Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Pup.optional.bandoo, Pup.optional.ilvid

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 29.01.2015, 18:50   #1
Medi
 
Pup.optional.bandoo, Pup.optional.ilvid - Standard

Pup.optional.bandoo, Pup.optional.ilvid



Hallo,

eigentlich wollte ich nur wissen, wozu crss.exe da ist, weil das immer so viel Arbeitsspeicher braucht. Auf einer Seite stand, dass sie im system32-Ordner sein müsste, aber da ist sie nicht. Also habe ich mit Malwarebytes gesucht und er hat auch etwas gefunden. Kann ich das einfach löschen?

Danke,

Medi

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 29.01.2015
Suchlauf-Zeit: 19:15:41
Logdatei: malw.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.01.29.08
Rootkit Datenbank: v2015.01.14.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: CH

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 389974
Verstrichene Zeit: 16 Min, 8 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 1
PUP.Optional.Ilivid, HKU\S-1-5-21-3869574007-4155416212-3619733498-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\iLivid, , [1c102dd0494082b4b8df559942bfe020], 

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 2
PUP.Optional.Bandoo, C:\Users\CH\Downloads\iLividSetup-r2143-n-bf.exe, , [a18b47b6d1b84beb87349f8f9c65b64a], 
PUP.Optional.Ilivid, C:\Users\CH\AppData\Local\iLivid\Uninstall.exe, , [1c102dd0494082b4b8df559942bfe020], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         



Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015
Ran by CH (administrator) on CH-HP on 29-01-2015 19:10:06
Running from C:\Users\CH\Downloads
Loaded Profiles: CH (Available profiles: CH)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Browser7)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
() C:\Program Files (x86)\LG Soft India\forteManager\bin\Monitor.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Pinnacle Systems) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe
(Pinnacle Systems) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\PER.exe
(Pinnacle Systems) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe
(Pinnacle Systems) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe
() C:\Program Files (x86)\Pinnacle\Studio 15\Import\programs\Importer.exe
(Pinnacle Systems) C:\Program Files (x86)\Pinnacle\Studio 15\Import\programs\umi.exe
(Deutsche Telekom AG) C:\Program Files (x86)\Deutsche Telekom AG\Browser 7\Browser7.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [568888 2010-01-18] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-29] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2010-01-25] (EasyBits Software AS)
HKLM-x32\...\Run: [ATICustomerCare] => C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [311296 2010-05-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1756792 2014-05-20] (G Data Software AG)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [295512 2015-01-19] (RealNetworks, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Java\jre1.8.0_31\bin\jusched.exe"
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
HKLM\...\Winlogon: [Userinit] C:\Windows\System32\Userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-3869574007-4155416212-3619733498-1000\...\Run: [Amazon Music] => C:\Users\CH\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-3869574007-4155416212-3619733498-1000\...\MountPoints2: {d0b7bff5-ce79-11df-8c32-806e6f6e6963} - F:\Launcher.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\forteManager.lnk
ShortcutTarget: forteManager.lnk -> C:\Program Files (x86)\LG Soft India\forteManager\bin\Monitor.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3869574007-4155416212-3619733498-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?ocid=U219DHP&pc=U219
SearchScopes: HKLM -> DefaultScope {F07F94CD-C87B-4CB7-8A1A-209F96B139B9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {F07F94CD-C87B-4CB7-8A1A-209F96B139B9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKLM-x32 -> {F07F94CD-C87B-4CB7-8A1A-209F96B139B9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3869574007-4155416212-3619733498-1000 -> DefaultScope {F07F94CD-C87B-4CB7-8A1A-209F96B139B9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3869574007-4155416212-3619733498-1000 -> {F07F94CD-C87B-4CB7-8A1A-209F96B139B9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: HKLM-x32 {CA47E69B-B484-44C1-8E29-19B6B2694810} hxxp://games.bigfishgames.com/de_fashion-fortune/online/axcontrol.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {DB28CF23-0083-40B5-BF63-69925D672385} hxxp://www.nero.com/doc/NeroVersionChecker.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  No File
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2010-06-19] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @real.com/nppl3260;version=16.0.4.19 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.4 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.4.19 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3869574007-4155416212-3619733498-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101727.dll (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-3869574007-4155416212-3619733498-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-07-07]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2015-01-19]
FF HKLM-x32\...\Firefox\Extensions: [{1B12EF76-2B5E-4DA1-B587-4762D49BFE03}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKU\S-1-5-21-3869574007-4155416212-3619733498-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [128752 2010-06-29] (SUPERAntiSpyware.com) [File not signed]
R2 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2014-08-31] (Adobe Systems Incorporated)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2250360 2014-10-14] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2683760 2014-05-20] (G Data Software AG)
S3 Browser7Maintenance; C:\Program Files (x86)\Browser 7 Maintenance Service\maintenanceservice.exe [107520 2014-12-19] (Deutsche Telekom AG) [File not signed]
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-01-25] (EasyBits Software AS) [File not signed]
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3228136 2014-08-21] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700536 2014-05-20] (G Data Software AG)
R2 hasplms; C:\Windows\system32\hasplms.exe [4412872 2012-08-23] (SafeNet Inc.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
S2 PCLEPCI; C:\Windows\SysWOW64\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH) [File not signed]
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2014-06-24] (Sony Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2014-08-12] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [60488 2013-08-09] (SafeNet Inc.)
R3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [303624 2013-08-09] (SafeNet Inc.)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [55808 2014-10-07] (G Data Software AG)
R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2014-10-23] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [142336 2014-10-07] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [64000 2014-10-07] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64512 2015-01-13] (G Data Software AG)
S1 GLogin; No ImagePath
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2014-10-07] (G Data Software)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331608 2014-07-15] (SafeNet Inc.)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [61440 2014-10-07] (G Data Software AG)
S3 LGDDCDevice; C:\Program Files (x86)\LG Soft India\forteManager\bin\I2CDriver.sys [14336 2008-12-12] () [File not signed]
S3 LGII2CDevice; C:\Program Files (x86)\LG Soft India\forteManager\bin\PII2CDriver.sys [18432 2008-12-12] () [File not signed]
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14920 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12360 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-10-10] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2014-10-10] (Acronis)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-10-10] (Acronis International GmbH)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2010-03-03] (CyberLink Corp.)
S3 ALSysIO; \??\C:\Users\CH\AppData\Local\Temp\ALSysIO64.sys [X]
S3 ATIXPGAA; \??\C:\Program Files\PC-Doctor for Windows\ATIXPGAA.SYS [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 PcdrNdisuio; syswow64\drivers\pcdrndisuio.sys [X]
S3 PCDSRVC{4942F9C0-0B403F17-06000000}_0; \??\c:\pcdr5\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-29 19:10 - 2015-01-29 19:11 - 00024481 _____ () C:\Users\CH\Downloads\FRST.txt
2015-01-29 19:09 - 2015-01-29 19:10 - 00000000 ____D () C:\FRST
2015-01-29 19:09 - 2015-01-29 19:09 - 02130432 _____ (Farbar) C:\Users\CH\Downloads\FRST64.exe
2015-01-25 15:40 - 2015-01-25 15:53 - 00000000 ____D () C:\Users\CH\Desktop\auf anderen FPS löschen
2015-01-24 11:45 - 2015-01-24 11:44 - 00146432 _____ (Oracle Corporation) C:\Windows\SysWOW64\javacpl.cpl
2015-01-20 00:23 - 2015-01-20 00:23 - 00000000 ____D () C:\Users\CH\restore
2015-01-20 00:19 - 2015-01-20 00:19 - 00001013 _____ () C:\Users\Public\Desktop\CEWE FOTOSCHAU.lnk
2015-01-19 20:11 - 2015-01-19 20:11 - 01633192 _____ () C:\Users\CH\Downloads\setup_Mein_CEWE_FOTOBUCH(1).exe
2015-01-19 20:11 - 2015-01-19 20:11 - 00000000 ____D () C:\Program Files\CEWE
2015-01-19 14:42 - 2015-01-19 14:42 - 00001038 _____ () C:\Users\CH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
2015-01-19 14:42 - 2015-01-19 14:42 - 00001030 _____ () C:\Users\CH\Desktop\iLivid.lnk
2015-01-19 14:41 - 2015-01-19 14:42 - 00000000 ____D () C:\Users\CH\AppData\Local\iLivid
2015-01-19 14:41 - 2015-01-19 14:41 - 01765976 _____ (Bandoo Media Inc) C:\Users\CH\Downloads\iLividSetup-r2143-n-bf.exe
2015-01-19 14:24 - 2015-01-19 14:24 - 00001320 _____ () C:\Users\Public\Desktop\RealPlayer.lnk
2015-01-19 14:24 - 2015-01-19 14:24 - 00000000 ____D () C:\ProgramData\RealNetworks
2015-01-19 14:24 - 2015-01-19 14:24 - 00000000 ____D () C:\Program Files (x86)\RealNetworks
2015-01-19 14:19 - 2015-01-19 14:22 - 39317088 _____ (RealNetworks, Inc.) C:\Users\CH\Downloads\RealPlayer1604_de.exe
2015-01-18 00:12 - 2015-01-18 00:12 - 00000191 _____ () C:\spam.log
2015-01-17 17:26 - 2015-01-29 15:52 - 00001725 _____ () C:\nospam.log
2015-01-14 11:00 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 11:00 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 11:00 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 11:00 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 11:00 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 11:00 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 11:00 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 11:00 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 11:00 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 11:00 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 11:00 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 11:00 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 11:00 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 20:18 - 2015-01-13 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA INTERNET SECURITY
2015-01-13 20:17 - 2015-01-13 20:17 - 00002058 _____ () C:\Windows\DPINST.LOG
2015-01-08 19:17 - 2015-01-08 19:17 - 00002217 _____ () C:\Users\CH\Desktop\Kindle.lnk
2015-01-08 19:17 - 2015-01-08 19:17 - 00000000 ____D () C:\Users\CH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2015-01-08 14:48 - 2015-01-08 14:49 - 03379708 _____ ( ) C:\Users\CH\Downloads\nw_21364_smergeexe.exe
2015-01-08 10:44 - 2015-01-08 10:47 - 38157960 _____ (Amazon.com) C:\Users\CH\Downloads\KindleForPC-installer(1).exe
2015-01-07 10:48 - 2015-01-07 17:18 - 00000000 ____D () C:\Users\CH\Desktop\Titelbild 2015
2015-01-03 19:40 - 2015-01-03 19:57 - 00000000 ____D () C:\Users\CH\AppData\Local\Ubisoft Game Launcher
2015-01-03 19:40 - 2015-01-03 19:40 - 00000000 ____D () C:\ProgramData\Solidshield
2015-01-03 19:34 - 2015-01-03 19:58 - 00000000 ____D () C:\Users\CH\Documents\The Adventures of Tintin
2015-01-03 19:32 - 2015-01-03 19:32 - 00017419 _____ () C:\Windows\DirectX.log
2015-01-03 19:13 - 2015-01-03 19:33 - 00000000 ____D () C:\Program Files (x86)\Ubisoft

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-29 19:07 - 2013-04-05 16:24 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-29 18:32 - 2010-06-19 15:48 - 01724425 _____ () C:\Windows\WindowsUpdate.log
2015-01-29 18:28 - 2012-04-04 10:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-29 17:59 - 2013-07-08 12:44 - 00000349 _____ () C:\Users\Public\Documents\PCLECHAL.INI
2015-01-29 16:21 - 2013-04-05 16:24 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-29 10:59 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-29 10:59 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-29 10:51 - 2014-11-05 10:18 - 00008615 _____ () C:\Windows\setupact.log
2015-01-29 10:51 - 2014-10-29 10:20 - 00003328 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3869574007-4155416212-3619733498-1000
2015-01-29 10:51 - 2013-10-08 09:13 - 00003188 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3869574007-4155416212-3619733498-1000
2015-01-29 10:51 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-29 02:00 - 2014-08-26 09:35 - 00000000 ____D () C:\Users\CH\AppData\Local\Adobe
2015-01-28 11:29 - 2014-06-03 18:37 - 00000320 _____ () C:\Windows\Tasks\HPCeeScheduleForCH.job
2015-01-28 02:11 - 2013-06-06 16:31 - 00000000 ____D () C:\Users\CH\Desktop\Ausflüge 2012 zum Entwickeln
2015-01-27 19:39 - 2014-06-03 18:37 - 00003168 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForCH
2015-01-27 19:38 - 2012-02-14 19:36 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-01-27 19:38 - 2010-11-27 15:56 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-01-27 17:50 - 2014-11-22 19:52 - 00000000 ____D () C:\Users\CH\Documents\Warenkorb-Dateien
2015-01-27 17:42 - 2011-02-10 13:02 - 00000000 ____D () C:\Users\CH\AppData\Roaming\vlc
2015-01-27 17:41 - 2014-05-14 09:51 - 00000000 ____D () C:\Users\CH\Desktop\Neuer Ordner (2)
2015-01-25 14:23 - 2010-06-19 16:35 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2015-01-25 14:23 - 2010-06-19 16:35 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2015-01-25 14:23 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-25 02:28 - 2012-04-04 10:29 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-25 02:28 - 2012-04-04 10:29 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-25 02:28 - 2011-05-15 10:51 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-24 11:46 - 2013-11-05 10:51 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-24 11:45 - 2011-01-27 00:27 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-24 11:44 - 2014-10-24 13:20 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-24 11:44 - 2014-08-24 09:52 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-01-24 11:44 - 2014-07-24 09:52 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-01-24 11:44 - 2014-07-24 09:52 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-01-24 11:44 - 2013-11-05 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-23 11:10 - 2014-10-23 09:11 - 00003350 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3869574007-4155416212-3619733498-1000
2015-01-23 11:10 - 2013-05-14 14:10 - 00003210 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3869574007-4155416212-3619733498-1000
2015-01-20 00:27 - 2011-04-07 14:00 - 00000000 ____D () C:\ProgramData\tmp
2015-01-20 00:23 - 2010-10-02 15:12 - 00000000 ____D () C:\Users\CH
2015-01-20 00:19 - 2011-04-07 14:00 - 00001033 _____ () C:\Users\Public\Desktop\Mein CEWE FOTOBUCH.lnk
2015-01-19 14:47 - 2014-11-01 18:58 - 00000000 ____D () C:\Users\CH\Desktop\Musik Madeira
2015-01-19 14:28 - 2013-05-14 14:10 - 00003370 _____ () C:\Windows\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3869574007-4155416212-3619733498-1000
2015-01-19 14:24 - 2012-09-28 16:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2015-01-19 14:24 - 2012-01-29 16:35 - 00000000 ____D () C:\Users\CH\AppData\Roaming\RealNetworks
2015-01-19 14:23 - 2012-09-28 16:09 - 00201872 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2015-01-19 14:23 - 2012-09-28 16:08 - 00272896 _____ (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2015-01-19 14:23 - 2012-09-28 16:08 - 00006656 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5016.dll
2015-01-19 14:23 - 2012-09-28 16:08 - 00005632 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5032.dll
2015-01-19 14:23 - 2010-03-03 07:04 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2015-01-19 14:23 - 2010-03-03 07:04 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2015-01-14 17:20 - 2013-07-11 15:15 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 17:16 - 2010-12-06 22:01 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 20:18 - 2014-10-07 00:22 - 00001940 _____ () C:\Users\Public\Desktop\G DATA INTERNET SECURITY.lnk
2015-01-13 20:18 - 2014-10-06 23:57 - 00064512 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys
2015-01-13 20:09 - 2014-03-30 16:56 - 00000000 ____D () C:\Users\CH\Desktop\Titelbild 2014
2015-01-11 20:19 - 2014-06-17 12:47 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-09 01:32 - 2013-11-21 20:55 - 00000000 ____D () C:\Users\CH\Documents\My Kindle Content
2015-01-08 19:13 - 2011-04-27 01:57 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-01-08 17:38 - 2013-11-21 20:54 - 00000000 ____D () C:\Users\CH\AppData\Local\Amazon
2015-01-07 11:11 - 2013-03-20 21:57 - 00000000 ____D () C:\Users\CH\AppData\Local\EZTitles4
2015-01-06 04:36 - 2010-11-09 14:02 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-03 19:39 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-03 19:33 - 2010-06-19 15:49 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-02 16:28 - 2013-10-01 13:30 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2015-01-02 02:29 - 2011-03-25 17:27 - 00000000 ____D () C:\Users\CH\AppData\Roaming\dvdcss
2014-12-31 00:49 - 2010-10-02 15:12 - 00000544 _____ () C:\Windows\Tasks\PCDRScheduledMaintenance.job

==================== Files in the root of some directories =======

2013-05-25 17:58 - 2013-05-25 17:59 - 5082084 _____ (The Public) C:\Users\CH\AppData\Roaming\Avisynth.exe
2013-05-25 17:59 - 2013-05-25 17:59 - 5243208 _____ (                                                            ) C:\Users\CH\AppData\Roaming\AvsP.exe
2014-08-03 12:50 - 2014-08-15 13:14 - 0000040 _____ () C:\Users\CH\AppData\Roaming\cdr.ini
2012-09-27 14:25 - 2012-09-27 14:25 - 0000211 _____ () C:\Users\CH\AppData\Roaming\CH-HP.MTBF.txt
2011-07-07 11:44 - 2012-02-29 00:34 - 0000697 _____ () C:\Users\CH\AppData\Roaming\ConvAPIPlugin.log
2014-09-14 14:25 - 2014-09-14 14:25 - 0000000 _____ () C:\Users\CH\AppData\Roaming\gdfw.log
2014-09-14 14:25 - 2014-10-06 23:56 - 0001558 _____ () C:\Users\CH\AppData\Roaming\gdscan.log
2011-07-01 15:32 - 2011-08-07 19:32 - 0001854 _____ () C:\Users\CH\AppData\Roaming\GhostObjGAFix.xml
2013-05-25 17:59 - 2013-05-25 17:59 - 5514668 _____ (LIGHTNING UK!) C:\Users\CH\AppData\Roaming\Imgburn.exe
2004-01-26 16:15 - 2004-01-26 16:15 - 0233472 ____R () C:\Users\CH\AppData\Roaming\MafiaSetup.exe
2013-05-25 17:59 - 2013-05-25 17:59 - 1357348 _____ () C:\Users\CH\AppData\Roaming\MatroskaSplitter.exe
2011-05-02 14:07 - 2011-05-02 14:07 - 0114803 _____ () C:\Users\CH\AppData\Roaming\mdbu.bin
2013-05-25 17:59 - 2013-05-25 18:00 - 7760687 _____ (Boraxsoft) C:\Users\CH\AppData\Roaming\SetupGFD.exe
2012-03-15 17:25 - 2013-12-23 19:32 - 0239510 _____ () C:\Users\CH\AppData\Roaming\WavePad.dmp
2013-05-25 17:59 - 2013-05-25 17:59 - 0117723 _____ () C:\Users\CH\AppData\Roaming\yuvcodecs-1.3.exe
2012-09-27 14:26 - 2012-09-27 16:07 - 0000900 _____ () C:\Users\CH\AppData\Roaming\__AvidCloudManager.log
2012-09-27 14:26 - 2012-09-27 14:26 - 0000676 _____ () C:\Users\CH\AppData\Roaming\__AvidCloudManagerPrevious.log
2010-11-11 22:46 - 2014-12-11 22:18 - 0089600 _____ () C:\Users\CH\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-05-07 15:05 - 2014-12-14 04:12 - 0007601 _____ () C:\Users\CH\AppData\Local\Resmon.ResmonCfg
2014-05-12 19:09 - 2014-05-12 19:09 - 0000000 _____ () C:\Users\CH\AppData\Local\{DCA72C06-BECF-421A-819D-A632B98363C9}
2011-07-07 11:23 - 2014-11-03 16:13 - 0006805 _____ () C:\ProgramData\hpzinstall.log
2010-11-11 22:43 - 2014-08-27 18:01 - 0000024 _____ () C:\ProgramData\__FileUploader.log

Some content of TEMP:
====================
C:\Users\CH\AppData\Local\Temp\jre-8u31-windows-au.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-24 00:06

==================== End Of Log ============================
         




Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-01-2015
Ran by CH at 2015-01-29 19:11:36
Running from C:\Users\CH\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: G DATA INTERNET SECURITY (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G DATA INTERNET SECURITY (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: G DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

