desktop\AdwCleaner[S0].txt
2014-10-21 09:12 - 2014-10-21 09:16 - 00000000 ____D () C:\AdwCleaner
2014-10-20 18:06 - 2014-10-20 18:06 - 00001207 _____ () C:\Users\Melanie\Desktop\Avira System Speedup.lnk
2014-10-20 18:06 - 2014-10-20 18:06 - 00000000 ____D () C:\Users\Melanie\AppData\Local\AviraSpeedup
2014-10-20 18:04 - 2014-10-20 18:06 - 00003320 _____ () C:\Windows\System32\Tasks\AviraSpeedup
2014-10-20 18:04 - 2014-10-20 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviraSpeedup
2014-10-20 18:00 - 2014-10-20 18:01 - 01962496 _____ () C:\Users\Melanie\Downloads\adwcleaner_4.001(2).exe
2014-10-20 17:58 - 2014-10-20 17:58 - 01976320 _____ () C:\Users\Melanie\Downloads\AdwCleaner_4.000.exe
2014-10-20 17:55 - 2014-10-20 17:56 - 01962496 _____ () C:\Users\Melanie\Downloads\adwcleaner_4.001(1).exe
2014-10-20 17:50 - 2014-10-20 17:50 - 01962496 _____ () C:\Users\Melanie\Downloads\adwcleaner_4.001.exe
2014-10-20 10:19 - 2014-10-20 10:19 - 00042262 _____ () C:\Users\Melanie\Downloads\Addition.txt
2014-10-20 10:17 - 2014-10-21 09:22 - 00000000 ____D () C:\FRST
2014-10-20 10:17 - 2014-10-21 09:21 - 00022998 _____ () C:\Users\Melanie\Downloads\FRST.txt
2014-10-20 10:16 - 2014-10-21 09:21 - 02110976 _____ (Farbar) C:\Users\Melanie\Downloads\FRST64.exe
2014-10-20 10:09 - 2014-10-20 10:10 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Melanie\Downloads\tdsskiller.exe
2014-10-19 17:35 - 2014-10-19 17:35 - 00000624 _____ () C:\Users\Melanie\Documents\Ereignisse2.txt
2014-10-19 16:02 - 2014-10-19 18:05 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-10-19 16:02 - 2014-10-19 16:42 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-19 16:02 - 2014-10-19 16:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-19 16:01 - 2014-10-19 16:41 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-19 16:00 - 2014-10-19 17:17 - 00000000 ____D () C:\Users\Melanie\Desktop\mbar
2014-10-19 15:59 - 2014-10-19 15:59 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Melanie\Downloads\mbar-1.07.0.1012.exe
2014-10-19 15:59 - 2014-10-19 15:59 - 01986072 _____ (SafeInstall, LLC) C:\Users\Melanie\Downloads\7zip_installer.exe
2014-10-19 15:40 - 2014-10-19 15:52 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-10-19 13:56 - 2014-10-21 09:18 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-10-19 13:55 - 2014-10-21 09:18 - 00002444 _____ () C:\Windows\Tasks\55051fd6-efb7-46b1-a551-6d3d7692967b-5_user.job
2014-10-19 13:55 - 2014-10-21 09:18 - 00002444 _____ () C:\Windows\Tasks\55051fd6-efb7-46b1-a551-6d3d7692967b-5.job
2014-10-19 13:55 - 2014-10-19 13:55 - 00005474 _____ () C:\Windows\System32\Tasks\55051fd6-efb7-46b1-a551-6d3d7692967b-5
2014-10-19 13:54 - 2014-10-21 09:18 - 00005182 _____ () C:\Windows\Tasks\55051fd6-efb7-46b1-a551-6d3d7692967b-11.job
2014-10-19 13:54 - 2014-10-21 09:18 - 00003458 _____ () C:\Windows\Tasks\55051fd6-efb7-46b1-a551-6d3d7692967b-1.job
2014-10-19 13:54 - 2014-10-21 09:18 - 00002108 _____ () C:\Windows\Tasks\55051fd6-efb7-46b1-a551-6d3d7692967b-2.job
2014-10-19 13:54 - 2014-10-21 09:18 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-10-19 13:54 - 2014-10-20 19:59 - 00000900 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-10-19 13:54 - 2014-10-19 13:55 - 00005138 _____ () C:\Windows\System32\Tasks\55051fd6-efb7-46b1-a551-6d3d7692967b-2
2014-10-19 13:54 - 2014-10-19 13:54 - 00008212 _____ () C:\Windows\System32\Tasks\55051fd6-efb7-46b1-a551-6d3d7692967b-11
2014-10-19 13:54 - 2014-10-19 13:54 - 00006488 _____ () C:\Windows\System32\Tasks\55051fd6-efb7-46b1-a551-6d3d7692967b-1
2014-10-19 13:54 - 2014-10-19 13:54 - 00003898 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-10-19 13:54 - 2014-10-19 13:54 - 00003644 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-10-19 13:53 - 2014-10-19 13:53 - 00074656 _____ () C:\Users\Melanie\Downloads\FLVPlayer-Chrome.exe
2014-10-19 13:53 - 2014-10-19 13:53 - 00074656 _____ () C:\Users\Melanie\Downloads\FLVPlayer-Chrome (1).exe
2014-10-18 14:17 - 2014-10-18 14:17 - 06626832 _____ (TeamViewer GmbH) C:\Users\Melanie\Downloads\TeamViewer_Setup_de.exe
