Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Trojaner-Warnung nach Steam-Update

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 07.12.2014, 11:42   #1
Mokba
 
Trojaner-Warnung nach Steam-Update - Unglücklich

Trojaner-Warnung nach Steam-Update



Gestern habe ich mir ein Spiel installiert (Die Schicksalsklinge), welches leider Steam braucht. Bin ja gar nicht der Fan von Steam, aber gut.. Steam hat dann auch gleich mal ein Update gemacht, ich hab ein paar Stunden gezockt und dann den Rechner ausgemacht.
Als ich ihn heute morgen dann hochgefahren hab, kam die Warnung vom ESET:
C:\Users\ERSTERUSER\AppData\Local\Temp\wininit.exe Variante von MSIL/Injector.GPS Trojaner Gesäubert durch Löschen - in Quarantäne kopiert Ereignis aufgetreten beim Versuch die Datei auszuführen durch die Anwendung: C:\Windows\explorer.exe.

Da gestern das Installieren des Spiels und das Update durch Steam die einzigen Ereignisse waren, die sich vom sonstigen Tagesablauf unterscheiden, gehe ich stark davon aus, dass es damit zusammen hängt.

In der Meldung steht "Gesäubert durch Löschen - in Quarantäne kopiert". Muss ich da jetzt noch irgendwas machen? Ihr seht meiner Fragestellung vielleicht schon an, dass ich nicht so der Crack bin, wenn es um Computer geht, daher bitte in möglichst einfachen Sätzen und ohne viele Fachausdrücke

Vielen Dank für eure Hilfe.

Alt 07.12.2014, 12:23   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner-Warnung nach Steam-Update - Standard

Trojaner-Warnung nach Steam-Update



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 07.12.2014, 13:09   #3
Mokba
 
Trojaner-Warnung nach Steam-Update - Standard

Trojaner-Warnung nach Steam-Update




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-12-2014 01
Ran by ERSTERUSER (administrator) on CLAUDIA-PC on 07-12-2014 14:05:31
Running from D:\Downloads
Loaded Profile: ERSTERUSER (Available profiles: ERSTERUSER & UpdatusUser)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Super Flexible Software Ltd. & Co. KG) C:\Program Files-s\SuperFlexible\ExtremeVSS.exe
(Seagate Technology LLC) C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(StorageCraft Technology Corporation) C:\Program Files-s\StorageCraft\ShadowProtect\ShadowProtectSvc.exe
(StorageCraft Technology Corporation) C:\Program Files-s\StorageCraft\ShadowProtect\ShadowProtectSvc.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(StorageCraft Technology Corporation) C:\Windows\System32\vsnapvss.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Seagate LLC) C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
(ROCCAT) C:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(ROCCAT) C:\Program Files\ROCCAT\Kone Mouse\OSD.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Oliver Frietsch) C:\Program Files-s\Quicklaunch\QuickLaunch.exe
() C:\Users\ERSTERUSER\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(Super Flexible Software) C:\Program Files-s\SuperFlexible\ExtremeSyncService.exe
() C:\Users\ERSTERUSER\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Audible, Inc.) C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Program Files\UseNeXT\UseNeXT.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MaxMenuMgr] => C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe [185640 2009-05-01] (Seagate LLC)
HKLM\...\Run: [Kone] => C:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE [151552 2008-10-06] (ROCCAT)
HKLM\...\Run: [Malwarebytes' Anti-Malware (reboot)] => "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [Ninite Updater] => C:\Program Files\Ninite Updater\NiniteUpdater.exe [265760 2013-11-14] (Secure By Design Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [1795872 2014-08-19] (NVIDIA Corporation)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5088456 2014-10-01] (ESET)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Run: [Quicklaunch] => C:\Program Files-s\Quicklaunch\QuickLaunch.exe [554496 2006-12-16] (Oliver Frietsch)
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\ERSTERUSER\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Run: [ExtremeSync Background Scheduler] => C:\Program Files-s\SuperFlexible\ExtremeSyncService.exe [13941120 2011-11-18] (Super Flexible Software)
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Run: [Amazon Music] => C:\Users\ERSTERUSER\AppData\Local\Amazon Music\Amazon Music Helper.exe [3162944 2014-07-01] ()
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\MountPoints2: {dac28781-b80c-11df-b978-005056c00008} - F:\LaunchU3.exe -a
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\MountPoints2: {faf60acb-bc8e-11e1-9d41-806e6f6e6963} - E:\SETUP.EXE
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
Startup: C:\Users\ERSTERUSER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3507585339-1609819653-644593918-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCCFD043C75EACE01
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de,de-DE;q=0.5
SearchScopes: HKU\S-1-5-21-3507585339-1609819653-644593918-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-3507585339-1609819653-644593918-1000 -> {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb128/?search={searchTerms}&loc=IB_DS&a=6R8vtSumhl&i=26
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3507585339-1609819653-644593918-1000 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} -  No File
Toolbar: HKU\S-1-5-21-3507585339-1609819653-644593918-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\ERSTERUSER\AppData\Roaming\Mozilla\Firefox\Profiles\a7rjlmc2.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files-s\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files-s\Win7codecs\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files-s\Win7codecs\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3507585339-1609819653-644593918-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ERSTERUSER\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3507585339-1609819653-644593918-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\ERSTERUSER\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF HKLM\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: Freemake Video Converter Plugin - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2013-08-10]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "https://www.google.de/"
CHR Profile: C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-07-28]
CHR Extension: (Beautiful landscape) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ambfimhigppdidfmelpjmojccbfdoeig [2013-07-13]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-27]
CHR Extension: (Get F.B. Purity for Facebook) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifpbhmjbfiogpipemadffnijpbcdfkmp [2013-07-13]
CHR Extension: (Freemake Video Converter) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2013-08-10]
CHR Extension: (F.B Purity-Clean Up Facebook) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdlagniojmheiklojdcpdaeepochckl [2013-07-13]
CHR Extension: (Google Wallet) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (ProxPrice) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nopgehbobniifpngnhmljfojnkkopbje [2014-07-28]
CHR Extension: (Privacy Badger) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2014-08-05]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-08-10]
CHR HKLM\...\Chrome\Extension: [jplinpmadfkdgipabgcdchbdikologlh] - C:\Program Files\1ClickDownload\1click12.crx [Not Found]
CHR HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Chrome\Extension: [ncmdmcjifbkefpaijakdbgfjbpaonjhg] - No Path

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1349576 2014-10-01] (ESET)
R2 ExtremeVSSService; C:\Program Files-S\SuperFlexible\ExtremeVSS.exe [3196800 2011-09-20] (Super Flexible Software Ltd. & Co. KG)
R2 FreeAgentGoNext Service; C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe [181544 2009-05-01] (Seagate Technology LLC)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [File not signed]
R2 ShadowProtectSvc; C:\Program Files-s\StorageCraft\ShadowProtect\ShadowProtectSvc.exe [1497632 2009-12-17] (StorageCraft Technology Corporation)
S2 BingDesktopUpdate; "C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [191928 2014-09-22] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [135296 2014-09-22] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [176448 2014-09-22] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37928 2014-09-22] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [51288 2014-09-22] (ESET)
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2009-03-31] () [File not signed]
R3 KoneFltr; C:\Windows\System32\drivers\Kone.sys [13056 2008-12-11] (ROCCAT Ltd)
R3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [File not signed]
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2009-09-19] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2009-09-19] (MCCI Corporation)
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [165376 2009-07-22] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [55040 2009-07-22] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2009-07-22] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [293904 2009-07-22] (Microsoft Corporation)
S3 w800bus; C:\Windows\System32\DRIVERS\w800bus.sys [60768 2005-06-13] (MCCI)
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
U5 UnlockerDriver5; C:\Program Files-s\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-07 13:28 - 2014-12-07 14:05 - 00000000 ____D () C:\FRST
2014-12-06 17:33 - 2014-12-06 17:33 - 00000000 ____D () C:\Users\ERSTERUSER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-02 08:37 - 2014-12-02 10:12 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-11-28 14:43 - 2014-11-28 14:43 - 00001760 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-11-28 14:43 - 2014-11-28 14:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-11-28 14:42 - 2014-11-28 14:42 - 00000000 ____D () C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2014-11-28 14:42 - 2014-11-28 14:42 - 00000000 ____D () C:\Program Files\iTunes
2014-11-28 14:42 - 2014-11-28 14:42 - 00000000 ____D () C:\Program Files\iPod
2014-11-28 14:41 - 2014-11-28 14:41 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-11-28 14:41 - 2014-11-28 14:41 - 00000000 ____D () C:\Program Files\Apple Software Update
2014-11-28 14:40 - 2014-11-28 14:40 - 00000000 ____D () C:\Program Files\Bonjour
2014-11-21 16:16 - 2014-11-21 16:59 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-11-21 11:46 - 2014-11-21 11:46 - 00000000 __SHD () C:\Users\ERSTERUSER\AppData\Local\EmieBrowserModeList
2014-11-19 14:33 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 14:33 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 13:07 - 2014-11-19 13:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-11-19 13:07 - 2014-11-19 13:07 - 00000000 ____D () C:\ProgramData\ESET
2014-11-19 13:07 - 2014-11-19 13:07 - 00000000 ____D () C:\Program Files\ESET
2014-11-19 09:00 - 2014-11-26 03:08 - 00002128 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-12 09:51 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 09:50 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 09:50 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 09:49 - 2014-10-10 01:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 09:49 - 2014-10-03 02:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 09:49 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 09:49 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 09:49 - 2014-10-03 02:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 09:49 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 09:49 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 09:49 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 09:49 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 09:49 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 09:49 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 09:49 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 09:49 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 09:49 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 09:48 - 2014-11-05 18:50 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 09:48 - 2014-11-05 18:50 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 09:48 - 2014-11-05 18:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 09:48 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 09:48 - 2014-10-14 02:56 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 09:48 - 2014-10-14 02:50 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 09:48 - 2014-10-14 02:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 09:48 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 09:48 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 09:47 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 09:47 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 09:47 - 2014-11-06 04:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 09:47 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 09:47 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 09:47 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 09:47 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 09:47 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 09:47 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 09:47 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 09:47 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 09:47 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 09:47 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 09:47 - 2014-11-06 03:59 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 09:47 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 09:47 - 2014-11-06 03:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 09:47 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 09:47 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 09:47 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 09:47 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 09:47 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 09:47 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 09:47 - 2014-11-06 03:22 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 09:47 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 09:47 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 09:47 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 09:47 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 09:47 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 09:47 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 09:47 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-07 14:06 - 2013-11-16 18:41 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cee2f31d07067f.job
2014-12-07 14:06 - 2010-02-14 15:26 - 00000000 ____D () C:\Users\ERSTERUSER\AppData\Roaming\UseNeXT
2014-12-07 14:03 - 2010-02-13 11:44 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-07 13:29 - 2013-08-01 06:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-07 10:57 - 2009-07-14 05:34 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-07 10:57 - 2009-07-14 05:34 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-07 10:51 - 2010-02-13 11:43 - 01222100 _____ () C:\Windows\WindowsUpdate.log
2014-12-07 10:50 - 2014-06-17 16:26 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8a4073898d18.job
2014-12-07 10:50 - 2012-06-25 11:49 - 00000000 ____D () C:\Users\ERSTERUSER\AppData\Roaming\Dropbox
2014-12-07 10:50 - 2010-02-13 21:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-12-07 10:50 - 2010-02-13 12:11 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-07 10:50 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-07 10:50 - 2009-07-14 05:39 - 00117130 _____ () C:\Windows\setupact.log
2014-12-06 23:38 - 2014-04-10 08:50 - 00000000 ____D () C:\Program Files\Steam
2014-12-06 17:50 - 2014-04-10 08:50 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-12-06 14:51 - 2013-06-28 06:54 - 00000000 ____D () C:\Users\ERSTERUSER\AppData\Roaming\vlc
2014-12-03 06:43 - 2011-02-17 18:04 - 00000000 ____D () C:\Users\ERSTERUSER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-12-03 06:43 - 2011-02-17 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-12-03 06:26 - 2012-05-06 13:00 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-28 14:42 - 2014-10-10 19:26 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-28 14:40 - 2010-09-04 13:06 - 00000000 ____D () C:\ProgramData\Apple
2014-11-27 06:34 - 2013-08-01 06:05 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-11-27 06:34 - 2013-08-01 06:05 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-11-22 23:34 - 2013-04-19 16:10 - 00000000 ____D () C:\Program Files\UseNeXT
2014-11-22 23:34 - 2010-02-14 15:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2014-11-21 17:15 - 2010-10-14 20:50 - 00000000 ____D () C:\Windows\Minidump
2014-11-15 09:48 - 2014-09-12 22:42 - 00000000 ____D () C:\Users\ERSTERUSER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-12 17:59 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-11-12 17:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-11-12 16:34 - 2009-07-14 05:33 - 00288400 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 16:32 - 2014-05-02 08:32 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 16:32 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-11-12 16:27 - 2013-08-14 05:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 16:23 - 2010-02-13 22:18 - 100445232 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.3368.dll


Some content of TEMP:
====================
C:\Users\ERSTERUSER\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphnizyw.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-05 00:58

==================== End Of Log ============================
         
--- --- ---



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-12-2014 01
Ran by ERSTERUSER at 2014-12-07 14:06:39
Running from D:\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Advertising Center (Version: 0.0.0.1 - Nero AG) Hidden
Alle meine Passworte 3.15 (HKLM\...\AllemeinePassworte) (Version:  - )
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Amazon Amazon Music) (Version: 3.1.0.570 - Amazon Services LLC)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audible Download Manager (HKLM\...\AudibleDownloadManager) (Version: 6.6.0.13 - Audible, Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 2.28 - Piriform)
CodeStuff Starter (HKLM\...\CodeStuff Starter) (Version: 5.6.2.9 - CodeStuff)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
Dupehunter Professional - Computerbild Edition (HKLM\...\Dupehunter Professional - Computerbild Edition) (Version: 8.1.0.3700 - Carsten Heidtke Software)
ESET Smart Security (HKLM\...\{1F4CBC3C-5CAE-4528-A584-C25E6CE3D7E5}) (Version: 8.0.304.4 - ESET, spol s r. o.)
EzImplant-CDViewer (HKLM\...\{B8CB4ED2-74EE-44F0-88CB-C2DD30B36EEA}) (Version: 1.5.7415 - INFINITT)
EzImplant-CDViewer (Version: 1.5.7415 - INFINITT) Hidden
Fernwartungshilfe für Kunden von PC-Blitzhelfer (HKLM\...\Fernwartungshilfe für Kunden von PC-Blitzhelfer) (Version: 1.0.1 - PC-Blitzhelfer)
Folder Guide (HKLM\...\Folder Guide) (Version:  - )
Freemake Video Converter Version 4.0.3 (HKLM\...\Freemake Video Converter_is1) (Version: 4.0.3 - Ellora Assets Corporation)
Google Chrome (HKLM\...\{BED0D2F3-7407-3B43-A48F-6C33BC3D5DAD}) (Version: 66.30.49217 - Google, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version:  - EFD Software)
HTC Driver Installer (HKLM\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.13.0.003 - HTC Corporation)
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LameXP (HKLM\...\{FBD7A67D-D700-4043-B54F-DD106D00F308}) (Version:  - )
Menu Templates - Starter Kit (Version: 9.4.1.0 - Nero AG) Hidden
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.6109.5003 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Movie Templates - Starter Kit (Version: 9.4.1.0 - Nero AG) Hidden
Mozilla Firefox 27.0 (x86 de) (HKLM\...\Mozilla Firefox 27.0 (x86 de)) (Version: 27.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.2.0 - Mozilla)
Mozilla Thunderbird 31.3.0 (x86 de) (HKLM\...\Mozilla Thunderbird 31.3.0 (x86 de)) (Version: 31.3.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NC Launcher (GameForge) (HKLM\...\NCLauncher_GameForge) (Version:  - NCsoft)
Nero 9 Essentials (HKLM\...\{86bde101-32cf-471a-8575-8de7c21570d8}) (Version:  - Nero AG)
Ninite Updater (HKLM\...\NiniteUpdater) (Version:  - )
NVIDIA 3D Vision Controller-Treiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 306.97 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PC Connectivity Solution (HKLM\...\{AC599724-5755-48C1-ABE7-ABB857652930}) (Version: 8.15.0.0 - Nokia)
PDF24 Creator 6.7.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickLaunch (HKLM\...\QuickLaunch_is1) (Version: 2.3 - Oliver Frietsch)
QuickPar 0.9 (HKLM\...\QuickPar) (Version: 0.9 - Peter B. Clements)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realms of Arkania: Blade of Destiny (HKLM\...\Steam App 237550) (Version:  - Crafty Studios)
ROCCAT Kone Mouse Driver (HKLM\...\{9733747E-E53D-4C17-977E-3A872AFB93E1}) (Version:  - )
Seagate Manager Installer (HKLM\...\InstallShield_{E6F019F1-DFB6-4853-A87D-6E31624755A9}) (Version: 2.02.0109 - Seagate)
Seagate Manager Installer (Version: 2.02.0109 - Seagate) Hidden
ShadowProtect Desktop (HKLM\...\{8850DEC8-22FD-4F05-A3AA-49B91200C24F}) (Version: 3.5.4183 - StorageCraft)
ShadowProtect Desktop (Version: 3.5.4183 - StorageCraft) Hidden
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Flexible File Synchronizer 5.60 (HKLM\...\Super Flexible File Synchronizer_is1) (Version: 5.60 - Super Flexible Software)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version:  - )
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version:  - Bethesda Game Studios)
TomTom HOME (HKLM\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.6 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Unity Web Player (HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unlocker 1.9.0 (HKLM\...\Unlocker) (Version: 1.9.0 - Cedrick Collomb)
UseNeXT by Tangysoft (HKLM\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
Visual Subst (HKLM\...\Visual Subst) (Version: 1.0.6 - NTWind Software)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Win7codecs (HKLM\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 2.1.9 - Shark007)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.2.7235.0 - Microsoft Corporation)
Windows-Treiberpaket - MobileTop (sshpmdm) Modem  (02/23/2007 2.5.0.0) (HKLM\...\6194C28A8F62DD817EA1B918E6E46E806A21B452) (Version: 02/23/2007 2.5.0.0 - MobileTop)
Windows-Treiberpaket - MobileTop (sshpusb) USB  (02/23/2007 2.5.0.0) (HKLM\...\65B6FE5418CE28F4D72543FB2D964C3CEC83F161) (Version: 02/23/2007 2.5.0.0 - MobileTop)
Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0) (HKLM\...\3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F) (Version: 10/12/2007 6.85.4.0 - Nokia)
WinRAR 5.20 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.57\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> C:\Program Files\7-Zip\7-zip.dll (Igor Pavlov)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.2.183.39\goopdate.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{3f04dadf-6ea4-44d1-a507-03cad176f443}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{4E77131D-3629-431C-9818-C5679DC83E81}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{56FDF344-FD6D-11D0-958A-006097C9A090}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{b5eedee0-c06e-11cf-8c56-444553540000}\InprocServer32 -> C:\TotCmdPM-C\Progs\UltraEdit\ue32ctmn.dll ()
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> C:\Windows\system32\actxprxy.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.65\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0AC90BA6-D407-4A06-935C-F95E8CBB14B5} - System32\Tasks\{CD119950-AECB-4970-9DA8-F6213814FE9A} => C:\Program Files\iTunes\iTunes.exe [2014-10-15] (Apple Inc.)
Task: {1063CB4E-C6A1-49F7-AFD4-E77A616A5D08} - System32\Tasks\{2CCBD1DD-5138-4FC2-B65A-A639DB1995AB} => C:\Program Files\Ninite Updater\NiniteUpdater.exe [2013-11-14] (Secure By Design Inc.)
Task: {17D647C6-BA2C-4EE7-AA4E-CD295B7397C9} - System32\Tasks\{593FE8EE-21EC-4C14-A0B7-6F269650F7EE} => C:\Program Files\iTunes\iTunes.exe [2014-10-15] (Apple Inc.)
Task: {1BDD75B6-BB8C-42B1-BECC-601C3736FCA0} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {20CDBC76-9955-4B73-A03A-68ABB5738DBA} - System32\Tasks\{100C0DF1-7649-433E-8DBA-124AF678EF5D} => C:\Program Files\iTunes\iTunes.exe [2014-10-15] (Apple Inc.)
Task: {23AF1B7C-E5A2-4E33-8D17-5CC12BDCEBBE} - System32\Tasks\{AC64EE3F-8680-47B7-889E-8D5F82241735} => C:\Program Files\Ninite Updater\NiniteUpdater.exe [2013-11-14] (Secure By Design Inc.)
Task: {33D76DA5-57BA-4F12-9CCD-2722B3EE282B} - System32\Tasks\GoogleUpdateTaskMachineCore1cf8a4073898d18 => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-13] (Google Inc.)
Task: {3AE0A447-349B-4FA2-B97D-B6049A88D5CE} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {58951724-E1B5-41BA-B202-109D6978DA96} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5F8D57B7-0D18-4F4F-9484-E451F5C6E98C} - System32\Tasks\GoogleUpdateTaskMachineUA1cee2f31d07067f => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-13] (Google Inc.)
Task: {5FD37F6B-B837-498D-87FC-804AC4F661ED} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-27] (Adobe Systems Incorporated)
Task: {75F1BD09-2D15-452A-B5B5-6C2A0A837DE3} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {B5D64E0D-8DAF-468D-8B28-5726C7447D2C} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {D3044F96-FDCB-491E-A7B3-B76F021B5B63} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {EA0A65EE-B164-412D-BB18-C1AA7AE7F78B} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {FED0C4A7-752F-4CD4-AC3F-74E82454929E} - System32\Tasks\{291ABD72-DAA7-4DC2-978E-5A78C2BD2A94} => C:\Program Files\iTunes\iTunes.exe [2014-10-15] (Apple Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8a4073898d18.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cee2f31d07067f.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-10-25 14:48 - 2014-07-02 20:42 - 00107992 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-07 17:27 - 2012-12-07 17:27 - 00167424 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2013-05-22 19:50 - 2013-05-22 19:50 - 00400704 _____ () C:\Users\ERSTERUSER\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2014-07-29 22:22 - 2014-07-01 19:58 - 03162944 _____ () C:\Users\ERSTERUSER\AppData\Local\Amazon Music\Amazon Music Helper.exe
2014-11-26 03:08 - 2014-11-25 07:39 - 01077064 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
2014-11-26 03:08 - 2014-11-25 07:39 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\libegl.dll
2014-11-26 03:08 - 2014-11-25 07:39 - 09009480 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\pdf.dll
2014-11-26 03:08 - 2014-11-25 07:39 - 01677128 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
2013-04-19 16:10 - 2014-11-19 16:21 - 04318720 _____ () C:\Program Files\UseNeXT\UseNeXT.exe
2013-04-19 16:10 - 2014-03-06 10:18 - 00160768 _____ () C:\Program Files\UseNeXT\unrar.dll
2013-04-19 16:10 - 2014-03-06 10:24 - 00041472 _____ () C:\Program Files\UseNeXT\Par2Calc.dll
2014-11-26 03:08 - 2014-11-25 07:39 - 14910280 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:9453D700
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\Users\ERSTERUSER\AppData\Roaming\default.rss:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)



