Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: DHL-Fake-Email Link geöffnet

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 05.03.2015, 18:34   #1
G00gler
 
DHL-Fake-Email Link geöffnet - Standard

DHL-Fake-Email Link geöffnet



Hallo,

habe heute eine falsche DHL-Mail, und deren Anhang geöffnet, weil ich auf ein Paket gewartet habe.
Die E-Mail sah in etwas so aus:

Liebe(-r) Kundin/Kunde,

die Sendung zur Bestellung ....................... wurde an das Logistikunternehmen übergeben und wird voraussichtlich am 05.03.2015 zugestellt.


Hier erhalten Sie weitere Informationen zu Ihrer Sendung: ............................

Mit freundlichen Grüßen,
Ihr DHL Team

Habe dann das anhängende Zip-File geöffnet.
Befürchte nun, dass mein System infiziert ist.

Habe Farbar's Recovery Scan Tool schon mal Laufen lassen. Mit folgenden Logfiles


FRST Logfile:

FRST Logfile:

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-03-2015 01
Ran by Nutzer (administrator) on NUTZER-PC on 05-03-2015 18:56:18
Running from C:\Users\Nutzer\Downloads
Loaded Profiles: Nutzer (Available profiles: Nutzer & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(Spotify Ltd) C:\Users\Nutzer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(MSI CO.,LTD.) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(McAfee Inc) C:\Users\Nutzer\Downloads\stinger32(1).exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Malwarebytes Corporation                                    ) C:\Users\Nutzer\Downloads\mbam-setup-2.0.4.1028.exe
() C:\Users\Nutzer\AppData\Local\Temp\is-GPB4D.tmp\mbam-setup-2.0.4.1028.tmp


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7466600 2011-09-09] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\StartSuperCharger.exe [303104 2011-07-06] (MSI)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [1904640 2009-03-20] (AVM Berlin)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [643064 2014-09-17] (McAfee, Inc.)
HKLM-x32\...\Run: [ROCCAT Savu Gaming Mouse] => C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe [872048 2012-09-10] (ROCCAT GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [TrojanScanner] => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1791856 2014-10-16] (Simply Super Software)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-421047855-1012536844-3739120656-1000\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-421047855-1012536844-3739120656-1000\...\Run: [Spotify Web Helper] => C:\Users\Nutzer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-11] (Spotify Ltd)
HKU\S-1-5-21-421047855-1012536844-3739120656-1000\...\Run: [msdbd6a8407.exe] => C:\Users\Nutzer\AppData\Roaming\Microsoft\msdbd6a8407.exe [278528 2009-07-14] ()
HKU\S-1-5-21-421047855-1012536844-3739120656-1000\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-421047855-1012536844-3739120656-1000\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-421047855-1012536844-3739120656-1000\...\MountPoints2: {80cedef7-d7bb-11e3-ba7a-8c89a583321e} - J:\pushinst.exe
HKU\S-1-5-21-421047855-1012536844-3739120656-1000\...\MountPoints2: {88efa0e3-0a49-11e2-a5d9-8c89a583321e} - I:\pushinst.exe
Startup: C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-421047855-1012536844-3739120656-1000] => :0
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1417633359&from=cor&uid=ST500DM002-1BD142_Z2AJ74N5XXXXZ2AJ74N5&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1417633359&from=cor&uid=ST500DM002-1BD142_Z2AJ74N5XXXXZ2AJ74N5&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1417633359&from=cor&uid=ST500DM002-1BD142_Z2AJ74N5XXXXZ2AJ74N5
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1417633359&from=cor&uid=ST500DM002-1BD142_Z2AJ74N5XXXXZ2AJ74N5
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1417633359&from=cor&uid=ST500DM002-1BD142_Z2AJ74N5XXXXZ2AJ74N5&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1417633359&from=cor&uid=ST500DM002-1BD142_Z2AJ74N5XXXXZ2AJ74N5&q={searchTerms}
HKU\S-1-5-21-421047855-1012536844-3739120656-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=about:blank
HKU\S-1-5-21-421047855-1012536844-3739120656-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-421047855-1012536844-3739120656-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1417633359&from=cor&uid=ST500DM002-1BD142_Z2AJ74N5XXXXZ2AJ74N5
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKU\S-1-5-21-421047855-1012536844-3739120656-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Proxy Help -> {F386E548-C533-472E-8C61-C026FB14FEA9} -> C:\Windows\SysWow64\Newtabs_v9.dll (Newtabs. inc)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Hosts: 127.0.0.1 google-analytics.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\dbvvazox.default
FF NewTab: about:blank
FF SearchEngineOrder.1: Sichere Suche
FF SelectedSearchEngine: sweet-page
FF Homepage: about:home
FF Keyword.URL: https://de.search.yahoo.com/search?fr=mcafee&type=B111DE0D20130825&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-421047855-1012536844-3739120656-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\dbvvazox.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\dbvvazox.default\searchplugins\google-maps.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sweet-page.xml
FF Extension: DownloadHelper - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\dbvvazox.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-05]
FF Extension: Cliqz Beta - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\dbvvazox.default\Extensions\cliqz@cliqz.com.xpi [2014-11-26]
FF Extension: Faster Light - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\dbvvazox.default\Extensions\firefox@fasterlight.info.xpi [2014-11-25]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-06-21]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\dbvvazox.default\extensions\faststartff@gmail.com
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-06-21]
FF HKU\S-1-5-21-421047855-1012536844-3739120656-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\dbvvazox.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-02-17]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-02-17]
CHR HKLM-x32\...\Chrome\Extension: [ijblflkdjdopkpdgllkmlbgcffjbnfda] - \User Data\Default\Extensions\v9.crx [2012-12-05]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [368640 2009-03-20] (AVM Berlin) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2711736 2015-01-13] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McAfee SiteAdvisor Service; c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [155368 2015-02-12] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2015-01-13] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe [422632 2014-11-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [601864 2015-01-07] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1050952 2014-11-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-12-12] ()
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [745368 2012-11-26] (Tunngle.net GmbH) [File not signed]
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [484352 2014-12-03] (Fuyu LIMITED) [File not signed]
S2 51cdb72; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\Optimizer Pro 3.11\OptProCrash.dll",ENT