6000E609_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
6000E609_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
6000E609a (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.9 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Photoshop Elements 13 (HKLM-x32\...\{609818B9-23EB-4196-B466-EFE05E92A32F}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 2.0 (HKLM-x32\...\Adobe Photoshop Elements 2.0) (Version: 2.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-3869574007-4155416212-3619733498-1000\...\Amazon Kindle) (Version:  - Amazon)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-3869574007-4155416212-3619733498-1000\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{58F369B9-E0E8-A7D0-E25B-E2661E33AACC}) (Version: 3.0.842.0 - Advanced Micro Devices, Inc.)
Any Video Converter 3.3.5 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft PhotoStudio 5.5 (HKLM-x32\...\{85309D89-7BE9-4094-BB17-24999C6118FC}) (Version:  - ArcSoft)
ATI Catalyst Registration (x32 Version: 3.00.0000 - ATI Technologies Inc.) Hidden
Back to the Future: Ep 1 - It's About Time (HKLM-x32\...\Steam App 31290) (Version:  - )
Back to the Future: Ep 2 - Get Tannen! (HKLM-x32\...\Steam App 94500) (Version:  - )
Back to the Future: Ep 3 - Citizen Brown (HKLM-x32\...\Steam App 94510) (Version:  - )
Back to the Future: Ep 4 - Double Visions (HKLM-x32\...\Steam App 94520) (Version:  - )
Back to the Future: Ep 5 - OUTATIME (HKLM-x32\...\Steam App 94530) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BPDSoftware (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Browser 7 der Telekom 34.0.19 (x86 de) (HKLM-x32\...\Browser 7 der Telekom 34.0.19 (x86 de)) (Version: 34.0.19 - Deutsche Telekom AG)
Browser 7 Maintenance Service (HKLM-x32\...\Browser7MaintenanceService) (Version: 29.0.40 - Deutsche Telekom AG)
BufferChm (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Canon MP Navigator EX 1.0 (HKLM-x32\...\MP Navigator EX 1.0) (Version:  - )
CanoScan 8800F (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4805) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
CrystalDiskInfo 6.2.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.2.1 - Crystal Dew World)
CyberLink DVD Suite Premium (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2712 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 1.0.1.46 - INTENIUM GmbH)
DeviceDiscovery (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Die Abenteuer von Tim und Struppi - Das Geheimnis der Einhorn (HKLM-x32\...\{3CC49D98-2914-4444-88F1-6739EBBD140E}_is1) (Version: 1.2 - Ubisoft Montpellier)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.0.3715 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.0.3715 - Hewlett-Packard) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.3.14949 - Landesfinanzdirektion Thüringen)
EZTitles 4.2.14 (HKLM-x32\...\EZTitles IV_is1) (Version:  - EZTitles Development Studio Ltd.)
EZTitles USB Hardware Key HL4 Drivers (HKLM-x32\...\EZTitles USB Hardware Key HL4 Drivers_is1) (Version:  - ELF Software Ltd.)
FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
forteManager (HKLM-x32\...\{DA6FAB8D-E87A-4E8E-A3D3-B7B9F479C725}) (Version: 3.15 - LG Soft India)
Free CD to MP3 Converter (HKLM-x32\...\Free CD to MP3 Converter) (Version:  - Eusing Software)
Free FLV Converter V 7.1.0 (HKLM-x32\...\Free FLV Converter_is1) (Version: 7.1.0.0 - Koyote Soft)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Freemake Video Converter Version 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
G DATA INTERNET SECURITY (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.2.4 - G DATA Software AG)
Google Earth (HKLM-x32\...\{28E82311-8616-11E1-BEB0-B8AC6F97B88E}) (Version: 6.2.2.6613 - Google)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5418.39 - PC-Doctor, Inc.)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
HD Writer AE 5.0 (HKLM-x32\...\{433E3E7F-4510-41F9-B9FB-55D8ECB30259}) (Version: 5.00.013.1031 - Panasonic Corporation)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
High-Definition Video Playback 10 (x32 Version: 7.0.11000.25.1 - Nero AG) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.12850.3526 - Hewlett-Packard)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.0.3902 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.0.3910 - Hewlett-Packard)
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.0.3911 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{5B08AF35-B699-4A44-BB89-3E51E70611E8}) (Version: 3.1.1.12 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.0.3911 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Officejet 6000 E609 Series (HKLM\...\{7791308C-85FB-43B9-93F2-7DE9CB7D5C4A}) (Version: 14.0 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Setup (HKLM-x32\...\{F5C7FD70-2C0A-401E-95E9-916363567DDA}) (Version: 1.2.4048.3310 - Hewlett-Packard)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HydraVision (x32 Version: 4.2.212.0 - Advanced Micro Devices, Inc.) Hidden
ICQ 8.0 (build 6017) (HKU\S-1-5-21-3869574007-4155416212-3619733498-1000\...\ICQ) (Version: 8.0.6017.0 - Mail.Ru)
ICQ7M (HKLM-x32\...\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}) (Version: 7.8 - ICQ)
iLivid (HKU\S-1-5-21-3869574007-4155416212-3619733498-1000\...\iLivid) (Version: 5.0.2.4762 - Bandoo Media Inc) <==== ATTENTION
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
Interaktive Sprachreise - English Intensivkurs (HKLM-x32\...\ISREIK_15_676830) (Version:  - digital publishing AG)
Interaktive Sprachreise - Español Sprachkurs 1 (HKLM-x32\...\ISRS1_15_676867) (Version:  - digital publishing AG)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Knoll Light Factory EZ Studio 15 (HKLM-x32\...\Knoll Light Factory EZ Studio 15) (Version:  - )
L.A. Noire (HKLM-x32\...\{915726DF-7891-444A-AA03-0DF1D64F561A}) (Version: 1.00.0000 - Rockstar Games)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2610 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2610 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{82EF29B1-9B60-4142-A155-0599216DD053}) (Version: 1.18.6.1 - LightScribe)
Mafia (HKLM-x32\...\Mafia) (Version:  - )
Mafia II (HKLM-x32\...\Steam App 50130) (Version:  - 2K Czech)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Media Markt Fotoservice 5.2 (HKLM-x32\...\Media Markt Fotoservice_is1) (Version:  - )
Mein CEWE FOTOBUCH (HKLM-x32\...\Mein CEWE FOTOBUCH) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7923 - Memeo Inc.)
MergeModule_x64 (Version: 8.0.00 - Sony Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Image Composite Editor (HKLM\...\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}) (Version: 1.4.4 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.0.3715 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.0.3715 - Hewlett-Packard) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MusicStation (HKLM-x32\...\MusicStationNetstaller) (Version: 1.0.0.116 - Hewlett-Packard)
MySQL Connector/ODBC 3.51 (HKLM-x32\...\{0CB3C535-1171-4A20-B549-E2CB5DEB9723}) (Version: 3.51.12 - MySQL AB)
Nero 10 ClipartPack (HKLM-x32\...\{96ED4B78-300E-4033-AE6C-C115CEB4DF07}) (Version: 10.0.10300.0.0 - Nero AG)
Nero 10 Menu TemplatePack 1 (HKLM-x32\...\{42C8B7DF-FEB0-4D51-B169-506B6BEC5797}) (Version: 10.0.10300.0.0 - Nero AG)
Nero 10 Menu TemplatePack 2 (HKLM-x32\...\{E712C273-7564-4C8E-AA59-0FA19BC35117}) (Version: 10.0.10300.0.0 - Nero AG)
Nero 10 Menu TemplatePack 3 (HKLM-x32\...\{92146419-AE44-4C8B-A48B-0ABB1B5EC026}) (Version: 10.0.10300.0.0 - Nero AG)
Nero 10 Movie ThemePack 1 (HKLM-x32\...\{43FBAB46-5969-4200-9958-1FF81FEE506F}) (Version: 10.0.10300.1.0 - Nero AG)
Nero 10 Movie ThemePack 2 (HKLM-x32\...\{70F19404-B96C-4EBB-AD2B-3574F8736197}) (Version: 10.0.10300.1.0 - Nero AG)
Nero 10 Sample ImagePack (HKLM-x32\...\{ACD15FDF-FC42-4175-B477-576F92FF2256}) (Version: 10.0.10300.0.0 - Nero AG)
Nero 10 Sample Videos (HKLM-x32\...\{92A10E9D-EA00-4A46-8F22-EEA660992D61}) (Version: 10.0.10300.2.0 - Nero AG)
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.4.11100.14.101 - Nero AG)
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.10700.7.100 - Nero AG)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.10600.9.100 - Nero AG)
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.0.10500.7.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.10400.4.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.10500.7.100 - Nero AG)
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.10400.5.100 - Nero AG)
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.11000.6.100 - Nero AG)
Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.11200 - Nero AG)
Nero Recode 10 (HKLM-x32\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.6.10600.1.100 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.0.10500.5.100 - Nero AG)
Nero SoundTrax 10 (HKLM-x32\...\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}) (Version: 4.6.10500.1.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.10500.4.100 - Nero AG)
Nero Vision 10 (HKLM-x32\...\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}) (Version: 7.0.10700.4.100 - Nero AG)
Nero WaveEditor 10 (HKLM-x32\...\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}) (Version: 5.6.10500.1.100 - Nero AG)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
Pinnacle Studio 15 (HKLM-x32\...\{1362E602-9625-42D3-B57F-CDA9D26F9DA8}) (Version: 15.0.0.7593 - Pinnacle Systems)
Pinnacle Studio 15 Ultimate Plugins (HKLM-x32\...\{EB5DF19E-75D5-4FF1-AE23-2A9A2E0F2BDD}) (Version: 15.0.0.7593 - Pinnacle Systems)
Pinnacle Studio Bonus Content (HKLM-x32\...\{FC030CB5-46A6-4229-AD6E-0AC869F509C8}) (Version: 15.0.0.51 - Pinnacle Systems)
Pinnacle Video Treiber (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
PlayMemories Home (HKLM-x32\...\{6F26A633-ACC2-4850-82C5-60A06D606175}) (Version: 3.1.20.06241 - Sony Corporation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3810 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.3810 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2704 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.2704 - CyberLink Corp.) Hidden
ProductContext (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Ralink 802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.33.1 - Mediatek)
RealDownloader (x32 Version: 1.3.4 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.4 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 5.5.2719 - CyberLink Corp.) Hidden
Red Giant ToonIt Studio 15 (HKLM-x32\...\Red Giant ToonIt Studio 15) (Version:  - )
Ritter Arthur (HKLM-x32\...\Ritter Arthur) (Version: 1.0.0.0 - INTENIUM GmbH)
Ritter Arthur 4 (HKLM-x32\...\Ritter Arthur 4) (Version: 1.0.0.0 - INTENIUM GmbH)
Ritter Arthur II - Collectors Edition (HKLM-x32\...\Ritter Arthur II - Collectors Edition) (Version: 1.0.0.0 - INTENIUM GmbH)
Ritter Arthur III (HKLM-x32\...\Ritter Arthur III) (Version: 1.0.0.0 - INTENIUM GmbH)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.0.5.0 - Rockstar Games)
Rossmann Fotowelt Software 4.13 (HKLM-x32\...\Rossmann Fotowelt Software) (Version: 4.13 - ORWO Net)
Royal Envoy - Kampf um die Krone (HKLM-x32\...\Royal Envoy - Kampf um die Krone_is1) (Version: 1.0 - Playrix Entertainment)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version:  - )
Samsung Mobile Modem Device Software (HKLM\...\Samsung Mobile Modem Device) (Version:  - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version:  - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version:  - )
SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version:  - )
ScanSoft OmniPage SE 4 (HKLM-x32\...\{DEE88727-779B-47A9-ACEF-F87CA5F92A65}) (Version: 15.2.0020 - Nuance Communications, Inc.)
Seagate DiscWizard (HKLM-x32\...\{07B7CC6B-DC59-4497-8652-C1DEF6F8267A}) (Version: 16.0.5840 - Seagate)
SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version:  - Seagate Technology)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.105 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
SOHLib for PlayMemories Home (Version: 1.0.3.02170 - Sony Corporation) Hidden
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
StreamTransport version: 1.0.2.1975 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 4.49.1000 - SUPERAntiSpyware.com)
The Lord of the Rings FREE Trial  (x32 Version: 1.00.0000 - ATI Technologies Inc.) Hidden
TMPGEnc Video Mastering Works 5 (HKLM-x32\...\{99C533B1-33B0-4578-9573-7F8780A4560C}) (Version: 5.5.1.106 - Pegasys Inc.)
T-Online 6.0 (HKLM-x32\...\{B1275E23-717A-4D52-997A-1AD1E24BC7F3}) (Version:  - )
T-Online WLAN-Access Finder (HKLM-x32\...\{295C31E5-3F91-498E-9623-DA24D2FA2B6A}) (Version:  - )
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TopSecret Biometrics Components (HKLM-x32\...\{C8BCC14C-2807-4C2D-A659-843427BF82E2}) (Version: 1.00.0000 - G DATA Software)
TrayApp (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version:  - NCH Software)
WebReg (x32 Version: 140.0.213.017 - Hewlett-Packard) Hidden
WinAce Archiver (HKLM-x32\...\WinAce Archiver) (Version: 2.69 - e-merge GmbH)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

26-01-2015 00:00:01 Geplanter Prüfpunkt
27-01-2015 11:15:20 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {052C2CBB-5797-481D-AD2E-9D538D32A9E5} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3869574007-4155416212-3619733498-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-08-12] (RealNetworks, Inc.)
Task: {06E7C822-086C-4A42-BDB5-C0A39887A97A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {0BE2AD79-7693-4034-B3BC-1A83DF75BBCA} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3869574007-4155416212-3619733498-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.)
Task: {173F54A3-0424-4A30-809A-63AEC9FBFE98} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-05] (Google Inc.)
Task: {1C5DB206-980D-4F55-890A-1AF128A7F25D} - System32\Tasks\NCH Swift Sound\wavepadShakeIcon => C:\Program Files (x86)\NCH Swift Sound\WavePad\WavePad.exe [2011-03-26] (NCH Software)
Task: {2356BA9F-C169-4F53-BD9F-D3ABD28866D7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {3479DAAE-87CA-40CA-920A-A8CCC9B49274} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {3A21925E-13BC-4ABE-AE38-4FBFC8EBFD30} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe [2010-02-02] (PC-Doctor, Inc.)
Task: {3D5C8F4E-4032-4A76-A0CB-D8E7DC425687} - System32\Tasks\{FDD8EEB8-E058-4CFC-9590-C72A9A7E4C0E} => pcalua.exe -a F:\setup.exe -d F:\
Task: {408A6096-A07E-41B4-AEB8-BA98A5CB2A68} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2014-01-16] (Sony Corporation)
Task: {46B33B2D-AD2E-45AB-B68A-FD83DEC8528E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-25] (Adobe Systems Incorporated)
Task: {50F5B112-76F7-4640-B140-6A1E3B39CE81} - System32\Tasks\{0EDC3918-F219-4DEB-877B-762E12C28BCA} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\5\SSSDUninstall.exe
Task: {547802CD-8470-46B2-A4AE-A18D957C0397} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3869574007-4155416212-3619733498-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.)
Task: {5E325C68-FE58-4FB3-9005-36F268C9A847} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {62FB2764-E273-4DB6-BA5D-95ED6F2D805E} - System32\Tasks\HPCeeScheduleForCH => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {691C69B8-61A2-4DF4-B6B8-FFDC5E127E08} - System32\Tasks\AdobeAAMUpdater-1.0-CH-HP-CH => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-08-27] (Adobe Systems Incorporated)
Task: {6BFA62B0-E02F-4288-A7C5-3447E12D79C3} - System32\Tasks\{AEB03854-5542-42D8-806D-2268B6844A65} => H:\Program Files (x86)\Adobe\Photoshop Elements 2\PhotoshopElements.exe [2010-12-06] (Adobe Systems, Incorporated)
Task: {6D1B1D3D-CF90-4EEA-A032-5FEB9EB8020F} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-02-24] ()
Task: {6EC337A2-827A-44A2-8BD4-E320B6C745E1} - System32\Tasks\{65E14FA1-8309-4765-978E-0C37C332FDAF} => pcalua.exe -a C:\Users\CH\Downloads\e_mail_software_setup.exe -d C:\Users\CH\Desktop
Task: {77D8706A-EDB7-4252-9E5A-AB9AF08F6C09} - System32\Tasks\{ECCC7354-0E78-4377-89AD-7CBB9C9436F9} => C:\Program Files (x86)\LG Soft India\forteManager\bin\Monitor.exe [2008-12-12] ()
Task: {7AE0C5E5-ACEB-4A57-A89B-E320CCE52D3B} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-02-24] ()
Task: {91CAC290-160F-4B09-8A7E-C45550BF2338} - System32\Tasks\Backup
Task: {938AE349-481F-4E9A-86D2-4A3549042D5B} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-02-24] ()
Task: {949F73DF-16B2-4E69-918C-6149B2EB3CF2} - System32\Tasks\{532E5CC9-19BE-4F1E-BF9F-803EAEA2E82B} => C:\Program Files (x86)\LG Soft India\forteManager\bin\Monitor.exe [2008-12-12] ()
Task: {9AD31D2B-F759-4B25-9428-6CAB71F5419A} - System32\Tasks\{EC8E3DC2-E241-438B-9678-AF2EC8E38B56} => pcalua.exe -a F:\SetupLauncher.exe -d F:\
Task: {A53E247F-09C3-4F46-B313-E43534AAA96B} - System32\Tasks\{951A6F2B-10C6-46C4-960A-F020E7B86809} => pcalua.exe -a C:\Users\CH\Downloads\Nero-12.0.02000_trial.exe -d C:\Users\CH\Downloads
Task: {AAF06FEA-BFDD-40D3-915C-5ED8509367FC} - System32\Tasks\{D5181A6D-D8EC-4382-A3C4-2FBB0C94FF79} => C:\Program Files (x86)\Adobe\Photoshop Elements 2\PhotoshopElements.exe [2014-11-09] (Adobe Systems, Incorporated)
Task: {AEAECF73-690E-40C7-A93C-7BB08DB0C142} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3869574007-4155416212-3619733498-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.)
Task: {B26DBE0E-0354-4376-9092-56CB5D0A6772} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3869574007-4155416212-3619733498-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.)
Task: {B2901AB0-55E7-412D-AE34-B5D438E39FB3} - System32\Tasks\{E5638080-2CA5-4BF4-A8C2-B996A08B8AD2} => C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\Photoshop Elements 5.0.exe
Task: {B574B033-04F9-4D0B-AF81-B12C498469D2} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\Kernel\CLML\CLMLSvc.exe
Task: {CC8FDCE3-4D87-439F-B6E2-AEECA98EAA54} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {CF822CC6-3307-40B7-A209-11C0ED4038CD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {D353B4EF-9523-47ED-AD09-085D45ADE002} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {D9BBC3A3-AE18-4E52-9CA6-D057731A9240} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-05] (Google Inc.)
Task: {DAC511D7-0DED-4E42-9E2B-661BE3341227} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3869574007-4155416212-3619733498-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-08-12] (RealNetworks, Inc.)
Task: {EE000B92-D276-4F1F-A045-D0D644036597} - System32\Tasks\{BFB18EDB-0FBD-4BCF-8706-D8C48BA6F0CF} => C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\Photoshop Elements 5.0.exe
Task: {F106594B-8C1C-41ED-9DB8-BFD5CFC80CF7} - System32\Tasks\{9770ECB6-B465-4ABD-A2D4-0420A0BA393F} => C:\Program Files (x86)\LG Soft India\forteManager\bin\Monitor.exe [2008-12-12] ()
Task: {F42CA822-59C2-447F-A404-D678FB751E6B} - System32\Tasks\{D0BA50D1-4CAE-4609-987C-8ECCC6473EE6} => pcalua.exe -a "C:\Users\CH\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MIOXVZQ9\e_mail_software_setup.exe" -d C:\Users\CH\Desktop
Task: {F49FBFBF-0DCF-415E-9570-02F40077CC85} - System32\Tasks\{60629A87-F015-4659-AA9E-B9E0EEC6F47D} => C:\Program Files (x86)\LG Soft India\forteManager\bin\Monitor.exe [2008-12-12] ()
Task: {F5421C64-4F70-4AAC-8EF3-B269DBDC1F9F} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3869574007-4155416212-3619733498-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-08-12] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForCH.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe

==================== Loaded Modules (whitelisted) =============

2014-05-01 20:29 - 2014-05-01 20:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-08-12 11:34 - 2014-08-12 11:34 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-05-20 02:38 - 2014-05-20 02:38 - 00340088 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2010-01-18 18:21 - 2010-01-18 18:21 - 00568888 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2011-02-03 14:09 - 2008-12-12 15:29 - 01687552 _____ () C:\Program Files (x86)\LG Soft India\forteManager\bin\Monitor.exe
2011-10-24 00:16 - 2011-10-24 00:16 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-04-11 15:20 - 2011-04-11 15:20 - 00098304 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-04-11 15:20 - 2011-04-11 15:20 - 00028672 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingResources.dll
2010-10-21 12:18 - 2010-10-21 12:18 - 00447312 _____ () C:\Program Files (x86)\Pinnacle\Studio 15\Import\programs\Importer.exe
2014-10-11 12:06 - 2014-10-11 12:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-16 12:53 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-08-16 12:53 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-08-16 12:53 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-08-16 12:53 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-08-16 12:53 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2011-02-03 14:08 - 2008-12-12 15:27 - 00077824 _____ () C:\Program Files (x86)\LG Soft India\forteManager\bin\ACRHOOK.dll
2011-02-03 14:08 - 2008-12-12 15:28 - 00126976 _____ () C:\Program Files (x86)\LG Soft India\forteManager\bin\ApplicationManager.dll
2011-02-03 14:08 - 2008-12-12 15:27 - 00036864 _____ () C:\Program Files (x86)\LG Soft India\forteManager\bin\ErrorHandler.dll
2011-02-03 14:08 - 2008-12-12 15:27 - 00143360 _____ () C:\Program Files (x86)\LG Soft India\forteManager\bin\DeviceManager.dll
2011-02-03 14:09 - 2008-12-12 15:27 - 00073728 _____ () C:\Program Files (x86)\LG Soft India\forteManager\bin\ProtocolEngine.dll
2011-02-03 14:09 - 2008-12-12 15:29 - 00073728 _____ () C:\Program Files (x86)\LG Soft India\forteManager\bin\MonitorGerRes.dll
2014-10-17 10:39 - 2014-10-17 10:39 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\c152a64e30c5b94894d75ac86aa7aad2\IsdiInterop.ni.dll
2010-06-19 15:53 - 2011-04-29 23:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-12-19 10:38 - 2014-12-19 10:38 - 03749888 _____ () C:\Program Files (x86)\Deutsche Telekom AG\Browser 7\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:43301D1D
AlternateDataStreams: C:\ProgramData\Temp:A9ABA3FF
AlternateDataStreams: C:\ProgramData\Temp:B1FBBD09
AlternateDataStreams: C:\ProgramData\Temp:C82210DD

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk => C:\Windows\pss\Adobe Gamma Loader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HD Writer.lnk => C:\Windows\pss\HD Writer.lnk.CommonStartup
MSCONFIG\startupreg: AcronisTibMounterMonitor => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Photo Downloader => "C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Amazon Cloud Player => "C:\Users\CH\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe"
MSCONFIG\startupreg: Amazon Music => "C:\Users\CH\AppData\Local\Amazon Music\Amazon Music Helper.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: Avira Systray => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
MSCONFIG\startupreg: BGReminderTool => C:\Program Files (x86)\Dr.Kawashima\ReminderTool\BGReminder.exe
MSCONFIG\startupreg: DiscWizardMonitor.exe => "C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe"
MSCONFIG\startupreg: HPAdvisorDock => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe
MSCONFIG\startupreg: ICQ => C:\Users\CH\AppData\Roaming\ICQM\icq.exe -CU
MSCONFIG\startupreg: ISUSPM Startup => C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LaunchList => C:\Program Files (x86)\Pinnacle\Studio 11\LaunchList2.exe
MSCONFIG\startupreg: Memeo Instant Backup => C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui
MSCONFIG\startupreg: NBAgent => "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
MSCONFIG\startupreg: OpwareSE4 => "C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe"
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Seagate Scheduler2 Service => "C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
MSCONFIG\startupreg: SSBkgdUpdate => "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: TkBellExe => "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot

========================= Accounts: ==========================

Administrator (S-1-5-21-3869574007-4155416212-3619733498-500 - Administrator - Disabled)
CH (S-1-5-21-3869574007-4155416212-3619733498-1000 - Administrator - Enabled) => C:\Users\CH
Gast (S-1-5-21-3869574007-4155416212-3619733498-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3869574007-4155416212-3619733498-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/29/2015 07:07:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 34.0.5.5456, Zeitstempel: 0x54872167
Name des fehlerhaften Moduls: NPSWF32_16_0_0_296.dll, Version: 16.0.0.296, Zeitstempel: 0x54c2a3ef
Ausnahmecode: 0x80000003
Fehleroffset: 0x003578ad
ID des fehlerhaften Prozesses: 0x1a48
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (01/29/2015 03:13:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Studio.exe, Version: 15.0.0.7593, Zeitstempel: 0x4cc74e06
Name des fehlerhaften Moduls: libmfxsw32.dll, Version: 1.10.1.21, Zeitstempel: 0x4b583056
Ausnahmecode: 0xc000000d
Fehleroffset: 0x0019805d
ID des fehlerhaften Prozesses: 0xa98
Startzeit der fehlerhaften Anwendung: 0xStudio.exe0
Pfad der fehlerhaften Anwendung: Studio.exe1
Pfad des fehlerhaften Moduls: Studio.exe2
Berichtskennung: Studio.exe3

Error: (01/29/2015 10:53:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AVKProxy.exe, Version: 1.5.14287.174, Zeitstempel: 0x543c744f
Name des fehlerhaften Moduls: avkhttp.dll, Version: 25.0.14287.175, Zeitstempel: 0x543c7471
Ausnahmecode: 0xc0000417
Fehleroffset: 0x0008e512
ID des fehlerhaften Prozesses: 0x880
Startzeit der fehlerhaften Anwendung: 0xAVKProxy.exe0
Pfad der fehlerhaften Anwendung: AVKProxy.exe1
Pfad des fehlerhaften Moduls: AVKProxy.exe2
Berichtskennung: AVKProxy.exe3

Error: (01/29/2015 10:51:24 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (01/28/2015 11:36:05 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (01/28/2015 04:39:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Studio.exe, Version: 15.0.0.7593, Zeitstempel: 0x4cc74e06
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00038e19
ID des fehlerhaften Prozesses: 0x249c
Startzeit der fehlerhaften Anwendung: 0xStudio.exe0
Pfad der fehlerhaften Anwendung: Studio.exe1
Pfad des fehlerhaften Moduls: Studio.exe2
Berichtskennung: Studio.exe3

Error: (01/28/2015 11:29:55 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (01/28/2015 00:43:17 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (01/27/2015 05:42:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004e4e4
ID des fehlerhaften Prozesses: 0x25ac
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (01/27/2015 00:12:15 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (01/29/2015 10:53:49 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "G Data AntiVirus Proxy" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/29/2015 10:51:32 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
GLogin

Error: (01/28/2015 11:30:06 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
GLogin

Error: (01/27/2015 11:08:53 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
GLogin

Error: (01/26/2015 10:40:34 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
GLogin

Error: (01/25/2015 09:13:24 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/25/2015 03:41:45 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

Error: (01/25/2015 10:43:13 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
GLogin

Error: (01/24/2015 01:44:12 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
GLogin

Error: (01/24/2015 10:46:07 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
GLogin


Microsoft Office Sessions:
=========================
Error: (01/29/2015 07:07:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe34.0.5.545654872167NPSWF32_16_0_0_296.dll16.0.0.29654c2a3ef80000003003578ad1a4801d03bed38e935f4C:\Program Files (x86)\Deutsche Telekom AG\Browser 7\plugin-container.exeC:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dlla0a7e7fa-a7e1-11e4-99ad-406186f09e31

Error: (01/29/2015 03:13:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Studio.exe15.0.0.75934cc74e06libmfxsw32.dll1.10.1.214b583056c000000d0019805da9801d03bc96cbd1a59C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exeC:\Program Files (x86)\Pinnacle\Studio 15\Programs\libmfxsw32.dllf456b17d-a7c0-11e4-99ad-406186f09e31

Error: (01/29/2015 10:53:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: AVKProxy.exe1.5.14287.174543c744favkhttp.dll25.0.14287.175543c7471c00004170008e51288001d03ba921435295C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exeC:\Program Files (x86)\Common Files\G Data\AVKProxy\avkhttp.dllb2defd2d-a79c-11e4-99ad-406186f09e31

Error: (01/29/2015 10:51:24 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (01/28/2015 11:36:05 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{6935C750-2D8C-4705-B4F9-052F550D225D}\recordingmanager.exe

Error: (01/28/2015 04:39:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Studio.exe15.0.0.75934cc74e06ntdll.dll6.1.7601.18247521ea8e7c000000500038e19249c01d03b10060b6111C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exeC:\Windows\SysWOW64\ntdll.dllcc3c1e43-a703-11e4-bb82-406186f09e31

Error: (01/28/2015 11:29:55 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (01/28/2015 00:43:17 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{6935C750-2D8C-4705-B4F9-052F550D225D}\recordingmanager.exe

Error: (01/27/2015 05:42:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c0000005000000000004e4e425ac01d03a50327ae7ecC:\Program Files\VideoLAN\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll82a0cc5f-a643-11e4-a113-406186f09e31

Error: (01/27/2015 00:12:15 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{6935C750-2D8C-4705-B4F9-052F550D225D}\recordingmanager.exe


CodeIntegrity Errors:
===================================
  Date: 2014-03-06 10:48:27.738
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\aksdf.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-06 10:48:27.707
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\aksdf.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-06 00:21:32.925
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\aksdf.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-06 00:21:32.894
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\aksdf.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-05 10:43:57.586
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\aksdf.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-05 10:43:57.570
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\aksdf.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-05 10:27:26.984
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\aksdf.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-05 10:27:26.953
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\aksdf.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-04 14:17:19.716
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\aksdf.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-04 14:17:19.685
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\aksdf.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz
Percentage of memory in use: 33%
Total physical RAM: 8151.08 MB
Available physical RAM: 5425.46 MB
Total Pagefile: 32300.34 MB
Available Pagefile: 28963.39 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1022.67 GB) (Free:502.76 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:27.18 GB) (Free:16.3 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: () (Fixed) (Total:931.51 GB) (Free:430.52 GB) NTFS
Drive f: (CDROM) (CDROM) (Total:7.87 GB) (Free:0 GB) CDFS
Drive g: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive h: (OS) (Fixed) (Total:919.05 GB) (Free:498.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive i: (HP_RECOVERY) (Fixed) (Total:12.36 GB) (Free:1.48 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive k: () (Removable) (Total:15.26 GB) (Free:11.26 GB) FAT32
Drive n: () (Fixed) (Total:746.52 GB) (Free:343.75 GB) NTFS
Drive z: (Volume) (Fixed) (Total:998.05 GB) (Free:575.71 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 5177F85B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=919.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 5177F86D)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 2048 GB) (Disk ID: 7C02D921)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1022.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=998 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=27.2 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 746.5 GB) (Disk ID: 70BFF0C3)
Partition 1: (Active) - (Size=746.5 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 15.3 GB) (Disk ID: EA9E9E9C)
Partition 1: (Active) - (Size=15.3 GB) - (Type=0C)

==================== End Of Log ============================
         

Alt 29.01.2015, 18:58   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Pup.optional.bandoo, Pup.optional.ilvid - Standard

Pup.optional.bandoo, Pup.optional.ilvid



hi,

Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    iLivid


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 






Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.