HKU\S-1-5-21-3507585339-1609819653-644593918-1000\Software\Classes\.exe:  =>  <===== ATTENTION!

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3507585339-1609819653-644593918-500 - Administrator - Disabled)
ERSTERUSER (S-1-5-21-3507585339-1609819653-644593918-1000 - Administrator - Enabled) => C:\Users\ERSTERUSER
Gast (S-1-5-21-3507585339-1609819653-644593918-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3507585339-1609819653-644593918-1007 - Limited - Enabled)
UpdatusUser (S-1-5-21-3507585339-1609819653-644593918-1005 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/01/2014 04:57:20 AM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=39.0.2171.71;lang=;guid=F2D1FBB44E12420184E9440CA877A2A0;is_machine=1;oop=1;upload=1;minidump=C:\Program Files\Google\CrashReports\33e77023-5479-4b36-9490-dd502fa4dc72.dmp

Error: (11/28/2014 03:20:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iTunes.exe, Version 12.0.1.26 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 147c

Startzeit: 01d00b14efb4510e

Endzeit: 60000

Anwendungspfad: C:\Program Files\iTunes\iTunes.exe

Berichts-ID:

Error: (11/28/2014 03:06:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iTunes.exe, Version 12.0.1.26 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: eb0

Startzeit: 01d00b1153bb0f15

Endzeit: 21714

Anwendungspfad: C:\Program Files\iTunes\iTunes.exe

Berichts-ID:

Error: (11/27/2014 07:34:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/21/2014 05:00:26 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/21/2014 04:42:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iTunes.exe, Version 11.4.0.18 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: fec

Startzeit: 01d0059fb63cb425

Endzeit: 60000

Anwendungspfad: C:\Program Files\iTunes\iTunes.exe

Berichts-ID:

Error: (11/21/2014 00:07:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iTunes.exe, Version 12.0.1.26 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: ef4

Startzeit: 01d00579bbfdcc28

Endzeit: 0

Anwendungspfad: C:\Program Files\iTunes\iTunes.exe

Berichts-ID:

Error: (11/21/2014 11:29:34 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (11/17/2014 05:37:01 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Error: HTTP-Status 404: Die angeforderte URL ist auf diesem Server nicht vorhanden.
 ErrorCode: 14007(0x36b7).

Error: (11/15/2014 09:56:05 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Error: HTTP-Status 404: Die angeforderte URL ist auf diesem Server nicht vorhanden.
 ErrorCode: 14007(0x36b7).


System errors:
=============
Error: (12/07/2014 01:59:38 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.

Error: (12/07/2014 01:59:38 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.

Error: (12/07/2014 01:59:37 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.

Error: (12/07/2014 00:56:41 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (12/06/2014 05:31:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (12/06/2014 05:31:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (12/05/2014 08:22:54 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR8 gefunden.

Error: (12/04/2014 11:16:02 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (12/04/2014 04:55:19 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎04.‎12.‎2014 um 16:47:36 unerwartet heruntergefahren.

Error: (12/03/2014 02:07:30 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.


Microsoft Office Sessions:
=========================
Error: (12/01/2014 04:57:20 AM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=39.0.2171.71;lang=;guid=F2D1FBB44E12420184E9440CA877A2A0;is_machine=1;oop=1;upload=1;minidump=C:\Program Files\Google\CrashReports\33e77023-5479-4b36-9490-dd502fa4dc72.dmp

Error: (11/28/2014 03:20:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iTunes.exe12.0.1.26147c01d00b14efb4510e60000C:\Program Files\iTunes\iTunes.exe

Error: (11/28/2014 03:06:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iTunes.exe12.0.1.26eb001d00b1153bb0f1521714C:\Program Files\iTunes\iTunes.exe

Error: (11/27/2014 07:34:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"F:\DPInst64.exe

Error: (11/21/2014 05:00:26 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"D:\Eigene Dateien\Downloads\iTunes64Setup1061.exe

Error: (11/21/2014 04:42:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iTunes.exe11.4.0.18fec01d0059fb63cb42560000C:\Program Files\iTunes\iTunes.exe

Error: (11/21/2014 00:07:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iTunes.exe12.0.1.26ef401d00579bbfdcc280C:\Program Files\iTunes\iTunes.exe

Error: (11/21/2014 11:29:34 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (11/17/2014 05:37:01 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Error: HTTP-Status 404: Die angeforderte URL ist auf diesem Server nicht vorhanden.
 ErrorCode: 14007(0x36b7).

Error: (11/15/2014 09:56:05 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Error: HTTP-Status 404: Die angeforderte URL ist auf diesem Server nicht vorhanden.
 ErrorCode: 14007(0x36b7).


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 55%
Total physical RAM: 3327.18 MB
Available physical RAM: 1491.8 MB
Total Pagefile: 6652.65 MB
Available Pagefile: 4603.19 MB
Total Virtual: 2047.88 MB
Available Virtual: 1892.98 MB

==================== Drives ================================

Drive c: (Start-C) (Fixed) (Total:110 GB) (Free:56.68 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Daten-D) (Fixed) (Total:1753.01 GB) (Free:980.61 GB) NTFS
Drive e: (RoA - Blade of D) (CDROM) (Total:4.64 GB) (Free:0 GB) CDFS
Drive f: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
Drive m: (CRUZER) (Removable) (Total:7.47 GB) (Free:0.01 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: DF1E9041)
Partition 1: (Active) - (Size=110 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1753 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 7.5 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
__________________

Alt 08.12.2014, 09:44   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner-Warnung nach Steam-Update - Standard