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [36448 2011-03-02] (Asmedia Technology)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2009-03-20] (AVM Berlin)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2009-03-20] (AVM GmbH)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-05 18:56 - 2015-03-05 18:58 - 00025971 _____ () C:\Users\Nutzer\Downloads\FRST.txt
2015-03-05 18:56 - 2015-03-05 18:56 - 00000000 ____D () C:\FRST
2015-03-05 18:55 - 2015-03-05 18:55 - 02092544 _____ (Farbar) C:\Users\Nutzer\Downloads\FRST64.exe
2015-03-05 18:41 - 2015-03-05 18:42 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Nutzer\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-05 18:03 - 2015-03-05 18:03 - 01417268 _____ () C:\Users\Nutzer\Downloads\runtime.dat
2015-03-05 18:03 - 2015-03-05 18:03 - 00000000 _____ () C:\Users\Nutzer\Downloads\Stinger_05032015_180338.html
2015-03-05 17:56 - 2015-03-05 17:56 - 00000606 _____ () C:\Windows\PFRO.log
2015-03-05 17:52 - 2015-03-05 17:52 - 00148472 _____ () C:\Users\Nutzer\Documents\cc_20150305_175230.reg
2015-03-05 17:48 - 2015-03-05 17:48 - 00000000 ____D () C:\ProgramData\Licenses
2015-03-05 17:40 - 2015-03-05 17:40 - 00000000 _____ () C:\Users\Nutzer\Downloads\Stinger_05032015_174047.html
2015-03-05 17:38 - 2015-03-05 17:38 - 00000000 ____D () C:\Users\Nutzer\Documents\Simply Super Software
2015-03-05 17:38 - 2015-03-05 17:38 - 00000000 ____D () C:\Users\Nutzer\AppData\Roaming\Simply Super Software
2015-03-05 17:38 - 2015-03-05 17:38 - 00000000 ____D () C:\ProgramData\Simply Super Software
2015-03-05 17:38 - 2015-03-05 17:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
2015-03-05 17:38 - 2015-03-05 17:38 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2015-03-05 17:37 - 2015-03-05 17:39 - 00000858 _____ () C:\Users\Nutzer\Downloads\Stinger_05032015_173706.html
2015-03-05 17:36 - 2015-03-05 17:36 - 00000000 ____D () C:\Quarantine
2015-03-05 17:34 - 2015-03-05 18:03 - 00000000 ____D () C:\Program Files (x86)\stinger
2015-03-05 17:34 - 2015-03-05 18:00 - 00000116 ___RH () C:\Users\Nutzer\Downloads\Stinger.opt
2015-03-05 17:34 - 2015-03-05 17:36 - 11582832 _____ (McAfee Inc) C:\Users\Nutzer\Downloads\stinger32(1).exe
2015-03-05 17:34 - 2015-03-05 17:34 - 00001472 _____ () C:\Users\Nutzer\Desktop\amazon.de.lnk
2015-03-05 17:34 - 2015-03-05 17:34 - 00000000 ____D () C:\Users\Nutzer\AppData\Roaming\DesktopIconAmazon
2015-03-05 17:33 - 2015-03-05 17:33 - 01203488 _____ () C:\Users\Nutzer\Downloads\Trojan Remover - CHIP-Installer.exe
2015-03-05 17:31 - 2015-03-05 17:33 - 14459760 _____ (McAfee Inc) C:\Users\Nutzer\Downloads\stinger32.exe
2015-03-05 17:30 - 2015-03-05 17:56 - 00000168 _____ () C:\Windows\setupact.log
2015-03-05 17:30 - 2015-03-05 17:30 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-03 11:49 - 2015-03-03 11:49 - 00000000 ____D () C:\Users\Nutzer\dwhelper
2015-03-02 16:34 - 2015-03-02 16:34 - 00000000 ____D () C:\Users\Nutzer\AppData\Local\Steam
2015-03-01 14:15 - 2015-03-01 14:15 - 00000000 ____D () C:\Windows\pss
2015-03-01 14:14 - 2015-03-05 18:01 - 00268735 _____ () C:\Windows\WindowsUpdate.log
2015-02-26 18:11 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-26 18:11 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-26 18:11 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-26 18:11 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-25 15:12 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 15:12 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-22 08:42 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-22 08:42 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-22 08:42 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-22 08:42 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-17 09:31 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-17 09:31 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-17 09:31 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-17 09:31 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-17 09:31 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-17 09:31 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-17 09:31 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-17 09:31 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-17 09:31 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-17 09:31 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-17 09:31 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-17 09:31 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-17 09:31 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-17 09:31 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-17 09:30 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-17 09:30 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-17 09:30 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-17 09:30 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-17 09:30 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-17 09:30 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-17 09:30 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-17 09:30 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-17 09:29 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-17 09:29 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-17 09:29 