ProcessExplorer als Ersatz für den Windows Taskmanager installieren

Lade Dir den Process Explorer als Ersatz für den Taskmanager herunter und installiere ihn, hier findest Du eine Anleitung. Das ist ein wesentlich leistungsfähigerer Ersatz für den Windows-Taskmanager. Im Menü unter "Options" kannst Du den ProcessExplorer dauerhaft als Ersatz für den Taskmanager einrichten (Replace Taskmanager). Das ist sehr empfehlenswert, weil der ProcessExplorer erheblich mehr Funktionen als der Taskmanager hat. Wenn Du diese Einstellung gemacht hast, öffnet sich mit der Tastenkombination STRG + ALT + Entf. nicht mehr der Taskmanager, sondern der ProcessExplorer. Das kann jederzeit durch Abhaken dieser Einstellung wieder rückgängig gemacht werden.

Was wir jetzt konkret brauchen: In jeder Zeile steht ein Prozess, ein paar der Zeilen sind keine richtigen Prozesse, sondern nur Pseudoprozesse für die Tätigkeit des Windos-Kernels. Im Menü View => Select Columns wird ein Dialog geöffnet, in dem Du auswählen kannst, welche Spalten mit Informationen zu den Prozessen angezeigt werden sollen. In dem gehe in das Register "Process Performance" und stelle sicher, dass dort "CPU Usage" angehakt ist, "CPU History" wäre ebenfalls sinnvoll. Unter "CPU Usage" wird der aktuelle Wert der Prozessorauslastung für jeden Prozess angezeigt (im Tabellentitel steht nur kurz "CPU"), "CPU History" blendet für jeden Prozess ein Diagramm ein, das eine Kurve mit der Prozessorauslastung für die letzte Zeit anzeigt.

Damit sollte es Dir möglich sein, zu identifizieren, welcher Prozess Deine CPU in Trab hält. Mache einen Doppelklick auf den Prozess. Du kannst von dem ganzen auch einen Screenshot machen und ihn als Anhang mit Deiner Antwort hochladen (auf "Erweitert" unter dem Textfeld klicken und über "Anhänge verwalten" auf Deinem Rechner suchen lassen und über "Hochladen" anhängen).
__________________