Trojaner-Warnung nach Steam-Update



hi,

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.12.2014, 12:40   #5
Mokba
 
Trojaner-Warnung nach Steam-Update - Standard

Trojaner-Warnung nach Steam-Update



Code:
ATTFilter
13:35:49.0092 0x1178  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
13:35:57.0105 0x1178  KSN EULA was not accepted. For auto accept you could use -accepteulaksn command line parameter.
13:35:57.0105 0x1178  ============================================================
13:35:57.0105 0x1178  Current date / time: 2014/12/08 13:35:57.0105
13:35:57.0105 0x1178  SystemInfo:
13:35:57.0105 0x1178  
13:35:57.0105 0x1178  OS Version: 6.1.7601 ServicePack: 1.0
13:35:57.0105 0x1178  Product type: Workstation
13:35:57.0105 0x1178  ComputerName: CLAUDIA-PC
13:35:57.0105 0x1178  UserName: ERSTERUSER
13:35:57.0105 0x1178  Windows directory: C:\Windows
13:35:57.0105 0x1178  System windows directory: C:\Windows
13:35:57.0105 0x1178  Processor architecture: Intel x86
13:35:57.0105 0x1178  Number of processors: 4
13:35:57.0105 0x1178  Page size: 0x1000
13:35:57.0105 0x1178  Boot type: Normal boot
13:35:57.0105 0x1178  ============================================================
13:35:58.0369 0x1178  KLMD registered as C:\Windows\system32\drivers\07099069.sys
13:35:59.0133 0x1178  System UUID: {CB3CBFB9-93FF-EE6A-E266-DD68BB7234AE}
13:35:59.0133 0x1178  Skipping KSN library initialization due to KSN EULA unacceptance
13:35:59.0710 0x1178  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:35:59.0804 0x1178  ============================================================
13:35:59.0804 0x1178  \Device\Harddisk0\DR0:
13:35:59.0820 0x1178  MBR partitions:
13:35:59.0820 0x1178  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDC019D9
13:35:59.0820 0x1178  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xDC01A18, BlocksNum 0xDB206E98
13:35:59.0820 0x1178  ============================================================
13:35:59.0913 0x1178  D: <-> \Device\Harddisk0\DR0\Partition2
13:35:59.0991 0x1178  C: <-> \Device\Harddisk0\DR0\Partition1
13:35:59.0991 0x1178  ============================================================
13:35:59.0991 0x1178  Initialize success
13:35:59.0991 0x1178  ============================================================
13:36:55.0458 0x0970  ============================================================
13:36:55.0458 0x0970  Scan started
13:36:55.0458 0x0970  Mode: Manual; SigCheck; TDLFS; 
13:36:55.0458 0x0970  ============================================================
13:36:56.0514 0x0970  ================ Scan system memory ========================
13:36:56.0514 0x0970  System memory - ok
13:36:56.0514 0x0970  ================ Scan services =============================
13:36:57.0142 0x0970  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
13:36:57.0332 0x0970  1394ohci - ok
13:36:57.0347 0x0970  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:36:57.0379 0x0970  ACPI - ok
13:36:57.0394 0x0970  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
13:36:57.0442 0x0970  AcpiPmi - ok
13:36:57.0568 0x0970  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:36:57.0599 0x0970  AdobeARMservice - ok
13:36:57.0662 0x0970  [ F79623288F2A357AB20288B5DC4F452A, AA6F70A4C12E390E08074D6FD0EA0D1856D8274DA833E56A8811BF820A2D41D4 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:36:57.0678 0x0970  AdobeFlashPlayerUpdateSvc - ok
13:36:57.0709 0x0970  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
13:36:57.0756 0x0970  adp94xx - ok
13:36:57.0788 0x0970  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
13:36:57.0804 0x0970  adpahci - ok
13:36:57.0835 0x0970  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
13:36:57.0851 0x0970  adpu320 - ok
13:36:57.0883 0x0970  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:36:57.0962 0x0970  AeLookupSvc - ok
13:36:58.0025 0x0970  [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD             C:\Windows\system32\drivers\afd.sys
13:36:58.0103 0x0970  AFD - ok
13:36:58.0120 0x0970  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
13:36:58.0120 0x0970  agp440 - ok
13:36:58.0135 0x0970  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
13:36:58.0167 0x0970  aic78xx - ok
13:36:58.0230 0x0970  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
13:36:58.0277 0x0970  ALG - ok
13:36:58.0292 0x0970  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:36:58.0324 0x0970  aliide - ok
13:36:58.0339 0x0970  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
13:36:58.0355 0x0970  amdagp - ok
13:36:58.0370 0x0970  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
13:36:58.0386 0x0970  amdide - ok
13:36:58.0402 0x0970  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
13:36:58.0449 0x0970  AmdK8 - ok
13:36:58.0465 0x0970  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
13:36:58.0512 0x0970  AmdPPM - ok
13:36:58.0527 0x0970  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:36:58.0560 0x0970  amdsata - ok
13:36:58.0575 0x0970  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
13:36:58.0591 0x0970  amdsbs - ok
13:36:58.0606 0x0970  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:36:58.0622 0x0970  amdxata - ok
13:36:58.0654 0x0970  [ E499E422412EF37576092A52648DB2B4, 95E9C11258CAF37060242BA4E1170CEDECF3376CF0A9A1E61D46706D7C7F36F8 ] AppID           C:\Windows\system32\drivers\appid.sys
13:36:58.0701 0x0970  AppID - ok
13:36:58.0763 0x0970  [ 89B6FA43B68A373B304DFB8F6776B255, 36ABD9AB89CBC7991DE9B04051B26014982953697862BC46EF8AE4ACC2404128 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:36:58.0810 0x0970  AppIDSvc - ok
13:36:58.0841 0x0970  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
13:36:58.0889 0x0970  Appinfo - ok
13:36:58.0952 0x0970  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:36:58.0984 0x0970  Apple Mobile Device - ok
13:36:59.0062 0x0970  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
13:36:59.0156 0x0970  AppMgmt - ok
13:36:59.0156 0x0970  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
13:36:59.0188 0x0970  arc - ok
13:36:59.0204 0x0970  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
13:36:59.0220 0x0970  arcsas - ok
13:36:59.0330 0x0970  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
13:36:59.0377 0x0970  aspnet_state - ok
13:36:59.0392 0x0970  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:36:59.0456 0x0970  AsyncMac - ok
13:36:59.0471 0x0970  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
13:36:59.0487 0x0970  atapi - ok
13:36:59.0550 0x0970  [ F4157B3CECF19B1C266C83AFF051C97A, 26728B59B6003EB36BC322D189254574E94790CE23637228A669FAD6ED76ECE3 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:36:59.0676 0x0970  AudioEndpointBuilder - ok
13:36:59.0707 0x0970  [ F4157B3CECF19B1C266C83AFF051C97A, 26728B59B6003EB36BC322D189254574E94790CE23637228A669FAD6ED76ECE3 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
13:36:59.0723 0x0970  Audiosrv - ok
13:36:59.0771 0x0970  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:36:59.0818 0x0970  AxInstSV - ok
13:36:59.0849 0x0970  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
13:36:59.0881 0x0970  b06bdrv - ok
13:36:59.0928 0x0970  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
13:36:59.0959 0x0970  b57nd60x - ok
13:37:00.0007 0x0970  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
13:37:00.0054 0x0970  BDESVC - ok
13:37:00.0054 0x0970  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:37:00.0086 0x0970  Beep - ok
13:37:00.0179 0x0970  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
13:37:00.0212 0x0970  BFE - ok
13:37:00.0243 0x0970  BingDesktopUpdate - ok
13:37:00.0274 0x0970  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
13:37:00.0327 0x0970  BITS - ok
13:37:00.0342 0x0970  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:37:00.0358 0x0970  blbdrive - ok
13:37:00.0421 0x0970  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:37:00.0453 0x0970  Bonjour Service - ok
13:37:00.0484 0x0970  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:37:00.0547 0x0970  bowser - ok
13:37:00.0578 0x0970  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:37:00.0625 0x0970  BrFiltLo - ok
13:37:00.0625 0x0970  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:37:00.0657 0x0970  BrFiltUp - ok
13:37:00.0689 0x0970  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
13:37:00.0732 0x0970  Browser - ok
13:37:00.0747 0x0970  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:37:00.0784 0x0970  Brserid - ok
13:37:00.0799 0x0970  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:37:00.0815 0x0970  BrSerWdm - ok
13:37:00.0830 0x0970  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:37:00.0862 0x0970  BrUsbMdm - ok
13:37:00.0862 0x0970  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:37:00.0878 0x0970  BrUsbSer - ok
13:37:00.0894 0x0970  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
13:37:00.0909 0x0970  BTHMODEM - ok
13:37:00.0956 0x0970  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
13:37:00.0988 0x0970  bthserv - ok
13:37:01.0020 0x0970  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:37:01.0051 0x0970  cdfs - ok
13:37:01.0100 0x0970  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:37:01.0142 0x0970  cdrom - ok
13:37:01.0206 0x0970  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:37:01.0237 0x0970  CertPropSvc - ok
13:37:01.0252 0x0970  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
13:37:01.0284 0x0970  circlass - ok
13:37:01.0299 0x0970  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
13:37:01.0335 0x0970  CLFS - ok
13:37:01.0382 0x0970  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:37:01.0398 0x0970  clr_optimization_v2.0.50727_32 - ok
13:37:01.0460 0x0970  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:37:01.0507 0x0970  clr_optimization_v4.0.30319_32 - ok
13:37:01.0523 0x0970  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:37:01.0539 0x0970  CmBatt - ok
13:37:01.0570 0x0970  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:37:01.0586 0x0970  cmdide - ok
13:37:01.0617 0x0970  [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG             C:\Windows\system32\Drivers\cng.sys
13:37:01.0665 0x0970  CNG - ok
13:37:01.0681 0x0970  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
13:37:01.0712 0x0970  Compbatt - ok
13:37:01.0712 0x0970  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
13:37:01.0743 0x0970  CompositeBus - ok
13:37:01.0760 0x0970  COMSysApp - ok
13:37:01.0775 0x0970  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
13:37:01.0806 0x0970  crcdisk - ok
13:37:01.0838 0x0970  [ 623E143F2DF17C0106A9988F5D7DC878, 9DA30262FF22FA9F1DB247CB3B4A2892D79730EF0ECC9589D399D24B4F58E565 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:37:01.0853 0x0970  CryptSvc - ok
13:37:01.0901 0x0970  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
13:37:01.0948 0x0970  CSC - ok
13:37:01.0980 0x0970  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
13:37:02.0011 0x0970  CscService - ok
13:37:02.0090 0x0970  [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc          C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
13:37:02.0137 0x0970  cvhsvc - ok
13:37:02.0153 0x0970  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:37:02.0200 0x0970  DcomLaunch - ok
13:37:02.0232 0x0970  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
13:37:02.0263 0x0970  defragsvc - ok
13:37:02.0294 0x0970  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:37:02.0325 0x0970  DfsC - ok
13:37:02.0373 0x0970  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:37:02.0424 0x0970  Dhcp - ok
13:37:02.0439 0x0970  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
13:37:02.0486 0x0970  discache - ok
13:37:02.0502 0x0970  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
13:37:02.0517 0x0970  Disk - ok
13:37:02.0550 0x0970  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:37:02.0565 0x0970  Dnscache - ok
13:37:02.0596 0x0970  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:37:02.0675 0x0970  dot3svc - ok
13:37:02.0722 0x0970  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
13:37:02.0753 0x0970  DPS - ok
13:37:02.0785 0x0970  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:37:02.0831 0x0970  drmkaud - ok
13:37:02.0864 0x0970  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:37:02.0895 0x0970  DXGKrnl - ok
13:37:02.0942 0x0970  [ 687CCC438AA414AE22EEA081F98DC645, F8CA8B99A241D080D7AD8867244FBACE87095190908D62AB0B989FDBE27D6CE5 ] eamonm          C:\Windows\system32\DRIVERS\eamonm.sys
13:37:03.0005 0x0970  eamonm - ok
13:37:03.0036 0x0970  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
13:37:03.0084 0x0970  EapHost - ok
13:37:03.0210 0x0970  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
13:37:03.0320 0x0970  ebdrv - ok
13:37:03.0367 0x0970  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] EFS             C:\Windows\System32\lsass.exe
13:37:03.0430 0x0970  EFS - ok
13:37:03.0477 0x0970  [ 340870877DBE2A6D848537FC6AC2BA2F, 97A0D3EAC232A86DB3AACF3359B8AA61EF5C5152930E46D37C18BAC6DB234AD7 ] ehdrv           C:\Windows\system32\DRIVERS\ehdrv.sys
13:37:03.0493 0x0970  ehdrv - ok
13:37:03.0539 0x0970  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:37:03.0602 0x0970  ehRecvr - ok
13:37:03.0634 0x0970  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
13:37:03.0681 0x0970  ehSched - ok
13:37:03.0807 0x0970  [ 58FBDA10FC403CF9F82ABD0A68129BA3, D731021C2A94A31CD944E95628AC2DFFF0D555659BF0DF6FC57676B8B88355A4 ] ekrn            C:\Program Files\ESET\ESET Smart Security\ekrn.exe
13:37:03.0886 0x0970  ekrn - ok
13:37:03.0917 0x0970  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
13:37:03.0948 0x0970  elxstor - ok
13:37:03.0965 0x0970  [ 372AA9B1146D66E5D6B65844D9416778, 35E48F3728CC4FB9CA967DAEFC280DA372D740947B69C39A5F5CF2ED64CC8D9D ] epfw            C:\Windows\system32\DRIVERS\epfw.sys
13:37:03.0996 0x0970  epfw - ok
13:37:04.0027 0x0970  [ 2789A04E91E4E2C4CAF24C966342859B, 41CDA6950FE4F0BC1125054D5E8D98FD4A8245332035562B53E6296A90AA1C85 ] EpfwLWF         C:\Windows\system32\DRIVERS\EpfwLWF.sys
13:37:04.0027 0x0970  EpfwLWF - ok
13:37:04.0058 0x0970  [ 752924FC04A89BDD6D6A42BD6D5CA12B, 773D26F0AAC0C5FD8B7C235CE1E0C94B601616599DF79EC9E752E4AC2D26E3AD ] epfwwfp         C:\Windows\system32\DRIVERS\epfwwfp.sys
13:37:04.0075 0x0970  epfwwfp - ok
13:37:04.0090 0x0970  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:37:04.0122 0x0970  ErrDev - ok
13:37:04.0168 0x0970  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
13:37:04.0216 0x0970  EventSystem - ok
13:37:04.0247 0x0970  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
13:37:04.0279 0x0970  exfat - ok
13:37:04.0433 0x0970  [ A7796E1163C2D1DDF66941F1CE92DFEB, 056F8823B1B27B6804599CF0C4AFEEDDA0798A4364AC48BCBA5E8377B669033D ] ExtremeVSSService C:\Program Files-S\SuperFlexible\ExtremeVSS.exe
13:37:04.0559 0x0970  ExtremeVSSService - ok
13:37:04.0574 0x0970  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:37:04.0623 0x0970  fastfat - ok
13:37:04.0654 0x0970  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
13:37:04.0717 0x0970  Fax - ok
13:37:04.0733 0x0970  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
13:37:04.0749 0x0970  fdc - ok
13:37:04.0765 0x0970  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
13:37:04.0796 0x0970  fdPHost - ok
13:37:04.0811 0x0970  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:37:04.0859 0x0970  FDResPub - ok
13:37:04.0875 0x0970  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:37:04.0890 0x0970  FileInfo - ok
13:37:04.0906 0x0970  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:37:04.0937 0x0970  Filetrace - ok
13:37:04.0954 0x0970  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
13:37:04.0969 0x0970  flpydisk - ok
13:37:04.0985 0x0970  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:37:05.0016 0x0970  FltMgr - ok
13:37:05.0095 0x0970  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
13:37:05.0205 0x0970  FontCache - ok
13:37:05.0252 0x0970  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:37:05.0284 0x0970  FontCache3.0.0.0 - ok
13:37:05.0331 0x0970  [ 07AF7870ABF051EBBAE8A8A92FF34ABE, D5FD122A8F1984DA33EB8A0B70F11E5C7B48744B80C182A3B7891CFBC30B2BD3 ] FreeAgentGoNext Service C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
13:37:05.0362 0x0970  FreeAgentGoNext Service - ok
13:37:05.0396 0x0970  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:37:05.0411 0x0970  FsDepends - ok
13:37:05.0442 0x0970  [ B0082808A6856A252F7CDD939892CE50, 3A069239629C4F54049A2CFC6642AC5102ECEAA74470BAA9DDB1AB108D1060EE ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
13:37:05.0458 0x0970  fssfltr - ok
13:37:05.0584 0x0970  [ 28DDEEEC44E988657B732CF404D504CB, 47F83018E5449CDCED3DD447991788EBAAC92C418D4513FBA9408C45E9AB8E7E ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
13:37:05.0647 0x0970  fsssvc - ok
13:37:05.0694 0x0970  [ 790A4CA68F44BE35967B3DF61F3E4675, 7CBC77C620ABA75FEF4BA8AD9C38766D50CD18106EBA4693F162F2C5A7D46AA8 ] FsUsbExDisk     C:\Windows\system32\FsUsbExDisk.SYS
13:37:05.0726 0x0970  FsUsbExDisk - detected UnsignedFile.Multi.Generic ( 1 )
13:37:05.0804 0x0970  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
13:37:05.0820 0x0970  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:37:05.0836 0x0970  Fs_Rec - ok
13:37:05.0883 0x0970  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:37:05.0914 0x0970  fvevol - ok
13:37:05.0948 0x0970  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
13:37:05.0963 0x0970  gagp30kx - ok
13:37:05.0979 0x0970  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:37:05.0994 0x0970  GEARAspiWDM - ok
13:37:06.0026 0x0970  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:37:06.0089 0x0970  gpsvc - ok
13:37:06.0168 0x0970  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
13:37:06.0168 0x0970  gupdate - ok
13:37:06.0184 0x0970  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
13:37:06.0199 0x0970  gupdatem - ok
13:37:06.0230 0x0970  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
13:37:06.0278 0x0970  gusvc - ok
13:37:06.0294 0x0970  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:37:06.0356 0x0970  hcw85cir - ok
13:37:06.0393 0x0970  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:37:06.0409 0x0970  HdAudAddService - ok
13:37:06.0440 0x0970  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
13:37:06.0471 0x0970  HDAudBus - ok
13:37:06.0487 0x0970  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
13:37:06.0519 0x0970  HidBatt - ok
13:37:06.0535 0x0970  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
13:37:06.0566 0x0970  HidBth - ok
13:37:06.0597 0x0970  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
13:37:06.0614 0x0970  HidIr - ok
13:37:06.0645 0x0970  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
13:37:06.0676 0x0970  hidserv - ok
13:37:06.0707 0x0970  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:37:06.0740 0x0970  HidUsb - ok
13:37:06.0755 0x0970  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:37:06.0786 0x0970  hkmsvc - ok
13:37:06.0802 0x0970  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:37:06.0834 0x0970  HomeGroupListener - ok
13:37:06.0865 0x0970  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:37:06.0897 0x0970  HomeGroupProvider - ok
13:37:06.0944 0x0970  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:37:06.0960 0x0970  HpSAMD - ok
13:37:07.0007 0x0970  [ 950CC1E6AE3A6CD23E0945CDE089B02C, C242AE9F21FE7FBC269BD11BDD3346936626DA15596561B527EF20CFAEF77055 ] HTCAND32        C:\Windows\system32\Drivers\ANDROIDUSB.sys
13:37:07.0070 0x0970  HTCAND32 - ok
13:37:07.0117 0x0970  [ 339ADEFAD60353F960E3CA67CE468C24, AF0953ACBE2CA6466595A31349DBF96452DEF2633FD279E8F2B59A3767B89AFC ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys
13:37:07.0148 0x0970  htcnprot - ok
13:37:07.0180 0x0970  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:37:07.0227 0x0970  HTTP - ok
13:37:07.0227 0x0970  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:37:07.0258 0x0970  hwpolicy - ok
13:37:07.0275 0x0970  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
13:37:07.0306 0x0970  i8042prt - ok
13:37:07.0337 0x0970  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:37:07.0369 0x0970  iaStorV - ok
13:37:07.0427 0x0970  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:37:07.0458 0x0970  idsvc - ok
13:37:07.0474 0x0970  IEEtwCollectorService - ok
13:37:07.0506 0x0970  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
13:37:07.0521 0x0970  iirsp - ok
13:37:07.0568 0x0970  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
13:37:07.0600 0x0970  IKEEXT - ok
13:37:07.0632 0x0970  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
13:37:07.0647 0x0970  intelide - ok
13:37:07.0678 0x0970  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:37:07.0694 0x0970  intelppm - ok
13:37:07.0726 0x0970  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:37:07.0773 0x0970  IPBusEnum - ok
13:37:07.0804 0x0970  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:37:07.0868 0x0970  IpFilterDriver - ok
13:37:07.0899 0x0970  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:37:07.0962 0x0970  iphlpsvc - ok
13:37:07.0978 0x0970  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
13:37:07.0993 0x0970  IPMIDRV - ok
13:37:08.0009 0x0970  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:37:08.0057 0x0970  IPNAT - ok
13:37:08.0119 0x0970  [ 4D800977F7EB0C310AF04BF5B517985A, DD4EC347D4759AC401BD08739DE012E5F1903DF2EDEBEA17CCD3C19FF1F6005E ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:37:08.0167 0x0970  iPod Service - ok
13:37:08.0198 0x0970  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:37:08.0229 0x0970  IRENUM - ok
13:37:08.0261 0x0970  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:37:08.0262 0x0970  isapnp - ok
13:37:08.0324 0x0970  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
13:37:08.0355 0x0970  iScsiPrt - ok
13:37:08.0391 0x0970  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:37:08.0423 0x0970  kbdclass - ok
13:37:08.0454 0x0970  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:37:08.0486 0x0970  kbdhid - ok
13:37:08.0533 0x0970  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] KeyIso          C:\Windows\system32\lsass.exe
13:37:08.0548 0x0970  KeyIso - ok
13:37:08.0595 0x0970  [ 5EFBDEF257E891773B22F2544B856C54, BA23313AF76AAEB7842D10FDA890C9E85F2AE7AB26B13A3FAE524D8833A639AE ] KoneFltr        C:\Windows\system32\drivers\Kone.sys
13:37:08.0613 0x0970  KoneFltr - ok
13:37:08.0628 0x0970  [ 4120DA10AA42A9996F4575DB9E3E6E6E, 1C6E790772EA327ACB885D731A030408160534997DD56FEE4D6CEE6929873BB8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:37:08.0660 0x0970  KSecDD - ok