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-17 09:29 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-17 09:29 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-17 09:29 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-17 09:29 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-17 09:29 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-17 09:29 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-17 09:29 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-17 09:29 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-17 09:29 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-17 09:29 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-17 09:29 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-17 09:29 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-17 09:29 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-17 09:29 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-17 09:29 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-17 09:29 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-17 09:29 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-17 09:29 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-17 09:29 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-17 09:29 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-17 09:29 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-17 09:29 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-17 09:29 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-17 09:29 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-17 09:29 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-17 09:29 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-17 09:29 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-17 09:29 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-17 09:29 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-17 09:29 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-17 09:29 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-17 09:29 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-17 09:29 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-17 09:29 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-17 09:29 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-17 09:29 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-17 09:29 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-17 09:29 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-17 09:29 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-17 09:29 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-17 09:29 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-17 09:29 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-17 09:29 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-17 09:29 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-17 09:29 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-17 09:29 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-17 09:29 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-17 09:29 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-17 09:29 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-17 09:27 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-17 09:27 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-17 09:26 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-17 09:26 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-17 09:26 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-17 09:26 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-17 09:26 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-17 09:26 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-17 09:26 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-17 09:26 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-17 09:26 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-17 09:26 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-17 09:26 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-17 09:26 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-17 09:26 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-17 09:26 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-17 09:26 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-17 09:26 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-17 09:26 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-17 09:26 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-17 09:26 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-17 09:26 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-17 09:26 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-17 09:26 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-17 09:26 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-17 09:26 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-17 09:26 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-17 09:26 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-17 09:26 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-17 09:26 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-17 09:26 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-17 09:26 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-17 09:26 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-17 09:26 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-17 09:26 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-17 