__________________

Alt 29.01.2015, 21:56   #3
Medi
 
Pup.optional.bandoo, Pup.optional.ilvid - Standard

Pup.optional.bandoo, Pup.optional.ilvid



Code:
ATTFilter
22:38:20.0583 0x1e78  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
22:38:28.0141 0x1e78  ============================================================
22:38:28.0141 0x1e78  Current date / time: 2015/01/29 22:38:28.0141
22:38:28.0141 0x1e78  SystemInfo:
22:38:28.0141 0x1e78  
22:38:28.0141 0x1e78  OS Version: 6.1.7601 ServicePack: 1.0
22:38:28.0141 0x1e78  Product type: Workstation
22:38:28.0142 0x1e78  ComputerName: CH-HP
22:38:28.0142 0x1e78  UserName: CH
22:38:28.0142 0x1e78  Windows directory: C:\Windows
22:38:28.0142 0x1e78  System windows directory: C:\Windows
22:38:28.0142 0x1e78  Running under WOW64
22:38:28.0142 0x1e78  Processor architecture: Intel x64
22:38:28.0142 0x1e78  Number of processors: 8
22:38:28.0142 0x1e78  Page size: 0x1000
22:38:28.0142 0x1e78  Boot type: Normal boot
22:38:28.0142 0x1e78  ============================================================
22:38:28.0579 0x1e78  KLMD registered as C:\Windows\system32\drivers\50294477.sys
22:38:28.0922 0x1e78  System UUID: {F8A98A48-ABDF-BCA2-20F1-D191B94BA608}
22:38:29.0362 0x1e78  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:38:29.0376 0x1e78  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:38:29.0420 0x1e78  Drive \Device\Harddisk2\DR2 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x200, Cylinders: 0x41455, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:38:29.0493 0x1e78  Drive \Device\Harddisk5\DR5 - Size: 0x3D0FE0000 ( 15.27 Gb ), SectorSize: 0x200, Cylinders: 0x7C8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:38:29.0510 0x1e78  ============================================================
22:38:29.0510 0x1e78  \Device\Harddisk0\DR0:
22:38:29.0511 0x1e78  MBR partitions:
22:38:29.0511 0x1e78  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:38:29.0511 0x1e78  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72E1A800
22:38:29.0511 0x1e78  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x72E4D000, BlocksNum 0x18B9000
22:38:29.0511 0x1e78  \Device\Harddisk1\DR1:
22:38:29.0511 0x1e78  MBR partitions:
22:38:29.0511 0x1e78  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
22:38:29.0511 0x1e78  \Device\Harddisk2\DR2:
22:38:29.0511 0x1e78  MBR partitions:
22:38:29.0511 0x1e78  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:38:29.0511 0x1e78  \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x7FD58000
22:38:29.0525 0x1e78  \Device\Harddisk2\DR2\Partition3: MBR, Type 0x7, StartLBA 0x7FD8B000, BlocksNum 0x7CC17800
22:38:29.0525 0x1e78  \Device\Harddisk2\DR2\Partition4: MBR, Type 0x7, StartLBA 0xFC9A2800, BlocksNum 0x365D800
22:38:29.0525 0x1e78  \Device\Harddisk5\DR5:
22:38:29.0526 0x1e78  MBR partitions:
22:38:29.0526 0x1e78  \Device\Harddisk5\DR5\Partition1: MBR, Type 0xC, StartLBA 0x18, BlocksNum 0x1E86028
22:38:29.0526 0x1e78  ============================================================
22:38:29.0644 0x1e78  C: <-> \Device\Harddisk2\DR2\Partition2
22:38:29.0669 0x1e78  G: <-> \Device\Harddisk0\DR0\Partition1
22:38:29.0682 0x1e78  H: <-> \Device\Harddisk0\DR0\Partition2
22:38:29.0713 0x1e78  I: <-> \Device\Harddisk0\DR0\Partition3
22:38:29.0759 0x1e78  E: <-> \Device\Harddisk1\DR1\Partition1
22:38:29.0792 0x1e78  D: <-> \Device\Harddisk2\DR2\Partition4
22:38:29.0816 0x1e78  Z: <-> \Device\Harddisk2\DR2\Partition3
22:38:29.0816 0x1e78  ============================================================
22:38:29.0816 0x1e78  Initialize success
22:38:29.0816 0x1e78  ============================================================
22:49:48.0988 0x0928  ============================================================
22:49:48.0988 0x0928  Scan started
22:49:48.0988 0x0928  Mode: Manual; SigCheck; TDLFS; 
22:49:48.0988 0x0928  ============================================================
22:49:48.0988 0x0928  KSN ping started
22:49:52.0593 0x0928  KSN ping finished: true
22:49:53.0623 0x0928  ================ Scan system memory ========================
22:49:53.0623 0x0928  System memory - ok
22:49:53.0624 0x0928  ================ Scan services =============================
22:49:53.0729 0x0928  [ A0709B82FA3B5AFAD1467E565B8B3BA0, 3C20E66B37768169A69514F7F1DD21113483499BF3BD8852B803882E019B60FC ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
22:49:53.0802 0x0928  !SASCORE - detected UnsignedFile.Multi.Generic ( 1 )
22:49:56.0457 0x0928  Detect skipped due to KSN trusted
22:49:56.0457 0x0928  !SASCORE - ok
22:49:56.0626 0x0928  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:49:56.0680 0x0928  1394ohci - ok
22:49:56.0723 0x0928  [ E0A8525A951ADDB4655BC2068566407D, 7C08B9DB7C281422FD64219DF81B7064CE16EA53CF00EB1FC33CB0741CE6605F ] 61883           C:\Windows\system32\DRIVERS\61883.sys
22:49:56.0761 0x0928  61883 - ok
22:49:56.0796 0x0928  [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11        C:\Windows\system32\drivers\acedrv11.sys
22:49:56.0822 0x0928  acedrv11 - ok
22:49:56.0843 0x0928  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:49:56.0867 0x0928  ACPI - ok
22:49:56.0898 0x0928  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:49:56.0914 0x0928  AcpiPmi - ok
22:49:56.0989 0x0928  [ 6F87D122342EA80DBECA387D7AE1CB6F, 3911E36C3895450F65FA31B7F8747E16F7804C748B0C6DDEF59DF83B4F5EE246 ] AdobeActiveFileMonitor13.0 C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe
22:49:57.0012 0x0928  AdobeActiveFileMonitor13.0 - ok
22:49:57.0107 0x0928  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:49:57.0126 0x0928  AdobeARMservice - ok
22:49:57.0204 0x0928  [ A2A9C100FE1BE20A76C0B80D4CA44103, C34B4A31C8563E29EC6A3D318C40075F43C891C23D156F53EE2102C959B7887F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:49:57.0221 0x0928  AdobeFlashPlayerUpdateSvc - ok
22:49:57.0259 0x0928  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
22:49:57.0288 0x0928  adp94xx - ok
22:49:57.0326 0x0928  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
22:49:57.0352 0x0928  adpahci - ok
22:49:57.0368 0x0928  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
22:49:57.0388 0x0928  adpu320 - ok
22:49:57.0413 0x0928  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:49:57.0522 0x0928  AeLookupSvc - ok
22:49:57.0581 0x0928  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
22:49:57.0619 0x0928  AFD - ok
22:49:57.0646 0x0928  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
22:49:57.0660 0x0928  agp440 - ok
22:49:57.0692 0x0928  [ 3190C577746303CA4C65114441192FE2, AEE970D59E9FB314B559CF0C41DD2CD3C9C9B5DD060A339368000F975F4CD389 ] aksdf           C:\Windows\system32\drivers\aksdf.sys
22:49:57.0708 0x0928  aksdf - ok
22:49:57.0750 0x0928  [ 2845A05E5AF65B5C7A143D637F08496D, 38DB4590EDD8CBE735ED0C072A03F4E619A3CDA7B8D908FD1CA8E90728F077EF ] aksfridge       C:\Windows\system32\drivers\aksfridge.sys
22:49:57.0765 0x0928  aksfridge - ok
22:49:57.0793 0x0928  [ 35E43EE8FE28CFD581E8CE42847DFE2B, 1A78FC49422CB73EFD4B0A09BD32B35244A91478DB2268C023FDDCA826C8EE5D ] akshasp         C:\Windows\system32\DRIVERS\akshasp.sys
22:49:57.0805 0x0928  akshasp - ok
22:49:57.0852 0x0928  [ 8D584711424446969B5E4CB16870A898, 842FBE4FD5BEB044EC1F10EAD8B2F2AB5F38D544D136A09474AF94D83EFA4F35 ] aksusb          C:\Windows\system32\DRIVERS\aksusb.sys
22:49:57.0868 0x0928  aksusb - ok
22:49:57.0880 0x0928  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
22:49:57.0898 0x0928  ALG - ok
22:49:57.0924 0x0928  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:49:57.0936 0x0928  aliide - ok
22:49:58.0019 0x0928  ALSysIO - ok
22:49:58.0059 0x0928  [ A592CA3EC9A5AF7F74D5169D556B976F, D58B7394683751AA1EE5F0E670952B0F078596D64CD63EC6B9DDFAB724C7DED0 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:49:58.0079 0x0928  AMD External Events Utility - ok
22:49:58.0105 0x0928  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
22:49:58.0118 0x0928  amdide - ok
22:49:58.0134 0x0928  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
22:49:58.0149 0x0928  AmdK8 - ok
22:49:58.0418 0x0928  [ 1512CEEDC3657082F396A0818528B5E8, 59565101A21BD6064CCC47C8057DAA3301236324C28A7460C62A25776D171178 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
22:49:58.0782 0x0928  amdkmdag - ok
22:49:58.0812 0x0928  [ 3D00276750E2D6F35228E12868CF1A46, C18D2591D52F6E6F102BF0894DC34D3AB0F11845C2AAD068CEC73E4A9CD2CDFF ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
22:49:58.0833 0x0928  amdkmdap - ok
22:49:58.0844 0x0928  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
22:49:58.0859 0x0928  AmdPPM - ok
22:49:58.0889 0x0928  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:49:58.0905 0x0928  amdsata - ok
22:49:58.0921 0x0928  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
22:49:58.0937 0x0928  amdsbs - ok
22:49:58.0940 0x0928  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:49:58.0951 0x0928  amdxata - ok
22:49:58.0984 0x0928  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
22:49:59.0024 0x0928  AppID - ok
22:49:59.0058 0x0928  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:49:59.0087 0x0928  AppIDSvc - ok
22:49:59.0116 0x0928  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
22:49:59.0138 0x0928  Appinfo - ok
22:49:59.0253 0x0928  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:49:59.0267 0x0928  Apple Mobile Device - ok
22:49:59.0279 0x0928  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
22:49:59.0298 0x0928  arc - ok
22:49:59.0308 0x0928  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
22:49:59.0322 0x0928  arcsas - ok
22:49:59.0409 0x0928  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:49:59.0426 0x0928  aspnet_state - ok
22:49:59.0441 0x0928  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:49:59.0474 0x0928  AsyncMac - ok
22:49:59.0512 0x0928  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
22:49:59.0524 0x0928  atapi - ok
22:49:59.0564 0x0928  [ DBB487D09F56C674430AC454FD8BCAB9, CF6413DD5D4876CE1F65E40115994423804AA5EA5CBDEB433DB751B445C17BB8 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
22:49:59.0581 0x0928  AtiHDAudioService - ok
22:49:59.0604 0x0928  [ D481083348138B4933ACFE95812DB71C, 62B8B1C844FCF6CF3FC8987A3B0963FEB1DFD28D9F977BDFD04DA7F358CBF0F6 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
22:49:59.0619 0x0928  AtiHdmiService - ok
22:49:59.0660 0x0928  ATIXPGAA - ok
22:49:59.0693 0x0928  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:49:59.0722 0x0928  AudioEndpointBuilder - ok
22:49:59.0738 0x0928  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
22:49:59.0765 0x0928  AudioSrv - ok
22:49:59.0832 0x0928  [ 16FABE84916623D0607E4A975544032C, 9D960CAE27B1769ED5B024C0A3375912432521C73C1F59E21111596A7981BDC3 ] Avc             C:\Windows\system32\DRIVERS\avc.sys
22:49:59.0850 0x0928  Avc - ok
22:49:59.0858 0x0928  [ 155F536D6181508929F4FE177F4167CE, 479B100DA05EDFADEDC6853B561FF3AC6A00403AB8A54F83887B8D0BB4D76886 ] AVCSTRM         C:\Windows\system32\DRIVERS\avcstrm.sys
22:49:59.0877 0x0928  AVCSTRM - ok
22:50:00.0009 0x0928  [ 8DFC779658F5227019615CDF54748652, 5FFA2E04002C9C9888D4FE85179DD8FEA4C999DD66791B15325E933B24AA4AE3 ] AVKProxy        C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
22:50:00.0068 0x0928  AVKProxy - ok
22:50:00.0153 0x0928  [ 56C6F2D7F1D515B4B534217443D3B67F, CB9E94EE515EE7C426B34EC40DFDEF27893C3379C011B2FF6EEF318A34BCF482 ] AVKService      C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
22:50:00.0183 0x0928  AVKService - ok
22:50:00.0261 0x0928  [ 258B9C230D2A904349CDF18CAD6B22BE, A270FF5D58C516272C248E22FD5ED3C4F279D0348154D56E13E88D05820E9246 ] AVKWCtl         C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
22:50:00.0330 0x0928  AVKWCtl - ok
22:50:00.0362 0x0928  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:50:00.0410 0x0928  AxInstSV - ok
22:50:00.0455 0x0928  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
22:50:00.0483 0x0928  b06bdrv - ok
22:50:00.0511 0x0928  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
22:50:00.0532 0x0928  b57nd60a - ok
22:50:00.0557 0x0928  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:50:00.0582 0x0928  BDESVC - ok
22:50:00.0595 0x0928  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:50:00.0623 0x0928  Beep - ok
22:50:00.0678 0x0928  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
22:50:00.0717 0x0928  BFE - ok
22:50:00.0752 0x0928  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
22:50:00.0799 0x0928  BITS - ok
22:50:00.0815 0x0928  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:50:00.0828 0x0928  blbdrive - ok
22:50:00.0888 0x0928  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:50:00.0907 0x0928  Bonjour Service - ok
22:50:00.0945 0x0928  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:50:00.0966 0x0928  bowser - ok
22:50:00.0979 0x0928  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:50:00.0998 0x0928  BrFiltLo - ok
22:50:01.0005 0x0928  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:50:01.0022 0x0928  BrFiltUp - ok
22:50:01.0068 0x0928  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
22:50:01.0101 0x0928  Browser - ok
22:50:01.0163 0x0928  [ 3688263B1EB4506EFA306B60BDCBBF5F, F33DA48D52B5B3ED30BFF100406D08C1A665F976F3651D2D130114C8FDD82FC9 ] Browser7Maintenance C:\Program Files (x86)\Browser 7 Maintenance Service\maintenanceservice.exe
22:50:01.0174 0x0928  Browser7Maintenance - detected UnsignedFile.Multi.Generic ( 1 )
22:50:03.0744 0x0928  Detect skipped due to KSN trusted
22:50:03.0744 0x0928  Browser7Maintenance - ok
22:50:03.0777 0x0928  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:50:03.0811 0x0928  Brserid - ok
22:50:03.0821 0x0928  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:50:03.0836 0x0928  BrSerWdm - ok
22:50:03.0838 0x0928  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:50:03.0852 0x0928  BrUsbMdm - ok
22:50:03.0855 0x0928  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:50:03.0867 0x0928  BrUsbSer - ok
22:50:03.0878 0x0928  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
22:50:03.0895 0x0928  BTHMODEM - ok
22:50:03.0927 0x0928  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
22:50:03.0961 0x0928  bthserv - ok
22:50:03.0976 0x0928  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:50:04.0011 0x0928  cdfs - ok
22:50:04.0055 0x0928  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
22:50:04.0072 0x0928  cdrom - ok
22:50:04.0112 0x0928  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
22:50:04.0143 0x0928  CertPropSvc - ok
22:50:04.0152 0x0928  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
22:50:04.0169 0x0928  circlass - ok
22:50:04.0190 0x0928  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
22:50:04.0212 0x0928  CLFS - ok
22:50:04.0268 0x0928  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:50:04.0282 0x0928  clr_optimization_v2.0.50727_32 - ok
22:50:04.0294 0x0928  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:50:04.0308 0x0928  clr_optimization_v2.0.50727_64 - ok
22:50:04.0392 0x0928  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:50:04.0407 0x0928  clr_optimization_v4.0.30319_32 - ok
22:50:04.0463 0x0928  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:50:04.0481 0x0928  clr_optimization_v4.0.30319_64 - ok
22:50:04.0490 0x0928  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:50:04.0503 0x0928  CmBatt - ok
22:50:04.0542 0x0928  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:50:04.0558 0x0928  cmdide - ok
22:50:04.0605 0x0928  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
22:50:04.0632 0x0928  CNG - ok
22:50:04.0635 0x0928  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:50:04.0647 0x0928  Compbatt - ok
22:50:04.0672 0x0928  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
22:50:04.0687 0x0928  CompositeBus - ok
22:50:04.0690 0x0928  COMSysApp - ok
22:50:04.0700 0x0928  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
22:50:04.0712 0x0928  crcdisk - ok
22:50:04.0745 0x0928  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:50:04.0774 0x0928  CryptSvc - ok
22:50:04.0814 0x0928  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:50:04.0853 0x0928  DcomLaunch - ok
22:50:04.0877 0x0928  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
22:50:04.0918 0x0928  defragsvc - ok
22:50:04.0957 0x0928  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:50:04.0986 0x0928  DfsC - ok
22:50:05.0038 0x0928  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:50:05.0072 0x0928  Dhcp - ok
22:50:05.0086 0x0928  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
22:50:05.0116 0x0928  discache - ok
22:50:05.0128 0x0928  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
22:50:05.0142 0x0928  Disk - ok
22:50:05.0175 0x0928  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:50:05.0202 0x0928  Dnscache - ok
22:50:05.0249 0x0928  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:50:05.0282 0x0928  dot3svc - ok
22:50:05.0325 0x0928  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
22:50:05.0343 0x0928  Dot4 - ok
22:50:05.0357 0x0928  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
22:50:05.0373 0x0928  Dot4Print - ok
22:50:05.0382 0x0928  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
22:50:05.0401 0x0928  dot4usb - ok
22:50:05.0433 0x0928  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
22:50:05.0463 0x0928  DPS - ok
22:50:05.0481 0x0928  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:50:05.0500 0x0928  drmkaud - ok
22:50:05.0559 0x0928  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:50:05.0593 0x0928  DXGKrnl - ok
22:50:05.0611 0x0928  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
22:50:05.0641 0x0928  EapHost - ok
22:50:05.0737 0x0928  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
22:50:05.0849 0x0928  ebdrv - ok
22:50:05.0876 0x0928  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
22:50:05.0892 0x0928  EFS - ok
22:50:05.0954 0x0928  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:50:06.0003 0x0928  ehRecvr - ok
22:50:06.0026 0x0928  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
22:50:06.0043 0x0928  ehSched - ok
22:50:06.0078 0x0928  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
22:50:06.0105 0x0928  elxstor - ok
22:50:06.0132 0x0928  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:50:06.0145 0x0928  ErrDev - ok
22:50:06.0173 0x0928  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
22:50:06.0210 0x0928  EventSystem - ok
22:50:06.0219 0x0928  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
22:50:06.0253 0x0928  exfat - ok
22:50:06.0257 0x0928  ezSharedSvc - ok
22:50:06.0266 0x0928  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:50:06.0299 0x0928  fastfat - ok
22:50:06.0345 0x0928  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
22:50:06.0377 0x0928  Fax - ok
22:50:06.0394 0x0928  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
22:50:06.0408 0x0928  fdc - ok
22:50:06.0428 0x0928  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
22:50:06.0460 0x0928  fdPHost - ok
22:50:06.0466 0x0928  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:50:06.0496 0x0928  FDResPub - ok
22:50:06.0504 0x0928  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:50:06.0518 0x0928  FileInfo - ok
22:50:06.0530 0x0928  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:50:06.0560 0x0928  Filetrace - ok
22:50:06.0577 0x0928  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
22:50:06.0591 0x0928  flpydisk - ok
22:50:06.0636 0x0928  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:50:06.0653 0x0928  FltMgr - ok
22:50:06.0698 0x0928  [ C06AF3D1E7CA6868A6A3064CE6907C4A, A1A357CF99291E1611A4380BF8866B5B594637C186B5FD1EFDF052D4EB69FAB9 ] fltsrv          C:\Windows\system32\DRIVERS\fltsrv.sys
22:50:06.0713 0x0928  fltsrv - ok
22:50:06.0787 0x0928  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
22:50:06.0837 0x0928  FontCache - ok
22:50:06.0897 0x0928  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:50:06.0918 0x0928  FontCache3.0.0.0 - ok
22:50:06.0935 0x0928  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:50:06.0954 0x0928  FsDepends - ok
22:50:06.0993 0x0928  [ 6C06701BF1DB05405804D7EB610991CE, 75DEB2204D9AC338ED7C4742BEFAFA0AFC7E42B2C1B54A57DF8A1AD097D9EC3E ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
22:50:07.0006 0x0928  fssfltr - ok
22:50:07.0067 0x0928  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:50:07.0079 0x0928  Fs_Rec - ok
22:50:07.0125 0x0928  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:50:07.0144 0x0928  fvevol - ok
22:50:07.0163 0x0928  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
22:50:07.0177 0x0928  gagp30kx - ok
22:50:07.0236 0x0928  [ A90A90714221E50856FC009545E9A5CB, 67A39F9FD9BB6CDF467D820C4749B6064D19594D5A5B94B0D17CC257CB19AA21 ] GDBehave        C:\Windows\system32\drivers\GDBehave.sys
22:50:07.0249 0x0928  GDBehave - ok
22:50:07.0361 0x0928  [ 56F6E95D62AFC30FD0250D031E5AA480, 3CEC162DD346F1F93A3F0066E310958996556C9E74052456E0974B29A01E91A2 ] GDFwSvc         C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
22:50:07.0441 0x0928  GDFwSvc - ok
22:50:07.0486 0x0928  [ 3AEF393C011738ADDF09057E221EE7D8, 52D3C51D0206C3C082C2AB9958325070A54BC0FD78FF974C69020B424229A18A ] GDKBFlt         C:\Windows\system32\drivers\GDKBFlt64.sys
22:50:07.0497 0x0928  GDKBFlt - ok
22:50:07.0513 0x0928  [ F5A571A95A3E22877D0CBC60F7D66E05, D0D785C5D9F60414FCF01B9C1949661975BD49A93B4556D8D1045895531E457A ] GDMnIcpt        C:\Windows\system32\drivers\MiniIcpt.sys
22:50:07.0525 0x0928  GDMnIcpt - ok
22:50:07.0553 0x0928  [ 527B1CAA9661D518AC5182292C35AEC7, 1E56FC0EDFED7D60798930812AB0BB623A6721D433B69AD0152379B412CCE4D4 ] GDPkIcpt        C:\Windows\system32\drivers\PktIcpt.sys
22:50:07.0564 0x0928  GDPkIcpt - ok
22:50:07.0612 0x0928  [ CC88D7254787D15B84377137BF739F90, F01BF995EDB533C7E6F2A5B9591DA0B4F8F4E79CC45C2DA73198F4B4A8624F0B ] GDScan          C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
22:50:07.0636 0x0928  GDScan - ok
22:50:07.0667 0x0928  [ 606EFCD1F2DD9D50E3DB8FC53755C7D2, 30C678E3EBDC65E383F311B5E625FBF4EC26D804830D910F102E40BC68DB0820 ] gdwfpcd         C:\Windows\system32\drivers\gdwfpcd64.sys
22:50:07.0678 0x0928  gdwfpcd - ok
22:50:07.0743 0x0928  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:50:07.0752 0x0928  GEARAspiWDM - ok
22:50:07.0754 0x0928  GLogin - ok
22:50:07.0811 0x0928  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
22:50:07.0858 0x0928  gpsvc - ok
22:50:07.0902 0x0928  [ 57875BA7B65C5FE5A87630DC1544C420, 5BB2F6CD21E3855F163B2B15E2E51A3D58637A890D0D3C6AEFB0F60214D6FBD2 ] GRD             C:\Windows\system32\drivers\GRD.sys
22:50:07.0917 0x0928  GRD - ok
22:50:07.0993 0x0928  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:50:08.0009 0x0928  gupdate - ok
22:50:08.0016 0x0928  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:50:08.0029 0x0928  gupdatem - ok
22:50:08.0067 0x0928  [ 3921C845A24C62CA1F44EEF4826263E9, 4CB2CAB0B96F097B3BFC28EA12AA7C28131AEC114BF0920BC80789CDD6BF4019 ] hardlock        C:\Windows\system32\drivers\hardlock.sys
22:50:08.0087 0x0928  hardlock - ok
22:50:08.0090 0x0928  hasplms - ok
22:50:08.0114 0x0928  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:50:08.0139 0x0928  hcw85cir - ok
22:50:08.0209 0x0928  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:50:08.0242 0x0928  HdAudAddService - ok
22:50:08.0266 0x0928  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
22:50:08.0285 0x0928  HDAudBus - ok
22:50:08.0300 0x0928  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
22:50:08.0311 0x0928  HECIx64 - ok
22:50:08.0320 0x0928  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
22:50:08.0333 0x0928  HidBatt - ok
22:50:08.0348 0x0928  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
22:50:08.0366 0x0928  HidBth - ok
22:50:08.0399 0x0928  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
22:50:08.0416 0x0928  HidIr - ok
22:50:08.0433 0x0928  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
22:50:08.0461 0x0928  hidserv - ok
22:50:08.0489 0x0928  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
22:50:08.0512 0x0928  HidUsb - ok
22:50:08.0541 0x0928  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:50:08.0577 0x0928  hkmsvc - ok
22:50:08.0617 0x0928  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:50:08.0651 0x0928  HomeGroupListener - ok
22:50:08.0688 0x0928  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:50:08.0720 0x0928  HomeGroupProvider - ok
22:50:08.0744 0x0928  [ EB6EB3DCC2AD18236EEC42B2FC7BD806, A1334E802997FA2DF34B3C2860731BE03ADB5D1908DDBBCB4A46761ACC568573 ] HookCentre      C:\Windows\system32\drivers\HookCentre.sys
22:50:08.0756 0x0928  HookCentre - ok
22:50:08.0822 0x0928  [ 2A8B93A01621E100A578E83C768AFA2C, 6637D260AF180D1F200D219796FCE6D524FC6BF57C0CEEF9E1B3616E85865AD1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
22:50:08.0828 0x0928  HP Support Assistant Service - detected UnsignedFile.Multi.Generic ( 1 )
22:50:11.0394 0x0928  Detect skipped due to KSN trusted
22:50:11.0394 0x0928  HP Support Assistant Service - ok
22:50:11.0494 0x0928  [ 97AAC45A375168C6A2297BEEB9692E31, 9C7285988D0C5DE8E3608F4E9F50A5C9398FFD0DA0F4C965C953859001FC76C8 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
22:50:11.0509 0x0928  hpqcxs08 - ok
22:50:11.0518 0x0928  [ 19A4FB67B1C97EA18EDFF44340973CD9, F1B6A7C1E450FF9A1D10F315F17D42DFE8390E88FF1AED4DE35237C4B81FC81D ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
22:50:11.0529 0x0928  hpqddsvc - ok
22:50:11.0613 0x0928  [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
22:50:11.0653 0x0928  hpqwmiex - ok
22:50:11.0696 0x0928  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:50:11.0710 0x0928  HpSAMD - ok
22:50:11.0800 0x0928  [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
22:50:11.0836 0x0928  HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
22:50:14.0461 0x0928  Detect skipped due to KSN trusted
22:50:14.0461 0x0928  HPSLPSVC - ok
22:50:14.0524 0x0928  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:50:14.0576 0x0928  HTTP - ok
22:50:14.0604 0x0928  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:50:14.0616 0x0928  hwpolicy - ok
22:50:14.0634 0x0928  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
22:50:14.0653 0x0928  i8042prt - ok
22:50:14.0715 0x0928  [ 26CF4275034214ECEDD8EC17B0A18A99, 95A08C63971C28F1BC97040C0ADA247E3B43DE7D937B14E33A394B955D0AC8B7 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
22:50:14.0735 0x0928  iaStor - ok
22:50:14.0770 0x0928  [ E79A8E33BD136D14BAE1FA20EB2EF124, 54AD784570282FEF21021BE76C57EE878EC6FF6423CE2FFC3A4372AF6C3112D4 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:50:14.0781 0x0928  IAStorDataMgrSvc - ok
22:50:14.0824 0x0928  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:50:14.0848 0x0928  iaStorV - ok
22:50:14.0908 0x0928  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:50:14.0943 0x0928  idsvc - ok
22:50:14.0962 0x0928  IEEtwCollectorService - ok
22:50:14.0982 0x0928  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
22:50:14.0996 0x0928  iirsp - ok
22:50:15.0047 0x0928  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
22:50:15.0080 0x0928  IKEEXT - ok
22:50:15.0171 0x0928  [ 3C4B4EE54FEBB09F7E9F58776DE96DCA, 4E0320281FB9D02A4D8571597D157C0DF2A85CF17D53775D93CF3C54BEC34B24 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:50:15.0236 0x0928  IntcAzAudAddService - ok
22:50:15.0275 0x0928  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
22:50:15.0287 0x0928  intelide - ok
22:50:15.0299 0x0928  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:50:15.0313 0x0928  intelppm - ok
22:50:15.0329 0x0928  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:50:15.0359 0x0928  IPBusEnum - ok
22:50:15.0389 0x0928  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:50:15.0419 0x0928  IpFilterDriver - ok
22:50:15.0490 0x0928  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:50:15.0533 0x0928  iphlpsvc - ok
22:50:15.0560 0x0928  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:50:15.0577 0x0928  IPMIDRV - ok
22:50:15.0591 0x0928  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:50:15.0628 0x0928  IPNAT - ok
22:50:15.0705 0x0928  [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
22:50:15.0731 0x0928  iPod Service - ok
22:50:15.0753 0x0928  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:50:15.0771 0x0928  IRENUM - ok
22:50:15.0779 0x0928  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:50:15.0791 0x0928  isapnp - ok
22:50:15.0837 0x0928  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:50:15.0865 0x0928  iScsiPrt - ok
22:50:15.0876 0x0928  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:50:15.0893 0x0928  kbdclass - ok
22:50:15.0931 0x0928  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:50:15.0951 0x0928  kbdhid - ok
22:50:15.0962 0x0928  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
22:50:15.0979 0x0928  KeyIso - ok
22:50:16.0016 0x0928  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:50:16.0036 0x0928  KSecDD - ok
22:50:16.0067 0x0928  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:50:16.0082 0x0928  KSecPkg - ok
22:50:16.0085 0x0928  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
22:50:16.0113 0x0928  ksthunk - ok
22:50:16.0143 0x0928  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:50:16.0182 0x0928  KtmRm - ok
22:50:16.0226 0x0928  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:50:16.0259 0x0928  LanmanServer - ok
22:50:16.0295 0x0928  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:50:16.0327 0x0928  LanmanWorkstation - ok
22:50:16.0405 0x0928  [ 9DCB9D9BDB7E3C0F66F86EE09A392CBB, C4A9CE4DD7A4BB2D4372BCB4E3094E06D605DB2EC11DD0532E32521DFED77D79 ] LGDDCDevice     C:\Program Files (x86)\LG Soft India\forteManager\bin\I2CDriver.sys
22:50:16.0414 0x0928  LGDDCDevice - detected UnsignedFile.Multi.Generic ( 1 )
22:50:19.0173 0x0928  LGDDCDevice ( UnsignedFile.Multi.Generic ) - warning
22:50:19.0173 0x0928  Force sending object to P2P due to detect: LGDDCDevice
22:50:22.0174 0x0928  Object send P2P result: true
22:50:25.0016 0x0928  [ 21A62A7A95B1905634E7C12E5158EC32, 4A55EB67CEB89F5D00E5F6819EE646C689ADDBAF61DA61ED65310494E33E8C0E ] LGII2CDevice    C:\Program Files (x86)\LG Soft India\forteManager\bin\PII2CDriver.sys
22:50:25.0022 0x0928  LGII2CDevice - detected UnsignedFile.Multi.Generic ( 1 )
22:50:27.0560 0x0928  LGII2CDevice ( UnsignedFile.Multi.Generic ) - warning
22:50:27.0560 0x0928  Force sending object to P2P due to detect: LGII2CDevice
22:50:30.0242 0x0928  Object send P2P result: true
22:50:32.0729 0x0928  [ 83D8BE94E1CBCBE2EA8372DB1A95A159, 28D18C7B93EFB6C83023D39A54489DDE98DE578AFCC06DD0712D00DE7CD48968 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
22:50:32.0738 0x0928  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
22:50:35.0283 0x0928  Detect skipped due to KSN trusted
22:50:35.0283 0x0928  LightScribeService - ok
22:50:35.0319 0x0928  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:50:35.0350 0x0928  lltdio - ok
22:50:35.0375 0x0928  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:50:35.0413 0x0928  lltdsvc - ok
22:50:35.0422 0x0928  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:50:35.0449 0x0928  lmhosts - ok
22:50:35.0473 0x0928  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
22:50:35.0488 0x0928  LSI_FC - ok
22:50:35.0499 0x0928  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
22:50:35.0513 0x0928  LSI_SAS - ok
22:50:35.0526 0x0928  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:50:35.0541 0x0928  LSI_SAS2 - ok
22:50:35.0557 0x0928  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:50:35.0572 0x0928  LSI_SCSI - ok
22:50:35.0577 0x0928  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
22:50:35.0610 0x0928  luafv - ok
22:50:35.0649 0x0928  [ 024DA28053D57E9E32BEE52600576BBB, 8EC636DAB90A835DEBA2EC6176F4547EEF557415FF77C6378EF423569702731E ] MarvinBus       C:\Windows\system32\DRIVERS\MarvinBus64.sys
22:50:35.0681 0x0928  MarvinBus - ok
22:50:35.0713 0x0928  [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
22:50:35.0733 0x0928  MBAMSwissArmy - ok
22:50:35.0759 0x0928  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:50:35.0777 0x0928  Mcx2Svc - ok
22:50:35.0790 0x0928  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
22:50:35.0806 0x0928  megasas - ok
22:50:35.0825 0x0928  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
22:50:35.0845 0x0928  MegaSR - ok
22:50:35.0923 0x0928  [ 780D96F551833E0DCFE0A33B02B774E8, 856F4E361A5956FE30CFF73112C3E2E59B4034C47F1B051A39DD9787FCABC9A2 ] MemeoBackgroundService C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
22:50:35.0933 0x0928  MemeoBackgroundService - ok
22:50:35.0953 0x0928  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
22:50:35.0990 0x0928  MMCSS - ok
22:50:36.0002 0x0928  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
22:50:36.0032 0x0928  Modem - ok
22:50:36.0070 0x0928  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:50:36.0086 0x0928  monitor - ok
22:50:36.0112 0x0928  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:50:36.0125 0x0928  mouclass - ok
22:50:36.0139 0x0928  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:50:36.0152 0x0928  mouhid - ok
22:50:36.0190 0x0928  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:50:36.0204 0x0928  mountmgr - ok
22:50:36.0234 0x0928  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:50:36.0249 0x0928  mpio - ok
22:50:36.0271 0x0928  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:50:36.0302 0x0928  mpsdrv - ok
22:50:36.0346 0x0928  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:50:36.0393 0x0928  MpsSvc - ok
22:50:36.0439 0x0928  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:50:36.0473 0x0928  MRxDAV - ok
22:50:36.0499 0x0928  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:50:36.0519 0x0928  mrxsmb - ok
22:50:36.0553 0x0928  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:50:36.0574 0x0928  mrxsmb10 - ok
22:50:36.0586 0x0928  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:50:36.0602 0x0928  mrxsmb20 - ok
22:50:36.0634 0x0928  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:50:36.0647 0x0928  msahci - ok
22:50:36.0663 0x0928  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:50:36.0678 0x0928  msdsm - ok
22:50:36.0693 0x0928  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
22:50:36.0711 0x0928  MSDTC - ok
22:50:36.0750 0x0928  [ 72949A24D37A20A54B3D4D3DADBB55E9, 580B59EF2DFA4F6EE27BA37904F0705CBCD74F9B07D2D795093C045F94AE6DB5 ] MSDV            C:\Windows\system32\DRIVERS\msdv.sys
22:50:36.0767 0x0928  MSDV - ok
22:50:36.0777 0x0928  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:50:36.0808 0x0928  Msfs - ok
22:50:36.0816 0x0928  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:50:36.0845 0x0928  mshidkmdf - ok
22:50:36.0856 0x0928  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:50:36.0868 0x0928  msisadrv - ok
22:50:36.0890 0x0928  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:50:36.0925 0x0928  MSiSCSI - ok
22:50:36.0927 0x0928  msiserver - ok
22:50:36.0942 0x0928  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:50:36.0972 0x0928  MSKSSRV - ok
22:50:36.0984 0x0928  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:50:37.0013 0x0928  MSPCLOCK - ok
22:50:37.0019 0x0928  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:50:37.0048 0x0928  MSPQM - ok