2014-10-18 14:17 - 2014-10-18 14:17 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-10-18 14:17 - 2014-10-18 14:17 - 00001166 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-10-18 14:17 - 2014-10-18 14:17 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-10-09 23:02 - 2014-10-09 23:02 - 00000000 ____D () C:\Users\Melanie\Documents\fox-ffv2
2014-10-09 23:01 - 2014-10-09 23:01 - 00000118 _____ () C:\Users\Melanie\mercurial.ini
2014-10-09 23:01 - 2013-10-18 18:04 - 00000236 _____ () C:\Users\Melanie\Documents\gitignore_global.txt
2014-10-09 23:01 - 2013-10-18 18:04 - 00000173 _____ () C:\Users\Melanie\Documents\hgignore_global.txt
2014-10-09 23:00 - 2014-10-09 23:00 - 00000000 ____D () C:\Users\Melanie\AppData\Local\Atlassian
2014-10-09 22:59 - 2014-10-09 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atlassian
2014-10-09 22:59 - 2014-10-09 22:59 - 00000000 ____D () C:\ProgramData\Caphyon
2014-10-09 22:59 - 2014-10-09 22:59 - 00000000 ____D () C:\Program Files (x86)\Atlassian
2014-10-09 22:58 - 2014-10-09 23:03 - 00000000 ____D () C:\ProgramData\Atlassian
2014-10-09 22:48 - 2014-10-09 22:48 - 10266464 _____ (Atlassian) C:\Users\Melanie\Downloads\SourceTreeSetup_1.6.5.exe
2014-10-09 21:43 - 2014-10-18 14:28 - 00009166 ____H () C:\Users\Melanie\_viminfo
2014-10-06 21:39 - 2014-10-07 11:22 - 00000000 ____D () C:\Users\Melanie\AppData\Local\Mathematica
2014-10-06 21:39 - 2014-10-06 21:39 - 00000000 ____D () C:\Users\Melanie\AppData\Roaming\Mathematica
2014-10-06 21:39 - 2014-10-06 21:39 - 00000000 ____D () C:\Users\Melanie\AppData\Local\Wolfram Research
2014-10-06 21:39 - 2014-10-06 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfram Mathematica
2014-10-06 21:39 - 2014-10-06 21:39 - 00000000 ____D () C:\ProgramData\Mathematica
2014-10-06 21:39 - 2014-10-06 21:39 - 00000000 ____D () C:\Program Files\Extras
2014-10-06 21:39 - 2014-10-06 21:39 - 00000000 ____D () C:\Program Files\Common Files\Wolfram Research
2014-10-06 21:28 - 2014-10-06 21:28 - 00000000 ____D () C:\Program Files\Wolfram Research
2014-10-06 21:03 - 2014-10-06 21:22 - 2034844000 _____ (Wolfram Research, Inc. ) C:\Users\Melanie\Downloads\Mathematica_10.0.1_WIN.exe
2014-10-06 18:05 - 2014-10-06 18:05 - 00918952 _____ (Oracle Corporation) C:\Users\Melanie\Downloads\jxpiinstall(2).exe
2014-10-06 09:39 - 2014-10-13 12:03 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-10-05 09:33 - 2014-10-20 23:43 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-928299268-3892372864-3771450075-1000UA.job
2014-10-05 09:33 - 2014-10-19 09:43 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-928299268-3892372864-3771450075-1000Core.job
2014-10-05 09:33 - 2014-10-19 09:38 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-928299268-3892372864-3771450075-1000UA
2014-10-05 09:33 - 2014-10-19 09:38 - 00003706 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-928299268-3892372864-3771450075-1000Core
2014-10-04 09:16 - 2014-10-04 09:16 - 00000000 ____D () C:\Users\Melanie\.plugman
2014-10-03 21:36 - 2014-10-21 09:18 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-03 21:36 - 2014-10-20 23:41 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-03 21:36 - 2014-10-18 09:47 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-03 21:36 - 2014-10-03 21:36 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-03 21:36 - 2014-10-03 21:36 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-03 21:36 - 2014-10-03 21:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-03 21:35 - 2014-10-03 21:35 - 00895120 _____ (Google Inc.) C:\Users\Melanie\Downloads\ChromeSetup.exe
2014-10-03 11:24 - 2014-10-03 11:24 - 17824398 _____ (The Git Development Community ) C:\Users\Melanie\Downloads\Git-1.9.4-preview20140929(1).exe
2014-10-02 22:00 - 2014-10-02 22:00 - 00000000 __SHD () C:\Users\Melanie\AppData\Local\EmieUserList
2014-10-02 22:00 - 2014-10-02 22:00 - 00000000 __SHD () C:\Users\Melanie\AppData\Local\EmieSiteList
2014-10-02 21:49 - 2014-10-18 13:18 - 00000000 ____D () C:\Users\Melanie\Desktop\firstfox
2014-09-30 23:10 - 2014-09-30 23:10 - 00000000 ____D () C:\Users\Melanie\.ionic