09:26 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-17 09:26 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-17 09:26 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-17 09:26 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-17 09:26 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-17 09:25 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-05 18:50 - 2013-12-15 18:02 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-05 18:50 - 2013-12-15 18:02 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-05 18:10 - 2013-06-13 20:57 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-05 18:03 - 2009-07-14 05:45 - 00028912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-05 18:03 - 2009-07-14 05:45 - 00028912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-05 17:57 - 2013-02-02 15:52 - 00000000 ___RD () C:\Users\Nutzer\Dropbox
2015-03-05 17:57 - 2013-02-02 15:50 - 00000000 ____D () C:\Users\Nutzer\AppData\Roaming\Dropbox
2015-03-05 17:56 - 2013-02-27 16:16 - 00000000 ____D () C:\ProgramData\Temp
2015-03-05 17:56 - 2012-09-28 10:33 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-05 17:56 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-05 17:35 - 2015-01-29 15:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-05 17:13 - 2012-11-09 22:31 - 00000000 ____D () C:\Users\Nutzer\AppData\Roaming\TS3Client
2015-03-05 17:13 - 2012-10-01 16:48 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-04 00:09 - 2012-12-27 16:39 - 00000000 ____D () C:\Users\Nutzer\AppData\Roaming\.minecraft
2015-03-03 19:51 - 2012-11-05 20:23 - 00000000 ____D () C:\Users\Nutzer\AppData\Roaming\Spotify
2015-03-03 11:49 - 2012-09-28 10:20 - 00000000 ____D () C:\Users\Nutzer
2015-03-02 11:29 - 2012-11-05 20:25 - 00000000 ____D () C:\Users\Nutzer\AppData\Local\Spotify
2015-03-01 15:03 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-01 14:14 - 2014-12-18 14:03 - 00000000 ____D () C:\Users\Nutzer\AppData\Roaming\uTorrent
2015-03-01 14:13 - 2014-06-03 09:07 - 00000000 ____D () C:\Users\Nutzer\AppData\Roaming\Curse Client
2015-03-01 14:09 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-28 11:46 - 2014-12-23 00:23 - 00000000 ____D () C:\ProgramData\ProShopper
2015-02-27 11:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-26 19:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-24 16:56 - 2013-02-02 15:52 - 00001029 _____ () C:\Users\Nutzer\Desktop\Dropbox.lnk
2015-02-24 16:56 - 2013-02-02 15:50 - 00000000 ____D () C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-22 08:43 - 2013-11-07 13:26 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-02-22 08:22 - 2013-06-21 18:30 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-02-22 08:22 - 2009-07-14 05:45 - 00328216 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-17 09:54 - 2014-12-11 14:40 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-17 09:54 - 2014-05-06 09:08 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-17 09:41 - 2013-07-22 09:43 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-17 09:32 - 2012-09-28 10:47 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-17 09:30 - 2014-12-19 14:16 - 00000841 _____ () C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-02-17 09:30 - 2014-12-18 14:04 - 00000861 _____ () C:\Users\Nutzer\Desktop\µTorrent.lnk
2015-02-17 09:26 - 2012-11-16 20:13 - 00000000 ____D () C:\Users\Nutzer\AppData\Roaming\Skype
2015-02-17 09:20 - 2014-09-05 16:16 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-17 09:20 - 2012-11-16 20:13 - 00000000 ____D () C:\ProgramData\Skype
2015-02-06 10:31 - 2014-08-18 11:45 - 00000000 ____D () C:\Users\Nutzer\AppData\Local\Adobe
2015-02-06 10:29 - 2013-06-13 20:57 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-06 10:29 - 2012-09-29 16:53 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-06 10:29 - 2012-09-29 16:53 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2014-04-03 15:51 - 2014-04-03 15:51 - 0000268 ___RH () C:\Users\Nutzer\AppData\Roaming\External Build System
2014-04-03 15:52 - 2014-04-03 15:52 - 0000268 ___RH () C:\Users\Nutzer\AppData\Roaming\File Templates
2014-04-03 15:51 - 2014-04-03 15:51 - 0000268 ___RH () C:\Users\Nutzer\AppData\Roaming\Filesystems
2014-04-03 15:51 - 2014-04-03 15:51 - 0000268 ___RH () C:\Users\Nutzer\AppData\Roaming\Framework
2014-11-25 22:01 - 2014-12-18 15:17 - 0000254 _____ () C:\Users\Nutzer\AppData\Roaming\mainhst.zgh
2013-09-04 12:21 - 2013-09-04 12:21 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-04-03 15:51 - 2014-04-03 15:51 - 0000268 ___RH () C:\ProgramData\Filters
2014-04-03 15:52 - 2014-04-03 15:52 - 0000268 ___RH () C:\ProgramData\Flags
2014-04-03 15:51 - 2014-04-03 15:51 - 0000268 ___RH () C:\ProgramData\Flange Saw
2012-10-28 22:01 - 2013-05-22 10:41 - 0006614 _____ () C:\ProgramData\flcd_proxy.log
2014-04-03 15:51 - 2014-04-03 15:51 - 0000268 ___RH () C:\ProgramData\Galactic Static
2014-04-03 15:51 - 2014-04-03 15:51 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2014-04-03 15:52 - 2014-04-03 15:52 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2014-04-03 15:51 - 2014-05-04 17:53 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2014-04-03 15:51 - 2014-05-04 17:52 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT

Some content of TEMP:
====================
C:\Users\Nutzer\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphd6j9n.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-05 16:02

==================== End Of Log ============================
         


---------------------------------

---------------------------------

---------------------------------

Addition-Datei

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-03-2015 01
Ran by Nutzer at 2015-03-05 18:58:40
Running from C:\Users\Nutzer\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-421047855-1012536844-3739120656-1000\...\uTorrent) (Version: 3.4.2.38758 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1030 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AntiBrowserSpy (HKLM-x32\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 4.0.110 - Abelssoft)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.1.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.2.1.000 - Asmedia Technology)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 1.138.0 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty 4: Modern Warfare (HKLM-x32\...\Steam App 7940) (Version:  - Infinity Ward)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - )
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 4.04 - Piriform)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.31 - Cliqz.com)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3618 - CyberLink Corp.)
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
Dead Island Riptide (HKLM-x32\...\Steam App 216250) (Version:  - Techland)
Defy Gravity (HKLM-x32\...\Steam App 96100) (Version:  - Fish Factory Games)
Desktopicon amazon.de (HKLM\...\DesktopIconAmazon) (Version: 1.0.1 - )
Deus Ex: Human Revolution - Director's Cut (HKLM-x32\...\Steam App 238010) (Version:  - Eidos Montreal)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
Dropbox (HKU\S-1-5-21-421047855-1012536844-3739120656-1000\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
Far Cry 3 Blood Dragon (HKLM-x32\...\{A071F478-73E0-4143-AE55-4DD6BABD74F5}) (Version: 1.00 - Ubisoft)
FLV Player 2.0 (build 25) (HKLM-x32\...\FLV Player) (Version: 2.0 (build 25) - Martijn de Visser)
Fragen-Lern-CD 4.0 (HKLM-x32\...\de.3m5.wendel.flcd.FLCDB.4E7DF207D694E815646D9C9DD7DC91A41EB7FD23.1) (Version: 4.0.1 - Wendel-Verlag GmbH)
Fragen-Lern-CD 4.0 (x32 Version: 4.0.1 - Wendel-Verlag GmbH) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{D2D05FDB-4EDA-462D-8DB6-E0B9AD4FA25F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Hilfe (HKLM-x32\...\{FDE820DD-CC88-4395-AD5C-801365B8F316}) (Version: 28.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Interenet Optimizer (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{c632643}) (Version:  - BullPoint) <==== ATTENTION
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Kane & Lynch 2: Dog Days (HKLM-x32\...\Steam App 28000) (Version:  - IO Interactive)
Kane & Lynch: Dead Men (HKLM-x32\...\Steam App 8080) (Version:  - IO Interactive)
Lara Croft and the Guardian of Light (HKLM-x32\...\Steam App 35130) (Version:  - Crystal Dynamics)
League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 13.6.1529 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.191 - McAfee, Inc.)
Medal of Honor™ Warfighter (HKLM-x32\...\{48379835-BF2E-4487-9CB1-D5E654502B53}) (Version: 1.0.0.0 - Electronic Arts)
Mendeley Desktop 1.10.1 (HKLM-x32\...\Mendeley Desktop) (Version: 1.10.1 - Mendeley Ltd.)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - THQ)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4693.1002 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-421047855-1012536844-3739120656-1000\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MURDERED: SOUL SUSPECT™ (HKLM-x32\...\Steam App 233290) (Version:  - Airtight Games)
Mystery Murders - Jack the Ripper 2 (HKLM-x32\...\Mystery Murders - Jack the Ripper 2) (Version: 1.0.0.221.de - Rondomedia)
NewTabs Uninstall (HKLM-x32\...\NewTabs) (Version:  - ELEX Technology) <==== ATTENTION
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.6.0 - Nikon)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4693.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4693.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4693.1002 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.7 - Nikon)
PokerStars.net (HKLM-x32\...\PokerStars.net) (Version:  - PokerStars.net)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6458 - Realtek Semiconductor Corp.)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
Savu Mouse (HKLM-x32\...\{6F4B8EA6-4546-4160-A05F-0706F7DC1EFF}) (Version: 1.1.9 - ROCCAT GmbH)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version:  - United Front Games)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - )
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Spotify (HKU\S-1-5-21-421047855-1012536844-3739120656-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Startopia (HKLM-x32\...\Steam App 243040) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - Team Meat)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.0.111 - MSI)
Supreme Commander 2 (HKLM-x32\...\Steam App 40100) (Version:  - Gas Powered Games)
sweet-page uninstall (HKLM-x32\...\sweet-page uninstall) (Version:  - sweet-page) <==== ATTENTION
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Test Drive Unlimited 2 (HKLM-x32\...\Test Drive Unlimited 2_is1) (Version:  - Atari)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Tiny Bang Story (HKLM-x32\...\Steam App 96000) (Version:  - Colibri Games)
Thief (HKLM-x32\...\Steam App 239160) (Version:  - Eidos-Montréal)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
Trojan Remover 6.9.1 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.1 - Simply Super Software)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Tyre (HKLM-x32\...\Tyre_is1) (Version: 6.1.3.5 - 't Schrijverke)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.6.0 - Nikon)
WindowsMangerProtect20.0.0.1277 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.1277 - WindowsProtect LIMITED) <==== ATTENTION
Winki (HKLM-x32\...\{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1) (Version: 3.2.115 - MSI)
ZipGenius 6 (HKLM-x32\...\{EC3B598C-1151-4191-B5B4-A9072ADE6259}_is1) (Version: 6.3 - The ZipGenius Team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Nutzer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Nutzer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Nutzer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Nutzer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Nutzer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points  =========================