22:50:37.0090 0x0928  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:50:37.0113 0x0928  MsRPC - ok
22:50:37.0119 0x0928  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
22:50:37.0132 0x0928  mssmbios - ok
22:50:37.0161 0x0928  [ 966EC55988D580B9823C453781309450, 52942A68A3DE6C6A9730D27667A0AAA35B65889C37B243B83CC9B54DFAFE4A2D ] MSTAPE          C:\Windows\system32\DRIVERS\mstape.sys
22:50:37.0177 0x0928  MSTAPE - ok
22:50:37.0185 0x0928  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:50:37.0214 0x0928  MSTEE - ok
22:50:37.0223 0x0928  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
22:50:37.0237 0x0928  MTConfig - ok
22:50:37.0252 0x0928  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
22:50:37.0265 0x0928  Mup - ok
22:50:37.0306 0x0928  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
22:50:37.0346 0x0928  napagent - ok
22:50:37.0380 0x0928  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:50:37.0405 0x0928  NativeWifiP - ok
22:50:37.0496 0x0928  [ 0CB8324F6CB624812FD9D4FE9186F845, 15E939AF3F11FD109BF7678C010F2C9C883DFA375A4A18FDE24B3C960C983B84 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
22:50:37.0527 0x0928  NAUpdate - ok
22:50:37.0585 0x0928  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:50:37.0621 0x0928  NDIS - ok
22:50:37.0634 0x0928  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:50:37.0664 0x0928  NdisCap - ok
22:50:37.0679 0x0928  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:50:37.0709 0x0928  NdisTapi - ok
22:50:37.0737 0x0928  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:50:37.0765 0x0928  Ndisuio - ok
22:50:37.0803 0x0928  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:50:37.0835 0x0928  NdisWan - ok
22:50:37.0868 0x0928  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:50:37.0896 0x0928  NDProxy - ok
22:50:37.0913 0x0928  [ DC6530A291D4BDF6DF399F1F128E7F8F, 85123D802063383646EEBC60F4ABBCDBA2AE3180E99A8A99C024B1EBB0C6690E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
22:50:37.0920 0x0928  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
22:50:40.0544 0x0928  Detect skipped due to KSN trusted
22:50:40.0544 0x0928  Net Driver HPZ12 - ok
22:50:40.0580 0x0928  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:50:40.0630 0x0928  NetBIOS - ok
22:50:40.0677 0x0928  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:50:40.0729 0x0928  NetBT - ok
22:50:40.0741 0x0928  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
22:50:40.0754 0x0928  Netlogon - ok
22:50:40.0784 0x0928  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
22:50:40.0827 0x0928  Netman - ok
22:50:40.0874 0x0928  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:50:40.0890 0x0928  NetMsmqActivator - ok
22:50:40.0896 0x0928  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:50:40.0911 0x0928  NetPipeActivator - ok
22:50:40.0934 0x0928  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
22:50:40.0972 0x0928  netprofm - ok
22:50:41.0059 0x0928  [ 8F320BAF24A8F9252980C64349822B9D, D95A3D35E0FCA56F2A92BA6D6D2D4BB055B50143D88D6F590FAADDB654FAA660 ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
22:50:41.0125 0x0928  netr28x - ok
22:50:41.0144 0x0928  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:50:41.0158 0x0928  NetTcpActivator - ok
22:50:41.0163 0x0928  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:50:41.0178 0x0928  NetTcpPortSharing - ok
22:50:41.0192 0x0928  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
22:50:41.0206 0x0928  nfrd960 - ok
22:50:41.0259 0x0928  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:50:41.0297 0x0928  NlaSvc - ok
22:50:41.0313 0x0928  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:50:41.0348 0x0928  Npfs - ok
22:50:41.0362 0x0928  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
22:50:41.0390 0x0928  nsi - ok
22:50:41.0396 0x0928  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:50:41.0425 0x0928  nsiproxy - ok
22:50:41.0484 0x0928  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:50:41.0539 0x0928  Ntfs - ok
22:50:41.0548 0x0928  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
22:50:41.0577 0x0928  Null - ok
22:50:41.0619 0x0928  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:50:41.0635 0x0928  nvraid - ok
22:50:41.0669 0x0928  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:50:41.0684 0x0928  nvstor - ok
22:50:41.0717 0x0928  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:50:41.0738 0x0928  nv_agp - ok
22:50:41.0771 0x0928  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:50:41.0786 0x0928  ohci1394 - ok
22:50:41.0841 0x0928  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:50:41.0856 0x0928  ose - ok
22:50:42.0034 0x0928  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:50:42.0190 0x0928  osppsvc - ok
22:50:42.0238 0x0928  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:50:42.0276 0x0928  p2pimsvc - ok
22:50:42.0298 0x0928  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
22:50:42.0320 0x0928  p2psvc - ok
22:50:42.0341 0x0928  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
22:50:42.0358 0x0928  Parport - ok
22:50:42.0386 0x0928  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:50:42.0399 0x0928  partmgr - ok
22:50:42.0413 0x0928  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:50:42.0432 0x0928  PcaSvc - ok
22:50:42.0438 0x0928  pccsmcfd - ok
22:50:42.0481 0x0928  PcdrNdisuio - ok
22:50:42.0490 0x0928  PCDSRVC{4942F9C0-0B403F17-06000000}_0 - ok
22:50:42.0533 0x0928  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
22:50:42.0553 0x0928  pci - ok
22:50:42.0585 0x0928  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:50:42.0600 0x0928  pciide - ok
22:50:42.0639 0x0928  [ 1BEBE7DE8508A02650CDCE45C664C2A2, 67841EA7F1F6B7F19ABD38A004B23610A21AD5BD5E508EED16CC7856CBE44D9C ] PCLEPCI         C:\Windows\SysWOW64\drivers\pclepci.sys
22:50:42.0645 0x0928  PCLEPCI - detected UnsignedFile.Multi.Generic ( 1 )
22:50:45.0231 0x0928  Detect skipped due to KSN trusted
22:50:45.0231 0x0928  PCLEPCI - ok
22:50:45.0252 0x0928  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
22:50:45.0281 0x0928  pcmcia - ok
22:50:45.0295 0x0928  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:50:45.0309 0x0928  pcw - ok
22:50:45.0336 0x0928  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:50:45.0384 0x0928  PEAUTH - ok
22:50:45.0399 0x0928  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:50:45.0413 0x0928  PerfHost - ok
22:50:45.0471 0x0928  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
22:50:45.0541 0x0928  pla - ok
22:50:45.0580 0x0928  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:50:45.0608 0x0928  PlugPlay - ok
22:50:45.0688 0x0928  [ E16D133B889D989C6F74FD912B90A68A, E63FB23787FB4EC9A577636456F5F704111F8C20A4BF78714916495F817AC413 ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
22:50:45.0722 0x0928  PMBDeviceInfoProvider - ok
22:50:45.0768 0x0928  [ 71F62C51DFDFBC04C83C5C64B2B8058E, CAB12E6D27BE421BD5A3CB04066EA50303A3210332ECC4B5C03B5F19735FC857 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
22:50:45.0778 0x0928  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
22:50:48.0360 0x0928  Detect skipped due to KSN trusted
22:50:48.0360 0x0928  Pml Driver HPZ12 - ok
22:50:48.0381 0x0928  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:50:48.0395 0x0928  PNRPAutoReg - ok
22:50:48.0414 0x0928  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:50:48.0433 0x0928  PNRPsvc - ok
22:50:48.0455 0x0928  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:50:48.0494 0x0928  PolicyAgent - ok
22:50:48.0509 0x0928  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
22:50:48.0541 0x0928  Power - ok
22:50:48.0575 0x0928  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:50:48.0606 0x0928  PptpMiniport - ok
22:50:48.0627 0x0928  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
22:50:48.0642 0x0928  Processor - ok
22:50:48.0683 0x0928  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
22:50:48.0733 0x0928  ProfSvc - ok
22:50:48.0751 0x0928  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:50:48.0765 0x0928  ProtectedStorage - ok
22:50:48.0800 0x0928  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:50:48.0843 0x0928  Psched - ok
22:50:48.0904 0x0928  [ 07D57B890DD5693A6AB660CBAE8F91B4, 934895A41C116056E22FE3298418332A9F4280F96E96EEE06C977A4925395674 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
22:50:48.0916 0x0928  PxHlpa64 - ok
22:50:48.0971 0x0928  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
22:50:49.0023 0x0928  ql2300 - ok
22:50:49.0036 0x0928  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
22:50:49.0051 0x0928  ql40xx - ok
22:50:49.0078 0x0928  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
22:50:49.0101 0x0928  QWAVE - ok
22:50:49.0112 0x0928  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:50:49.0130 0x0928  QWAVEdrv - ok
22:50:49.0150 0x0928  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:50:49.0182 0x0928  RasAcd - ok
22:50:49.0199 0x0928  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:50:49.0230 0x0928  RasAgileVpn - ok
22:50:49.0242 0x0928  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
22:50:49.0275 0x0928  RasAuto - ok
22:50:49.0308 0x0928  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:50:49.0344 0x0928  Rasl2tp - ok
22:50:49.0387 0x0928  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
22:50:49.0424 0x0928  RasMan - ok
22:50:49.0437 0x0928  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:50:49.0469 0x0928  RasPppoe - ok
22:50:49.0478 0x0928  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:50:49.0510 0x0928  RasSstp - ok
22:50:49.0527 0x0928  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:50:49.0563 0x0928  rdbss - ok
22:50:49.0578 0x0928  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
22:50:49.0594 0x0928  rdpbus - ok
22:50:49.0610 0x0928  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:50:49.0639 0x0928  RDPCDD - ok
22:50:49.0651 0x0928  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:50:49.0680 0x0928  RDPENCDD - ok
22:50:49.0694 0x0928  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:50:49.0722 0x0928  RDPREFMP - ok
22:50:49.0805 0x0928  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:50:49.0830 0x0928  RdpVideoMiniport - ok
22:50:49.0864 0x0928  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:50:49.0893 0x0928  RDPWD - ok
22:50:49.0927 0x0928  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:50:49.0947 0x0928  rdyboost - ok
22:50:50.0025 0x0928  [ 20C2F1613EBCF66D0395C59076EE472E, E72DA9D55E3FDFA0D9B3F367B0E08D2E291A8D45C70B49EB8BF2C13F824AB933 ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
22:50:50.0039 0x0928  RealNetworks Downloader Resolver Service - ok
22:50:50.0063 0x0928  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:50:50.0109 0x0928  RemoteAccess - ok
22:50:50.0123 0x0928  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:50:50.0157 0x0928  RemoteRegistry - ok
22:50:50.0168 0x0928  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:50:50.0197 0x0928  RpcEptMapper - ok
22:50:50.0209 0x0928  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
22:50:50.0222 0x0928  RpcLocator - ok
22:50:50.0257 0x0928  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
22:50:50.0295 0x0928  RpcSs - ok
22:50:50.0308 0x0928  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:50:50.0340 0x0928  rspndr - ok
22:50:50.0371 0x0928  [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A, 9F6CFBE7E64A63E0AFEF546C4B8D889657B2055CE80279EA1B63EB5650E730F8 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
22:50:50.0389 0x0928  RTL8167 - ok
22:50:50.0402 0x0928  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
22:50:50.0415 0x0928  SamSs - ok
22:50:50.0475 0x0928  [ 99DF79C258B3342B6C8A5F802998DE56, BA9E343BF84F0C125896A402DDDEBCC52AD3A6E4573253AE1004FF7A9567F62D ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
22:50:50.0496 0x0928  SASDIFSV - ok
22:50:50.0511 0x0928  [ 2859C35C0651E8EB0D86D48E740388F2, 4AD913E558D51CDE4442C7F4BE42697AD91C0F34C92F2EA63B040830F97AAB77 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
22:50:50.0530 0x0928  SASKUTIL - ok
22:50:50.0563 0x0928  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:50:50.0591 0x0928  sbp2port - ok
22:50:50.0599 0x0928  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:50:50.0633 0x0928  SCardSvr - ok
22:50:50.0665 0x0928  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:50:50.0693 0x0928  scfilter - ok
22:50:50.0748 0x0928  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
22:50:50.0804 0x0928  Schedule - ok
22:50:50.0839 0x0928  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:50:50.0873 0x0928  SCPolicySvc - ok
22:50:50.0886 0x0928  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:50:50.0909 0x0928  SDRSVC - ok
22:50:51.0018 0x0928  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
22:50:51.0063 0x0928  SDScannerService - ok
22:50:51.0150 0x0928  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
22:50:51.0201 0x0928  SDUpdateService - ok
22:50:51.0226 0x0928  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
22:50:51.0258 0x0928  SDWSCService - ok
22:50:51.0283 0x0928  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:50:51.0318 0x0928  secdrv - ok
22:50:51.0357 0x0928  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
22:50:51.0386 0x0928  seclogon - ok
22:50:51.0398 0x0928  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
22:50:51.0428 0x0928  SENS - ok
22:50:51.0445 0x0928  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:50:51.0473 0x0928  SensrSvc - ok
22:50:51.0483 0x0928  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
22:50:51.0498 0x0928  Serenum - ok
22:50:51.0513 0x0928  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
22:50:51.0529 0x0928  Serial - ok
22:50:51.0560 0x0928  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
22:50:51.0574 0x0928  sermouse - ok
22:50:51.0607 0x0928  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
22:50:51.0638 0x0928  SessionEnv - ok
22:50:51.0667 0x0928  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:50:51.0684 0x0928  sffdisk - ok
22:50:51.0691 0x0928  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:50:51.0709 0x0928  sffp_mmc - ok
22:50:51.0718 0x0928  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:50:51.0734 0x0928  sffp_sd - ok
22:50:51.0743 0x0928  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
22:50:51.0757 0x0928  sfloppy - ok
22:50:51.0861 0x0928  [ 0E7BD62F073A572724A11D0A1F4AA4CA, C524C5FA28B345A0421C7AE3084CE9C049F1C4792EDB7FF040C098ED8AD797A0 ] SgtSch2Svc      C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
22:50:51.0902 0x0928  SgtSch2Svc - ok
22:50:51.0935 0x0928  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:50:51.0972 0x0928  SharedAccess - ok
22:50:52.0019 0x0928  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:50:52.0060 0x0928  ShellHWDetection - ok
22:50:52.0069 0x0928  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:50:52.0083 0x0928  SiSRaid2 - ok
22:50:52.0092 0x0928  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
22:50:52.0107 0x0928  SiSRaid4 - ok
22:50:52.0181 0x0928  [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
22:50:52.0222 0x0928  SkypeUpdate - ok
22:50:52.0240 0x0928  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:50:52.0285 0x0928  Smb - ok
22:50:52.0333 0x0928  [ E3E56CAF0472163871B922FC7CBC9654, 1D7208519DB904E1B27F8D5214CA219BD52AB8C1AB64F22F8959DC4E8955AD37 ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
22:50:52.0357 0x0928  snapman - ok
22:50:52.0383 0x0928  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:50:52.0396 0x0928  SNMPTRAP - ok
22:50:52.0495 0x0928  [ 3C1865D8E8C2DD9ADB29B1A21A8B1972, 4AA1E676545A52749325CB7EE3F24CAF550308804BE833F36A76A32E71BAC6CD ] SOHDms          C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
22:50:52.0522 0x0928  SOHDms - ok
22:50:52.0555 0x0928  [ FA4AC5624B245FA03D4CCBA9C48D385E, 3125359763D34EE51EB1125217050DB29045154E76673F7CFED25B6301C7EEBE ] SOHDs           C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
22:50:52.0568 0x0928  SOHDs - ok
22:50:52.0620 0x0928  [ C03E480E63A80D73FABE28D24D3B6B47, F8C68DC63A5492587F9343158348ADD99A99AF34DC7ED29E5562EE90C0AB8F25 ] SpfService      C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
22:50:52.0635 0x0928  SpfService - ok
22:50:52.0645 0x0928  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:50:52.0658 0x0928  spldr - ok
22:50:52.0719 0x0928  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
22:50:52.0754 0x0928  Spooler - ok
22:50:52.0862 0x0928  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
22:50:52.0972 0x0928  sppsvc - ok
22:50:52.0985 0x0928  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:50:53.0017 0x0928  sppuinotify - ok
22:50:53.0054 0x0928  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:50:53.0085 0x0928  srv - ok
22:50:53.0100 0x0928  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:50:53.0122 0x0928  srv2 - ok
22:50:53.0132 0x0928  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:50:53.0150 0x0928  srvnet - ok
22:50:53.0163 0x0928  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:50:53.0196 0x0928  SSDPSRV - ok
22:50:53.0209 0x0928  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:50:53.0239 0x0928  SstpSvc - ok
22:50:53.0283 0x0928  Steam Client Service - ok
22:50:53.0297 0x0928  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
22:50:53.0310 0x0928  stexstor - ok
22:50:53.0373 0x0928  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
22:50:53.0405 0x0928  stisvc - ok
22:50:53.0438 0x0928  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
22:50:53.0450 0x0928  swenum - ok
22:50:53.0481 0x0928  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
22:50:53.0524 0x0928  swprv - ok
22:50:53.0606 0x0928  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
22:50:53.0663 0x0928  SysMain - ok
22:50:53.0695 0x0928  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:50:53.0715 0x0928  TabletInputService - ok
22:50:53.0749 0x0928  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:50:53.0782 0x0928  TapiSrv - ok
22:50:53.0792 0x0928  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
22:50:53.0823 0x0928  TBS - ok
22:50:53.0915 0x0928  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:50:53.0975 0x0928  Tcpip - ok
22:50:54.0030 0x0928  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:50:54.0081 0x0928  TCPIP6 - ok
22:50:54.0118 0x0928  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:50:54.0132 0x0928  tcpipreg - ok
22:50:54.0147 0x0928  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:50:54.0166 0x0928  TDPIPE - ok
22:50:54.0236 0x0928  [ AC28A6FCA485821499FF018695CEDE16, 8BA6086EB1831FDEDB9E195EA7D5F2FE2B0944E4E0B0CDB41CD06971F7DAC805 ] tdrpman         C:\Windows\system32\DRIVERS\tdrpman.sys
22:50:54.0284 0x0928  tdrpman - ok
22:50:54.0316 0x0928  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:50:54.0343 0x0928  TDTCP - ok
22:50:54.0380 0x0928  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:50:54.0410 0x0928  tdx - ok
22:50:54.0449 0x0928  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
22:50:54.0466 0x0928  TermDD - ok
22:50:54.0520 0x0928  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
22:50:54.0573 0x0928  TermService - ok
22:50:54.0583 0x0928  TFsExDisk - ok
22:50:54.0601 0x0928  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
22:50:54.0617 0x0928  Themes - ok
22:50:54.0632 0x0928  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
22:50:54.0660 0x0928  THREADORDER - ok
22:50:54.0700 0x0928  [ DE604462206F7D8C203F767F425FCA8D, 149FBF6367C45415B939A9B1A7A10DA7A5E19F28CE533BCBE2B20DA4B78F8645 ] tib             C:\Windows\system32\DRIVERS\tib.sys
22:50:54.0741 0x0928  tib - ok
22:50:54.0758 0x0928  [ 8C750FE6DE38AF13506B99EC2F519F79, 232D18416E9DE3A676C625280CF172ED180B5AF98C69E5B24CC780D480549E35 ] tib_mounter     C:\Windows\system32\DRIVERS\tib_mounter.sys
22:50:54.0775 0x0928  tib_mounter - ok
22:50:54.0786 0x0928  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
22:50:54.0818 0x0928  TrkWks - ok
22:50:54.0870 0x0928  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:50:54.0903 0x0928  TrustedInstaller - ok
22:50:54.0933 0x0928  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:50:54.0947 0x0928  tssecsrv - ok
22:50:54.0979 0x0928  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:50:55.0015 0x0928  TsUsbFlt - ok
22:50:55.0096 0x0928  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:50:55.0151 0x0928  tunnel - ok
22:50:55.0170 0x0928  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
22:50:55.0185 0x0928  uagp35 - ok
22:50:55.0199 0x0928  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:50:55.0236 0x0928  udfs - ok
22:50:55.0246 0x0928  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:50:55.0262 0x0928  UI0Detect - ok
22:50:55.0298 0x0928  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:50:55.0315 0x0928  uliagpkx - ok
22:50:55.0343 0x0928  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
22:50:55.0362 0x0928  umbus - ok
22:50:55.0376 0x0928  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
22:50:55.0395 0x0928  UmPass - ok
22:50:55.0424 0x0928  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
22:50:55.0469 0x0928  upnphost - ok
22:50:55.0501 0x0928  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
22:50:55.0522 0x0928  usbaudio - ok
22:50:55.0558 0x0928  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:50:55.0586 0x0928  usbccgp - ok
22:50:55.0628 0x0928  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:50:55.0660 0x0928  usbcir - ok
22:50:55.0696 0x0928  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
22:50:55.0714 0x0928  usbehci - ok
22:50:55.0737 0x0928  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:50:55.0765 0x0928  usbhub - ok
22:50:55.0773 0x0928  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:50:55.0790 0x0928  usbohci - ok
22:50:55.0797 0x0928  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:50:55.0817 0x0928  usbprint - ok
22:50:55.0837 0x0928  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
22:50:55.0859 0x0928  usbscan - ok
22:50:55.0899 0x0928  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:50:55.0919 0x0928  USBSTOR - ok
22:50:55.0930 0x0928  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
22:50:55.0945 0x0928  usbuhci - ok
22:50:55.0956 0x0928  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
22:50:55.0985 0x0928  UxSms - ok
22:50:56.0003 0x0928  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
22:50:56.0016 0x0928  VaultSvc - ok
22:50:56.0046 0x0928  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:50:56.0058 0x0928  vdrvroot - ok
22:50:56.0105 0x0928  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
22:50:56.0155 0x0928  vds - ok
22:50:56.0166 0x0928  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:50:56.0183 0x0928  vga - ok
22:50:56.0187 0x0928  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:50:56.0216 0x0928  VgaSave - ok
22:50:56.0260 0x0928  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:50:56.0278 0x0928  vhdmp - ok
22:50:56.0302 0x0928  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:50:56.0316 0x0928  viaide - ok
22:50:56.0368 0x0928  [ 35E8A18D1C558D5C2FF2FFED2FD396F6, 5516AC03964DD33CF239AB3FB1D41BAB7454DB35FB38C45907614C3DB8F23391 ] vididr          C:\Windows\system32\DRIVERS\vididr.sys
22:50:56.0390 0x0928  vididr - ok
22:50:56.0438 0x0928  [ 0DCD5C8F2E0B3650C4A29F6569C074FD, 8FB24D79ADE1541C5DD6241A3395EF2E6575A8376111294CD5C87ECA798EDCFD ] vidsflt         C:\Windows\system32\DRIVERS\vidsflt.sys
22:50:56.0458 0x0928  vidsflt - ok
22:50:56.0475 0x0928  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:50:56.0489 0x0928  volmgr - ok
22:50:56.0526 0x0928  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:50:56.0546 0x0928  volmgrx - ok
22:50:56.0563 0x0928  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:50:56.0582 0x0928  volsnap - ok
22:50:56.0605 0x0928  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
22:50:56.0620 0x0928  vsmraid - ok
22:50:56.0710 0x0928  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
22:50:56.0775 0x0928  VSS - ok
22:50:56.0795 0x0928  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
22:50:56.0810 0x0928  vwifibus - ok
22:50:56.0841 0x0928  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
22:50:56.0859 0x0928  vwififlt - ok
22:50:56.0893 0x0928  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
22:50:56.0936 0x0928  W32Time - ok
22:50:56.0960 0x0928  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
22:50:56.0988 0x0928  WacomPen - ok
22:50:57.0012 0x0928  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:50:57.0043 0x0928  WANARP - ok
22:50:57.0046 0x0928  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:50:57.0074 0x0928  Wanarpv6 - ok
22:50:57.0170 0x0928  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
22:50:57.0213 0x0928  WatAdminSvc - ok
22:50:57.0272 0x0928  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
22:50:57.0349 0x0928  wbengine - ok
22:50:57.0362 0x0928  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:50:57.0384 0x0928  WbioSrvc - ok
22:50:57.0417 0x0928  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:50:57.0446 0x0928  wcncsvc - ok
22:50:57.0458 0x0928  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:50:57.0479 0x0928  WcsPlugInService - ok
22:50:57.0486 0x0928  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
22:50:57.0499 0x0928  Wd - ok
22:50:57.0542 0x0928  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:50:57.0575 0x0928  Wdf01000 - ok
22:50:57.0594 0x0928  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:50:57.0651 0x0928  WdiServiceHost - ok
22:50:57.0656 0x0928  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:50:57.0677 0x0928  WdiSystemHost - ok
22:50:57.0728 0x0928  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
22:50:57.0760 0x0928  WebClient - ok
22:50:57.0777 0x0928  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:50:57.0812 0x0928  Wecsvc - ok
22:50:57.0824 0x0928  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:50:57.0852 0x0928  wercplsupport - ok
22:50:57.0873 0x0928  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:50:57.0903 0x0928  WerSvc - ok
22:50:57.0914 0x0928  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:50:57.0943 0x0928  WfpLwf - ok
22:50:57.0958 0x0928  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:50:57.0972 0x0928  WIMMount - ok
22:50:57.0984 0x0928  WinDefend - ok
22:50:57.0990 0x0928  WinHttpAutoProxySvc - ok
22:50:58.0035 0x0928  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:50:58.0070 0x0928  Winmgmt - ok
22:50:58.0145 0x0928  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
22:50:58.0240 0x0928  WinRM - ok
22:50:58.0290 0x0928  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
22:50:58.0311 0x0928  WinUsb - ok
22:50:58.0343 0x0928  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:50:58.0390 0x0928  Wlansvc - ok
22:50:58.0509 0x0928  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:50:58.0571 0x0928  wlidsvc - ok
22:50:58.0612 0x0928  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
22:50:58.0626 0x0928  WmiAcpi - ok
22:50:58.0643 0x0928  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:50:58.0663 0x0928  wmiApSrv - ok
22:50:58.0673 0x0928  WMPNetworkSvc - ok
22:50:58.0686 0x0928  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:50:58.0720 0x0928  WPCSvc - ok
22:50:58.0768 0x0928  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:50:58.0798 0x0928  WPDBusEnum - ok
22:50:58.0817 0x0928  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:50:58.0854 0x0928  ws2ifsl - ok
22:50:58.0864 0x0928  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
22:50:58.0883 0x0928  wscsvc - ok
22:50:58.0885 0x0928  WSearch - ok
22:50:59.0016 0x0928  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:50:59.0080 0x0928  wuauserv - ok
22:50:59.0124 0x0928  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:50:59.0150 0x0928  WudfPf - ok
22:50:59.0174 0x0928  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:50:59.0199 0x0928  WUDFRd - ok
22:50:59.0222 0x0928  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:50:59.0237 0x0928  wudfsvc - ok
22:50:59.0269 0x0928  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:50:59.0311 0x0928  WwanSvc - ok
22:50:59.0355 0x0928  [ 74983ADDCA2D9618512C088D856D6615, C4592EFC1206BD813221814FD529AD38ED26E4AE086613EB95D3D5E20448A1F0 ] {55662437-DA8C-40c0-AADA-2C816A897A49} c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
22:50:59.0376 0x0928  {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
22:50:59.0389 0x0928  ================ Scan global ===============================
22:50:59.0399 0x0928  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
22:50:59.0437 0x0928  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
22:50:59.0449 0x0928  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
22:50:59.0468 0x0928  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
22:50:59.0489 0x0928  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
22:50:59.0495 0x0928  [ Global ] - ok
22:50:59.0495 0x0928  ================ Scan MBR ==================================
22:50:59.0513 0x0928  [ 0CF51F81580666A974CCACF6A1EE9168 ] \Device\Harddisk0\DR0
22:50:59.0770 0x0928  \Device\Harddisk0\DR0 - ok
22:50:59.0792 0x0928  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
22:50:59.0888 0x0928  \Device\Harddisk1\DR1 - ok
22:50:59.0917 0x0928  [ 0CF51F81580666A974CCACF6A1EE9168 ] \Device\Harddisk2\DR2
22:51:00.0128 0x0928  \Device\Harddisk2\DR2 - ok
22:51:00.0133 0x0928  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk5\DR5
22:51:00.0277 0x0928  \Device\Harddisk5\DR5 - ok
22:51:00.0278 0x0928  ================ Scan VBR ==================================
22:51:00.0279 0x0928  [ 435E4E7201719DC875600E965AD9AB93 ] \Device\Harddisk0\DR0\Partition1
22:51:00.0325 0x0928  \Device\Harddisk0\DR0\Partition1 - ok
22:51:00.0326 0x0928  [ B57E976640F4078E5AFECB508269D8D8 ] \Device\Harddisk0\DR0\Partition2
22:51:00.0367 0x0928  \Device\Harddisk0\DR0\Partition2 - ok
22:51:00.0369 0x0928  [ 4869DD14950D582AC91AC8957CE2AF48 ] \Device\Harddisk0\DR0\Partition3
22:51:00.0370 0x0928  \Device\Harddisk0\DR0\Partition3 - ok
22:51:00.0372 0x0928  [ BBDE2A92664935CADE0C4C0083E421D8 ] \Device\Harddisk1\DR1\Partition1
22:51:00.0441 0x0928  \Device\Harddisk1\DR1\Partition1 - ok
22:51:00.0444 0x0928  [ 5A2E3C19555BF704BCB6192CC4B0D434 ] \Device\Harddisk2\DR2\Partition1
22:51:00.0505 0x0928  \Device\Harddisk2\DR2\Partition1 - ok
22:51:00.0507 0x0928  [ F5F9268742C1CB27624ACA9F99EE0E88 ] \Device\Harddisk2\DR2\Partition2
22:51:00.0579 0x0928  \Device\Harddisk2\DR2\Partition2 - ok
22:51:00.0596 0x0928  [ 67A522315D2121DB864285C4322217E3 ] \Device\Harddisk2\DR2\Partition3
22:51:00.0661 0x0928  \Device\Harddisk2\DR2\Partition3 - ok
22:51:00.0664 0x0928  [ 431E55E71061ED80B0B4B9BC878926A2 ] \Device\Harddisk2\DR2\Partition4
22:51:00.0667 0x0928  \Device\Harddisk2\DR2\Partition4 - ok
22:51:00.0671 0x0928  [ B047E4F90482B22B56DEB7600B9EC78F ] \Device\Harddisk5\DR5\Partition1
22:51:00.0673 0x0928  \Device\Harddisk5\DR5\Partition1 - ok
22:51:00.0673 0x0928  ================ Scan generic autorun ======================
22:51:00.0712 0x0928  [ 554A50B5310E702029D3A675459108FF, 4757D5FFFAC7E73D4A3D931DB1399DDFDBD5811639BDA4517F886C21CC7F2574 ] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
22:51:00.0725 0x0928  hpsysdrv - ok
22:51:00.0762 0x0928  [ 63A648C5FEB5DE641E1174ACB6CF78C6, D8DF39416CA18F627FC7BADA420129852F9718188A851D0AE522AAFA2BFAFF21 ] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
22:51:00.0784 0x0928  SmartMenu - ok
22:51:00.0885 0x0928  [ DD79A6B15C2F28DE98DF4852AAF6B13B, 0F7E9023E0BA4B40E2DE9A9FA34E85FEAF72B93049AAB3E1D73AD046BB113E05 ] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
22:51:00.0898 0x0928  NCPluginUpdater - ok
22:51:00.0954 0x0928  [ F96C73D7D525174B80CFD865A5D7E083, 06E7ACA4B9496CF0505F623DC4516A893E7A70EA37EAB27EA943C8831D221F40 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
22:51:00.0974 0x0928  IAStorIcon - ok
22:51:00.0990 0x0928  [ 5516C26A6AF8EB4E2CAB48EC98A74398, 2BF161DE944090B3B3792AE8F5985FCB09744B3EE626E8253A3861D86284652D ] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
22:51:01.0000 0x0928  HP Software Update - ok
22:51:01.0025 0x0928  [ 30D7BB258A97BDA7C7E2EC63C23554AA, 83DFD5B0D0A2A53052F3E20809813B4D07185B12A734B5B5CD267CF04479EC36 ] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
22:51:01.0034 0x0928  Easybits Recovery - detected UnsignedFile.Multi.Generic ( 1 )
22:51:03.0646 0x0928  Detect skipped due to KSN trusted
22:51:03.0646 0x0928  Easybits Recovery - ok
22:51:03.0697 0x0928  [ 9B5E7EFF0485F39A9663314667D97049, 87F56BD7E309F34BB8D99DFA493B775FAA81DCC7B8D9BD8A9A4696398453AED9 ] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe
22:51:03.0712 0x0928  ATICustomerCare - detected UnsignedFile.Multi.Generic ( 1 )
22:51:06.0292 0x0928  Detect skipped due to KSN trusted
22:51:06.0292 0x0928  ATICustomerCare - ok
22:51:06.0337 0x0928  [ D2AEADFD998706B4216315B2BD3FA79E, D45634355B7733F9B6754A6FB80B7EC20C0D584A08E2F710DF612B393D96A8F9 ] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
22:51:06.0351 0x0928  ISUSScheduler - detected UnsignedFile.Multi.Generic ( 1 )
22:51:08.0945 0x0928  Detect skipped due to KSN trusted
22:51:08.0945 0x0928  ISUSScheduler - ok
22:51:09.0036 0x0928  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:51:09.0097 0x0928  Sidebar - ok
22:51:09.0117 0x0928  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:51:09.0137 0x0928  mctadmin - ok
22:51:09.0164 0x0928  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:51:09.0203 0x0928  Sidebar - ok
22:51:09.0208 0x0928  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:51:09.0225 0x0928  mctadmin - ok
22:51:09.0473 0x0928  [ C7C42AC946E25EC04BC671516A347FF9, 03DCB98F1764862A0DFC1B3A6CD34BA583DA512E8E4556E891A228832C0F8DE1 ] C:\Users\CH\AppData\Local\Amazon Music\Amazon Music Helper.exe
22:51:09.0609 0x0928  Amazon Music - ok
22:51:09.0616 0x0928  Waiting for KSN requests completion. In queue: 5
22:51:10.0616 0x0928  Waiting for KSN requests completion. In queue: 5
22:51:11.0616 0x0928  Waiting for KSN requests completion. In queue: 5
22:51:12.0676 0x0928  AV detected via SS2: G DATA INTERNET SECURITY, C:\Program Files (x86)\G Data\InternetSecurity\AVK\avkwscpe.exe ( 25.0.0.0 ), 0x41000 ( enabled : updated )
22:51:12.0677 0x0928  FW detected via SS2: G DATA Personal Firewall, C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe ( 22.0.0.1 ), 0x41010 ( enabled )
22:51:15.0117 0x0928  ============================================================
22:51:15.0117 0x0928  Scan finished
22:51:15.0117 0x0928  ============================================================
22:51:15.0122 0x0c24  Detected object count: 2
22:51:15.0122 0x0c24  Actual detected object count: 2
22:51:32.0992 0x0c24  LGDDCDevice ( UnsignedFile.Multi.Generic ) - skipped by user
22:51:32.0992 0x0c24  LGDDCDevice ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:51:32.0993 0x0c24  LGII2CDevice ( UnsignedFile.Multi.Generic ) - skipped by user
22:51:32.0993 0x0c24  LGII2CDevice ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
Das wäre dies.