13:37:08.0691 0x0970  [ 1E1845606C5A4579F7F3D95796CC1ED1, 26A478A0B5417CBC880A7F2D977AAC5FBF40EC4296426B757D6ACCBBC09486CC ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:37:08.0708 0x0970  KSecPkg - ok
13:37:08.0724 0x0970  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:37:08.0755 0x0970  KtmRm - ok
13:37:08.0786 0x0970  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:37:08.0819 0x0970  LanmanServer - ok
13:37:08.0834 0x0970  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:37:08.0865 0x0970  LanmanWorkstation - ok
13:37:08.0881 0x0970  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:37:08.0912 0x0970  lltdio - ok
13:37:08.0944 0x0970  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:37:08.0991 0x0970  lltdsvc - ok
13:37:08.0991 0x0970  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:37:09.0039 0x0970  lmhosts - ok
13:37:09.0086 0x0970  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
13:37:09.0117 0x0970  LSI_FC - ok
13:37:09.0133 0x0970  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
13:37:09.0151 0x0970  LSI_SAS - ok
13:37:09.0198 0x0970  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:37:09.0214 0x0970  LSI_SAS2 - ok
13:37:09.0245 0x0970  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:37:09.0262 0x0970  LSI_SCSI - ok
13:37:09.0294 0x0970  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
13:37:09.0325 0x0970  luafv - ok
13:37:09.0377 0x0970  [ A3F4391DFDF2F9E9FE4EAD193265A5AD, A60A1A345622F4758181FB0B6EE784B0B718105FEE7B0F6FEDE5AD59FE448EE1 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
13:37:09.0393 0x0970  MBAMProtector - ok
13:37:09.0471 0x0970  [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler   C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
13:37:09.0549 0x0970  MBAMScheduler - ok
13:37:09.0596 0x0970  [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService     C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
13:37:09.0627 0x0970  MBAMService - ok
13:37:09.0658 0x0970  [ 8E2E9CCD873ABF180F48BCAEEEBE347D, 35DBBB8E63B480151EA5701D9DB7C90642FA2391D044DB400D3644F3E21BB0C1 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
13:37:09.0674 0x0970  MBAMSwissArmy - ok
13:37:09.0705 0x0970  [ 312CD3307F600E7CD340B79B3DCB3A01, 861A6DFC53C69743129DAAFE73DECDE8D842475503E8D713E7CE5D22AC8D1370 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
13:37:09.0723 0x0970  MBAMWebAccessControl - ok
13:37:09.0759 0x0970  [ 8FD868E32459ECE2A1BB0169F513D31E, F28E47FBEC8EC8424FFFB359668E0FEEA66A69E9D737D75472934FAC39770390 ] mcdbus          C:\Windows\system32\DRIVERS\mcdbus.sys
13:37:09.0777 0x0970  mcdbus - detected UnsignedFile.Multi.Generic ( 1 )
13:37:09.0777 0x0970  mcdbus ( UnsignedFile.Multi.Generic ) - warning
13:37:09.0793 0x0970  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:37:09.0824 0x0970  Mcx2Svc - ok
13:37:09.0856 0x0970  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
13:37:09.0872 0x0970  megasas - ok
13:37:09.0887 0x0970  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
13:37:09.0903 0x0970  MegaSR - ok
13:37:09.0919 0x0970  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
13:37:09.0965 0x0970  MMCSS - ok
13:37:09.0965 0x0970  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
13:37:09.0997 0x0970  Modem - ok
13:37:10.0028 0x0970  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:37:10.0043 0x0970  monitor - ok
13:37:10.0075 0x0970  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:37:10.0090 0x0970  mouclass - ok
13:37:10.0106 0x0970  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:37:10.0137 0x0970  mouhid - ok
13:37:10.0137 0x0970  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:37:10.0153 0x0970  mountmgr - ok
13:37:10.0215 0x0970  [ A08662124B1510709C4514E7333E27D8, 4ECF5200484A0412F1B9EEBA10D3E01F6610FA33C99140EB8F329CFDF812FD3B ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:37:10.0246 0x0970  MozillaMaintenance - ok
13:37:10.0262 0x0970  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:37:10.0277 0x0970  mpio - ok
13:37:10.0309 0x0970  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:37:10.0324 0x0970  mpsdrv - ok
13:37:10.0355 0x0970  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:37:10.0402 0x0970  MpsSvc - ok
13:37:10.0433 0x0970  [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:37:10.0480 0x0970  MRxDAV - ok
13:37:10.0511 0x0970  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:37:10.0558 0x0970  mrxsmb - ok
13:37:10.0589 0x0970  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:37:10.0621 0x0970  mrxsmb10 - ok
13:37:10.0636 0x0970  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:37:10.0652 0x0970  mrxsmb20 - ok
13:37:10.0683 0x0970  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:37:10.0699 0x0970  msahci - ok
13:37:10.0714 0x0970  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:37:10.0745 0x0970  msdsm - ok
13:37:10.0777 0x0970  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
13:37:10.0792 0x0970  MSDTC - ok
13:37:10.0823 0x0970  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:37:10.0870 0x0970  Msfs - ok
13:37:10.0886 0x0970  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:37:10.0917 0x0970  mshidkmdf - ok
13:37:10.0933 0x0970  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:37:10.0948 0x0970  msisadrv - ok
13:37:10.0979 0x0970  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:37:11.0026 0x0970  MSiSCSI - ok
13:37:11.0042 0x0970  msiserver - ok
13:37:11.0073 0x0970  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:37:11.0104 0x0970  MSKSSRV - ok
13:37:11.0135 0x0970  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:37:11.0167 0x0970  MSPCLOCK - ok
13:37:11.0182 0x0970  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:37:11.0229 0x0970  MSPQM - ok
13:37:11.0260 0x0970  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:37:11.0276 0x0970  MsRPC - ok
13:37:11.0307 0x0970  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
13:37:11.0323 0x0970  mssmbios - ok
13:37:11.0338 0x0970  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:37:11.0369 0x0970  MSTEE - ok
13:37:11.0385 0x0970  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
13:37:11.0401 0x0970  MTConfig - ok
13:37:11.0432 0x0970  [ D48659BB24C48345D926ECB45C1EBDF5, EDEDE58316827530C25F8085F62AD48EA6D44B0F8AC1917B940F53B02CF72EA6 ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
13:37:11.0447 0x0970  MTsensor - ok
13:37:11.0494 0x0970  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
13:37:11.0510 0x0970  Mup - ok
13:37:11.0541 0x0970  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
13:37:11.0572 0x0970  napagent - ok
13:37:11.0603 0x0970  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:37:11.0635 0x0970  NativeWifiP - ok
13:37:11.0681 0x0970  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:37:11.0713 0x0970  NDIS - ok
13:37:11.0744 0x0970  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:37:11.0775 0x0970  NdisCap - ok
13:37:11.0791 0x0970  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:37:11.0822 0x0970  NdisTapi - ok
13:37:11.0853 0x0970  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:37:11.0884 0x0970  Ndisuio - ok
13:37:11.0900 0x0970  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:37:11.0947 0x0970  NdisWan - ok
13:37:11.0978 0x0970  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:37:12.0025 0x0970  NDProxy - ok
13:37:12.0103 0x0970  [ B90E093E7A7250906F1054418B5339C0, F9A0BAC5B4B29F14B5CACA1047F8928A495EFD56E485492BF71C856B296476D6 ] Nero BackItUp Scheduler 4.0 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
13:37:12.0134 0x0970  Nero BackItUp Scheduler 4.0 - ok
13:37:12.0149 0x0970  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:37:12.0196 0x0970  NetBIOS - ok
13:37:12.0212 0x0970  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:37:12.0243 0x0970  NetBT - ok
13:37:12.0259 0x0970  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] Netlogon        C:\Windows\system32\lsass.exe
13:37:12.0290 0x0970  Netlogon - ok
13:37:12.0321 0x0970  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
13:37:12.0352 0x0970  Netman - ok
13:37:12.0383 0x0970  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:37:12.0415 0x0970  NetMsmqActivator - ok
13:37:12.0415 0x0970  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:37:12.0430 0x0970  NetPipeActivator - ok
13:37:12.0461 0x0970  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
13:37:12.0508 0x0970  netprofm - ok
13:37:12.0539 0x0970  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:37:12.0555 0x0970  NetTcpActivator - ok
13:37:12.0571 0x0970  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:37:12.0586 0x0970  NetTcpPortSharing - ok
13:37:12.0633 0x0970  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
13:37:12.0649 0x0970  nfrd960 - ok
13:37:12.0680 0x0970  [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:37:12.0711 0x0970  NlaSvc - ok
13:37:12.0727 0x0970  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:37:12.0758 0x0970  Npfs - ok
13:37:12.0789 0x0970  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
13:37:12.0836 0x0970  nsi - ok
13:37:12.0851 0x0970  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:37:12.0883 0x0970  nsiproxy - ok
13:37:12.0945 0x0970  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:37:12.0992 0x0970  Ntfs - ok
13:37:13.0023 0x0970  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
13:37:13.0085 0x0970  Null - ok
13:37:13.0132 0x0970  [ 9F8EE4948B7ADD9D12F778F61A2758A4, 9848C7D97AC000BF7A00BAE12593E48E14D36D7FFFCF25A163FAAB446691032F ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
13:37:13.0148 0x0970  NVHDA - ok
13:37:13.0460 0x0970  [ 1E3D32DDBE6BBDC0843432BAD599069F, 908893652F953C01E3FFEA19E76154B6246277720B088A61086A9B336B3EC6AD ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:37:13.0819 0x0970  nvlddmkm - ok
13:37:13.0865 0x0970  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:37:13.0897 0x0970  nvraid - ok
13:37:13.0928 0x0970  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:37:13.0959 0x0970  nvstor - ok
13:37:13.0990 0x0970  [ 5004DAF6A37C5C73FFCF4D3935A6FE87, 52F2149383EC41B18310801FD07C1363EE81C5D1F2B0206460FC7922C00D7A15 ] nvsvc           C:\Windows\system32\nvvsvc.exe
13:37:14.0021 0x0970  nvsvc - ok
13:37:14.0099 0x0970  [ 813B806949EE12980BA93771637D0315, BE30739FE6A64551D2E26A6352680DEF7AB499B4A076E18A7EBAB43D3A9C1B0E ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
13:37:14.0177 0x0970  nvUpdatusService - ok
13:37:14.0193 0x0970  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:37:14.0224 0x0970  nv_agp - ok
13:37:14.0240 0x0970  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:37:14.0263 0x0970  ohci1394 - ok
13:37:14.0326 0x0970  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:37:14.0341 0x0970  ose - ok
13:37:14.0511 0x0970  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:37:14.0667 0x0970  osppsvc - ok
13:37:14.0699 0x0970  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:37:14.0777 0x0970  p2pimsvc - ok
13:37:14.0808 0x0970  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
13:37:14.0842 0x0970  p2psvc - ok
13:37:14.0874 0x0970  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
13:37:14.0889 0x0970  Parport - ok
13:37:14.0920 0x0970  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:37:14.0936 0x0970  partmgr - ok
13:37:14.0967 0x0970  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
13:37:14.0983 0x0970  Parvdm - ok
13:37:15.0030 0x0970  [ 3CAE2BBC86FCF7F94C9696994AF30386, 4DA063A60523567272CFB35DF5D7CA142B100EF9123B1F23A6F11AB89DB83486 ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
13:37:15.0045 0x0970  PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
13:37:15.0045 0x0970  PassThru Service ( UnsignedFile.Multi.Generic ) - warning
13:37:15.0076 0x0970  [ 3A55D53687F16D9EF5BF307BBFEFCD9C, F1BB1B43442B151686500768C43A4D20CAA47427E78386953A42DDB42D9DDF0C ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:37:15.0108 0x0970  PcaSvc - ok
13:37:15.0139 0x0970  [ 175CC28DCF819F78CAA3FBD44AD9E52A, C00F17040440E5C10439FF8110368A7813BD197E96338FD3703C86E399E27128 ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfd.sys
13:37:15.0203 0x0970  pccsmcfd - ok
13:37:15.0253 0x0970  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
13:37:15.0273 0x0970  pci - ok
13:37:15.0294 0x0970  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
13:37:15.0310 0x0970  pciide - ok
13:37:15.0344 0x0970  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
13:37:15.0364 0x0970  pcmcia - ok
13:37:15.0424 0x0970  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:37:15.0448 0x0970  pcw - ok
13:37:15.0482 0x0970  [ 344D1FA0438A967F1A2BAA42C86D6E19, E9CB31CBD9075B84BA771CF82A4C3AB5BF57ADEA3E76ABE8FE36FEACFD681D89 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:37:15.0529 0x0970  PEAUTH - ok
13:37:15.0579 0x0970  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
13:37:15.0686 0x0970  PeerDistSvc - ok
13:37:15.0763 0x0970  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
13:37:15.0847 0x0970  pla - ok
13:37:15.0928 0x0970  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:37:16.0040 0x0970  PlugPlay - ok
13:37:16.0067 0x0970  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:37:16.0088 0x0970  PNRPAutoReg - ok
13:37:16.0109 0x0970  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:37:16.0117 0x0970  PNRPsvc - ok
13:37:16.0179 0x0970  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:37:16.0211 0x0970  PolicyAgent - ok
13:37:16.0242 0x0970  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
13:37:16.0289 0x0970  Power - ok
13:37:16.0320 0x0970  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:37:16.0351 0x0970  PptpMiniport - ok
13:37:16.0367 0x0970  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
13:37:16.0398 0x0970  Processor - ok
13:37:16.0429 0x0970  [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:37:16.0476 0x0970  ProfSvc - ok
13:37:16.0491 0x0970  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:37:16.0507 0x0970  ProtectedStorage - ok
13:37:16.0523 0x0970  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:37:16.0556 0x0970  Psched - ok
13:37:16.0611 0x0970  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
13:37:16.0673 0x0970  ql2300 - ok
13:37:16.0704 0x0970  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
13:37:16.0735 0x0970  ql40xx - ok
13:37:16.0751 0x0970  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
13:37:16.0782 0x0970  QWAVE - ok
13:37:16.0798 0x0970  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:37:16.0829 0x0970  QWAVEdrv - ok
13:37:16.0845 0x0970  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:37:16.0876 0x0970  RasAcd - ok
13:37:16.0907 0x0970  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:37:16.0969 0x0970  RasAgileVpn - ok
13:37:16.0985 0x0970  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
13:37:17.0016 0x0970  RasAuto - ok
13:37:17.0063 0x0970  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:37:17.0094 0x0970  Rasl2tp - ok
13:37:17.0141 0x0970  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
13:37:17.0172 0x0970  RasMan - ok
13:37:17.0188 0x0970  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:37:17.0219 0x0970  RasPppoe - ok
13:37:17.0235 0x0970  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:37:17.0281 0x0970  RasSstp - ok
13:37:17.0297 0x0970  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:37:17.0328 0x0970  rdbss - ok
13:37:17.0344 0x0970  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
13:37:17.0375 0x0970  rdpbus - ok
13:37:17.0391 0x0970  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:37:17.0422 0x0970  RDPCDD - ok
13:37:17.0437 0x0970  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
13:37:17.0515 0x0970  RDPDR - ok
13:37:17.0547 0x0970  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:37:17.0562 0x0970  RDPENCDD - ok
13:37:17.0578 0x0970  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:37:17.0625 0x0970  RDPREFMP - ok
13:37:17.0671 0x0970  [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:37:17.0734 0x0970  RdpVideoMiniport - ok
13:37:17.0765 0x0970  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:37:17.0812 0x0970  RDPWD - ok
13:37:17.0827 0x0970  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:37:17.0843 0x0970  rdyboost - ok
13:37:17.0874 0x0970  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:37:17.0905 0x0970  RemoteAccess - ok
13:37:17.0937 0x0970  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:37:17.0968 0x0970  RemoteRegistry - ok
13:37:17.0999 0x0970  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:37:18.0030 0x0970  RpcEptMapper - ok
13:37:18.0046 0x0970  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
13:37:18.0061 0x0970  RpcLocator - ok
13:37:18.0077 0x0970  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
13:37:18.0108 0x0970  RpcSs - ok
13:37:18.0139 0x0970  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:37:18.0155 0x0970  rspndr - ok
13:37:18.0202 0x0970  [ 5283B9A27FF230F2FF70D92451FF409A, B8BAC70E1DE4485C79CA7B47D4DCFE0223CECEA8ED75CE4F128D47051F95FE5D ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
13:37:18.0217 0x0970  RTL8167 - ok
13:37:18.0249 0x0970  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
13:37:18.0295 0x0970  s3cap - ok
13:37:18.0311 0x0970  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] SamSs           C:\Windows\system32\lsass.exe
13:37:18.0327 0x0970  SamSs - ok
13:37:18.0358 0x0970  [ C7EDD0516DC3D45A1438BBCB560EC2DA, E1502FCC5D8292854BB361A691A593ACA5F8B9F8C35522AE570D872568BA1BDE ] sbmount         C:\Windows\system32\drivers\sbmount.sys
13:37:18.0373 0x0970  sbmount - ok
13:37:18.0420 0x0970  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:37:18.0436 0x0970  sbp2port - ok
13:37:18.0467 0x0970  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:37:18.0498 0x0970  SCardSvr - ok
13:37:18.0529 0x0970  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:37:18.0576 0x0970  scfilter - ok
13:37:18.0623 0x0970  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
13:37:18.0670 0x0970  Schedule - ok
13:37:18.0701 0x0970  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:37:18.0717 0x0970  SCPolicySvc - ok
13:37:18.0732 0x0970  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:37:18.0795 0x0970  SDRSVC - ok
13:37:18.0810 0x0970  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:37:18.0841 0x0970  secdrv - ok
13:37:18.0873 0x0970  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
13:37:18.0904 0x0970  seclogon - ok
13:37:18.0935 0x0970  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
13:37:18.0966 0x0970  SENS - ok
13:37:18.0997 0x0970  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:37:19.0029 0x0970  SensrSvc - ok
13:37:19.0044 0x0970  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
13:37:19.0075 0x0970  Serenum - ok
13:37:19.0091 0x0970  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
13:37:19.0107 0x0970  Serial - ok
13:37:19.0122 0x0970  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
13:37:19.0153 0x0970  sermouse - ok
13:37:19.0200 0x0970  [ 9D38320BB32230349379DF5DDBBF7FCE, 8AAA8B0B60E65F596C3276DCCD0D8146B40172B6D509B597EDFDA46AC8A72A4C ] ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
13:37:19.0231 0x0970  ServiceLayer - detected UnsignedFile.Multi.Generic ( 1 )
13:37:19.0231 0x0970  ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
13:37:19.0263 0x0970  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
13:37:19.0294 0x0970  SessionEnv - ok
13:37:19.0309 0x0970  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:37:19.0341 0x0970  sffdisk - ok
13:37:19.0356 0x0970  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:37:19.0387 0x0970  sffp_mmc - ok
13:37:19.0419 0x0970  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:37:19.0434 0x0970  sffp_sd - ok
13:37:19.0465 0x0970  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
13:37:19.0512 0x0970  sfloppy - ok
13:37:19.0559 0x0970  [ EC5C79BD81F0C55DF53F4818D4F1C2C8, B9650F484CF918781CA3B02278F19E73FA3B619133F75C0C42FEB788A183E0CB ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
13:37:19.0606 0x0970  Sftfs - ok
13:37:19.0653 0x0970  [ 1AEBDC693C74EA55FE05D51FA6573EBC, 92E3A6C8D3B5193BD2831DD47C4C58419F72ABC2C21C71A9A690CCFC2D05CBB0 ] sftlist         C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
13:37:19.0684 0x0970  sftlist - ok
13:37:19.0715 0x0970  [ A224670FB892A205E4D99E06C0B85C7C, 3E2E401FF5E0E9EE4C2BE9F5C3144086F5AB015789C36D7263BBAB59FEEB74C7 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
13:37:19.0731 0x0970  Sftplay - ok
13:37:19.0746 0x0970  [ 9D354D425FB55CDF0EDC7F67FBC5B04E, C3B68F8B5F34B73EF6588DCBB67BE7CB3E59918E7A58D90A83E3D8EBB6ECA291 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
13:37:19.0762 0x0970  Sftredir - ok
13:37:19.0777 0x0970  [ F369D6B89AA610174A4E90C8513B7C7A, 2AEFA10F57C0ED0466611957DED5425363608E88414DD7DCF74E182117B12F5A ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
13:37:19.0793 0x0970  Sftvol - ok
13:37:19.0824 0x0970  [ 19D34534176E62F35DDB7DC7B7FF2A87, DBBB9155B62482E4782E5302193586514880734BD3617FDCB51798EB404758D6 ] sftvsa          C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
13:37:19.0840 0x0970  sftvsa - ok
13:37:19.0949 0x0970  [ A7D7211F0F2BD205FA3452602D8FCA94, DBF18F6065F153903C789FF12D39F98B51E0EBABA847B262489B8B5DFC0714D1 ] ShadowProtectSvc C:\Program Files-s\StorageCraft\ShadowProtect\ShadowProtectSvc.exe
13:37:20.0027 0x0970  ShadowProtectSvc - ok
13:37:20.0058 0x0970  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:37:20.0089 0x0970  SharedAccess - ok
13:37:20.0152 0x0970  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:37:20.0199 0x0970  ShellHWDetection - ok
13:37:20.0230 0x0970  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
13:37:20.0277 0x0970  sisagp - ok
13:37:20.0323 0x0970  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:37:20.0339 0x0970  SiSRaid2 - ok
13:37:20.0355 0x0970  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
13:37:20.0370 0x0970  SiSRaid4 - ok
13:37:20.0401 0x0970  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:37:20.0433 0x0970  Smb - ok
13:37:20.0479 0x0970  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:37:20.0511 0x0970  SNMPTRAP - ok
13:37:20.0542 0x0970  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:37:20.0557 0x0970  spldr - ok
13:37:20.0589 0x0970  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
13:37:20.0667 0x0970  Spooler - ok
13:37:20.0745 0x0970  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
13:37:20.0869 0x0970  sppsvc - ok