2014-09-30 23:06 - 2014-09-30 23:06 - 00000000 ____D () C:\Users\Melanie\.cordova
2014-09-30 22:21 - 2014-09-30 22:24 - 00000000 ____D () C:\Users\Melanie\.ssh
2014-09-30 22:18 - 2014-10-15 22:45 - 00000469 _____ () C:\Users\Melanie\AppData\Roaming\.arcrc
2014-09-30 19:25 - 2014-09-30 19:25 - 00001389 _____ () C:\Users\Melanie\Desktop\Git Bash.lnk
2014-09-30 18:54 - 2014-09-30 18:54 - 17824398 _____ (The Git Development Community ) C:\Users\Melanie\Downloads\Git-1.9.4-preview20140929.exe
2014-09-30 18:45 - 2014-09-30 18:45 - 00000000 ____D () C:\Program Files\Arcanist
2014-09-30 18:42 - 2014-10-13 12:03 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-30 18:41 - 2014-09-30 18:41 - 07188616 _____ (Microsoft Corporation) C:\Users\Melanie\Downloads\vcredist_x64.exe
2014-09-30 18:26 - 2014-09-30 18:31 - 00000000 ____D () C:\Program Files\php
2014-09-30 18:25 - 2014-09-30 18:26 - 20894725 _____ () C:\Users\Melanie\Downloads\php-5.6.0-nts-Win32-VC11-x64.zip
2014-09-30 18:24 - 2014-09-30 18:25 - 19632729 _____ () C:\Users\Melanie\Downloads\php-5.6.0-Win32-VC11-x86.zip
2014-09-29 22:17 - 2014-09-29 22:17 - 00001352 _____ () C:\Users\Melanie\Desktop\eclipse_Android.lnk
2014-09-29 22:07 - 2014-09-29 22:07 - 00000000 ____D () C:\Users\Melanie\workspaceAndroid
2014-09-29 22:03 - 2014-09-29 22:03 - 00000000 ____D () C:\Program Files\Android
2014-09-29 21:55 - 2014-09-29 21:55 - 00000000 ____D () C:\Users\Melanie\Downloads\adt-bundle-windows-x86_64-20140702
2014-09-29 21:46 - 2014-09-29 21:46 - 00000000 ____D () C:\Program Files\apache
2014-09-29 21:44 - 2014-09-29 21:44 - 00000000 ____D () C:\Users\Melanie\Documents\apache-ant-1.9.4-bin-1
2014-09-29 14:11 - 2014-10-17 11:48 - 00000000 ____D () C:\Users\Melanie\AppData\Roaming\npm-cache
2014-09-29 14:10 - 2014-10-17 11:48 - 00000000 ____D () C:\Users\Melanie\AppData\Roaming\npm
2014-09-29 14:02 - 2014-09-29 14:03 - 00000000 ____D () C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Node.js
2014-09-29 14:02 - 2014-09-29 14:03 - 00000000 ____D () C:\Program Files\nodejs
2014-09-29 14:01 - 2014-09-29 14:02 - 06184960 _____ () C:\Users\Melanie\Downloads\node-v0.10.32-x64(2).msi
2014-09-29 13:58 - 2014-09-29 13:58 - 00001317 _____ () C:\Users\Melanie\Desktop\Console.lnk
2014-09-29 13:46 - 2014-09-29 13:46 - 00000000 ____D () C:\Users\Melanie\Downloads\Console-2.00b148-Beta_src
2014-09-29 13:46 - 2014-09-29 13:46 - 00000000 ____D () C:\Program Files\Console2
2014-09-29 13:45 - 2014-09-29 13:45 - 03699684 _____ () C:\Users\Melanie\Downloads\Console-2.00b148-Beta_src.zip
2014-09-29 13:44 - 2014-09-29 13:44 - 01897882 _____ () C:\Users\Melanie\Downloads\Console-2.00b148-Beta_64bit.zip
2014-09-29 13:11 - 2014-09-29 13:13 - 181484960 _____ (Oracle Corporation) C:\Users\Melanie\Downloads\jdk-8u20-windows-x64(1).exe
2014-09-29 11:51 - 2014-10-03 11:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2014-09-29 11:51 - 2014-10-03 11:32 - 00000000 ____D () C:\Program Files (x86)\Git
2014-09-29 11:50 - 2014-09-29 11:50 - 17806885 _____ (The Git Development Community ) C:\Users\Melanie\Downloads\Git-1.9.4-preview20140815.exe
2014-09-27 21:22 - 2014-09-27 21:23 - 00000000 ____D () C:\Users\Melanie\Documents\Banking
2014-09-25 08:32 - 2014-09-25 08:37 - 00003190 _____ () C:\Users\Melanie\Wahlergebnisse.html
2014-09-25 08:20 - 2014-09-25 08:28 - 00000936 _____ () C:\Users\Melanie\new  3.html
2014-09-25 08:12 - 2014-09-25 08:12 - 00000800 _____ () C:\Users\Melanie\new.html
2014-09-24 17:22 - 2014-09-24 17:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-23 12:33 - 2014-09-23 12:35 - 06184960 _____ () C:\Users\Melanie\Downloads\node-v0.10.32-x64(1).msi
2014-09-23 11:41 - 2014-09-23 11:41 - 06184960 _____ () C:\Users\Melanie\Downloads\node-v0.10.32-x64.msi
2014-09-23 11:01 - 2014-09-23 11:03 - 181484960 _____ (Oracle Corporation) C:\Users\Melanie\Downloads\jdk-8u20-windows-x64.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-21 09:21 - 2013-09-11 04:14 - 00000000 ___RD () C:\Users\Melanie\Dropbox
2014-10-21 09:21 - 2013-08-02 13:03 - 00000000 ____D () C:\Users\Melanie\AppData\Roaming\Dropbox