06-02-2015 10:10:04 Windows Update
17-02-2015 09:14:22 McAfee  Vulnerability Scanner
17-02-2015 09:20:58 Windows Update
17-02-2015 09:32:20 Windows Update
17-02-2015 09:48:08 Windows Update
22-02-2015 08:37:37 Windows Update
22-02-2015 10:25:47 Windows Update
25-02-2015 15:11:46 Windows Update
27-02-2015 02:37:05 Windows Update
28-02-2015 11:46:30 Windows Defender Checkpoint
03-03-2015 11:36:53 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2013-05-16 08:43 - 00000861 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 google-analytics.com

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {2EDE4FF2-B110-4373-B579-B52C268AD44C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {4D4FF097-AC9F-48F9-82EA-4A87F84F72BD} - System32\Tasks\{68C7D2E5-579C-4DF9-94D2-7E6DE749538F} => C:\Riot Games\League of Legends\lol.launcher.admin.exe [2012-04-24] ()
Task: {5AEFF91F-C7CF-4996-998C-C810BB8A8569} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {63365E94-AEB8-4D8A-9352-6350A0635E05} - System32\Tasks\{420748D8-23D1-4A48-967D-474785D464EA} => Firefox.exe hxxp://ui.skype.com/ui/0/6.0.60.120/de/abandoninstall?page=tsPlugin
Task: {6990127C-7F6D-4AEE-90E0-49F98DA926E1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-15] (Google Inc.)
Task: {B29D3B2A-3162-44AD-BECA-626BF77A4881} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-12-30] (Microsoft Corporation)
Task: {C0813119-6EA6-4C12-9DF7-CA17D135D8B9} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {D1C03B3D-D32F-4FAB-8A6F-69FFB25138FA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06] (Adobe Systems Incorporated)
Task: {E8DA67DB-28EF-44E4-9FFD-6F93FF9FED9C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-15] (Google Inc.)
Task: {F1FB7308-DA66-4D5D-A589-36B7FA6DC9CC} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-12-30] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2012-09-29 18:25 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-24 16:50 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-10-26 13:20 - 2012-12-12 18:39 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-03-05 18:43 - 2015-03-05 18:43 - 00706560 _____ () C:\Users\Nutzer\AppData\Local\Temp\is-GPB4D.tmp\mbam-setup-2.0.4.1028.tmp
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-11-18 10:03 - 2014-11-18 10:03 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2015-01-29 15:26 - 2015-01-29 15:26 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-02-06 10:29 - 2015-02-06 10:29 - 16852144 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-421047855-1012536844-3739120656-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Nutzer^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk => C:\Windows\pss\Curse.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Nikon Message Center 2 => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Nutzer\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Nutzer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: uTorrent => "C:\Users\Nutzer\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED

==================== Accounts: =============================

Administrator (S-1-5-21-421047855-1012536844-3739120656-500 - Administrator - Disabled)
Gast (S-1-5-21-421047855-1012536844-3739120656-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-421047855-1012536844-3739120656-1003 - Limited - Enabled)
Nutzer (S-1-5-21-421047855-1012536844-3739120656-1000 - Administrator - Enabled) => C:\Users\Nutzer

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/05/2015 06:00:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mcupdate.exe, Version: 13.6.1529.0, Zeitstempel: 0x54b58846
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000c4102
ID des fehlerhaften Prozesses: 0x1704
Startzeit der fehlerhaften Anwendung: 0xmcupdate.exe0
Pfad der fehlerhaften Anwendung: mcupdate.exe1
Pfad des fehlerhaften Moduls: mcupdate.exe2
Berichtskennung: mcupdate.exe3

Error: (03/05/2015 05:57:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/05/2015 03:14:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/04/2015 10:25:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/04/2015 03:52:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/04/2015 11:09:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/03/2015 09:36:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/03/2015 09:35:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_stisvc, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: wiaservc.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7ca0f
Ausnahmecode: 0x40000015
Fehleroffset: 0x0000000000047a6b
ID des fehlerhaften Prozesses: 0x204
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_stisvc0
Pfad der fehlerhaften Anwendung: svchost.exe_stisvc1
Pfad des fehlerhaften Moduls: svchost.exe_stisvc2
Berichtskennung: svchost.exe_stisvc3

Error: (03/03/2015 05:57:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/03/2015 11:33:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (03/05/2015 05:56:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Optimizer Pro Crash Monitor erreicht.