13:37:20.0901 0x0970  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:37:20.0934 0x0970  sppuinotify - ok
13:37:20.0981 0x0970  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:37:21.0012 0x0970  srv - ok
13:37:21.0059 0x0970  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:37:21.0105 0x0970  srv2 - ok
13:37:21.0137 0x0970  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:37:21.0152 0x0970  srvnet - ok
13:37:21.0183 0x0970  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:37:21.0215 0x0970  SSDPSRV - ok
13:37:21.0246 0x0970  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:37:21.0277 0x0970  SstpSvc - ok
13:37:21.0293 0x0970  [ 3F0164FBC0BD1ADBD02DF9759181451A, 8BDAA0373BD16B38407F93FE5C697481D4D88C72B1931D6A7B9F80C0276242B9 ] ss_bbus         C:\Windows\system32\DRIVERS\ss_bbus.sys
13:37:21.0308 0x0970  ss_bbus - ok
13:37:21.0339 0x0970  [ B89D62206034E5FE573C80A24DD55675, 26D12E2A7CB538DDEEA7B764242E9EAE25E0A46293AE3608E6B7DD71AECBA901 ] ss_bmdfl        C:\Windows\system32\DRIVERS\ss_bmdfl.sys
13:37:21.0355 0x0970  ss_bmdfl - ok
13:37:21.0371 0x0970  [ 1ED0FCEA586FE2A416EE15196E5631DD, AF1EBAD7D580BF85ACD6C6287892DE4E7A679852887B9E866A032B1DDCF26183 ] ss_bmdm         C:\Windows\system32\DRIVERS\ss_bmdm.sys
13:37:21.0402 0x0970  ss_bmdm - ok
13:37:21.0433 0x0970  [ 306521935042FC0A6988D528643619B3, 6FCC06EA71F5C83A8C3A8B7152E9FF48BCFBD35ED8C134A0879735F9135BB20C ] StarOpen        C:\Windows\system32\drivers\StarOpen.sys
13:37:21.0433 0x0970  StarOpen - detected UnsignedFile.Multi.Generic ( 1 )
13:37:21.0433 0x0970  StarOpen ( UnsignedFile.Multi.Generic ) - warning
13:37:21.0464 0x0970  [ 1E46E6F82684ACCFBD74A5EA8727FD38, 2347CC10CEAC1086D494EA9BFF3DE0BA02B9D8D68323AC77C31A7A6E602F8E6D ] stcvsm          C:\Windows\system32\drivers\stcvsm.sys
13:37:21.0480 0x0970  stcvsm - ok
13:37:21.0527 0x0970  [ CC7ED069C2FC82B5B1555C2044C765CC, CE43363544A3EE2C5133CD0D47BF34AFAFA4EAD6AC9EB9A772EE55E89D4D89D4 ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
13:37:21.0558 0x0970  Steam Client Service - ok
13:37:21.0636 0x0970  [ 5DA84663B5DC64AF9D5E944D809A6099, C5D427F019081BF93C08391845E7B22A9AFCE7D3A6E6F8EA1F36566F05F9843E ] Stereo Service  C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:37:21.0651 0x0970  Stereo Service - ok
13:37:21.0683 0x0970  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
13:37:21.0729 0x0970  stexstor - ok
13:37:21.0776 0x0970  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
13:37:21.0807 0x0970  StiSvc - ok
13:37:21.0839 0x0970  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
13:37:21.0854 0x0970  storflt - ok
13:37:21.0870 0x0970  [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
13:37:21.0932 0x0970  StorSvc - ok
13:37:21.0948 0x0970  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
13:37:21.0979 0x0970  storvsc - ok
13:37:21.0995 0x0970  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
13:37:22.0010 0x0970  swenum - ok
13:37:22.0026 0x0970  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
13:37:22.0073 0x0970  swprv - ok
13:37:22.0104 0x0970  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
13:37:22.0166 0x0970  SysMain - ok
13:37:22.0197 0x0970  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
13:37:22.0229 0x0970  TabletInputService - ok
13:37:22.0244 0x0970  taphss6 - ok
13:37:22.0260 0x0970  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:37:22.0291 0x0970  TapiSrv - ok
13:37:22.0322 0x0970  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
13:37:22.0353 0x0970  TBS - ok
13:37:22.0416 0x0970  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:37:22.0478 0x0970  Tcpip - ok
13:37:22.0525 0x0970  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:37:22.0556 0x0970  TCPIP6 - ok
13:37:22.0587 0x0970  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:37:22.0603 0x0970  tcpipreg - ok
13:37:22.0634 0x0970  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:37:22.0681 0x0970  TDPIPE - ok
13:37:22.0712 0x0970  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:37:22.0728 0x0970  TDTCP - ok
13:37:22.0743 0x0970  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:37:22.0790 0x0970  tdx - ok
13:37:22.0806 0x0970  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
13:37:22.0806 0x0970  TermDD - ok
13:37:22.0837 0x0970  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
13:37:22.0884 0x0970  TermService - ok
13:37:22.0899 0x0970  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
13:37:22.0931 0x0970  Themes - ok
13:37:22.0931 0x0970  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
13:37:22.0962 0x0970  THREADORDER - ok
13:37:23.0009 0x0970  [ 9512B0ED87A530A786B4DDB97D22DB17, 79E9BBFCFDA31BE3CCEF5A76A65CBDAF3DDDFEAE6F9DC51079A64BE5DE48A2DB ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
13:37:23.0024 0x0970  TomTomHOMEService - ok
13:37:23.0055 0x0970  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
13:37:23.0087 0x0970  TrkWks - ok
13:37:23.0118 0x0970  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:37:23.0149 0x0970  TrustedInstaller - ok
13:37:23.0165 0x0970  [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:37:23.0180 0x0970  tssecsrv - ok
13:37:23.0227 0x0970  [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:37:23.0258 0x0970  TsUsbFlt - ok
13:37:23.0289 0x0970  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:37:23.0321 0x0970  tunnel - ok
13:37:23.0336 0x0970  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
13:37:23.0352 0x0970  uagp35 - ok
13:37:23.0383 0x0970  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:37:23.0414 0x0970  udfs - ok
13:37:23.0430 0x0970  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:37:23.0461 0x0970  UI0Detect - ok
13:37:23.0477 0x0970  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:37:23.0492 0x0970  uliagpkx - ok
13:37:23.0508 0x0970  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\drivers\umbus.sys
13:37:23.0523 0x0970  umbus - ok
13:37:23.0539 0x0970  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
13:37:23.0555 0x0970  UmPass - ok
13:37:23.0570 0x0970  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
13:37:23.0601 0x0970  UmRdpService - ok
13:37:23.0679 0x0970  [ BB879DCFD22926EFBEB3298129898CBB, 2A24E6CD5D6E0CEA3082C0699A2371084CC1268B31BC714098EA0D0C11B3AFAC ] UnlockerDriver5 C:\Program Files-s\Unlocker\UnlockerDriver5.sys
13:37:23.0695 0x0970  UnlockerDriver5 - detected UnsignedFile.Multi.Generic ( 1 )
13:37:23.0695 0x0970  UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - warning
13:37:23.0726 0x0970  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
13:37:23.0757 0x0970  upnphost - ok
13:37:23.0789 0x0970  [ EC1C23779BB41A8B2AB2AA6FCE308BDE, D027A2B472CAE97AECB16F69BE52E06CB61E1C61AE196C22662050B711C1C72D ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
13:37:23.0821 0x0970  USBAAPL - ok
13:37:23.0836 0x0970  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:37:23.0899 0x0970  usbccgp - ok
13:37:23.0899 0x0970  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:37:23.0946 0x0970  usbcir - ok
13:37:23.0961 0x0970  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:37:23.0992 0x0970  usbehci - ok
13:37:24.0039 0x0970  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:37:24.0055 0x0970  usbhub - ok
13:37:24.0086 0x0970  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
13:37:24.0102 0x0970  usbohci - ok
13:37:24.0148 0x0970  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:37:24.0164 0x0970  usbprint - ok
13:37:24.0195 0x0970  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:37:24.0226 0x0970  USBSTOR - ok
13:37:24.0242 0x0970  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
13:37:24.0258 0x0970  usbuhci - ok
13:37:24.0289 0x0970  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
13:37:24.0320 0x0970  UxSms - ok
13:37:24.0336 0x0970  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] VaultSvc        C:\Windows\system32\lsass.exe
13:37:24.0351 0x0970  VaultSvc - ok
13:37:24.0367 0x0970  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:37:24.0382 0x0970  vdrvroot - ok
13:37:24.0398 0x0970  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
13:37:24.0429 0x0970  vds - ok
13:37:24.0460 0x0970  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:37:24.0492 0x0970  vga - ok
13:37:24.0492 0x0970  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:37:24.0523 0x0970  VgaSave - ok
13:37:24.0554 0x0970  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
13:37:24.0585 0x0970  vhdmp - ok
13:37:24.0601 0x0970  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
13:37:24.0616 0x0970  viaagp - ok
13:37:24.0632 0x0970  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
13:37:24.0648 0x0970  ViaC7 - ok
13:37:24.0663 0x0970  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:37:24.0679 0x0970  viaide - ok
13:37:24.0710 0x0970  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
13:37:24.0726 0x0970  vmbus - ok
13:37:24.0726 0x0970  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
13:37:24.0741 0x0970  VMBusHID - ok
13:37:24.0757 0x0970  VMnetAdapter - ok
13:37:24.0772 0x0970  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:37:24.0788 0x0970  volmgr - ok
13:37:24.0804 0x0970  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:37:24.0835 0x0970  volmgrx - ok
13:37:24.0850 0x0970  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:37:24.0866 0x0970  volsnap - ok
13:37:24.0897 0x0970  [ 63EF70B7BFB875436D5983E3C77F0681, D0C9A7D42393DEFF33507D4A7ECC207D7CB071D78404B70398A0480C121708AB ] vpcbus          C:\Windows\system32\DRIVERS\vpchbus.sys
13:37:24.0928 0x0970  vpcbus - ok
13:37:24.0960 0x0970  [ 2559494DC74877AFCE97C6F75E4B7020, D5B74A2E076427D9F41C81E98AD1AA934A3B749B3C7D4EEA750CB02DAA3A3FDA ] vpcnfltr        C:\Windows\system32\DRIVERS\vpcnfltr.sys
13:37:24.0975 0x0970  vpcnfltr - ok
13:37:24.0991 0x0970  [ AC0ADAD2AD5A166100CF59FB9A7880B7, D47B1C57F61BC18BE85F3D276ABA936CCF354C03994622710498EE1B440E4698 ] vpcusb          C:\Windows\system32\DRIVERS\vpcusb.sys
13:37:25.0038 0x0970  vpcusb - ok
13:37:25.0053 0x0970  [ 7A806CC4416FE9B1B9C091E31BC638BC, 5F98E6B9285267B2C16DC8E61D6827F787FF44EDA085493E1F68305396EBB675 ] vpcvmm          C:\Windows\system32\drivers\vpcvmm.sys
13:37:25.0084 0x0970  vpcvmm - ok
13:37:25.0100 0x0970  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
13:37:25.0116 0x0970  vsmraid - ok
13:37:25.0131 0x0970  [ DA54496D15E5FA65BFEFD227885F3055, 4E28EDFADD3BE0198EE8C7D4288C43002D9F75D092EEAEB608668513EF06B186 ] VSNAPVSS        C:\Windows\system32\vsnapvss.exe
13:37:25.0147 0x0970  VSNAPVSS - ok
13:37:25.0225 0x0970  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
13:37:25.0272 0x0970  VSS - ok
13:37:25.0287 0x0970  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
13:37:25.0334 0x0970  vwifibus - ok
13:37:25.0365 0x0970  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
13:37:25.0396 0x0970  W32Time - ok
13:37:25.0428 0x0970  [ B8C182DF79AC8938311AC8E193D52762, A92C79A748E2423C9C4AF96A1D823EAD529A04D4E42F7F1F46CD331432D36080 ] w800bus         C:\Windows\system32\DRIVERS\w800bus.sys
13:37:25.0443 0x0970  w800bus - ok
13:37:25.0460 0x0970  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
13:37:25.0491 0x0970  WacomPen - ok
13:37:25.0507 0x0970  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:37:25.0538 0x0970  WANARP - ok
13:37:25.0553 0x0970  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:37:25.0569 0x0970  Wanarpv6 - ok
13:37:25.0663 0x0970  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
13:37:25.0709 0x0970  WatAdminSvc - ok
13:37:25.0756 0x0970  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
13:37:25.0897 0x0970  wbengine - ok
13:37:25.0928 0x0970  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:37:25.0959 0x0970  WbioSrvc - ok
13:37:25.0975 0x0970  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:37:26.0006 0x0970  wcncsvc - ok
13:37:26.0021 0x0970  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:37:26.0061 0x0970  WcsPlugInService - ok
13:37:26.0076 0x0970  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
13:37:26.0092 0x0970  Wd - ok
13:37:26.0123 0x0970  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:37:26.0154 0x0970  Wdf01000 - ok
13:37:26.0170 0x0970  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:37:26.0232 0x0970  WdiServiceHost - ok
13:37:26.0248 0x0970  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:37:26.0263 0x0970  WdiSystemHost - ok
13:37:26.0279 0x0970  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
13:37:26.0310 0x0970  WebClient - ok
13:37:26.0357 0x0970  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:37:26.0404 0x0970  Wecsvc - ok
13:37:26.0419 0x0970  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:37:26.0451 0x0970  wercplsupport - ok
13:37:26.0484 0x0970  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
13:37:26.0515 0x0970  WerSvc - ok
13:37:26.0531 0x0970  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:37:26.0577 0x0970  WfpLwf - ok
13:37:26.0593 0x0970  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:37:26.0609 0x0970  WIMMount - ok
13:37:26.0671 0x0970  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
13:37:26.0733 0x0970  WinDefend - ok
13:37:26.0749 0x0970  WinHttpAutoProxySvc - ok
13:37:26.0936 0x0970  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:37:26.0967 0x0970  Winmgmt - ok
13:37:26.0999 0x0970  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
13:37:27.0077 0x0970  WinRM - ok
13:37:27.0108 0x0970  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
13:37:27.0139 0x0970  WinUsb - ok
13:37:27.0186 0x0970  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:37:27.0248 0x0970  Wlansvc - ok
13:37:27.0342 0x0970  [ 6067ACEF367E79914AF628FA1E9B5330, 491A705267B48C103E00B26BBD21FA8829DB03A88343CBC27264CEE5DE8C8DEF ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:37:27.0357 0x0970  wlcrasvc - ok
13:37:27.0420 0x0970  [ FB01D4AE207B9EFDBABFC55DC95C7E31, E0EFDBBE0BAC275230C8C1A053948C21BCF20B99B92E50939E95FFB9DC87F6BA ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:37:27.0498 0x0970  wlidsvc - ok
13:37:27.0529 0x0970  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
13:37:27.0545 0x0970  WmiAcpi - ok
13:37:27.0591 0x0970  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:37:27.0607 0x0970  wmiApSrv - ok
13:37:27.0669 0x0970  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
13:37:27.0732 0x0970  WMPNetworkSvc - ok
13:37:27.0747 0x0970  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:37:27.0810 0x0970  WPCSvc - ok
13:37:27.0825 0x0970  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:37:27.0857 0x0970  WPDBusEnum - ok
13:37:27.0872 0x0970  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:37:27.0919 0x0970  ws2ifsl - ok
13:37:27.0935 0x0970  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
13:37:27.0981 0x0970  wscsvc - ok
13:37:27.0981 0x0970  WSearch - ok
13:37:28.0075 0x0970  [ D9B0134913E5EF007AF82A418C503322, 7418DD28C8E968674382F8352AAFFC4DE77887E2B71B8844D615F19432B4C55A ] wuauserv        C:\Windows\system32\wuaueng.dll
13:37:28.0169 0x0970  wuauserv - ok
13:37:28.0184 0x0970  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:37:28.0231 0x0970  WudfPf - ok
13:37:28.0247 0x0970  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:37:28.0278 0x0970  WUDFRd - ok
13:37:28.0309 0x0970  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:37:28.0325 0x0970  wudfsvc - ok
13:37:28.0356 0x0970  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:37:28.0403 0x0970  WwanSvc - ok
13:37:28.0418 0x0970  ================ Scan global ===============================
13:37:28.0449 0x0970  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
13:37:28.0481 0x0970  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
13:37:28.0496 0x0970  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
13:37:28.0512 0x0970  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
13:37:28.0561 0x0970  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
13:37:28.0571 0x0970  [ Global ] - ok
13:37:28.0575 0x0970  ================ Scan MBR ==================================
13:37:28.0591 0x0970  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:37:28.0999 0x0970  \Device\Harddisk0\DR0 - ok
13:37:28.0999 0x0970  ================ Scan VBR ==================================
13:37:29.0030 0x0970  [ A7857A603708D60086B034F105D72D72 ] \Device\Harddisk0\DR0\Partition1
13:37:29.0077 0x0970  \Device\Harddisk0\DR0\Partition1 - ok
13:37:29.0092 0x0970  [ 54B50F592762A0681F5DEC3A0ACFF1B5 ] \Device\Harddisk0\DR0\Partition2
13:37:29.0123 0x0970  \Device\Harddisk0\DR0\Partition2 - ok
13:37:29.0123 0x0970  ================ Scan generic autorun ======================
13:37:29.0186 0x0970  [ EC07666783127E0CA927B24FF9EBD9C6, 38E23C6A1222F024B275F1795202E8BB34E68639456C2B27138E288D9104C052 ] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe
13:37:29.0217 0x0970  MaxMenuMgr - ok
13:37:29.0264 0x0970  [ 615F1493A5D111007DA9CF1F9C88EEE0, 3322317012C9DB7ECD100DE6A52CC73CF442FCA4D0492C8EEDC68F8AF24533FF ] C:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE
13:37:29.0264 0x0970  Kone - detected UnsignedFile.Multi.Generic ( 1 )
13:37:29.0264 0x0970  Kone ( UnsignedFile.Multi.Generic ) - warning
13:37:29.0279 0x0970  Malwarebytes' Anti-Malware (reboot) - ok
13:37:29.0326 0x0970  [ 09E60B4FE341A94A300830C008907099, 5F07868953FAA8FFA9E6477F6BAC52DEEDF3EA4A3F8AF5B4E15878D8240223AB ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
13:37:29.0342 0x0970  APSDaemon - ok
13:37:29.0373 0x0970  [ 057E55EDF3D73ABBCF7FF865C359AFA6, 61CE5601225FF7B0530B710B22986E04B69CF4DFBE8212FFE2EA2689C80F3FAB ] C:\Program Files\Ninite Updater\NiniteUpdater.exe
13:37:29.0404 0x0970  Ninite Updater - ok
13:37:29.0498 0x0970  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
13:37:29.0545 0x0970  Adobe ARM - ok
13:37:29.0624 0x0970  [ F6C586C6D7A253ACA913FB49831797DE, BF8BE1660DD8DEE72E195D5A26C9A78454F70F81CEB6E1CF8B8B630D25F66A53 ] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
13:37:29.0686 0x0970  NvBackend - ok
13:37:29.0748 0x0970  [ 16D4D2AB28EDD90AEE06826B3ADF50AB, EE8E54702B22E7F1DB8DE7296132C3473DD9D18B9E9C47414F315173E0A26E16 ] C:\Program Files\PDF24\pdf24.exe
13:37:29.0764 0x0970  PDFPrint - ok
13:37:29.0811 0x0970  [ 14D6542607ACD4B2D1DDB1A36E0D8813, 3A270600549E8E7988D5AF3486C0F504269B9573393D87BF87BDB2287BF007B2 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
13:37:29.0826 0x0970  SunJavaUpdateSched - ok
13:37:29.0873 0x0970  [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files\QuickTime\QTTask.exe
13:37:29.0904 0x0970  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
13:37:29.0904 0x0970  QuickTime Task ( UnsignedFile.Multi.Generic ) - warning
13:37:30.0123 0x0970  [ D2124327CB66F3727D26343122DBC4F5, BEE49D88C8FE602E78613B62BD2F3759596FED0C0F39633CD955A55474F1F479 ] C:\Program Files\ESET\ESET Smart Security\egui.exe
13:37:30.0309 0x0970  egui - ok
13:37:30.0402 0x0970  [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files\iTunes\iTunesHelper.exe
13:37:30.0465 0x0970  iTunesHelper - ok
13:37:30.0527 0x0970  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
13:37:30.0605 0x0970  Sidebar - ok
13:37:30.0605 0x0970  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
13:37:30.0636 0x0970  mctadmin - ok
13:37:30.0683 0x0970  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
13:37:30.0714 0x0970  Sidebar - ok
13:37:30.0730 0x0970  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
13:37:30.0746 0x0970  mctadmin - ok
13:37:30.0792 0x0970  [ 8E5C5A904BF220C835336139448A3B76, 7F70D9AD6A020E0172CAB88F7BD48D60DB8E71E126E8626C251D6C71E8008B64 ] C:\Program Files-s\Quicklaunch\QuickLaunch.exe
13:37:30.0824 0x0970  Quicklaunch - detected UnsignedFile.Multi.Generic ( 1 )
13:37:30.0824 0x0970  Quicklaunch ( UnsignedFile.Multi.Generic ) - warning
13:37:31.0073 0x0970  [ E8405C87CD06FF5D69BC6F3B24D766D0, C82171BEDBFE593A04D09C2E20B0528AA3CEC722D6919F8A5C70C6EFFB9EFEAE ] C:\Users\ERSTERUSER\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
13:37:31.0136 0x0970  AmazonMP3DownloaderHelper - ok
13:37:31.0604 0x0970  [ 463A64DCF4E5CDA3A950A0C7B11027DD, BFA5CB24FF30311FC4284A65B4D3110A69C588B685D5EA367BF6A63B1EC6A1DD ] C:\Program Files-s\SuperFlexible\ExtremeSyncService.exe
13:37:32.0025 0x0970  ExtremeSync Background Scheduler - ok
13:37:32.0150 0x0970  [ ABFE73726B0561B8DBFE4FF30E7D4951, 1774E58DD1C1AB784E988643B71A357CA897F235CBBF4CDF98F0556DCA411585 ] C:\Users\ERSTERUSER\AppData\Local\Amazon Music\Amazon Music Helper.exe
13:37:32.0259 0x0970  Amazon Music - ok
13:37:32.0290 0x0970  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
13:37:32.0337 0x0970  Sidebar - ok
13:37:32.0337 0x0970  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
13:37:32.0353 0x0970  mctadmin - ok
13:37:32.0415 0x0970  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
13:37:32.0446 0x0970  Sidebar - ok
13:37:32.0462 0x0970  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
13:37:32.0477 0x0970  mctadmin - ok
13:37:32.0477 0x0970  ============================================================
13:37:32.0477 0x0970  Scan finished
13:37:32.0477 0x0970  ============================================================
13:37:32.0493 0x0ddc  Detected object count: 9
13:37:32.0493 0x0ddc  Actual detected object count: 9
13:38:48.0808 0x0ddc  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
13:38:48.0808 0x0ddc  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:38:48.0808 0x0ddc  mcdbus ( UnsignedFile.Multi.Generic ) - skipped by user
13:38:48.0808 0x0ddc  mcdbus ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:38:48.0808 0x0ddc  PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:38:48.0808 0x0ddc  PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:38:48.0808 0x0ddc  ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
13:38:48.0808 0x0ddc  ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:38:48.0808 0x0ddc  StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
13:38:48.0808 0x0ddc  StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:38:48.0824 0x0ddc  UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - skipped by user
13:38:48.0824 0x0ddc  UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:38:48.0824 0x0ddc  Kone ( UnsignedFile.Multi.Generic ) - skipped by user
13:38:48.0824 0x0ddc  Kone ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:38:48.0824 0x0ddc  QuickTime Task ( UnsignedFile.Multi.Generic ) - skipped by user
13:38:48.0824 0x0ddc  QuickTime Task ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:38:48.0824 0x0ddc  Quicklaunch ( UnsignedFile.Multi.Generic ) - skipped by user
13:38:48.0824 0x0ddc  Quicklaunch ( UnsignedFile.Multi.Generic ) - User select action: Skip
         