2014-10-21 09:20 - 2011-07-13 11:20 - 00000000 ____D () C:\ProgramData\clear.fi
2014-10-21 09:19 - 2011-04-06 20:46 - 00000035 _____ () C:\Users\Public\Documents\AtherosServiceConfig.ini
2014-10-21 09:18 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-21 09:17 - 2011-04-06 20:18 - 01798360 _____ () C:\Windows\WindowsUpdate.log
2014-10-21 09:17 - 2011-04-06 20:14 - 00324558 _____ () C:\Windows\PFRO.log
2014-10-21 09:17 - 2009-07-13 21:51 - 00145753 _____ () C:\Windows\setupact.log
2014-10-21 09:16 - 2009-07-13 21:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-21 09:16 - 2009-07-13 21:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-20 18:04 - 2013-10-14 04:05 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-10-20 17:48 - 2011-07-15 10:37 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-19 17:52 - 2014-09-01 04:34 - 00000000 ____D () C:\Users\Melanie\AppData\Roaming\Securepoint SSL VPN
2014-10-19 16:25 - 2011-07-13 10:23 - 00000000 ____D () C:\Users\Melanie
2014-10-19 15:51 - 2011-04-07 06:08 - 00700126 _____ () C:\Windows\system32\perfh007.dat
2014-10-19 15:51 - 2011-04-07 06:08 - 00149976 _____ () C:\Windows\system32\perfc007.dat
2014-10-19 15:51 - 2009-07-13 22:13 - 01622196 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-19 13:56 - 2009-07-13 20:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-10-19 13:56 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-10-19 08:57 - 2011-07-13 10:23 - 00066104 _____ () C:\Users\Melanie\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-19 08:55 - 2009-07-13 21:45 - 00289408 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-14 16:56 - 2011-08-06 12:12 - 00000000 ____D () C:\Users\Melanie\AppData\Local\CrashDumps
2014-10-14 09:28 - 2013-10-21 00:12 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-14 09:28 - 2013-10-14 04:05 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-14 09:28 - 2013-10-14 04:05 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-13 12:03 - 2013-10-14 04:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-10-10 18:54 - 2013-08-05 03:52 - 00000000 ____D () C:\Users\Melanie\Documents\MATLAB
2014-10-09 22:57 - 2012-03-14 12:34 - 01596476 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-10-09 14:39 - 2011-07-14 08:49 - 00000000 ____D () C:\Users\Melanie\AppData\Roaming\Mozilla
2014-10-06 09:39 - 2011-11-28 12:40 - 00000000 ____D () C:\ProgramData\Avira
2014-10-05 19:20 - 2013-10-14 04:05 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-10-05 09:34 - 2011-07-15 10:43 - 00000000 ____D () C:\Users\Melanie\AppData\Local\Google
2014-10-04 22:13 - 2011-07-15 10:43 - 00000000 ____D () C:\Program Files (x86)\Picasa2
2014-10-03 21:36 - 2011-07-15 10:43 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-03 14:09 - 2012-03-14 12:34 - 00000000 ____D () C:\Users\Melanie\AppData\Roaming\SoftGrid Client
2014-09-29 22:07 - 2013-04-15 07:15 - 00000000 ____D () C:\Users\Melanie\.eclipse
2014-09-29 13:33 - 2014-01-26 11:22 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-09-29 13:33 - 2014-01-26 11:22 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-09-29 13:33 - 2014-01-26 11:22 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-09-29 13:33 - 2014-01-26 11:22 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-09-29 13:33 - 2011-10-22 07:39 - 00000000 ____D () C:\Program Files\Java
2014-09-29 13:19 - 2013-10-04 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-09-29 11:39 - 2014-07-22 11:42 - 00000000 ____D () C:\Users\Melanie\.android
2014-09-29 11:33 - 2009-07-13 22:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-29 10:28 - 2011-11-03 15:04 - 00002201 _____ () C:\Windows\wininit.ini
2014-09-28 23:15 - 2009-07-13 22:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-25 20:33 - 2012-04-22 08:16 - 00000000 ____D () C:\Users\Melanie\workspace2
2014-09-25 07:47 - 2012-05-06 13:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-23 11:11 - 2014-01-25 03:59 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-23 11:08 - 2013-10-04 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