Ilivid habe ich deinstalliert.

Dein Link zu dem Process Explorer funktioniert irgendwie nicht.
__________________

Alt 30.01.2015, 08:45   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Pup.optional.bandoo, Pup.optional.ilvid - Standard

Pup.optional.bandoo, Pup.optional.ilvid



https://technet.microsoft.com/de-de/.../bb896653.aspx

schau mal hier, oben rechts im Eck ist der Download.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 30.01.2015, 18:15   #5
Medi
 
Pup.optional.bandoo, Pup.optional.ilvid - Standard

Pup.optional.bandoo, Pup.optional.ilvid



Okay, danke. Ich muss mir das mal in Ruhe anschauen.

Sind denn die beiden Dateien von dem Tdsskiller okay? Sind noch Trojaner drauf oder ist jetzt wieder alles in Ordnung?


Alt 31.01.2015, 10:36   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Pup.optional.bandoo, Pup.optional.ilvid - Standard

Pup.optional.bandoo, Pup.optional.ilvid



Wir müssen noch bissl Adware entfernen, aber ich will erst die Last sehen.
__________________
--> Pup.optional.bandoo, Pup.optional.ilvid

Alt 01.02.2015, 15:30   #7
Medi
 
Pup.optional.bandoo, Pup.optional.ilvid - Standard

Pup.optional.bandoo, Pup.optional.ilvid



Also ich weiß jetzt nicht genau, welchen Screenshot Du wolltest. Ich hab Dir einfach mal von der "Startseite" zwei gemacht. Zu dem Zeitpunkt war nur das Snipping Tool offen.

Ich habe mit dem Adwarecleaner ein bisschen was gelöscht.

Ferner hat GData einen Virus namens roboot64.exe gefunden und entfernt.
Miniaturansicht angehängter Grafiken
Pup.optional.bandoo, Pup.optional.ilvid-1.jpg   Pup.optional.bandoo, Pup.optional.ilvid-2.jpg  

Alt 01.02.2015, 18:28   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Pup.optional.bandoo, Pup.optional.ilvid - Standard

Pup.optional.bandoo, Pup.optional.ilvid



Ich sehe im Screenshot nix was viel Arbeitsspeicher der CPU braucht.



Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.02.2015, 23:23   #9
Medi
 
Pup.optional.bandoo, Pup.optional.ilvid - Standard

Pup.optional.bandoo, Pup.optional.ilvid



Bitte schön. Ist jetzt alles in Ordnung?

Noch eine Frage: Da ist ein Programm in meiner Taskleiste: Haali Matroska Splitter. Ich kann mich nicht erinnern, das installiert zu haben. Wenn ich es anklicke, kommt eine Fehlermeldung. Bei den installierten Programmen erscheint es nicht. Kann ich es einfach aus der Taskleiste löschen?

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Premium x64
Ran by CH on 01.02.2015 at 20:11:09,24
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\Alawar
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{01459ACC-1F2E-4849-876B-FB986540E579}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{0284C3CC-C5B3-44DB-AB3A-0D888A353AE0}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{044E75B9-6E9E-4A65-95EA-819EDF5ADC24}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{05544D54-B24F-4F5C-AE9D-697EA87F6674}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{05C8595B-122D-48ED-8900-96CA430FD441}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{0629E2E6-C5C6-4067-9D87-BA2762747C02}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{06F090D2-BFD0-4120-82B9-EBFAA3C8B8F5}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{07973530-8EBE-48FD-9228-D55FE80B7081}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{08E258B4-DB64-4AB3-BB3A-475816B2A36F}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{0A3CAB59-E1DA-4EC9-85F0-F8FA2AD7D340}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{0B019D82-9A75-4C80-A520-7C8CC9354B66}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{0C17536A-571F-40A7-9DD0-90803473D35B}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{0D815AD4-3B96-49DB-89F9-6B3BFD9DD6C6}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{0DA29A0B-78C2-4271-B32C-4E5690F0EC5D}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{0DFFB6D5-B898-4CAA-A102-8D08D4B5F78B}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{10422DF1-8CC7-485C-BF85-D0DB39D9550F}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{10DED4F9-F5E5-4E1A-A591-E52F79262D7D}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{1127F815-DBD2-4DA3-B0E6-84FFF03D8BB9}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{12431B3C-63ED-45C2-A2EB-54E53CA9E6D9}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{12B6E642-B98B-4471-99C7-A2C761B29FE3}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{12D9507A-22B5-497B-9E1B-63B9A8F06412}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{14A4A22F-06AE-40F4-8296-0E2544E2A84B}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{14F4BAD2-6D87-4ACE-B34B-EC4D97DAFF09}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{152F91D8-7BA5-4D76-914B-F43DAB525E71}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{158C4EE2-79BD-4E6E-9F81-6D87B6EDCEFE}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{162F172A-E5AF-45A2-B03F-7F7803F6B044}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{18392ACE-A805-4B4A-88D1-BEC1451C66DB}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{1A56A0D6-1EAC-4261-9412-50AA56805035}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{1C0436F3-8A06-495F-8593-1CE3C45D5DD2}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{1D046B63-7589-475F-930C-58A2E5741DCA}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{206F7D70-C179-42EC-A0C1-9B5F7859B310}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{22A69B03-A902-4A3C-A566-25C0D23C45C8}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{22BE0F21-ADF5-4998-A41A-90B580E98AC0}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{2545D307-666E-4478-B7C3-0DF11D9A5B2F}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{26A64AE7-8A30-4D35-BA64-1372903034A3}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{27C5ED20-DEF9-48E1-AACA-96BABCD71E6E}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{28B3BD89-AB6B-4721-9CF1-8CCB7FA97680}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{28BAE557-B7DB-4726-B140-B451D5B7BE7A}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{2BA05F23-9853-4DF0-9932-879DF9F230AF}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{2C38037B-1264-4859-863C-61D5D811D90E}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{2C6D927A-796F-4A06-A373-F411BF2784DF}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{2CF5C0BE-BB3E-4A61-8BBA-95BC09BEBDFA}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{2D4CE853-1A6D-4F19-B557-38C998C0B22C}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{2E25D368-9CFC-4C09-9181-690BC6065245}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{30193EB6-1CE1-4822-A6A4-3F7B0C56D2E7}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{30520B17-2623-4C15-A1A2-CC7227774BB7}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{31648930-3691-4D4C-BEC5-480258E13C77}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{32B6393F-6290-41AD-A8B4-EF24ECF57D7D}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{34721BE6-807B-4772-BA64-E1B214C68F15}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{352804E3-D44A-4288-A0B6-EE8830280686}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{3584D1FE-A185-46F4-9B75-B76EE8E2FC7F}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{3626194C-090B-4126-9DDE-B0ED56128CBF}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{362E3C39-D6D8-494C-B85C-79B06255F7EF}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{363B6B41-DBB7-45F5-AF1E-03BD1A37A0A0}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{377A29EC-3C76-4DBC-BEAA-8081D98417E7}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{37892373-B6F8-44ED-9B1A-A6E09DF63B56}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{3ACAD816-9B5C-4F6A-A8C5-DB8F1B758CF1}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{3BB79269-E29F-4E41-9A9A-00DA9045CA88}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{3C6F25A7-B372-46E3-8E46-CD4D50D90B27}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{3CA2C844-5AC8-495C-B4F4-B63857002274}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{3CB2A79E-A817-4722-BBC0-635B8ED50464}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{3D909B54-8B97-4AB4-9B03-A0CAEE3A614A}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{3F42AD94-5583-40CB-A037-D2D8B4C2CB21}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{3F69B1D5-7986-4BCD-8F52-902C1242A0C9}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{40242136-1B53-41B7-9A6B-E5E658589D76}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{404D6332-5D5D-47E3-B714-3A65FCA5CBD8}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{4076ECB6-77A5-47DB-A8B3-198F6CBB58AB}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{41EB29AD-B22E-4170-A742-1E09362A2A1A}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{4225A356-7E14-4807-A800-C53D12090C2B}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{427AEDF5-DBAA-4B6D-9DD4-4153C44B24E0}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{42F2941F-9EDF-4C97-9F83-B6F8FDC705C1}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{4301B2AB-8D99-43F0-8A71-DBBF3C414E86}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{44373121-6BB8-49C0-A2F8-393166B76741}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{44764842-028C-4426-8187-2499873993AD}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{44D0EF00-FC6D-4B50-8DAA-509D1263F085}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{4511928D-CC48-46F8-AC77-E8808E384CC0}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{46C7095C-EBEE-44BF-883F-9F91859E383B}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{4905FDC9-02D6-4A1A-84D8-47C72CF0B9E9}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{49B617F6-280D-4133-B212-5FA91C780E77}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{4AC77923-F6F7-4B98-8C6B-2725503DD1C8}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{4B9514F3-6410-40E8-A56C-D1DAD49A07D4}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{4C467AD4-BF3B-401E-A37F-26C3F3FC32FE}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{4C75DB50-2AFC-4BDD-B272-9F4C161BD088}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{4D539B48-F3CD-4A50-840C-7C83097F2D90}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{4DA1E834-2A55-4034-8F1A-18FED7CEE255}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{4F972610-37FB-49E4-960F-933FEA5418BE}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{5259E7AC-2F9A-4601-AC92-ED35404D29A4}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{53BF3889-AABD-49FF-9652-1F3924EE72ED}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{5436B465-618E-4A21-B4AC-0BE9BF6952DF}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{55E49680-12CA-4D34-828D-3604EA8A6B82}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{5848E148-34AC-427F-9DCE-1B6FAE71603F}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{587F8158-3145-4D75-A67B-8BEAF14A9375}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{58D6BE05-AD30-42B1-9682-E420B577DEB5}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{5A8C6CED-0E19-45C8-A481-AD76CBD575B0}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{5B58B0CB-0F75-485F-A971-D0B3D796281B}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{5B99C4C9-8912-4A96-B4EA-A6828963B773}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{5BE52168-0C0C-46D6-942A-A1C0BC1DB77A}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{5C6B9D46-C29F-4BB9-A2A9-A0C199A69D89}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{5D4A8EEF-49CC-47FD-AFD7-42E7DD3FE0B2}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{5EA2FBF9-36AA-4339-80A9-60DEF2C21F31}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{5F64DBB4-45CA-4F8C-8F4E-CFA7688D9D41}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{6020134A-7FAA-4551-B9FF-CC7497960CB4}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{616154CF-79D0-4BEF-A4FE-87802DBF597B}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{6267EE50-DD8C-479D-B987-48C82C26289E}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{652C602A-8956-46BC-8A28-DFA7CE726B0D}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{656BBCE7-ECA2-4297-8C27-89846221C403}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{657A6517-9439-44AE-A01A-F58B0EE3B12B}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{662F76DC-13D0-4469-9719-441B519E6BCA}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{669CEE23-8AB6-41EA-A59A-C402ECDA1A4A}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{66E8D2A8-591C-4C6C-BCED-88E0B8B4E464}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{66F829A1-C1EB-474E-B77F-9A25A6B69E34}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{67A89849-58B9-476F-898E-2CE9C83D3AF5}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{68C5C8C2-E16E-461B-9CE4-D86CD219D365}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{6A51D16D-23FB-4E90-9049-FCFD8FEB95EB}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{6A62F3D1-3828-4906-AB44-3A01C92FB4EF}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{6AA7E309-53B8-4FBC-BF9D-8620D2B63175}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{6B3F7983-2D6F-4056-B405-EE2429D2222B}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{6B641872-CA18-4565-82F2-440279784ED3}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{6C8BE2E9-E470-4ED5-BDC5-1CF8F16B4982}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{6E8F7F75-0612-4F58-9426-F8AB72BB2876}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{6FDDE6D9-DA3D-435D-91EF-0B71B4E93F28}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{6FEAE9AE-3E14-496C-B676-65F71ED5BF21}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{7394DAE3-35BB-4F9E-875B-CD3DFBB1924D}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{73AA8CB3-B039-4EF6-B63D-95D05068D3ED}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{7434B8D8-B06F-49B9-973B-659B54255D76}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{746AAEF4-669B-4A97-9C76-C6D4FA5E5DAF}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{75D37C52-2A8B-4927-A303-8F2D1DD59C4B}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{77B0DED1-657F-4124-B916-67C808C8C748}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{785BEE3F-4647-4C6D-911A-421933C70FAC}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{7A1938B0-D923-4CFF-BB67-B2689D76501E}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{7A984A0F-B53A-4565-AC85-97636AE58B11}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{7AEE4DC2-DC37-4857-A8DD-59E1D7EC76DA}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{7B9AA2EC-EFF1-4662-AC36-46F189B5108D}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{7BA291B2-D02F-4876-853D-7BEA2AFF3A52}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{7FA57FBB-792F-43D6-B123-3368A7367320}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{801675ED-88C8-480F-93C6-FF9AB71B4F35}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{80E8DC9D-87B2-48E3-AE4C-E865BE250A7F}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{81007F4D-93FD-4551-AEF5-448F09B8F971}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{812EAA87-DCD6-44C4-92EB-BF582E4D8DD9}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{81E53263-B568-4356-A5B2-2C5E20F4B0B6}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{84633325-B534-48B7-A1F4-1EA4470E7684}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{85455316-0758-42BC-A57E-DC185E96B059}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{8774A46D-FBF1-4A89-BB21-404880FE470D}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{8803D1D6-EF39-4129-958A-9622123BDAF2}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{89F0497A-F785-456A-AE22-72C934F40D9C}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{8B43C196-E350-453E-9897-9D6A42D120DA}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{8C533DA2-26A4-40DF-8AFA-B42437169D73}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{8EC35608-96F4-47D0-AE62-276659A23B06}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{9459DBCF-1484-428E-A5AB-00763046BD61}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{976B6D51-D535-4B17-AD84-507414E05055}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{97A153BD-5930-4BEA-95C3-FA0BCBAB02E1}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{97D40391-00E0-4232-8966-A74ED0BE1B3A}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{97EF7DA2-BF83-4289-B342-922988DB3EE1}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{9848C3A7-25FB-40F9-9261-4ADD7BE4ABAC}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{986C5DF0-FB43-4155-8589-91798F0E94CA}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{99A724F2-FD97-4158-95B1-5530FF63988A}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{9D2F5830-76D4-4A02-B060-2E88E66D5FFF}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{9D576F85-1244-4AA4-80AD-2C3F37BBA46E}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{A38F9599-0A9A-4DE2-ADA9-26CF328128E7}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{A3F3F620-1DF4-4EF2-B94B-EB85CD9BE189}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{A44C380A-E548-4334-9CB8-4CD159FC38A0}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{A4662FA0-5A45-4EB3-981A-52B9FCE13CEF}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{A5EC8773-5EA4-4AD9-A569-3A54686F3756}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{A77A0815-FA27-42BF-B76F-69053B4AF917}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{A9411BF8-C921-4BEB-A92E-429C039C0AD0}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{A972FDA9-4D84-428C-8EBF-5C0096CF1524}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{AA8A547F-C8E0-405A-8BE3-9608C14CF84E}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{AB751D27-DEF2-44AE-98AC-3B48C911FB0D}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{ACCBC905-8CDD-4910-A198-8F005953FD4D}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{AD0DBDE9-507F-4009-84E9-A6513E808034}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{AD96AFFD-BCAC-4FA0-A667-D2D0A56716A0}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{AE1A5831-0521-4670-B888-DDB3C5A8EF8D}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{AF8E2B76-7635-4418-A3E8-67FFB2D351D9}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{B0270F3C-6E02-464C-AD57-0E7EC038DB21}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{B1227498-6CA2-4478-8C8B-4E762E436F31}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{B1C5CD5F-9FC8-4255-B42F-03EEC1F074D7}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{B20500A9-ED78-4BA0-964B-1751100C6E29}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{B241C376-F04C-4E28-9972-056703201767}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{B2DF319F-8B88-40DD-A132-B678E7AECD04}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{B3229765-F3C4-469D-A4BF-E8271737413D}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{B39A7513-85BD-402C-A9B7-60296EB6A8C5}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{B4216ACD-2D70-4DBD-A117-C0CE1509C6E7}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{B65EFFD3-406B-4301-AC54-55094E609382}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{B67B36CD-ADE8-4FEF-A851-A4D91A81EE2C}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{B6C67F75-6552-4B57-AF6E-A5574B74C712}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{B7C37408-F3AA-4451-9FCE-887BC04148C5}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{B80C223A-ECC6-44F4-ACED-E31E7EBDA322}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{B87C6089-F3B7-4312-9C37-2B23E2F506E6}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{B9BD512E-79D3-4D7D-AFB9-7F0D3CA05E45}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{BC348329-DA2E-4F66-A300-20D1670FA67A}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{BCFA33C6-65BA-4D8B-B101-E97EB8C4F805}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{BD2D9BC8-5604-46C7-8893-7DCD0B27B7B9}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{BD8E9428-03FE-44F4-A72E-CABBBC339B10}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{BDD187FB-4507-4E4A-A8C8-1104EA501157}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{BE25C39C-4BFF-413E-A5AB-824F7C8F9EC7}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{BEB15000-6281-43B0-8CCD-AB2ABE5AB49D}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{C0DCF13A-8B1D-4348-8594-755E584DD1FD}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{C0F601B9-345D-46A1-B5D9-D7162115CAD1}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{C11F38BD-96C7-463C-9110-9F11388435CD}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{C149FCD0-BE06-4811-8C26-FBCF317301CB}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{C1A2F6DE-440F-4228-8F88-ED53052968F5}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{C34971C0-9FFD-4371-8296-FE8A41BA4858}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{C3A5141F-8485-4603-A7DD-4D3FFD657BC0}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{C48807DE-2B99-47A2-A6BD-18BAA00BEA0F}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{C517479E-C344-4EDE-80F5-A0D1F1502AB6}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{C555F5F9-66B8-4613-A3AD-155820608762}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{C81CD3A5-3020-4E56-9256-1BAF9F1BC743}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{CA224066-9C2F-4FE5-BF13-05F0B5930724}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{CA76512D-C6E9-4F17-B51C-C3E259D26285}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{CB1779D6-ACB3-4341-B772-84DEBDC535F1}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{CD79F87A-44D4-4F2B-98E4-62B69F8BD6B1}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{CE8B2B03-E346-4030-800B-26CBC0F85C56}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{CEE2EC86-5D49-49F1-A3EE-4FFD26355F61}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{CF83857C-611B-4A10-AEE8-FFDC71D26608}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{CFC14398-FA11-4027-B5C4-BD4A50F02FB9}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{CFD93D6B-FAF9-42E4-992D-A9F90C01B406}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{D0499A5B-6BDA-47A3-A628-339174284B81}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{D0D75590-EA63-4BB6-AB72-C483447916B1}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{D1A5C450-55C2-4DE9-9445-8008A2246BCB}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{D363256B-9A18-4374-A8A3-881D83F3A03F}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{D64D0967-038F-40FA-BE03-47139F454157}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{D680CB5F-5C6F-4519-946B-C45A0C633312}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{D6E151CA-9592-4A4C-9AD7-AE0FEB5924D7}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{D75DFD32-CF5D-46B5-B191-DD991243B067}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{D77FD41F-B659-494C-8B92-27BE39392CCA}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{D7F2A7DE-830C-4183-A2B6-D58DF0FF9B34}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{D7FAB87B-A144-4D58-8696-B7D014CEBE57}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{D8211C08-7FD9-46B1-9206-82DB9E631EE5}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{D85C8010-207E-470C-B1F8-D7DFA5341487}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{D8D0AB06-271B-441B-8136-E806BEB253F7}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{D9536ECC-F0F9-412A-AAA1-1F99D7963AC7}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{DB1EB457-32C7-43BE-A9A5-2463490505C2}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{DB709E0F-E78D-4AA0-855A-3C3B9A40F6D8}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{DB73C1D8-C635-4EDD-AFDA-87CC00DA1C4B}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{DBDBCE2E-A5C0-4FE3-9EA0-2D8967F0EEE4}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{DCB24580-5E07-46E7-B4DC-0DEE6E12AE2D}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{DCD7549C-27C9-41A3-AFA7-09243D2004F1}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{DD61E3DC-BDF1-4F84-A351-59DB5260F46A}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{DE957A3F-BAFE-41AE-BD63-04910029532E}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{DE9AB5F3-A2A2-4842-AB03-0FE92E0E04E6}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{DEDEE45E-BF71-4197-8F17-F68908A05AB0}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{DFDE9829-C597-4524-841E-BACE0A7AA5E3}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{DFEB931F-1F1D-49AF-9BA2-55D32AFF1E08}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{E03E5965-9F43-4561-ACF3-4E9F9869037D}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{E18581D6-867C-4C29-9CB0-28436F0C5AC6}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{E1C2B348-2C5B-4154-A660-F34FC8CBA402}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{E31A2036-E1F4-4591-A3FD-9B7D96F27D7A}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{E3B1671B-FF8E-4786-A90C-A45518658E4D}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{E45C358D-7EE2-4816-AF31-1FF4021D8BA1}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{E4B9000A-D6E4-4470-9CE8-987925E22252}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{E5480083-5273-4EE8-9799-56D551F9302B}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{E6A2D761-4E1C-4BEA-A658-F94D3680D02C}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{E6BE93BC-5BCD-4F98-8D70-F1EBDF44F2C9}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{E76B1F72-5A12-4D6C-AFFB-81CD1307702A}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{E77B80B5-1BBA-472B-8C7C-079DAE58F324}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{E7ECC764-F9D8-4279-A8E9-E726118160ED}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{E9D25570-40F9-4E8E-95DC-70DCB73DB6AB}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{EB9D34A5-2408-4EE9-B17F-60C585049660}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{ED20F723-1F74-4735-AAD5-B9B78AAF016C}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{ED2DBF25-E55A-42D2-9500-78481A618780}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{EDC7770E-48A6-47D4-A830-C4B138C1124C}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{EDFB0FF1-6911-496B-931D-5ADF7D21F0B7}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{EE533D01-0A25-458E-82B6-16BD03F9FFCB}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{EE9C7D14-93A3-4EBD-A361-D3113A772904}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{EF2AE278-1001-4233-B451-3F367F99C47C}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{EF2D29A1-CE3B-4974-A743-19FAB802A507}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{EFCBAFEE-0216-4018-8A5D-D322CD22EDF9}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{EFE63784-E371-425C-8643-F6244B129D6A}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{F001F332-1EBB-4483-9693-DC741459CEBF}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{F29D5804-6BE5-4F7D-A897-DC4FE966D334}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{F29D7C51-411E-4734-BAD1-F0372B8718C1}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{F35280AA-C557-4284-A37B-FCB6BB7289B4}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{F41D3C57-431E-40C6-AB5F-8C5A92B03D65}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{F846C67F-D589-4C1D-B4C0-02F260016124}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{F8C4B794-FEA8-42E4-AC7A-E95186764A6F}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{F9533D42-5323-4AE9-828E-B8278E0EBE96}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{FAC5E6E5-9F43-4504-B7E7-E69F9C35D354}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{FAC98B34-5173-47DE-8F0A-A21539AD8D1C}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{FC3AEE8E-0A39-4933-BDD0-C20CF5F3C7E4}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{FDA91FAB-CDCF-4D02-87FE-E5FA925685B0}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{FE6AE70E-527C-4EFC-AB9F-21B3C7806FC7}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{FE8ADA41-C84A-47B6-9F2E-1C53DB0FF34B}
Successfully deleted: [Empty Folder] C:\Users\CH\appdata\local\{FF846848-8A66-4B22-99EE-CC303D47DD90}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.02.2015 at 20:16:10,62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by CH (administrator) on CH-HP on 02-02-2015 00:17:37
Running from C:\Users\CH\Downloads
Loaded Profiles: CH (Available profiles: CH)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Browser7)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
() C:\Program Files (x86)\LG Soft India\forteManager\bin\Monitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [568888 2010-01-18] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-29] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2010-01-25] (EasyBits Software AS)
HKLM-x32\...\Run: [ATICustomerCare] => C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [311296 2010-05-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1756792 2014-05-20] (G Data Software AG)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [295512 2015-01-19] (RealNetworks, Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
HKLM\...\Winlogon: [Userinit] C:\Windows\System32\Userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-3869574007-4155416212-3619733498-1000\...\Run: [Amazon Music] => C:\Users\CH\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-3869574007-4155416212-3619733498-1000\...\MountPoints2: {d0b7bff5-ce79-11df-8c32-806e6f6e6963} - F:\Launcher.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\forteManager.lnk
ShortcutTarget: forteManager.lnk -> C:\Program Files (x86)\LG Soft India\forteManager\bin\Monitor.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3869574007-4155416212-3619733498-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> {F07F94CD-C87B-4CB7-8A1A-209F96B139B9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {F07F94CD-C87B-4CB7-8A1A-209F96B139B9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3869574007-4155416212-3619733498-1000 -> {F07F94CD-C87B-4CB7-8A1A-209F96B139B9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: HKLM-x32 {CA47E69B-B484-44C1-8E29-19B6B2694810} hxxp://games.bigfishgames.com/de_fashion-fortune/online/axcontrol.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {DB28CF23-0083-40B5-BF63-69925D672385} hxxp://www.nero.com/doc/NeroVersionChecker.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  No File
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2010-06-19] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @real.com/nppl3260;version=16.0.4.19 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.4 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.4.19 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3869574007-4155416212-3619733498-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101727.dll (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-3869574007-4155416212-3619733498-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-07-07]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2015-01-19]
FF HKLM-x32\...\Firefox\Extensions: [{1B12EF76-2B5E-4DA1-B587-4762D49BFE03}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKU\S-1-5-21-3869574007-4155416212-3619733498-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [128752 2010-06-29] (SUPERAntiSpyware.com) [File not signed]
R2 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2014-08-31] (Adobe Systems Incorporated)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2250360 2014-10-14] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2683760 2014-05-20] (G Data Software AG)
S3 Browser7Maintenance; C:\Program Files (x86)\Browser 7 Maintenance Service\maintenanceservice.exe [114488 2015-01-30] (Deutsche Telekom AG)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-01-25] (EasyBits Software AS) [File not signed]
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3228136 2014-08-21] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700536 2014-05-20] (G Data Software AG)
R2 hasplms; C:\Windows\system32\hasplms.exe [4412872 2012-08-23] (SafeNet Inc.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
S2 PCLEPCI; C:\Windows\SysWOW64\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH) [File not signed]
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2014-06-24] (Sony Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2014-08-12] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [60488 2013-08-09] (SafeNet Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [303624 2013-08-09] (SafeNet Inc.)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [55808 2014-10-07] (G Data Software AG)
R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2014-10-23] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [142336 2014-10-07] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [64000 2014-10-07] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64512 2015-01-13] (G Data Software AG)
S1 GLogin; No ImagePath
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2014-10-07] (G Data Software)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331608 2014-07-15] (SafeNet Inc.)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [61440 2014-10-07] (G Data Software AG)
S3 LGDDCDevice; C:\Program Files (x86)\LG Soft India\forteManager\bin\I2CDriver.sys [14336 2008-12-12] () [File not signed]
S3 LGII2CDevice; C:\Program Files (x86)\LG Soft India\forteManager\bin\PII2CDriver.sys [18432 2008-12-12] () [File not signed]
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14920 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12360 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-10-10] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2014-10-10] (Acronis)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-10-10] (Acronis International GmbH)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2010-03-03] (CyberLink Corp.)
S3 ALSysIO; \??\C:\Users\CH\AppData\Local\Temp\ALSysIO64.sys [X]
S3 ATIXPGAA; \??\C:\Program Files\PC-Doctor for Windows\ATIXPGAA.SYS [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 PcdrNdisuio; syswow64\drivers\pcdrndisuio.sys [X]
S3 PCDSRVC{4942F9C0-0B403F17-06000000}_0; \??\c:\pcdr5\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-01 20:16 - 2015-02-01 20:16 - 00029961 _____ () C:\Users\CH\Desktop\JRT.txt
2015-02-01 20:10 - 2015-02-01 20:10 - 01707939 _____ (Thisisu) C:\Users\CH\Downloads\JRT.exe
2015-02-01 20:10 - 2015-02-01 20:10 - 00000000 ____D () C:\Windows\ERUNT
2015-02-01 20:06 - 2015-02-01 20:06 - 00000000 ____D () C:\Users\CH\Downloads\FRST-OlderVersion
2015-02-01 02:16 - 2015-02-01 02:16 - 00002744 _____ () C:\Users\CH\Desktop\AdwCleaner[S1].txt
2015-02-01 00:33 - 2015-02-01 00:33 - 02194432 _____ () C:\Users\CH\Downloads\AdwCleaner_4.109(1).exe
2015-01-30 00:19 - 2015-01-30 00:19 - 01188194 _____ () C:\Users\CH\Downloads\processexplorer.zip
2015-01-29 22:37 - 2015-01-29 22:38 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\CH\Downloads\tdsskiller.exe
2015-01-29 22:30 - 2015-01-29 22:30 - 00001230 _____ () C:\Users\CH\Desktop\Revo Uninstaller.lnk
2015-01-29 22:30 - 2015-01-29 22:30 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-29 22:29 - 2015-01-29 22:29 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\CH\Downloads\revosetup95.exe
2015-01-29 19:32 - 2015-01-29 19:32 - 00001555 _____ () C:\Users\CH\Desktop\malw.txt
2015-01-29 19:18 - 2015-01-29 19:18 - 02194432 _____ () C:\Users\CH\Downloads\AdwCleaner_4.109.exe
2015-01-29 19:11 - 2015-01-29 19:12 - 00068479 _____ () C:\Users\CH\Downloads\Addition.txt
2015-01-29 19:10 - 2015-02-02 00:17 - 00023851 _____ () C:\Users\CH\Downloads\FRST.txt
2015-01-29 19:09 - 2015-02-02 00:17 - 00000000 ____D () C:\FRST
2015-01-29 19:09 - 2015-02-01 20:06 - 02131456 _____ (Farbar) C:\Users\CH\Downloads\FRST64.exe
2015-01-25 15:40 - 2015-01-25 15:53 - 00000000 ____D () C:\Users\CH\Desktop\auf anderen FPS löschen
2015-01-24 11:45 - 2015-01-24 11:44 - 00146432 _____ (Oracle Corporation) C:\Windows\SysWOW64\javacpl.cpl
2015-01-20 00:23 - 2015-01-20 00:23 - 00000000 ____D () C:\Users\CH\restore
2015-01-20 00:19 - 2015-01-20 00:19 - 00001013 _____ () C:\Users\Public\Desktop\CEWE FOTOSCHAU.lnk
2015-01-19 20:11 - 2015-01-19 20:11 - 01633192 _____ () C:\Users\CH\Downloads\setup_Mein_CEWE_FOTOBUCH(1).exe
2015-01-19 20:11 - 2015-01-19 20:11 - 00000000 ____D () C:\Program Files\CEWE
2015-01-19 14:24 - 2015-01-19 14:24 - 00001320 _____ () C:\Users\Public\Desktop\RealPlayer.lnk
2015-01-19 14:24 - 2015-01-19 14:24 - 00000000 ____D () C:\ProgramData\RealNetworks
2015-01-19 14:24 - 2015-01-19 14:24 - 00000000 ____D () C:\Program Files (x86)\RealNetworks
2015-01-19 14:19 - 2015-01-19 14:22 - 39317088 _____ (RealNetworks, Inc.) C:\Users\CH\Downloads\RealPlayer1604_de.exe
2015-01-18 00:12 - 2015-01-18 00:12 - 00000191 _____ () C:\spam.log
2015-01-17 17:26 - 2015-01-29 19:56 - 00002035 _____ () C:\nospam.log
2015-01-14 11:00 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 11:00 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 11:00 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 11:00 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 11:00 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 11:00 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 11:00 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 11:00 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 11:00 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 11:00 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 11:00 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 11:00 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 11:00 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 20:18 - 2015-01-13 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA INTERNET SECURITY
2015-01-13 20:17 - 2015-01-13 20:17 - 00002058 _____ () C:\Windows\DPINST.LOG
2015-01-08 19:17 - 2015-01-08 19:17 - 00002217 _____ () C:\Users\CH\Desktop\Kindle.lnk
2015-01-08 19:17 - 2015-01-08 19:17 - 00000000 ____D () C:\Users\CH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2015-01-08 14:48 - 2015-01-08 14:49 - 03379708 _____ ( ) C:\Users\CH\Downloads\nw_21364_smergeexe.exe
2015-01-08 10:44 - 2015-01-08 10:47 - 38157960 _____ (Amazon.com) C:\Users\CH\Downloads\KindleForPC-installer(1).exe
2015-01-07 10:48 - 2015-01-07 17:18 - 00000000 ____D () C:\Users\CH\Desktop\Titelbild 2015
2015-01-03 19:40 - 2015-01-03 19:57 - 00000000 ____D () C:\Users\CH\AppData\Local\Ubisoft Game Launcher
2015-01-03 19:40 - 2015-01-03 19:40 - 00000000 ____D () C:\ProgramData\Solidshield
2015-01-03 19:34 - 2015-01-03 19:58 - 00000000 ____D () C:\Users\CH\Documents\The Adventures of Tintin
2015-01-03 19:32 - 2015-01-03 19:32 - 00017419 _____ () C:\Windows\DirectX.log
2015-01-03 19:13 - 2015-01-03 19:33 - 00000000 ____D () C:\Program Files (x86)\Ubisoft