Alt 09.12.2014, 10:29   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner-Warnung nach Steam-Update - Standard

Trojaner-Warnung nach Steam-Update



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> Trojaner-Warnung nach Steam-Update

Alt 10.12.2014, 09:28   #7
Mokba
 
Trojaner-Warnung nach Steam-Update - Standard

Trojaner-Warnung nach Steam-Update



Das hat leider gar nicht funktioniert. Ich konnte keinen Screenshot machen, da der Bildschirm eingefroren war, aber sie lautete ungefähr:
"Scan-Vorgang läuft"
Nach einem Kaltstart läuft alles wie bisher, ich kann auch keine Verlangsamung feststellen.

Alt 10.12.2014, 18:20   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner-Warnung nach Steam-Update - Standard

Trojaner-Warnung nach Steam-Update



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 13.12.2014, 21:59   #9
Mokba
 
Trojaner-Warnung nach Steam-Update - Standard

Trojaner-Warnung nach Steam-Update



Sorry, hat ein bisschen länger gedauert diesmal - blöder Grippevirus.

Code:
ATTFilter
# AdwCleaner v4.105 - Bericht erstellt am 13/12/2014 um 22:54:43
# Aktualisiert 08/12/2014 von Xplode
# Database : 2014-12-13.4 [Live]
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzername : ERSTERUSER - CLAUDIA-PC
# Gestartet von : D:\Eigene Dateien\Downloads\AdwCleaner_4.105.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\Program Files\1ClickDownload
Ordner Gelöscht : C:\Users\ERSTERUSER\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\ERSTERUSER\AppData\Roaming\registry mechanic
Ordner Gelöscht : C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_lyrics.wikia.com_0.localstorage
Datei Gelöscht : C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_lyrics.wikia.com_0.localstorage-journal

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
Schlüssel Gelöscht : HKCU\Software\Alexa Internet
Schlüssel Gelöscht : HKCU\Software\anchorfree
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\distromatic
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\UpdateStar
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\PIP
Schlüssel Gelöscht : HKLM\SOFTWARE\Web Assistant
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v27.0 (de)


-\\ Google Chrome v39.0.2171.95

[C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=49&cc=&mi=35f69b3c00000000000090e6bac907bf

*************************

AdwCleaner[R0].txt - [4115 octets] - [13/12/2014 22:39:59]
AdwCleaner[S0].txt - [4036 octets] - [13/12/2014 22:54:43]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4096 octets] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Professional x86
Ran by ERSTERUSER on 13.12.2014 at 23:00:50,21
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "C:\Users\ERSTERUSER\appdata\locallow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com"