Files to move or delete:
====================
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At3.job
C:\Windows\Tasks\At4.job


Some content of TEMP:
====================
C:\Users\Melanie\AppData\Local\Temp\AskSLib.dll
C:\Users\Melanie\AppData\Local\Temp\avgnt.exe
C:\Users\Melanie\AppData\Local\Temp\AviraSetup1701721.exe
C:\Users\Melanie\AppData\Local\Temp\dl3darm2.dll
C:\Users\Melanie\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpaxpx7w.dll
C:\Users\Melanie\AppData\Local\Temp\i4jdel0.exe
C:\Users\Melanie\AppData\Local\Temp\MSNF05E.exe
C:\Users\Melanie\AppData\Local\Temp\optprosetup.exe
C:\Users\Melanie\AppData\Local\Temp\pyl1C08.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pyl2DC5.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pyl3226.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pyl46DF.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pyl4826.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pyl557E.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pyl5BE5.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pyl7493.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pyl8342.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pyl92BD.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pyl96F1.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pyl9B56.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pylA727.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pylAD6F.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pylB115.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pylB655.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pylC6A8.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pylD97C.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pylE60A.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\pylEA9C.tmp.exe
C:\Users\Melanie\AppData\Local\Temp\Quarantine.exe
C:\Users\Melanie\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Melanie\AppData\Local\Temp\sqlite3.dll
C:\Users\Melanie\AppData\Local\Temp\WZCPlugin_VISTA.exe
C:\Users\Melanie\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Melanie\AppData\Local\Temp\_is2F2C.exe
C:\Users\Melanie\AppData\Local\Temp\_is473.exe
C:\Users\Melanie\AppData\Local\Temp\_is6EF9.exe
C:\Users\Melanie\AppData\Local\Temp\_isB598.exe
C:\Users\Melanie\AppData\Local\Temp\_isE6C5.exe
C:\Users\Melanie\AppData\Local\Temp\_isE926.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-16 08:30