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-02 00:07 - 2013-04-05 16:24 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-01 23:28 - 2012-04-04 10:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-01 19:55 - 2010-06-19 15:48 - 01918621 _____ () C:\Windows\WindowsUpdate.log
2015-02-01 18:35 - 2014-06-17 12:47 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-01 16:35 - 2013-07-08 12:44 - 00000349 _____ () C:\Users\Public\Documents\PCLECHAL.INI
2015-02-01 16:17 - 2013-04-05 16:24 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-01 13:52 - 2014-10-29 10:20 - 00003328 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3869574007-4155416212-3619733498-1000
2015-02-01 13:52 - 2013-10-08 09:13 - 00003188 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3869574007-4155416212-3619733498-1000
2015-02-01 10:44 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-01 10:44 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-01 10:36 - 2014-12-11 10:39 - 00006882 _____ () C:\Windows\PFRO.log
2015-02-01 10:36 - 2014-11-05 10:18 - 00008895 _____ () C:\Windows\setupact.log
2015-02-01 10:36 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-01 02:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-02-01 02:13 - 2013-11-25 00:34 - 00000000 ____D () C:\AdwCleaner
2015-02-01 02:00 - 2014-08-26 09:35 - 00000000 ____D () C:\Users\CH\AppData\Local\Adobe
2015-01-31 19:39 - 2014-06-03 18:37 - 00003168 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForCH
2015-01-31 19:39 - 2014-06-03 18:37 - 00000320 _____ () C:\Windows\Tasks\HPCeeScheduleForCH.job
2015-01-31 15:43 - 2014-11-01 18:58 - 00000000 ____D () C:\Users\CH\Desktop\Musik Madeira
2015-01-31 00:44 - 2010-10-02 15:12 - 00000544 _____ () C:\Windows\Tasks\PCDRScheduledMaintenance.job
2015-01-30 11:10 - 2014-10-23 09:11 - 00003350 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3869574007-4155416212-3619733498-1000
2015-01-30 11:10 - 2013-05-14 14:10 - 00003210 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3869574007-4155416212-3619733498-1000
2015-01-30 10:40 - 2014-01-15 00:09 - 00000000 ____D () C:\Program Files (x86)\Browser 7 Maintenance Service
2015-01-29 20:16 - 2010-06-19 16:35 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2015-01-29 20:16 - 2010-06-19 16:35 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2015-01-29 20:16 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-28 02:11 - 2013-06-06 16:31 - 00000000 ____D () C:\Users\CH\Desktop\Ausflüge 2012 zum Entwickeln
2015-01-27 19:38 - 2012-02-14 19:36 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-01-27 19:38 - 2010-11-27 15:56 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-01-27 17:50 - 2014-11-22 19:52 - 00000000 ____D () C:\Users\CH\Documents\Warenkorb-Dateien
2015-01-27 17:42 - 2011-02-10 13:02 - 00000000 ____D () C:\Users\CH\AppData\Roaming\vlc
2015-01-27 17:41 - 2014-05-14 09:51 - 00000000 ____D () C:\Users\CH\Desktop\Neuer Ordner (2)
2015-01-25 02:28 - 2012-04-04 10:29 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-25 02:28 - 2012-04-04 10:29 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-25 02:28 - 2011-05-15 10:51 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-24 11:46 - 2013-11-05 10:51 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-24 11:45 - 2011-01-27 00:27 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-24 11:44 - 2014-10-24 13:20 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-24 11:44 - 2014-08-24 09:52 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-01-24 11:44 - 2014-07-24 09:52 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-01-24 11:44 - 2014-07-24 09:52 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-01-24 11:44 - 2013-11-05 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-20 00:27 - 2011-04-07 14:00 - 00000000 ____D () C:\ProgramData\tmp
2015-01-20 00:23 - 2010-10-02 15:12 - 00000000 ____D () C:\Users\CH
2015-01-20 00:19 - 2011-04-07 14:00 - 00001033 _____ () C:\Users\Public\Desktop\Mein CEWE FOTOBUCH.lnk
2015-01-19 14:28 - 2013-05-14 14:10 - 00003370 _____ () C:\Windows\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3869574007-4155416212-3619733498-1000
2015-01-19 14:24 - 2012-09-28 16:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2015-01-19 14:24 - 2012-01-29 16:35 - 00000000 ____D () C:\Users\CH\AppData\Roaming\RealNetworks
2015-01-19 14:23 - 2012-09-28 16:09 - 00201872 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2015-01-19 14:23 - 2012-09-28 16:08 - 00272896 _____ (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2015-01-19 14:23 - 2012-09-28 16:08 - 00006656 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5016.dll
2015-01-19 14:23 - 2012-09-28 16:08 - 00005632 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5032.dll
2015-01-19 14:23 - 2010-03-03 07:04 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2015-01-19 14:23 - 2010-03-03 07:04 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2015-01-14 17:20 - 2013-07-11 15:15 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 17:16 - 2010-12-06 22:01 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 20:18 - 2014-10-07 00:22 - 00001940 _____ () C:\Users\Public\Desktop\G DATA INTERNET SECURITY.lnk
2015-01-13 20:18 - 2014-10-06 23:57 - 00064512 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys
2015-01-13 20:09 - 2014-03-30 16:56 - 00000000 ____D () C:\Users\CH\Desktop\Titelbild 2014
2015-01-09 01:32 - 2013-11-21 20:55 - 00000000 ____D () C:\Users\CH\Documents\My Kindle Content
2015-01-08 19:13 - 2011-04-27 01:57 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-01-08 17:38 - 2013-11-21 20:54 - 00000000 ____D () C:\Users\CH\AppData\Local\Amazon
2015-01-07 11:11 - 2013-03-20 21:57 - 00000000 ____D () C:\Users\CH\AppData\Local\EZTitles4
2015-01-06 04:36 - 2010-11-09 14:02 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-03 19:39 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-03 19:33 - 2010-06-19 15:49 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

==================== Files in the root of some directories =======

2013-05-25 17:58 - 2013-05-25 17:59 - 5082084 _____ (The Public) C:\Users\CH\AppData\Roaming\Avisynth.exe
2013-05-25 17:59 - 2013-05-25 17:59 - 5243208 _____ (                                                            ) C:\Users\CH\AppData\Roaming\AvsP.exe
2014-08-03 12:50 - 2014-08-15 13:14 - 0000040 _____ () C:\Users\CH\AppData\Roaming\cdr.ini
2012-09-27 14:25 - 2012-09-27 14:25 - 0000211 _____ () C:\Users\CH\AppData\Roaming\CH-HP.MTBF.txt
2011-07-07 11:44 - 2012-02-29 00:34 - 0000697 _____ () C:\Users\CH\AppData\Roaming\ConvAPIPlugin.log
2014-09-14 14:25 - 2014-09-14 14:25 - 0000000 _____ () C:\Users\CH\AppData\Roaming\gdfw.log
2014-09-14 14:25 - 2014-10-06 23:56 - 0001558 _____ () C:\Users\CH\AppData\Roaming\gdscan.log
2011-07-01 15:32 - 2011-08-07 19:32 - 0001854 _____ () C:\Users\CH\AppData\Roaming\GhostObjGAFix.xml
2013-05-25 17:59 - 2013-05-25 17:59 - 5514668 _____ (LIGHTNING UK!) C:\Users\CH\AppData\Roaming\Imgburn.exe
2004-01-26 16:15 - 2004-01-26 16:15 - 0233472 ____R () C:\Users\CH\AppData\Roaming\MafiaSetup.exe
2013-05-25 17:59 - 2013-05-25 17:59 - 1357348 _____ () C:\Users\CH\AppData\Roaming\MatroskaSplitter.exe
2011-05-02 14:07 - 2011-05-02 14:07 - 0114803 _____ () C:\Users\CH\AppData\Roaming\mdbu.bin
2013-05-25 17:59 - 2013-05-25 18:00 - 7760687 _____ (Boraxsoft) C:\Users\CH\AppData\Roaming\SetupGFD.exe
2012-03-15 17:25 - 2013-12-23 19:32 - 0239510 _____ () C:\Users\CH\AppData\Roaming\WavePad.dmp
2013-05-25 17:59 - 2013-05-25 17:59 - 0117723 _____ () C:\Users\CH\AppData\Roaming\yuvcodecs-1.3.exe
2012-09-27 14:26 - 2012-09-27 16:07 - 0000900 _____ () C:\Users\CH\AppData\Roaming\__AvidCloudManager.log
2012-09-27 14:26 - 2012-09-27 14:26 - 0000676 _____ () C:\Users\CH\AppData\Roaming\__AvidCloudManagerPrevious.log
2010-11-11 22:46 - 2014-12-11 22:18 - 0089600 _____ () C:\Users\CH\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-05-07 15:05 - 2014-12-14 04:12 - 0007601 _____ () C:\Users\CH\AppData\Local\Resmon.ResmonCfg
2014-05-12 19:09 - 2014-05-12 19:09 - 0000000 _____ () C:\Users\CH\AppData\Local\{DCA72C06-BECF-421A-819D-A632B98363C9}
2011-07-07 11:23 - 2014-11-03 16:13 - 0006805 _____ () C:\ProgramData\hpzinstall.log
2010-11-11 22:43 - 2014-08-27 18:01 - 0000024 _____ () C:\ProgramData\__FileUploader.log

Some content of TEMP:
====================
C:\Users\CH\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\CH\AppData\Local\Temp\Quarantine.exe
C:\Users\CH\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-24 00:06

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

Geändert von Medi (01.02.2015 um 23:41 Uhr)

Alt 02.02.2015, 16:29   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Pup.optional.bandoo, Pup.optional.ilvid - Standard

Pup.optional.bandoo, Pup.optional.ilvid



Ja kannste machen.


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.02.2015, 14:10   #11
Medi
 
Pup.optional.bandoo, Pup.optional.ilvid - Standard

Pup.optional.bandoo, Pup.optional.ilvid



Also Eset habe ich nach Stunden des Wartens abgebrochen. Für mich ist auch nur C entscheidend. Ich weiß, dass auf H jede Menge Viren sind (da ich H auf C geklont habe) und deshalb wollte ich H formatieren, aber das geht nicht, weil irgendwas darauf zugreift. Wie kann ich H formatieren?