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{18A1CE82-4920-4C69-AD2C-171FB922760D}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{1E69FCF3-6E48-4F0B-8F63-C7B3107C866C}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{2343B2B2-FBD5-41C7-8ECA-65BBBF105C9D}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{2CE687AA-0773-4260-AAEA-ABBDDE6A4455}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{41289636-DDEF-4581-9669-0E3B8450F4A5}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{43EA183B-529C-4067-B4E7-63E03F78F02A}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{4801030D-0C66-4E6F-B338-A98537EB4A78}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{4AF6FE78-3E33-45BD-BE0C-0B9D2B5B2123}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{4C1B95E2-8338-441F-99DC-3C83CF017456}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{50F14731-F8EB-463F-A1CD-98F613E60CAC}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{56755E24-A21B-4279-BB12-9B6858663C7D}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{61A026D4-29CF-44F0-B938-79E014CD7D50}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{6820988A-CEAB-414E-A089-DB6D347F4CAF}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{6D57CCD3-71AF-4A26-A7DF-075C603F5B37}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{7983E433-9B22-4A3C-97E1-848FA88E0C86}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{7A7E709F-AEAB-4E6A-B131-5C67660590CB}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{84A7CDB1-E149-4705-ADEC-09F1E159372D}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{8B88ED79-1546-422F-9B17-5B25E12A238A}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{940E89A1-0F18-4F16-B1CC-C6A862EF3961}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{96AA6247-32D8-42B2-8DCE-5EAFE761F01A}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{9FAA0EA6-D5E1-4B02-9CAA-8F49754D1247}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{A571AF33-F552-4BA6-ABF6-6BB24ED07C7C}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{AED1007B-3D68-4992-9A69-AA5960C6646D}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{B9D6E9CB-BFF3-4CE6-8DEF-87860C3B463B}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{C66C875D-ABCE-4DA1-920E-8CCC1C60F787}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{CC510C75-278F-4FAA-B2EF-125135117DC7}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{E155E047-C97C-4C68-BFBD-B59F4F6B5BDA}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{E4B7344A-086A-4E51-A689-01E627D76079}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{EC04B8E8-7AE3-44EF-935E-5C8F4A9BC756}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{F0CBEE9A-2126-4222-9A67-2896BA689C23}
Successfully deleted: [Empty Folder] C:\Users\ERSTERUSER\appdata\local\{F991A20E-08E7-450F-897F-25F76B40EC48}



~~~ FireFox

Successfully deleted: [File] C:\user.js



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.12.2014 at 23:04:12,42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Geändert von Mokba (13.12.2014 um 22:28 Uhr)

Alt 14.12.2014, 15:32   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner-Warnung nach Steam-Update - Standard

Trojaner-Warnung nach Steam-Update



und der Rest?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 14.12.2014, 18:45   #11
Mokba
 
Trojaner-Warnung nach Steam-Update - Standard

Trojaner-Warnung nach Steam-Update



Hab ich was vergessen? Sorry, mir glüht immer noch die Birne. Ich les mir das morgen nochmal in Ruhe durch.

Alt 15.12.2014, 18:13   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner-Warnung nach Steam-Update - Standard

Trojaner-Warnung nach Steam-Update



MBAM, also Tool 1 in der Liste, und das frische FRST Log
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 17.12.2014, 15:22   #13
Mokba
 
Trojaner-Warnung nach Steam-Update - Standard

Trojaner-Warnung nach Steam-Update



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14-12-2014 01
Ran by ERSTERUSER at 2014-12-17 15:58:26
Running from D:\Eigene Dateien\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advertising Center (Version: 0.0.0.1 - Nero AG) Hidden
Alle meine Passworte 3.15 (HKLM\...\AllemeinePassworte) (Version:  - )
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Amazon Amazon Music) (Version: 3.1.0.570 - Amazon Services LLC)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audible Download Manager (HKLM\...\AudibleDownloadManager) (Version: 6.6.0.13 - Audible, Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 2.28 - Piriform)
CodeStuff Starter (HKLM\...\CodeStuff Starter) (Version: 5.6.2.9 - CodeStuff)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Dupehunter Professional - Computerbild Edition (HKLM\...\Dupehunter Professional - Computerbild Edition) (Version: 8.1.0.3700 - Carsten Heidtke Software)
ESET Smart Security (HKLM\...\{1F4CBC3C-5CAE-4528-A584-C25E6CE3D7E5}) (Version: 8.0.304.4 - ESET, spol s r. o.)
EzImplant-CDViewer (HKLM\...\{B8CB4ED2-74EE-44F0-88CB-C2DD30B36EEA}) (Version: 1.5.7415 - INFINITT)
EzImplant-CDViewer (Version: 1.5.7415 - INFINITT) Hidden
Fernwartungshilfe für Kunden von PC-Blitzhelfer (HKLM\...\Fernwartungshilfe für Kunden von PC-Blitzhelfer) (Version: 1.0.1 - PC-Blitzhelfer)
Folder Guide (HKLM\...\Folder Guide) (Version:  - )
Freemake Video Converter Version 4.0.3 (HKLM\...\Freemake Video Converter_is1) (Version: 4.0.3 - Ellora Assets Corporation)
Google Chrome (HKLM\...\{C3FF5ACB-174A-3E07-AE2A-62063FBCC9B1}) (Version: 66.30.49247 - Google, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version:  - EFD Software)
HTC Driver Installer (HKLM\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.13.0.003 - HTC Corporation)
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LameXP (HKLM\...\{FBD7A67D-D700-4043-B54F-DD106D00F308}) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Menu Templates - Starter Kit (Version: 9.4.1.0 - Nero AG) Hidden
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.6109.5003 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Movie Templates - Starter Kit (Version: 9.4.1.0 - Nero AG) Hidden
Mozilla Firefox 27.0 (x86 de) (HKLM\...\Mozilla Firefox 27.0 (x86 de)) (Version: 27.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.2.0 - Mozilla)
Mozilla Thunderbird 31.3.0 (x86 de) (HKLM\...\Mozilla Thunderbird 31.3.0 (x86 de)) (Version: 31.3.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NC Launcher (GameForge) (HKLM\...\NCLauncher_GameForge) (Version:  - NCsoft)
Nero 9 Essentials (HKLM\...\{86bde101-32cf-471a-8575-8de7c21570d8}) (Version:  - Nero AG)
Ninite Updater (HKLM\...\NiniteUpdater) (Version:  - )
NVIDIA 3D Vision Controller-Treiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 306.97 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PC Connectivity Solution (HKLM\...\{AC599724-5755-48C1-ABE7-ABB857652930}) (Version: 8.15.0.0 - Nokia)
PDF24 Creator 6.7.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickLaunch (HKLM\...\QuickLaunch_is1) (Version: 2.3 - Oliver Frietsch)
QuickPar 0.9 (HKLM\...\QuickPar) (Version: 0.9 - Peter B. Clements)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realms of Arkania: Blade of Destiny (HKLM\...\Steam App 237550) (Version:  - Crafty Studios)
ROCCAT Kone Mouse Driver (HKLM\...\{9733747E-E53D-4C17-977E-3A872AFB93E1}) (Version:  - )
Seagate Manager Installer (HKLM\...\InstallShield_{E6F019F1-DFB6-4853-A87D-6E31624755A9}) (Version: 2.02.0109 - Seagate)
Seagate Manager Installer (Version: 2.02.0109 - Seagate) Hidden
ShadowProtect Desktop (HKLM\...\{8850DEC8-22FD-4F05-A3AA-49B91200C24F}) (Version: 3.5.4183 - StorageCraft)
ShadowProtect Desktop (Version: 3.5.4183 - StorageCraft) Hidden
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Flexible File Synchronizer 5.60 (HKLM\...\Super Flexible File Synchronizer_is1) (Version: 5.60 - Super Flexible Software)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version:  - )
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version:  - Bethesda Game Studios)
TomTom HOME (HKLM\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.6 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Unity Web Player (HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unlocker 1.9.0 (HKLM\...\Unlocker) (Version: 1.9.0 - Cedrick Collomb)
UseNeXT by Tangysoft (HKLM\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
Visual Subst (HKLM\...\Visual Subst) (Version: 1.0.6 - NTWind Software)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Win7codecs (HKLM\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 2.1.9 - Shark007)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.2.7235.0 - Microsoft Corporation)
Windows-Treiberpaket - MobileTop (sshpmdm) Modem  (02/23/2007 2.5.0.0) (HKLM\...\6194C28A8F62DD817EA1B918E6E46E806A21B452) (Version: 02/23/2007 2.5.0.0 - MobileTop)
Windows-Treiberpaket - MobileTop (sshpusb) USB  (02/23/2007 2.5.0.0) (HKLM\...\65B6FE5418CE28F4D72543FB2D964C3CEC83F161) (Version: 02/23/2007 2.5.0.0 - MobileTop)
Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0) (HKLM\...\3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F) (Version: 10/12/2007 6.85.4.0 - Nokia)
WinRAR 5.20 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.57\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> C:\Program Files\7-Zip\7-zip.dll (Igor Pavlov)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.2.183.39\goopdate.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{3f04dadf-6ea4-44d1-a507-03cad176f443}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{4E77131D-3629-431C-9818-C5679DC83E81}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{56FDF344-FD6D-11D0-958A-006097C9A090}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{b5eedee0-c06e-11cf-8c56-444553540000}\InprocServer32 -> C:\TotCmdPM-C\Progs\UltraEdit\ue32ctmn.dll ()
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> C:\Windows\system32\actxprxy.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.65\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0AC90BA6-D407-4A06-935C-F95E8CBB14B5} - System32\Tasks\{CD119950-AECB-4970-9DA8-F6213814FE9A} => C:\Program Files\iTunes\iTunes.exe [2014-10-15] (Apple Inc.)
Task: {1063CB4E-C6A1-49F7-AFD4-E77A616A5D08} - System32\Tasks\{2CCBD1DD-5138-4FC2-B65A-A639DB1995AB} => C:\Program Files\Ninite Updater\NiniteUpdater.exe [2013-11-14] (Secure By Design Inc.)
Task: {17D647C6-BA2C-4EE7-AA4E-CD295B7397C9} - System32\Tasks\{593FE8EE-21EC-4C14-A0B7-6F269650F7EE} => C:\Program Files\iTunes\iTunes.exe [2014-10-15] (Apple Inc.)
Task: {1BDD75B6-BB8C-42B1-BECC-601C3736FCA0} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {20CDBC76-9955-4B73-A03A-68ABB5738DBA} - System32\Tasks\{100C0DF1-7649-433E-8DBA-124AF678EF5D} => C:\Program Files\iTunes\iTunes.exe [2014-10-15] (Apple Inc.)
Task: {23AF1B7C-E5A2-4E33-8D17-5CC12BDCEBBE} - System32\Tasks\{AC64EE3F-8680-47B7-889E-8D5F82241735} => C:\Program Files\Ninite Updater\NiniteUpdater.exe [2013-11-14] (Secure By Design Inc.)
Task: {33D76DA5-57BA-4F12-9CCD-2722B3EE282B} - System32\Tasks\GoogleUpdateTaskMachineCore1cf8a4073898d18 => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-13] (Google Inc.)
Task: {3AE0A447-349B-4FA2-B97D-B6049A88D5CE} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {4F0F9E71-2380-416E-9498-34BFFB46DFE6} - System32\Tasks\{F7564B6E-1F94-45F6-8801-861FD474C13F} => pcalua.exe -a D:\Downloads\267.85_desktop_win7_winvista_32bit_international.exe -d "D:\Eigene Dateien\Desktop"
Task: {58951724-E1B5-41BA-B202-109D6978DA96} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5F8D57B7-0D18-4F4F-9484-E451F5C6E98C} - System32\Tasks\GoogleUpdateTaskMachineUA1cee2f31d07067f => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-13] (Google Inc.)
Task: {5FD37F6B-B837-498D-87FC-804AC4F661ED} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {75F1BD09-2D15-452A-B5B5-6C2A0A837DE3} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {914C6117-625F-4E12-BE29-3158EEC2E19F} - System32\Tasks\{2B2007DA-4AA5-4EFD-80C1-2164C5EE99BE} => pcalua.exe -a "D:\Eigene Dateien\Downloads\Shockwave_Installer_Slim.exe" -d "D:\Eigene Dateien\Downloads"
Task: {A0B33EA5-C94B-4745-AE8A-BE7AAD785BC8} - System32\Tasks\{07C6FB47-2689-4A31-8470-F2E2825F0942} => pcalua.exe -a "C:\Program Files-s\Codestuff\Starter\unStarter.exe"
Task: {B5D64E0D-8DAF-468D-8B28-5726C7447D2C} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {B626FA49-F9AA-41BA-A4E9-BFC9306DC923} - System32\Tasks\{8ADA1F88-BA75-4746-8AF1-4B2D4D9D4A34} => pcalua.exe -a "D:\Eigene Dateien\Downloads\AudibleDM_iTunesSetup.exe" -d "D:\Eigene Dateien\Downloads"
Task: {D3044F96-FDCB-491E-A7B3-B76F021B5B63} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {EA0A65EE-B164-412D-BB18-C1AA7AE7F78B} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {EA8E6B62-CFB3-448D-A481-A0E5096639E7} - System32\Tasks\{B57E924A-9BE1-48CA-955E-394A93E26B06} => pcalua.exe -a E:\Install.exe -d E:\
Task: {FED0C4A7-752F-4CD4-AC3F-74E82454929E} - System32\Tasks\{291ABD72-DAA7-4DC2-978E-5A78C2BD2A94} => C:\Program Files\iTunes\iTunes.exe [2014-10-15] (Apple Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8a4073898d18.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cee2f31d07067f.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-10-25 14:48 - 2014-07-02 20:42 - 00107992 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-07 17:27 - 2012-12-07 17:27 - 00167424 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2013-05-22 19:50 - 2013-05-22 19:50 - 00400704 _____ () C:\Users\ERSTERUSER\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2014-07-29 22:22 - 2014-07-01 19:58 - 03162944 _____ () C:\Users\ERSTERUSER\AppData\Local\Amazon Music\Amazon Music Helper.exe
2010-07-04 22:32 - 2010-07-04 22:32 - 00010752 _____ () C:\Program Files-s\Unlocker\UnlockerCOM.dll
2010-02-13 22:00 - 2008-08-13 16:20 - 00153600 _____ () C:\Program Files-s\Folder Guide\FGShellExt.dll
2014-12-10 06:56 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-10 06:56 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-10 06:56 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-10 06:56 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-10 06:56 - 2014-12-06 02:50 - 14913352 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
2013-04-19 16:10 - 2014-11-19 16:21 - 04318720 _____ () C:\Program Files\UseNeXT\UseNeXT.exe
2013-04-19 16:10 - 2014-03-06 10:24 - 00041472 _____ () C:\Program Files\UseNeXT\Par2Calc.dll
2013-04-19 16:10 - 2014-03-06 10:18 - 00160768 _____ () C:\Program Files\UseNeXT\unrar.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:9453D700
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\Users\ERSTERUSER\AppData\Roaming\default.rss:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)



HKU\S-1-5-21-3507585339-1609819653-644593918-1000\Software\Classes\.exe: exefile =>  <===== ATTENTION!

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3507585339-1609819653-644593918-500 - Administrator - Disabled)
ERSTERUSER (S-1-5-21-3507585339-1609819653-644593918-1000 - Administrator - Enabled) => C:\Users\ERSTERUSER
Gast (S-1-5-21-3507585339-1609819653-644593918-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3507585339-1609819653-644593918-1007 - Limited - Enabled)
UpdatusUser (S-1-5-21-3507585339-1609819653-644593918-1005 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/17/2014 07:22:03 AM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=39.0.2171.95;lang=;guid=F2D1FBB44E12420184E9440CA877A2A0;is_machine=1;oop=1;upload=1;minidump=C:\Program Files\Google\CrashReports\a9e41c9f-f0b5-4bc3-b913-23a7a50b4574.dmp

Error: (12/14/2014 04:17:04 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (12/14/2014 10:50:15 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Picasa3.exe, Version 3.9.138.151 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: bd8

Startzeit: 01d017833e5a66dd

Endzeit: 5

Anwendungspfad: C:\Program Files-s\Google\Picasa3\Picasa3.exe

Berichts-ID: 91037292-8376-11e4-942a-90e6bac907bf


System errors:
=============
Error: (12/17/2014 02:35:51 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR11 gefunden.

Error: (12/17/2014 02:35:51 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR11 gefunden.

Error: (12/17/2014 02:35:50 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR11 gefunden.

Error: (12/17/2014 02:35:50 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR11 gefunden.

Error: (12/17/2014 02:08:27 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (12/17/2014 02:06:43 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR9 gefunden.

Error: (12/17/2014 02:06:42 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR9 gefunden.

Error: (12/17/2014 01:21:12 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (12/16/2014 06:11:20 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.

Error: (12/16/2014 06:11:18 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.


Microsoft Office Sessions:
=========================
Error: (12/17/2014 07:22:03 AM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=39.0.2171.95;lang=;guid=F2D1FBB44E12420184E9440CA877A2A0;is_machine=1;oop=1;upload=1;minidump=C:\Program Files\Google\CrashReports\a9e41c9f-f0b5-4bc3-b913-23a7a50b4574.dmp

Error: (12/14/2014 04:17:04 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"J:\DPInst64.exe

Error: (12/14/2014 10:50:15 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Picasa3.exe3.9.138.151bd801d017833e5a66dd5C:\Program Files-s\Google\Picasa3\Picasa3.exe91037292-8376-11e4-942a-90e6bac907bf


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 63%
Total physical RAM: 3327.18 MB
Available physical RAM: 1223.58 MB
Total Pagefile: 6652.65 MB
Available Pagefile: 3929.15 MB
Total Virtual: 2047.88 MB
Available Virtual: 1903.09 MB

==================== Drives ================================

Drive c: (Start-C) (Fixed) (Total:110 GB) (Free:56.24 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Daten-D) (Fixed) (Total:1753.01 GB) (Free:870.26 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: DF1E9041)
Partition 1: (Active) - (Size=110 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1753 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14-12-2014 01
Ran by ERSTERUSER at 2014-12-17 16:25:20
Running from D:\Eigene Dateien\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advertising Center (Version: 0.0.0.1 - Nero AG) Hidden
Alle meine Passworte 3.15 (HKLM\...\AllemeinePassworte) (Version:  - )
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Amazon Amazon Music) (Version: 3.1.0.570 - Amazon Services LLC)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audible Download Manager (HKLM\...\AudibleDownloadManager) (Version: 6.6.0.13 - Audible, Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 2.28 - Piriform)
CodeStuff Starter (HKLM\...\CodeStuff Starter) (Version: 5.6.2.9 - CodeStuff)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Dupehunter Professional - Computerbild Edition (HKLM\...\Dupehunter Professional - Computerbild Edition) (Version: 8.1.0.3700 - Carsten Heidtke Software)
ESET Smart Security (HKLM\...\{1F4CBC3C-5CAE-4528-A584-C25E6CE3D7E5}) (Version: 8.0.304.4 - ESET, spol s r. o.)
EzImplant-CDViewer (HKLM\...\{B8CB4ED2-74EE-44F0-88CB-C2DD30B36EEA}) (Version: 1.5.7415 - INFINITT)
EzImplant-CDViewer (Version: 1.5.7415 - INFINITT) Hidden
Fernwartungshilfe für Kunden von PC-Blitzhelfer (HKLM\...\Fernwartungshilfe für Kunden von PC-Blitzhelfer) (Version: 1.0.1 - PC-Blitzhelfer)
Folder Guide (HKLM\...\Folder Guide) (Version:  - )
Freemake Video Converter Version 4.0.3 (HKLM\...\Freemake Video Converter_is1) (Version: 4.0.3 - Ellora Assets Corporation)
Google Chrome (HKLM\...\{C3FF5ACB-174A-3E07-AE2A-62063FBCC9B1}) (Version: 66.30.49247 - Google, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version:  - EFD Software)
HTC Driver Installer (HKLM\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.13.0.003 - HTC Corporation)
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LameXP (HKLM\...\{FBD7A67D-D700-4043-B54F-DD106D00F308}) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Menu Templates - Starter Kit (Version: 9.4.1.0 - Nero AG) Hidden
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.6109.5003 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Movie Templates - Starter Kit (Version: 9.4.1.0 - Nero AG) Hidden
Mozilla Firefox 27.0 (x86 de) (HKLM\...\Mozilla Firefox 27.0 (x86 de)) (Version: 27.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.2.0 - Mozilla)
Mozilla Thunderbird 31.3.0 (x86 de) (HKLM\...\Mozilla Thunderbird 31.3.0 (x86 de)) (Version: 31.3.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NC Launcher (GameForge) (HKLM\...\NCLauncher_GameForge) (Version:  - NCsoft)
Nero 9 Essentials (HKLM\...\{86bde101-32cf-471a-8575-8de7c21570d8}) (Version:  - Nero AG)
Ninite Updater (HKLM\...\NiniteUpdater) (Version:  - )
NVIDIA 3D Vision Controller-Treiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 306.97 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PC Connectivity Solution (HKLM\...\{AC599724-5755-48C1-ABE7-ABB857652930}) (Version: 8.15.0.0 - Nokia)
PDF24 Creator 6.7.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickLaunch (HKLM\...\QuickLaunch_is1) (Version: 2.3 - Oliver Frietsch)
QuickPar 0.9 (HKLM\...\QuickPar) (Version: 0.9 - Peter B. Clements)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realms of Arkania: Blade of Destiny (HKLM\...\Steam App 237550) (Version:  - Crafty Studios)
ROCCAT Kone Mouse Driver (HKLM\...\{9733747E-E53D-4C17-977E-3A872AFB93E1}) (Version:  - )
Seagate Manager Installer (HKLM\...\InstallShield_{E6F019F1-DFB6-4853-A87D-6E31624755A9}) (Version: 2.02.0109 - Seagate)
Seagate Manager Installer (Version: 2.02.0109 - Seagate) Hidden
ShadowProtect Desktop (HKLM\...\{8850DEC8-22FD-4F05-A3AA-49B91200C24F}) (Version: 3.5.4183 - StorageCraft)
ShadowProtect Desktop (Version: 3.5.4183 - StorageCraft) Hidden
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Flexible File Synchronizer 5.60 (HKLM\...\Super Flexible File Synchronizer_is1) (Version: 5.60 - Super Flexible Software)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version:  - )
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version:  - Bethesda Game Studios)
TomTom HOME (HKLM\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.6 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Unity Web Player (HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unlocker 1.9.0 (HKLM\...\Unlocker) (Version: 1.9.0 - Cedrick Collomb)
UseNeXT by Tangysoft (HKLM\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
Visual Subst (HKLM\...\Visual Subst) (Version: 1.0.6 - NTWind Software)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Win7codecs (HKLM\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 2.1.9 - Shark007)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.2.7235.0 - Microsoft Corporation)
Windows-Treiberpaket - MobileTop (sshpmdm) Modem  (02/23/2007 2.5.0.0) (HKLM\...\6194C28A8F62DD817EA1B918E6E46E806A21B452) (Version: 02/23/2007 2.5.0.0 - MobileTop)
Windows-Treiberpaket - MobileTop (sshpusb) USB  (02/23/2007 2.5.0.0) (HKLM\...\65B6FE5418CE28F4D72543FB2D964C3CEC83F161) (Version: 02/23/2007 2.5.0.0 - MobileTop)
Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0) (HKLM\...\3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F) (Version: 10/12/2007 6.85.4.0 - Nokia)
WinRAR 5.20 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.57\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> C:\Program Files\7-Zip\7-zip.dll (Igor Pavlov)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.2.183.39\goopdate.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{3f04dadf-6ea4-44d1-a507-03cad176f443}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{4E77131D-3629-431C-9818-C5679DC83E81}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{56FDF344-FD6D-11D0-958A-006097C9A090}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{b5eedee0-c06e-11cf-8c56-444553540000}\InprocServer32 -> C:\TotCmdPM-C\Progs\UltraEdit\ue32ctmn.dll ()
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> C:\Windows\system32\actxprxy.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.65\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3507585339-1609819653-644593918-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\ERSTERUSER\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0AC90BA6-D407-4A06-935C-F95E8CBB14B5} - System32\Tasks\{CD119950-AECB-4970-9DA8-F6213814FE9A} => C:\Program Files\iTunes\iTunes.exe [2014-10-15] (Apple Inc.)
Task: {1063CB4E-C6A1-49F7-AFD4-E77A616A5D08} - System32\Tasks\{2CCBD1DD-5138-4FC2-B65A-A639DB1995AB} => C:\Program Files\Ninite Updater\NiniteUpdater.exe [2013-11-14] (Secure By Design Inc.)
Task: {17D647C6-BA2C-4EE7-AA4E-CD295B7397C9} - System32\Tasks\{593FE8EE-21EC-4C14-A0B7-6F269650F7EE} => C:\Program Files\iTunes\iTunes.exe [2014-10-15] (Apple Inc.)
Task: {1BDD75B6-BB8C-42B1-BECC-601C3736FCA0} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {20CDBC76-9955-4B73-A03A-68ABB5738DBA} - System32\Tasks\{100C0DF1-7649-433E-8DBA-124AF678EF5D} => C:\Program Files\iTunes\iTunes.exe [2014-10-15] (Apple Inc.)
Task: {23AF1B7C-E5A2-4E33-8D17-5CC12BDCEBBE} - System32\Tasks\{AC64EE3F-8680-47B7-889E-8D5F82241735} => C:\Program Files\Ninite Updater\NiniteUpdater.exe [2013-11-14] (Secure By Design Inc.)
Task: {33D76DA5-57BA-4F12-9CCD-2722B3EE282B} - System32\Tasks\GoogleUpdateTaskMachineCore1cf8a4073898d18 => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-13] (Google Inc.)
Task: {3AE0A447-349B-4FA2-B97D-B6049A88D5CE} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {4F0F9E71-2380-416E-9498-34BFFB46DFE6} - System32\Tasks\{F7564B6E-1F94-45F6-8801-861FD474C13F} => pcalua.exe -a D:\Downloads\267.85_desktop_win7_winvista_32bit_international.exe -d "D:\Eigene Dateien\Desktop"
Task: {58951724-E1B5-41BA-B202-109D6978DA96} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5F8D57B7-0D18-4F4F-9484-E451F5C6E98C} - System32\Tasks\GoogleUpdateTaskMachineUA1cee2f31d07067f => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-13] (Google Inc.)
Task: {5FD37F6B-B837-498D-87FC-804AC4F661ED} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {75F1BD09-2D15-452A-B5B5-6C2A0A837DE3} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {914C6117-625F-4E12-BE29-3158EEC2E19F} - System32\Tasks\{2B2007DA-4AA5-4EFD-80C1-2164C5EE99BE} => pcalua.exe -a "D:\Eigene Dateien\Downloads\Shockwave_Installer_Slim.exe" -d "D:\Eigene Dateien\Downloads"
Task: {A0B33EA5-C94B-4745-AE8A-BE7AAD785BC8} - System32\Tasks\{07C6FB47-2689-4A31-8470-F2E2825F0942} => pcalua.exe -a "C:\Program Files-s\Codestuff\Starter\unStarter.exe"
Task: {B5D64E0D-8DAF-468D-8B28-5726C7447D2C} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {B626FA49-F9AA-41BA-A4E9-BFC9306DC923} - System32\Tasks\{8ADA1F88-BA75-4746-8AF1-4B2D4D9D4A34} => pcalua.exe -a "D:\Eigene Dateien\Downloads\AudibleDM_iTunesSetup.exe" -d "D:\Eigene Dateien\Downloads"