==================== End Of Log ============================
         
--- --- ---

Alt 21.10.2014, 23:26   #13
Bootsektor
/// TB-Ausbilder
 
BOO/TDSS.o Befall - was kann ich tun - Standard

BOO/TDSS.o Befall - was kann ich tun



Hallo,
Zitat:
ich habe beide Schritte ausgeführt, die trovi-Adware ist aber weder in Firefox noch Google-Chrome verschwunden.
Dafür aber jede Menge anderer Kram Trovi machen wir jetzt. Was ist mit dem Port im Firefox, hast du den gesetzt?

Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
FF DefaultSearchEngine: Trovi search
FF SelectedSearchEngine: Trovi search
FF Homepage: hxxp://www.trovi.com/?gd=&ctid=CT3331316&octid=EB_ORIGINAL_CTID&ISID=M588AD584-4A6E-40A5-96F3-1A599BC42A3F&SearchSource=55&CUI=&UM=6&UP=SP888B9F7B-62B1-4371-A1A1-A5FBEB7F20AD&SSPV=
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Schritt 2
In deinem Chrome Browser ist trovi als Startseite eingetragen
Stelle nach dieser Anleitung deine Startseite neu ein.

Schritt 3
Bitte noch Schritt 3 aus meinem vorherigen Post (Fix mit FRST) ausführen, fixlog posten.