Code:
ATTFilter
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.21.5\uninstall.exe.vir	Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung
C:\Program Files (x86)\NCH Swift Sound\WavePad\uninst.exe	Variante von Win32/Toolbar.Conduit.K evtl. unerwünschte Anwendung
C:\Program Files (x86)\NCH Swift Sound\WavePad\wavepad.exe	Variante von Win32/Toolbar.Conduit.K evtl. unerwünschte Anwendung
C:\Program Files (x86)\NCH Swift Sound\WavePad\wpsetup452_v4.52.exe	Variante von Win32/Toolbar.Conduit.K evtl. unerwünschte Anwendung
C:\Program Files (x86)\Realore\Roads of Rome 3\ReloreStudios.exe	Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung
C:\Users\CH\Downloads\CheckDrive 2014 - CHIP-Installer.exe	Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung
C:\Users\CH\Downloads\Microsoft Image Composite Editor 32 Bit - CHIP-Installer.exe	Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung
C:\Users\CH\Downloads\PDFCreator-1_2_3_setup.exe	Win32/Toolbar.Widgi evtl. unerwünschte Anwendung
C:\Users\CH\Downloads\Setup_FreeFlvConverter.exe	Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung
C:\Users\CH\Downloads\Snipping Tool Plus - CHIP-Installer.exe	Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung
C:\Users\CH\Downloads\Streamtransport_1.1.4.0.zip	Win32/Somoto.Q evtl. unerwünschte Anwendung
C:\Users\CH\Downloads\streamtransport_1.1.6.2.zip	Win32/Somoto.Q evtl. unerwünschte Anwendung
C:\Users\CH\Downloads\VLC media player 64 Bit - CHIP-Installer.exe	Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung
C:\Users\CH\Downloads\wpsetup452.exe	Variante von Win32/Toolbar.Conduit.K evtl. unerwünschte Anwendung
         

Code:
ATTFilter
 Results of screen317's Security Check version 0.99.95  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
G DATA INTERNET SECURITY   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Spybot - Search & Destroy 
 JavaFX 2.1.1    
 Java 8 Update 31  
 Java version 32-bit out of Date! 
  Java 64-bit 8 Update 31  
 Adobe Flash Player 16.0.0.296  
 Adobe Reader XI  
````````Process Check: objlist.exe by Laurent````````  
 Spybot Teatimer.exe is disabled! 
 G Data InternetSecurity Firewall GDFwSvcx64.exe 
 G Data InternetSecurity Firewall GDFirewallTray.exe 
 T-Online T-Online_Software_6 eMail Mail.exe 
 T-Online T-ONLI~1 BASIS-~1 Basis2\PROFIL~1.EXE 
 T-Online T-ONLI~1 BASIS-~1 Basis2\kernel.exe 
 T-Online T-ONLI~1 BASIS-~1 Basis2\sc_watch.exe 
 T-Online T-ONLI~1 Notifier Notifier.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by CH (administrator) on CH-HP on 03-02-2015 13:50:01
Running from C:\Users\CH\Downloads
Loaded Profiles: CH (Available profiles: CH)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Browser7)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
() C:\Users\CH\AppData\Local\Amazon Music\Amazon Music Helper.exe
() C:\Program Files (x86)\LG Soft India\forteManager\bin\Monitor.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Deutsche Telekom AG) C:\Program Files (x86)\Deutsche Telekom AG\Browser 7\Browser7.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [568888 2010-01-18] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-29] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2010-01-25] (EasyBits Software AS)
HKLM-x32\...\Run: [ATICustomerCare] => C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [311296 2010-05-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1756792 2014-05-20] (G Data Software AG)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [295512 2015-01-19] (RealNetworks, Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
HKLM\...\Winlogon: [Userinit] C:\Windows\System32\Userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-3869574007-4155416212-3619733498-1000\...\Run: [Amazon Music] => C:\Users\CH\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\forteManager.lnk
ShortcutTarget: forteManager.lnk -> C:\Program Files (x86)\LG Soft India\forteManager\bin\Monitor.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3869574007-4155416212-3619733498-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> {F07F94CD-C87B-4CB7-8A1A-209F96B139B9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {F07F94CD-C87B-4CB7-8A1A-209F96B139B9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3869574007-4155416212-3619733498-1000 -> {F07F94CD-C87B-4CB7-8A1A-209F96B139B9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: HKLM-x32 {CA47E69B-B484-44C1-8E29-19B6B2694810} hxxp://games.bigfishgames.com/de_fashion-fortune/online/axcontrol.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {DB28CF23-0083-40B5-BF63-69925D672385} hxxp://www.nero.com/doc/NeroVersionChecker.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  No File
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2010-06-19] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @real.com/nppl3260;version=16.0.4.19 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.4 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.4.19 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3869574007-4155416212-3619733498-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101727.dll (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-3869574007-4155416212-3619733498-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-07-07]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2015-01-19]
FF HKLM-x32\...\Firefox\Extensions: [{1B12EF76-2B5E-4DA1-B587-4762D49BFE03}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKU\S-1-5-21-3869574007-4155416212-3619733498-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [128752 2010-06-29] (SUPERAntiSpyware.com) [File not signed]
R2 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2014-08-31] (Adobe Systems Incorporated)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2250360 2014-10-14] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2683760 2014-05-20] (G Data Software AG)
S3 Browser7Maintenance; C:\Program Files (x86)\Browser 7 Maintenance Service\maintenanceservice.exe [114488 2015-01-30] (Deutsche Telekom AG)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-01-25] (EasyBits Software AS) [File not signed]
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3228136 2014-08-21] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700536 2014-05-20] (G Data Software AG)
R2 hasplms; C:\Windows\system32\hasplms.exe [4412872 2012-08-23] (SafeNet Inc.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
S2 PCLEPCI; C:\Windows\SysWOW64\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH) [File not signed]
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2014-06-24] (Sony Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2014-08-12] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [60488 2013-08-09] (SafeNet Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [303624 2013-08-09] (SafeNet Inc.)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [55808 2014-10-07] (G Data Software AG)
R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2014-10-23] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [142336 2014-10-07] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [64000 2014-10-07] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64512 2015-01-13] (G Data Software AG)
S1 GLogin; No ImagePath
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2014-10-07] (G Data Software)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331608 2014-07-15] (SafeNet Inc.)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [61440 2014-10-07] (G Data Software AG)
S3 LGDDCDevice; C:\Program Files (x86)\LG Soft India\forteManager\bin\I2CDriver.sys [14336 2008-12-12] () [File not signed]
S3 LGII2CDevice; C:\Program Files (x86)\LG Soft India\forteManager\bin\PII2CDriver.sys [18432 2008-12-12] () [File not signed]
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14920 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12360 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-10-10] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2014-10-10] (Acronis)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-10-10] (Acronis International GmbH)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2010-03-03] (CyberLink Corp.)
S3 ALSysIO; \??\C:\Users\CH\AppData\Local\Temp\ALSysIO64.sys [X]
S3 ATIXPGAA; \??\C:\Program Files\PC-Doctor for Windows\ATIXPGAA.SYS [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 PcdrNdisuio; syswow64\drivers\pcdrndisuio.sys [X]
S3 PCDSRVC{4942F9C0-0B403F17-06000000}_0; \??\c:\pcdr5\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-03 13:33 - 2015-02-03 13:33 - 00001223 _____ () C:\Users\CH\Desktop\checkup.txt
2015-02-03 13:23 - 2015-02-03 13:23 - 00852573 _____ () C:\Users\CH\Downloads\SecurityCheck.exe
2015-02-03 01:19 - 2015-02-03 13:32 - 00001698 _____ () C:\Users\CH\Desktop\eset1.txt
2015-02-02 19:26 - 2015-02-02 19:26 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-02-02 19:25 - 2015-02-02 19:25 - 02347384 _____ (ESET) C:\Users\CH\Downloads\esetsmartinstaller_deu.exe
2015-02-01 20:16 - 2015-02-01 20:16 - 00029961 _____ () C:\Users\CH\Desktop\JRT.txt
2015-02-01 20:10 - 2015-02-01 20:10 - 01707939 _____ (Thisisu) C:\Users\CH\Downloads\JRT.exe
2015-02-01 20:10 - 2015-02-01 20:10 - 00000000 ____D () C:\Windows\ERUNT
2015-02-01 20:06 - 2015-02-01 20:06 - 00000000 ____D () C:\Users\CH\Downloads\FRST-OlderVersion
2015-02-01 02:16 - 2015-02-01 02:16 - 00002744 _____ () C:\Users\CH\Desktop\AdwCleaner[S1].txt
2015-02-01 00:33 - 2015-02-01 00:33 - 02194432 _____ () C:\Users\CH\Downloads\AdwCleaner_4.109(1).exe
2015-01-30 00:19 - 2015-01-30 00:19 - 01188194 _____ () C:\Users\CH\Downloads\processexplorer.zip
2015-01-29 22:37 - 2015-01-29 22:38 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\CH\Downloads\tdsskiller.exe
2015-01-29 22:30 - 2015-01-29 22:30 - 00001230 _____ () C:\Users\CH\Desktop\Revo Uninstaller.lnk
2015-01-29 22:30 - 2015-01-29 22:30 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-29 22:29 - 2015-01-29 22:29 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\CH\Downloads\revosetup95.exe
2015-01-29 19:32 - 2015-01-29 19:32 - 00001555 _____ () C:\Users\CH\Desktop\malw.txt
2015-01-29 19:18 - 2015-01-29 19:18 - 02194432 _____ () C:\Users\CH\Downloads\AdwCleaner_4.109.exe
2015-01-29 19:11 - 2015-01-29 19:12 - 00068479 _____ () C:\Users\CH\Downloads\Addition.txt
2015-01-29 19:10 - 2015-02-03 13:50 - 00023711 _____ () C:\Users\CH\Downloads\FRST.txt
2015-01-29 19:09 - 2015-02-03 13:50 - 00000000 ____D () C:\FRST
2015-01-29 19:09 - 2015-02-01 20:06 - 02131456 _____ (Farbar) C:\Users\CH\Downloads\FRST64.exe
2015-01-25 15:40 - 2015-01-25 15:53 - 00000000 ____D () C:\Users\CH\Desktop\auf anderen FPS löschen
2015-01-24 11:45 - 2015-01-24 11:44 - 00146432 _____ (Oracle Corporation) C:\Windows\SysWOW64\javacpl.cpl
2015-01-20 00:23 - 2015-01-20 00:23 - 00000000 ____D () C:\Users\CH\restore
2015-01-20 00:19 - 2015-01-20 00:19 - 00001013 _____ () C:\Users\Public\Desktop\CEWE FOTOSCHAU.lnk
2015-01-19 20:11 - 2015-01-19 20:11 - 01633192 _____ () C:\Users\CH\Downloads\setup_Mein_CEWE_FOTOBUCH(1).exe
2015-01-19 20:11 - 2015-01-19 20:11 - 00000000 ____D () C:\Program Files\CEWE
2015-01-19 14:24 - 2015-01-19 14:24 - 00001320 _____ () C:\Users\Public\Desktop\RealPlayer.lnk
2015-01-19 14:24 - 2015-01-19 14:24 - 00000000 ____D () C:\ProgramData\RealNetworks
2015-01-19 14:24 - 2015-01-19 14:24 - 00000000 ____D () C:\Program Files (x86)\RealNetworks
2015-01-19 14:19 - 2015-01-19 14:22 - 39317088 _____ (RealNetworks, Inc.) C:\Users\CH\Downloads\RealPlayer1604_de.exe
2015-01-18 00:12 - 2015-01-18 00:12 - 00000191 _____ () C:\spam.log
2015-01-17 17:26 - 2015-01-29 19:56 - 00002035 _____ () C:\nospam.log
2015-01-14 11:00 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 11:00 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 11:00 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 11:00 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 11:00 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 11:00 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 11:00 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 11:00 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 11:00 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 11:00 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 11:00 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 11:00 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 11:00 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 20:18 - 2015-01-13 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA INTERNET SECURITY
2015-01-13 20:17 - 2015-01-13 20:17 - 00002058 _____ () C:\Windows\DPINST.LOG
2015-01-08 19:17 - 2015-01-08 19:17 - 00002217 _____ () C:\Users\CH\Desktop\Kindle.lnk
2015-01-08 19:17 - 2015-01-08 19:17 - 00000000 ____D () C:\Users\CH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2015-01-08 14:48 - 2015-01-08 14:49 - 03379708 _____ ( ) C:\Users\CH\Downloads\nw_21364_smergeexe.exe
2015-01-08 10:44 - 2015-01-08 10:47 - 38157960 _____ (Amazon.com) C:\Users\CH\Downloads\KindleForPC-installer(1).exe
2015-01-07 10:48 - 2015-01-07 17:18 - 00000000 ____D () C:\Users\CH\Desktop\Titelbild 2015

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-03 13:28 - 2012-04-04 10:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-03 13:23 - 2010-06-19 15:48 - 02008769 _____ () C:\Windows\WindowsUpdate.log
2015-02-03 13:07 - 2013-04-05 16:24 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-03 10:39 - 2014-08-26 09:35 - 00000000 ____D () C:\Users\CH\AppData\Local\Adobe
2015-02-03 10:34 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-03 10:34 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-03 10:29 - 2013-07-08 12:44 - 00000349 _____ () C:\Users\Public\Documents\PCLECHAL.INI
2015-02-03 10:26 - 2014-11-05 10:18 - 00009063 _____ () C:\Windows\setupact.log
2015-02-03 10:26 - 2014-10-29 10:20 - 00003328 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3869574007-4155416212-3619733498-1000
2015-02-03 10:26 - 2013-10-08 09:13 - 00003188 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3869574007-4155416212-3619733498-1000
2015-02-03 10:26 - 2013-04-05 16:24 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-03 10:26 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-03 00:32 - 2014-11-08 14:31 - 00000000 ____D () C:\Users\CH\Desktop\PINNACLE HILFSDATEIEN
2015-02-03 00:09 - 2013-11-21 20:55 - 00000000 ____D () C:\Users\CH\Documents\My Kindle Content
2015-02-02 01:25 - 2014-10-23 09:11 - 00003350 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3869574007-4155416212-3619733498-1000
2015-02-02 01:25 - 2013-05-14 14:10 - 00003210 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3869574007-4155416212-3619733498-1000
2015-02-02 01:21 - 2012-02-14 19:36 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-02-02 01:21 - 2010-11-27 15:56 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-02-01 18:35 - 2014-06-17 12:47 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-01 10:36 - 2014-12-11 10:39 - 00006882 _____ () C:\Windows\PFRO.log
2015-02-01 02:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-02-01 02:13 - 2013-11-25 00:34 - 00000000 ____D () C:\AdwCleaner
2015-01-31 19:39 - 2014-06-03 18:37 - 00003168 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForCH
2015-01-31 19:39 - 2014-06-03 18:37 - 00000320 _____ () C:\Windows\Tasks\HPCeeScheduleForCH.job
2015-01-31 15:43 - 2014-11-01 18:58 - 00000000 ____D () C:\Users\CH\Desktop\Musik Madeira
2015-01-31 00:44 - 2010-10-02 15:12 - 00000544 _____ () C:\Windows\Tasks\PCDRScheduledMaintenance.job
2015-01-30 10:40 - 2014-01-15 00:09 - 00000000 ____D () C:\Program Files (x86)\Browser 7 Maintenance Service
2015-01-29 20:16 - 2010-06-19 16:35 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2015-01-29 20:16 - 2010-06-19 16:35 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2015-01-29 20:16 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-28 02:11 - 2013-06-06 16:31 - 00000000 ____D () C:\Users\CH\Desktop\Ausflüge 2012 zum Entwickeln
2015-01-27 17:50 - 2014-11-22 19:52 - 00000000 ____D () C:\Users\CH\Documents\Warenkorb-Dateien
2015-01-27 17:42 - 2011-02-10 13:02 - 00000000 ____D () C:\Users\CH\AppData\Roaming\vlc
2015-01-27 17:41 - 2014-05-14 09:51 - 00000000 ____D () C:\Users\CH\Desktop\Neuer Ordner (2)
2015-01-25 02:28 - 2012-04-04 10:29 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-25 02:28 - 2012-04-04 10:29 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-25 02:28 - 2011-05-15 10:51 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-24 11:46 - 2013-11-05 10:51 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-24 11:45 - 2011-01-27 00:27 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-24 11:44 - 2014-10-24 13:20 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-24 11:44 - 2014-08-24 09:52 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-01-24 11:44 - 2014-07-24 09:52 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-01-24 11:44 - 2014-07-24 09:52 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-01-24 11:44 - 2013-11-05 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-20 00:27 - 2011-04-07 14:00 - 00000000 ____D () C:\ProgramData\tmp
2015-01-20 00:23 - 2010-10-02 15:12 - 00000000 ____D () C:\Users\CH
2015-01-20 00:19 - 2011-04-07 14:00 - 00001033 _____ () C:\Users\Public\Desktop\Mein CEWE FOTOBUCH.lnk
2015-01-19 14:28 - 2013-05-14 14:10 - 00003370 _____ () C:\Windows\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3869574007-4155416212-3619733498-1000
2015-01-19 14:24 - 2012-09-28 16:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2015-01-19 14:24 - 2012-01-29 16:35 - 00000000 ____D () C:\Users\CH\AppData\Roaming\RealNetworks
2015-01-19 14:23 - 2012-09-28 16:09 - 00201872 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2015-01-19 14:23 - 2012-09-28 16:08 - 00272896 _____ (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2015-01-19 14:23 - 2012-09-28 16:08 - 00006656 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5016.dll
2015-01-19 14:23 - 2012-09-28 16:08 - 00005632 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5032.dll
2015-01-19 14:23 - 2010-03-03 07:04 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2015-01-19 14:23 - 2010-03-03 07:04 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2015-01-14 17:20 - 2013-07-11 15:15 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 17:16 - 2010-12-06 22:01 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 20:18 - 2014-10-07 00:22 - 00001940 _____ () C:\Users\Public\Desktop\G DATA INTERNET SECURITY.lnk
2015-01-13 20:18 - 2014-10-06 23:57 - 00064512 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys
2015-01-13 20:09 - 2014-03-30 16:56 - 00000000 ____D () C:\Users\CH\Desktop\Titelbild 2014
2015-01-08 19:13 - 2011-04-27 01:57 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-01-08 17:38 - 2013-11-21 20:54 - 00000000 ____D () C:\Users\CH\AppData\Local\Amazon
2015-01-07 11:11 - 2013-03-20 21:57 - 00000000 ____D () C:\Users\CH\AppData\Local\EZTitles4
2015-01-06 04:36 - 2010-11-09 14:02 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2013-05-25 17:58 - 2013-05-25 17:59 - 5082084 _____ (The Public) C:\Users\CH\AppData\Roaming\Avisynth.exe
2013-05-25 17:59 - 2013-05-25 17:59 - 5243208 _____ (                                                            ) C:\Users\CH\AppData\Roaming\AvsP.exe
2014-08-03 12:50 - 2014-08-15 13:14 - 0000040 _____ () C:\Users\CH\AppData\Roaming\cdr.ini
2012-09-27 14:25 - 2012-09-27 14:25 - 0000211 _____ () C:\Users\CH\AppData\Roaming\CH-HP.MTBF.txt
2011-07-07 11:44 - 2012-02-29 00:34 - 0000697 _____ () C:\Users\CH\AppData\Roaming\ConvAPIPlugin.log
2014-09-14 14:25 - 2014-09-14 14:25 - 0000000 _____ () C:\Users\CH\AppData\Roaming\gdfw.log
2014-09-14 14:25 - 2014-10-06 23:56 - 0001558 _____ () C:\Users\CH\AppData\Roaming\gdscan.log
2011-07-01 15:32 - 2011-08-07 19:32 - 0001854 _____ () C:\Users\CH\AppData\Roaming\GhostObjGAFix.xml
2013-05-25 17:59 - 2013-05-25 17:59 - 5514668 _____ (LIGHTNING UK!) C:\Users\CH\AppData\Roaming\Imgburn.exe
2004-01-26 16:15 - 2004-01-26 16:15 - 0233472 ____R () C:\Users\CH\AppData\Roaming\MafiaSetup.exe
2013-05-25 17:59 - 2013-05-25 17:59 - 1357348 _____ () C:\Users\CH\AppData\Roaming\MatroskaSplitter.exe
2011-05-02 14:07 - 2011-05-02 14:07 - 0114803 _____ () C:\Users\CH\AppData\Roaming\mdbu.bin
2013-05-25 17:59 - 2013-05-25 18:00 - 7760687 _____ (Boraxsoft) C:\Users\CH\AppData\Roaming\SetupGFD.exe
2012-03-15 17:25 - 2013-12-23 19:32 - 0239510 _____ () C:\Users\CH\AppData\Roaming\WavePad.dmp
2013-05-25 17:59 - 2013-05-25 17:59 - 0117723 _____ () C:\Users\CH\AppData\Roaming\yuvcodecs-1.3.exe
2012-09-27 14:26 - 2012-09-27 16:07 - 0000900 _____ () C:\Users\CH\AppData\Roaming\__AvidCloudManager.log
2012-09-27 14:26 - 2012-09-27 14:26 - 0000676 _____ () C:\Users\CH\AppData\Roaming\__AvidCloudManagerPrevious.log
2010-11-11 22:46 - 2014-12-11 22:18 - 0089600 _____ () C:\Users\CH\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-05-07 15:05 - 2014-12-14 04:12 - 0007601 _____ () C:\Users\CH\AppData\Local\Resmon.ResmonCfg
2014-05-12 19:09 - 2014-05-12 19:09 - 0000000 _____ () C:\Users\CH\AppData\Local\{DCA72C06-BECF-421A-819D-A632B98363C9}
2011-07-07 11:23 - 2014-11-03 16:13 - 0006805 _____ () C:\ProgramData\hpzinstall.log
2010-11-11 22:43 - 2014-08-27 18:01 - 0000024 _____ () C:\ProgramData\__FileUploader.log

Some content of TEMP:
====================
C:\Users\CH\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\CH\AppData\Local\Temp\Quarantine.exe
C:\Users\CH\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-24 00:06

==================== End Of Log ============================
         
--- --- ---

--- --- ---


UPDATE: Ich hab's jetzt doch geschafft mit dem Seagate Disc Wizard die Festplatte zu formatieren. Jetzt gibt es nur noch H ohne G und I.

Alt 03.02.2015, 18:19   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Pup.optional.bandoo, Pup.optional.ilvid - Standard

Pup.optional.bandoo, Pup.optional.ilvid



Download Ordner leeren.

Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.02.2015, 18:49   #13
Medi
 
Pup.optional.bandoo, Pup.optional.ilvid - Standard

Pup.optional.bandoo, Pup.optional.ilvid



Okay, vielen herzlichen Dank für Deine Hilfe.

Alt 04.02.2015, 16:59   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Pup.optional.bandoo, Pup.optional.ilvid - Standard

Pup.optional.bandoo, Pup.optional.ilvid



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Pup.optional.bandoo, Pup.optional.ilvid
adware, antivir, antivirus, avira, bonjour, branding, browser, converter, desktop, flash player, ftp, helper.exe, home, install.exe, installation, lightning, mozilla, musik, object, officejet, problem, pup.optional.bandoo, pup.optional.ilvid, registry, scan, schutz, security, services.exe, software, system, vista, wickel, windows



Ähnliche Themen: Pup.optional.bandoo, Pup.optional.ilvid


  1. Amazon Konto gehackt, Schädlinge PUP.OPTIONAL.MetacrawlerBAR.A + PUP.OPTIONAL.Crossrider.A gefunden
    Log-Analyse und Auswertung - 16.07.2015 (13)
  2. GMER stürzt ab - MBAM erkennt PUP.Optional.Agent, PUP.Optional.IEBho.A, PUP.Optional.MyFreeze.A
    Plagegeister aller Art und deren Bekämpfung - 07.02.2015 (13)
  3. WIN7: Fund PUP.Optional.DigitalSites.A, PUP.Optional.OpenCandy, PUP.Optional.Softonic.A, PUP.Optional.Updater.A. Weitere Vorgehensweise
    Log-Analyse und Auswertung - 08.10.2014 (11)
  4. Trojaner: PUP.Optional.CrossRider.A, PUP.Optional.MySearchDial.A, PUP.Optional.Babylon.A, PUP.Optional.BuenoSearch
    Plagegeister aller Art und deren Bekämpfung - 17.07.2014 (3)
  5. PUP.optional.bandoo und ADWARE/iBryte.bxkc
    Plagegeister aller Art und deren Bekämpfung - 27.05.2014 (14)
  6. Security.Hijack, PUP.Optional.OpenCandy, PUP.Optional.Somoto, PUP.Optional.MoviesToolBar etc gefunden
    Plagegeister aller Art und deren Bekämpfung - 16.04.2014 (1)
  7. PUP.Optional.DomalQ / PUP.Optional.BProtector / PUP.Optional.InstallMonetizer.A
    Plagegeister aller Art und deren Bekämpfung - 11.03.2014 (9)
  8. PUP.Optional.Bandoo.A kommt immer wieder
    Log-Analyse und Auswertung - 13.02.2014 (11)
  9. Pup.optional.bandoo.a
    Plagegeister aller Art und deren Bekämpfung - 25.01.2014 (7)
  10. Windows 8: Fund von TR/Dropper.gen, PUP.Optional.Iminent.A, PUP.Optional.BizzyBolt, PUP.Optional.DigitalSites.A
    Log-Analyse und Auswertung - 10.12.2013 (13)
  11. PC läuft langsam Adware Agent,Pup Optional B..,Pup Optional S..,wurde von Malewarebytes gefunden
    Log-Analyse und Auswertung - 04.10.2013 (41)
  12. Malwarebytes und Avira finden PUP.Optional.OpenCandy, PUP.Optional.Softonic, ADWARE/InstallCo.HF
    Log-Analyse und Auswertung - 14.09.2013 (9)
  13. Windows Vista: PUP.Optional.Tarma.A PUP.Optional.OpenCandy PUP.Optional.InstallCore.A
    Plagegeister aller Art und deren Bekämpfung - 11.09.2013 (13)
  14. 2x Windows Vista: PUP.Optional.Tarma.A PUP.Optional.OpenCandy PUP.Optional.InstallCore.A
    Mülltonne - 08.09.2013 (1)
  15. PUP.Optional.BrowserDefender.A, PUP.Optional.Babylon.A, PUP.Optional.Delta
    Log-Analyse und Auswertung - 25.08.2013 (8)
  16. Windows 7 Ultimate 64bit: Malewarebytes findet PUP.Optional.Conduit.A/PUP.Optional.Softonic
    Plagegeister aller Art und deren Bekämpfung - 22.08.2013 (6)
  17. Schadsoftware PUP.Optional.Bandoo und TR/Rogue.1182057.1 wieder los werden
    Log-Analyse und Auswertung - 22.08.2013 (13)

Zum Thema Pup.optional.bandoo, Pup.optional.ilvid - Hallo, eigentlich wollte ich nur wissen, wozu crss.exe da ist, weil das immer so viel Arbeitsspeicher braucht. Auf einer Seite stand, dass sie im system32-Ordner sein müsste, aber da ist - Pup.optional.bandoo, Pup.optional.ilvid...
Archiv
Du betrachtest: Pup.optional.bandoo, Pup.optional.ilvid auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.