Task: {D3044F96-FDCB-491E-A7B3-B76F021B5B63} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {EA0A65EE-B164-412D-BB18-C1AA7AE7F78B} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {EA8E6B62-CFB3-448D-A481-A0E5096639E7} - System32\Tasks\{B57E924A-9BE1-48CA-955E-394A93E26B06} => pcalua.exe -a E:\Install.exe -d E:\
Task: {FED0C4A7-752F-4CD4-AC3F-74E82454929E} - System32\Tasks\{291ABD72-DAA7-4DC2-978E-5A78C2BD2A94} => C:\Program Files\iTunes\iTunes.exe [2014-10-15] (Apple Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8a4073898d18.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cee2f31d07067f.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-10-25 14:48 - 2014-07-02 20:42 - 00107992 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-07 17:27 - 2012-12-07 17:27 - 00167424 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2013-05-22 19:50 - 2013-05-22 19:50 - 00400704 _____ () C:\Users\ERSTERUSER\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2014-07-29 22:22 - 2014-07-01 19:58 - 03162944 _____ () C:\Users\ERSTERUSER\AppData\Local\Amazon Music\Amazon Music Helper.exe
2010-07-04 22:32 - 2010-07-04 22:32 - 00010752 _____ () C:\Program Files-s\Unlocker\UnlockerCOM.dll
2010-02-13 22:00 - 2008-08-13 16:20 - 00153600 _____ () C:\Program Files-s\Folder Guide\FGShellExt.dll
2014-12-10 06:56 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-10 06:56 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-10 06:56 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-10 06:56 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-10 06:56 - 2014-12-06 02:50 - 14913352 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
2013-04-19 16:10 - 2014-11-19 16:21 - 04318720 _____ () C:\Program Files\UseNeXT\UseNeXT.exe
2013-04-19 16:10 - 2014-03-06 10:24 - 00041472 _____ () C:\Program Files\UseNeXT\Par2Calc.dll
2013-04-19 16:10 - 2014-03-06 10:18 - 00160768 _____ () C:\Program Files\UseNeXT\unrar.dll
2013-08-10 12:37 - 2013-07-27 09:32 - 14447630 _____ () C:\Program Files\Freemake\COM\1.1\avcodec-54.dll
2013-08-10 12:37 - 2013-07-27 09:32 - 01078557 _____ () C:\Program Files\Freemake\COM\1.1\xvidcore.dll
2013-08-10 12:37 - 2013-07-27 09:32 - 00190990 _____ () C:\Program Files\Freemake\COM\1.1\avutil-52.dll
2013-08-10 12:37 - 2013-07-27 09:32 - 03028494 _____ () C:\Program Files\Freemake\COM\1.1\avformat-54.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:9453D700
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\Users\ERSTERUSER\AppData\Roaming\default.rss:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)



HKU\S-1-5-21-3507585339-1609819653-644593918-1000\Software\Classes\.exe: exefile =>  <===== ATTENTION!

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3507585339-1609819653-644593918-500 - Administrator - Disabled)
ERSTERUSER (S-1-5-21-3507585339-1609819653-644593918-1000 - Administrator - Enabled) => C:\Users\ERSTERUSER
Gast (S-1-5-21-3507585339-1609819653-644593918-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3507585339-1609819653-644593918-1007 - Limited - Enabled)
UpdatusUser (S-1-5-21-3507585339-1609819653-644593918-1005 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/17/2014 07:22:03 AM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=39.0.2171.95;lang=;guid=F2D1FBB44E12420184E9440CA877A2A0;is_machine=1;oop=1;upload=1;minidump=C:\Program Files\Google\CrashReports\a9e41c9f-f0b5-4bc3-b913-23a7a50b4574.dmp

Error: (12/14/2014 04:17:04 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (12/14/2014 10:50:15 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Picasa3.exe, Version 3.9.138.151 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: bd8

Startzeit: 01d017833e5a66dd

Endzeit: 5

Anwendungspfad: C:\Program Files-s\Google\Picasa3\Picasa3.exe

Berichts-ID: 91037292-8376-11e4-942a-90e6bac907bf


System errors:
=============
Error: (12/17/2014 02:35:51 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR11 gefunden.

Error: (12/17/2014 02:35:51 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR11 gefunden.

Error: (12/17/2014 02:35:50 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR11 gefunden.

Error: (12/17/2014 02:35:50 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR11 gefunden.

Error: (12/17/2014 02:08:27 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (12/17/2014 02:06:43 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR9 gefunden.

Error: (12/17/2014 02:06:42 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR9 gefunden.

Error: (12/17/2014 01:21:12 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (12/16/2014 06:11:20 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.

Error: (12/16/2014 06:11:18 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.


Microsoft Office Sessions:
=========================
Error: (12/17/2014 07:22:03 AM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=39.0.2171.95;lang=;guid=F2D1FBB44E12420184E9440CA877A2A0;is_machine=1;oop=1;upload=1;minidump=C:\Program Files\Google\CrashReports\a9e41c9f-f0b5-4bc3-b913-23a7a50b4574.dmp

Error: (12/14/2014 04:17:04 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"J:\DPInst64.exe

Error: (12/14/2014 10:50:15 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Picasa3.exe3.9.138.151bd801d017833e5a66dd5C:\Program Files-s\Google\Picasa3\Picasa3.exe91037292-8376-11e4-942a-90e6bac907bf


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 65%
Total physical RAM: 3327.18 MB
Available physical RAM: 1161.48 MB
Total Pagefile: 6652.65 MB
Available Pagefile: 3867.22 MB
Total Virtual: 2047.88 MB
Available Virtual: 1899.07 MB

==================== Drives ================================

Drive c: (Start-C) (Fixed) (Total:110 GB) (Free:56.24 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Daten-D) (Fixed) (Total:1753.01 GB) (Free:869.89 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: DF1E9041)
Partition 1: (Active) - (Size=110 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1753 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 17.12.2014, 20:04   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner-Warnung nach Steam-Update - Standard

Trojaner-Warnung nach Steam-Update



Ich sehe immer noch kein MBAM Logfile...und keine FRST.txt, dafür zweimal die Addition.txt.

Genau lesen bitte
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.12.2014, 06:42   #15
Mokba
 
Trojaner-Warnung nach Steam-Update - Standard

Trojaner-Warnung nach Steam-Update



oh gott ist das peinlich

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-12-2014 01
Ran by ERSTERUSER (administrator) on CLAUDIA-PC on 17-12-2014 16:24:52
Running from D:\Eigene Dateien\Downloads
Loaded Profile: ERSTERUSER (Available profiles: ERSTERUSER & UpdatusUser)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Super Flexible Software Ltd. & Co. KG) C:\Program Files-s\SuperFlexible\ExtremeVSS.exe
(Seagate Technology LLC) C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(StorageCraft Technology Corporation) C:\Program Files-s\StorageCraft\ShadowProtect\ShadowProtectSvc.exe
(StorageCraft Technology Corporation) C:\Program Files-s\StorageCraft\ShadowProtect\ShadowProtectSvc.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(StorageCraft Technology Corporation) C:\Windows\System32\vsnapvss.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Seagate LLC) C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
(ROCCAT) C:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE
(Secure By Design Inc.) C:\Program Files\Ninite Updater\NiniteUpdater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Oliver Frietsch) C:\Program Files-s\Quicklaunch\QuickLaunch.exe
(ROCCAT) C:\Program Files\ROCCAT\Kone Mouse\OSD.exe
() C:\Users\ERSTERUSER\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(Super Flexible Software) C:\Program Files-s\SuperFlexible\ExtremeSyncService.exe
() C:\Users\ERSTERUSER\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Audible, Inc.) C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Program Files\UseNeXT\UseNeXT.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dinotify.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Freemake) C:\Program Files\Freemake\Freemake Video Converter\FreemakeVC.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MaxMenuMgr] => C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe [185640 2009-05-01] (Seagate LLC)
HKLM\...\Run: [Kone] => C:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE [151552 2008-10-06] (ROCCAT)
HKLM\...\Run: [Malwarebytes' Anti-Malware (reboot)] => "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [Ninite Updater] => C:\Program Files\Ninite Updater\NiniteUpdater.exe [265760 2013-11-14] (Secure By Design Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [1795872 2014-08-19] (NVIDIA Corporation)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5088456 2014-10-01] (ESET)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Run: [Quicklaunch] => C:\Program Files-s\Quicklaunch\QuickLaunch.exe [554496 2006-12-16] (Oliver Frietsch)
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\ERSTERUSER\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Run: [ExtremeSync Background Scheduler] => C:\Program Files-s\SuperFlexible\ExtremeSyncService.exe [13941120 2011-11-18] (Super Flexible Software)
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Run: [Amazon Music] => C:\Users\ERSTERUSER\AppData\Local\Amazon Music\Amazon Music Helper.exe [3162944 2014-07-01] ()
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\MountPoints2: {dac28781-b80c-11df-b978-005056c00008} - F:\LaunchU3.exe -a
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\MountPoints2: {dac2885e-b80c-11df-b978-005056c00008} - F:\LaunchU3.exe -a
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\MountPoints2: {ece483d9-462e-11e4-9966-90e6bac907bf} - J:\HTC_Sync_Manager_PC.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3507585339-1609819653-644593918-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-3507585339-1609819653-644593918-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3507585339-1609819653-644593918-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3507585339-1609819653-644593918-1000 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} -  No File
DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\ERSTERUSER\AppData\Roaming\Mozilla\Firefox\Profiles\a7rjlmc2.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files-s\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files-s\Win7codecs\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files-s\Win7codecs\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3507585339-1609819653-644593918-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ERSTERUSER\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3507585339-1609819653-644593918-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\ERSTERUSER\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: Freemake Video Converter Plugin - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2013-08-10]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "https://www.google.de/"
CHR Profile: C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-07-28]
CHR Extension: (Beautiful landscape) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ambfimhigppdidfmelpjmojccbfdoeig [2013-07-13]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-27]
CHR Extension: (Get F.B. Purity for Facebook) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifpbhmjbfiogpipemadffnijpbcdfkmp [2013-07-13]
CHR Extension: (F.B Purity-Clean Up Facebook) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdlagniojmheiklojdcpdaeepochckl [2013-07-13]
CHR Extension: (Google Wallet) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (ProxPrice) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nopgehbobniifpngnhmljfojnkkopbje [2014-07-28]
CHR Extension: (Privacy Badger) - C:\Users\ERSTERUSER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2014-08-05]
CHR HKU\S-1-5-21-3507585339-1609819653-644593918-1000\...\Chrome\Extension: [ncmdmcjifbkefpaijakdbgfjbpaonjhg] - No Path

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1349576 2014-10-01] (ESET)
R2 ExtremeVSSService; C:\Program Files-S\SuperFlexible\ExtremeVSS.exe [3196800 2011-09-20] (Super Flexible Software Ltd. & Co. KG)
R2 FreeAgentGoNext Service; C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe [181544 2009-05-01] (Seagate Technology LLC)
S2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [File not signed]
R2 ShadowProtectSvc; C:\Program Files-s\StorageCraft\ShadowProtect\ShadowProtectSvc.exe [1497632 2009-12-17] (StorageCraft Technology Corporation)
S2 BingDesktopUpdate; "C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 catchme; C:\Users\ERSTERUSER\AppData\Local\Temp\catchme.sys [31744 2014-12-10] () [File not signed]
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [191928 2014-09-22] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [135296 2014-09-22] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [176448 2014-09-22] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37928 2014-09-22] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [51288 2014-09-22] (ESET)
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2009-03-31] () [File not signed]
R3 KoneFltr; C:\Windows\System32\drivers\Kone.sys [13056 2008-12-11] (ROCCAT Ltd)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
R3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [File not signed]
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2009-09-19] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2009-09-19] (MCCI Corporation)
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [165376 2009-07-22] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [55040 2009-07-22] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2009-07-22] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [293904 2009-07-22] (Microsoft Corporation)
S3 w800bus; C:\Windows\System32\DRIVERS\w800bus.sys [60768 2005-06-13] (MCCI)
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
U5 UnlockerDriver5; C:\Program Files-s\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-13 23:04 - 2014-12-13 23:04 - 00004264 _____ () C:\Users\ERSTERUSER\Desktop\JRT.txt
2014-12-13 23:00 - 2014-12-13 23:00 - 00000000 ____D () C:\Windows\ERUNT
2014-12-13 22:39 - 2014-12-13 22:54 - 00000000 ____D () C:\AdwCleaner
2014-12-10 13:36 - 2014-12-10 13:38 - 00000000 ___SD () C:\ComboFix
2014-12-10 09:46 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-12-10 09:46 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-12-10 09:46 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-12-10 09:46 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-12-10 09:46 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-12-10 09:46 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-12-10 09:46 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-12-10 09:46 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-12-10 09:45 - 2014-12-10 09:46 - 00000000 ____D () C:\Qoobox
2014-12-10 09:44 - 2014-12-10 09:44 - 00000000 ____D () C:\Windows\erdnt
2014-12-10 06:56 - 2014-12-10 06:56 - 00002163 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-10 03:23 - 2014-12-10 03:23 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 03:07 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 02:42 - 2014-12-04 05:38 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 02:42 - 2014-12-04 05:38 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 02:42 - 2014-12-04 05:38 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 02:42 - 2014-12-04 05:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 02:42 - 2014-12-04 05:38 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 02:42 - 2014-12-04 05:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 02:42 - 2014-12-04 05:34 - 00873984 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 02:42 - 2014-12-02 00:28 - 01160872 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 02:42 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 02:42 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 02:42 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 02:42 - 2014-11-22 03:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 02:42 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 02:42 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 02:42 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 02:42 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 02:42 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 02:42 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 02:42 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 02:42 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 02:42 - 2014-11-22 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-10 02:42 - 2014-11-22 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 02:42 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 02:42 - 2014-11-22 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 02:42 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 02:42 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 02:42 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 02:42 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 02:42 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 02:42 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 02:42 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 02:42 - 2014-11-22 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 02:42 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 02:42 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 02:42 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 02:42 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 02:42 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 02:42 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 02:42 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 02:42 - 2014-11-11 02:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 02:37 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 02:36 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 02:36 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 02:36 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 02:36 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 02:36 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 02:36 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-07 20:12 - 2014-12-14 08:29 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-07 20:11 - 2014-12-07 20:11 - 00001067 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-12-07 20:11 - 2014-12-07 20:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-12-07 20:11 - 2014-12-07 20:11 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-12-07 20:11 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-07 20:11 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-07 20:11 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-07 13:28 - 2014-12-17 16:24 - 00000000 ____D () C:\FRST
2014-12-06 17:33 - 2014-12-06 17:33 - 00000000 ____D () C:\Users\ERSTERUSER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-02 08:37 - 2014-12-02 10:12 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-11-28 14:43 - 2014-11-28 14:43 - 00001760 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-11-28 14:43 - 2014-11-28 14:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-11-28 14:42 - 2014-11-28 14:42 - 00000000 ____D () C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2014-11-28 14:42 - 2014-11-28 14:42 - 00000000 ____D () C:\Program Files\iTunes
2014-11-28 14:42 - 2014-11-28 14:42 - 00000000 ____D () C:\Program Files\iPod
2014-11-28 14:41 - 2014-11-28 14:41 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-11-28 14:41 - 2014-11-28 14:41 - 00000000 ____D () C:\Program Files\Apple Software Update
2014-11-28 14:40 - 2014-11-28 14:40 - 00000000 ____D () C:\Program Files\Bonjour
2014-11-21 16:16 - 2014-11-21 16:59 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-11-21 11:46 - 2014-11-21 11:46 - 00000000 __SHD () C:\Users\ERSTERUSER\AppData\Local\EmieBrowserModeList
2014-11-19 14:33 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 14:33 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 13:07 - 2014-11-19 13:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-11-19 13:07 - 2014-11-19 13:07 - 00000000 ____D () C:\ProgramData\ESET
2014-11-19 13:07 - 2014-11-19 13:07 - 00000000 ____D () C:\Program Files\ESET

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-17 16:24 - 2010-02-14 15:26 - 00000000 ____D () C:\Users\ERSTERUSER\AppData\Roaming\UseNeXT
2014-12-17 16:06 - 2013-11-16 18:41 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cee2f31d07067f.job
2014-12-17 15:40 - 2013-06-28 06:54 - 00000000 ____D () C:\Users\ERSTERUSER\AppData\Roaming\vlc
2014-12-17 15:40 - 2010-02-13 11:44 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-17 15:30 - 2009-07-14 05:39 - 00118317 _____ () C:\Windows\setupact.log
2014-12-17 15:29 - 2013-08-01 06:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-17 12:00 - 2010-02-13 21:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-12-16 23:48 - 2010-02-13 11:43 - 01784045 _____ () C:\Windows\WindowsUpdate.log
2014-12-16 19:06 - 2014-06-17 16:26 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8a4073898d18.job
2014-12-13 23:04 - 2009-07-14 05:34 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-13 23:04 - 2009-07-14 05:34 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-13 22:56 - 2010-02-13 12:11 - 00529846 _____ () C:\Windows\PFRO.log
2014-12-13 22:56 - 2010-02-13 12:11 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-13 22:56 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-13 08:08 - 2012-06-25 11:49 - 00000000 ____D () C:\Users\ERSTERUSER\AppData\Roaming\Dropbox
2014-12-12 06:48 - 2014-09-12 22:42 - 00000000 ____D () C:\Users\ERSTERUSER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-10 06:58 - 2013-11-17 17:14 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-10 06:56 - 2013-08-01 06:05 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-10 06:56 - 2013-08-01 06:05 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-12-10 04:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-12-10 03:23 - 2014-05-02 08:32 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 03:23 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-12-10 03:23 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 03:06 - 2013-08-14 05:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 03:01 - 2010-02-13 22:18 - 109818608 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-07 20:11 - 2011-03-03 21:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-06 23:38 - 2014-04-10 08:50 - 00000000 ____D () C:\Program Files\Steam
2014-12-06 17:50 - 2014-04-10 08:50 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-12-03 06:43 - 2011-02-17 18:04 - 00000000 ____D () C:\Users\ERSTERUSER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-12-03 06:43 - 2011-02-17 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-12-03 06:26 - 2012-05-06 13:00 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-28 14:42 - 2014-10-10 19:26 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-28 14:40 - 2010-09-04 13:06 - 00000000 ____D () C:\ProgramData\Apple
2014-11-22 23:34 - 2013-04-19 16:10 - 00000000 ____D () C:\Program Files\UseNeXT
2014-11-22 23:34 - 2010-02-14 15:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2014-11-21 17:15 - 2010-10-14 20:50 - 00000000 ____D () C:\Windows\Minidump

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.3368.dll


Some content of TEMP:
====================
C:\Users\ERSTERUSER\AppData\Local\Temp\catchme.dll
C:\Users\ERSTERUSER\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqs7ng1.dll
C:\Users\ERSTERUSER\AppData\Local\Temp\Quarantine.exe
C:\Users\ERSTERUSER\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-15 00:02

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 18.12.2014
Suchlauf-Zeit: 07:13:49
Logdatei: MBAM.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2014.12.14.03
Rootkit Datenbank: v2014.12.08.03
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: ERSTERUSER

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 399629
Verstrichene Zeit: 14 Min, 52 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         

Antwort

Themen zu Trojaner-Warnung nach Steam-Update
anwendung, appdata, brauch, c:\windows, computer, gestern, installieren, installiert, löschen, meldung, morgen, msil/injector.gps, quarantäne, rechner, stunden, update, warnung, windows, zusammen



Ähnliche Themen: Trojaner-Warnung nach Steam-Update


  1. Windows 7: Steam Account durch Virus gehackt und entwendet, Steam infiziert : Win32:Malware-gen
    Log-Analyse und Auswertung - 14.09.2015 (16)
  2. Bildschirm wird nach steam update nicht erkannt
    Plagegeister aller Art und deren Bekämpfung - 06.12.2014 (7)
  3. Externer Link bei Steam Chat für Handel -> nach öffnen : Virus
    Log-Analyse und Auswertung - 18.09.2014 (14)
  4. Avira Free zeig mir Viren an nach einem Steam update!
    Plagegeister aller Art und deren Bekämpfung - 06.05.2014 (9)
  5. avira meldet trojaner warnung bei steam start
    Plagegeister aller Art und deren Bekämpfung - 03.05.2014 (3)
  6. Firefox...Nach Download ständig Popp-Up mit Werbung und "Warnung vor einem Virus,Update des Players"
    Plagegeister aller Art und deren Bekämpfung - 26.03.2014 (27)
  7. Windows 7: Steam Trojaner Warnung + Phishing Spam
    Log-Analyse und Auswertung - 27.12.2013 (7)
  8. Trojaner nach Update von pdf-Creator
    Log-Analyse und Auswertung - 13.02.2013 (17)
  9. Trojaner Alert nach pdfCreator Update
    Log-Analyse und Auswertung - 18.01.2013 (1)
  10. nach Adobe Update Trojaner on board
    Plagegeister aller Art und deren Bekämpfung - 15.07.2012 (3)
  11. browsersafesearhing.com als standardsuchmaschine nach installation von steam-download.de
    Log-Analyse und Auswertung - 06.03.2012 (25)
  12. browsersafesearching.com Standardsuchmaschine nach Installation von steam-download.de
    Log-Analyse und Auswertung - 30.12.2011 (7)
  13. [doppelt] browsersafesearching.com Standardsuchmaschine nach Installation von steam-download.de
    Mülltonne - 28.12.2011 (2)
  14. Adobe denkt über kürzere Update-Zyklen und die Nutzung von Microsoft Update nach
    Nachrichten - 27.05.2010 (0)
  15. Steam(file2.exe) ohne das man Steam installiert hat
    Plagegeister aller Art und deren Bekämpfung - 21.02.2010 (1)
  16. Trojaner-Verdacht nach gehacktem Steam-Account
    Log-Analyse und Auswertung - 26.12.2009 (3)
  17. Auswertung nach steam stealer/backdoor ty
    Log-Analyse und Auswertung - 06.06.2008 (6)

Zum Thema Trojaner-Warnung nach Steam-Update - Gestern habe ich mir ein Spiel installiert (Die Schicksalsklinge), welches leider Steam braucht. Bin ja gar nicht der Fan von Steam, aber gut.. Steam hat dann auch gleich mal ein - Trojaner-Warnung nach Steam-Update...
Archiv
Du betrachtest: Trojaner-Warnung nach Steam-Update auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.