Schritt 4
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad.
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
  • Klicke im Anschluss auf Suchlauf, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf jetzt starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Aktionen anwenden.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Suchlauf-Protokoll aus und klicke auf Ansicht. Wähle Exportieren auf Textdatei (.txt) und speichere die Datei als mbam.txt auf dem Desktop ab.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 5
Da der Scan mit Eset sehr gründlich ist, kann er unter Umständen mehrere Stunden dauern

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Schritt 6
Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, wird ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

Antwort

Themen zu BOO/TDSS.o Befall - was kann ich tun
avira, befall, bereits, boo/tdss.o, datei, entferne, erkannt, gefunde, heute, infizierte, infizierte datei, kaspary, laptop, liebe, malewarebytes, malware, problem, programme, programmen, versuch, versucht, win, win7



Ähnliche Themen: BOO/TDSS.o Befall - was kann ich tun


  1. Windows 7 Laptop: Probleme mit Maleware Befall, was kann ich tun?
    Log-Analyse und Auswertung - 12.06.2015 (10)
  2. Sounds werden abgespielt, die ich nicht zuordnen kann. Befall?
    Log-Analyse und Auswertung - 22.02.2013 (7)
  3. Trojan.Zaccess Befall/Was kann ich tun?
    Log-Analyse und Auswertung - 20.07.2012 (4)
  4. BOO/TDss.O in Bootsektoren! Wie kann ich die entfernen?
    Log-Analyse und Auswertung - 09.07.2012 (1)
  5. Befall Verschlüsselungstrojaner 256bit AES - Wer kann mir beim Fix helfen?
    Log-Analyse und Auswertung - 30.06.2012 (1)
  6. Kann BOO/TDss.M - Virus / Malware nicht entfernen!
    Log-Analyse und Auswertung - 20.10.2011 (37)
  7. Befall von Rootkit(TDSS.Gen), Trojan Fraudpack und Rogue Antivir
    Plagegeister aller Art und deren Bekämpfung - 29.06.2010 (8)
  8. HILFE! Rootkit.win32.tdss.d kann nicht gelöscht werden und friert alles ein!
    Plagegeister aller Art und deren Bekämpfung - 01.06.2010 (1)
  9. atapi.sys-Rootkit (TDSS) und weiterer Befall
    Plagegeister aller Art und deren Bekämpfung - 22.05.2010 (3)
  10. PCK.Tdss.Z.230 und Crypt.ZPACK.Gen Trojaner Befall
    Log-Analyse und Auswertung - 03.02.2010 (8)
  11. Trojan.TDss!K - Packed.Win32.Tdss!IK - und wer weiß was noch alles!
    Plagegeister aller Art und deren Bekämpfung - 09.12.2009 (1)
  12. Befall TDSS-X, TDSSPack-L, -K, -O
    Plagegeister aller Art und deren Bekämpfung - 14.06.2009 (53)
  13. Datensicherung nach Backdoor.Win32.TDSS Befall
    Plagegeister aller Art und deren Bekämpfung - 27.01.2009 (0)
  14. BDS/TDSS.adb, BDS/TDSS.JW und einiges mehr
    Log-Analyse und Auswertung - 14.01.2009 (28)
  15. Rootkit RKIT/TDss.G.22 Backdoorprogramm BDS/TDSS.adb und Trojaner TR/Proxy.GHY
    Log-Analyse und Auswertung - 21.12.2008 (28)
  16. Backdoor.TDSS.asz und TDSS.atb gefunden
    Mülltonne - 28.11.2008 (0)
  17. Trojaner Befall, wer kann helfen?
    Log-Analyse und Auswertung - 17.03.2006 (8)

Zum Thema BOO/TDSS.o Befall - was kann ich tun - Liebe User, Mein Laptop (Win7) ist seit heute mit BOO/TDSS.o befallen. Avira hat die Malware zwar erkannt, kann sie aber nicht entfernen. Ich habe bereits mit Malewarebytes und Kaspary TDSSKill - BOO/TDSS.o Befall - was kann ich tun...
Archiv
Du betrachtest: BOO/TDSS.o Befall - was kann ich tun auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.