Error: (03/05/2015 05:52:59 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Nutzer\AppData\Local\Temp\trutil.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (03/05/2015 05:52:59 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Nutzer\AppData\Local\Temp\trutil.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (03/05/2015 05:52:56 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Nutzer\AppData\Local\Temp\trutil.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (03/05/2015 05:52:56 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Nutzer\AppData\Local\Temp\trutil.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (03/05/2015 05:52:55 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Nutzer\AppData\Local\Temp\trutil.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (03/05/2015 05:52:55 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Nutzer\AppData\Local\Temp\trutil.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (03/05/2015 05:52:50 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Nutzer\AppData\Local\Temp\trutil.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (03/05/2015 05:52:49 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Nutzer\AppData\Local\Temp\trutil.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (03/05/2015 05:52:47 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Nutzer\AppData\Local\Temp\trutil.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.


Microsoft Office Sessions:
=========================
Error: (03/05/2015 06:00:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mcupdate.exe13.6.1529.054b58846ntdll.dll6.1.7601.18247521eaf24c000037400000000000c4102170401d05765e834c85aC:\Program Files\McAfee.com\Agent\mcupdate.exeC:\Windows\SYSTEM32\ntdll.dll2735b801-c359-11e4-b2e9-001f3f0c88f2

Error: (03/05/2015 05:57:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/05/2015 03:14:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/04/2015 10:25:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/04/2015 03:52:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/04/2015 11:09:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/03/2015 09:36:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/03/2015 09:35:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_stisvc6.1.7600.163854a5bc3c1wiaservc.dll6.1.7601.175144ce7ca0f400000150000000000047a6b20401d055f18f4cd542C:\Windows\system32\svchost.exec:\windows\system32\wiaservc.dlld0e9e447-c1e4-11e4-859d-001f3f0c88f2

Error: (03/03/2015 05:57:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/03/2015 11:33:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2015-03-05 17:52:59.682
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Nutzer\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-05 17:52:59.602
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Nutzer\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-05 17:52:59.523
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Nutzer\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-05 17:52:59.443
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Nutzer\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-05 17:52:56.759
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Nutzer\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-05 17:52:56.680
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Nutzer\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-05 17:52:56.601
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Nutzer\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-05 17:52:56.521
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Nutzer\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-05 17:52:55.254
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Nutzer\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-05 17:52:55.177
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Nutzer\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 43%
Total physical RAM: 8172.88 MB
Available physical RAM: 4599.66 MB
Total Pagefile: 16343.95 MB
Available Pagefile: 12492.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:465.66 GB) (Free:55.71 GB) NTFS
Drive e: (Externe) (Fixed) (Total:465.76 GB) (Free:196.95 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 7EB73B78)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 0004EE99)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         


Danke schonmal im voraus.

Alt 05.03.2015, 19:01   #2
schrauber
/// the machine
/// TB-Ausbilder
 

DHL-Fake-Email Link geöffnet - Standard

DHL-Fake-Email Link geöffnet



Hi,

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________

__________________

Alt 05.03.2015, 20:29   #3
G00gler
 
DHL-Fake-Email Link geöffnet - Standard

TDSSKiller file



Hi,
danke für die schnelle Rückmeldung. Hier schonmal das Logfile vom TDSSKiller:

Code:
ATTFilter
19:39:49.0551 0x0cd4  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
19:39:54.0262 0x0cd4  ============================================================
19:39:54.0262 0x0cd4  Current date / time: 2015/03/05 19:39:54.0262
19:39:54.0262 0x0cd4  SystemInfo:
19:39:54.0262 0x0cd4  
19:39:54.0262 0x0cd4  OS Version: 6.1.7601 ServicePack: 1.0
19:39:54.0262 0x0cd4  Product type: Workstation
19:39:54.0262 0x0cd4  ComputerName: NUTZER-PC
19:39:54.0262 0x0cd4  UserName: Nutzer
19:39:54.0262 0x0cd4  Windows directory: C:\Windows
19:39:54.0262 0x0cd4  System windows directory: C:\Windows
19:39:54.0262 0x0cd4  Running under WOW64
19:39:54.0262 0x0cd4  Processor architecture: Intel x64
19:39:54.0262 0x0cd4  Number of processors: 4
19:39:54.0262 0x0cd4  Page size: 0x1000
19:39:54.0262 0x0cd4  Boot type: Normal boot
19:39:54.0262 0x0cd4  ============================================================
19:39:55.0540 0x0cd4  KLMD registered as C:\Windows\system32\drivers\37369365.sys
19:39:57.0993 0x0cd4  System UUID: {BEFB01BA-1466-E8CA-C251-13052CC479ED}
19:39:58.0655 0x0cd4  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:39:58.0658 0x0cd4  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:40:02.0634 0x0cd4  ============================================================
19:40:02.0635 0x0cd4  \Device\Harddisk0\DR0:
19:40:02.0652 0x0cd4  MBR partitions:
19:40:02.0652 0x0cd4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:40:02.0652 0x0cd4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
19:40:02.0652 0x0cd4  \Device\Harddisk1\DR1:
19:40:02.0653 0x0cd4  MBR partitions:
19:40:02.0653 0x0cd4  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A385FF0
19:40:02.0653 0x0cd4  ============================================================
19:40:02.0698 0x0cd4  C: <-> \Device\Harddisk0\DR0\Partition2
19:40:02.0737 0x0cd4  E: <-> \Device\Harddisk1\DR1\Partition1
19:40:02.0737 0x0cd4  ============================================================
19:40:02.0737 0x0cd4  Initialize success
19:40:02.0737 0x0cd4  ============================================================
19:40:18.0456 0x1bd0  ============================================================
19:40:18.0456 0x1bd0  Scan started
19:40:18.0456 0x1bd0  Mode: Manual; SigCheck; TDLFS; 
19:40:18.0456 0x1bd0  ============================================================
19:40:18.0456 0x1bd0  KSN ping started
19:40:32.0090 0x1bd0  KSN ping finished: true
19:40:40.0324 0x1bd0  ================ Scan system memory ========================
19:40:40.0324 0x1bd0  System memory - ok
19:40:40.0324 0x1bd0  ================ Scan services =============================
19:40:41.0344 0x1bd0  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:40:41.0924 0x1bd0  1394ohci - ok
19:40:42.0054 0x1bd0  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] 51cdb72         C:\Windows\system32\rundll32.exe
19:40:42.0204 0x1bd0  51cdb72 - ok
19:40:42.0244 0x1bd0  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:40:42.0264 0x1bd0  ACPI - ok
19:40:42.0314 0x1bd0  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:40:42.0464 0x1bd0  AcpiPmi - ok
19:40:42.0704 0x1bd0  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:40:42.0744 0x1bd0  AdobeARMservice - ok
19:40:43.0574 0x1bd0  [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:40:43.0624 0x1bd0  AdobeFlashPlayerUpdateSvc - ok
19:40:43.0754 0x1bd0  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
19:40:43.0784 0x1bd0  adp94xx - ok
19:40:43.0844 0x1bd0  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
19:40:43.0864 0x1bd0  adpahci - ok
19:40:43.0944 0x1bd0  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
19:40:43.0964 0x1bd0  adpu320 - ok
19:40:43.0994 0x1bd0  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:40:44.0024 0x1bd0  AeLookupSvc - ok
19:40:44.0184 0x1bd0  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
19:40:44.0324 0x1bd0  AFD - ok
19:40:44.0394 0x1bd0  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
19:40:44.0404 0x1bd0  agp440 - ok
19:40:44.0454 0x1bd0  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
19:40:44.0474 0x1bd0  ALG - ok
19:40:44.0644 0x1bd0  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:40:44.0664 0x1bd0  aliide - ok
19:40:44.0694 0x1bd0  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
19:40:44.0704 0x1bd0  amdide - ok
19:40:44.0754 0x1bd0  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
19:40:44.0794 0x1bd0  AmdK8 - ok
19:40:44.0814 0x1bd0  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
19:40:44.0994 0x1bd0  AmdPPM - ok
19:40:45.0034 0x1bd0  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:40:45.0054 0x1bd0  amdsata - ok
19:40:45.0094 0x1bd0  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
19:40:45.0114 0x1bd0  amdsbs - ok
19:40:45.0134 0x1bd0  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:40:45.0174 0x1bd0  amdxata - ok
19:40:45.0324 0x1bd0  [ 59D01FA91962C9C1E9B4022B2D3B46DB, 3A111588538B77F010B5C900FB8425DDE55A08DBAC308CA7FB7BD9FCCCDEC69F ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
19:40:45.0394 0x1bd0  AppHostSvc - ok
19:40:45.0434 0x1bd0  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
19:40:45.0494 0x1bd0  AppID - ok
19:40:45.0524 0x1bd0  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:40:45.0544 0x1bd0  AppIDSvc - ok
19:40:45.0664 0x1bd0  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
19:40:45.0764 0x1bd0  Appinfo - ok
19:40:46.0014 0x1bd0  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:40:46.0034 0x1bd0  Apple Mobile Device - ok
19:40:46.0074 0x1bd0  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
19:40:46.0084 0x1bd0  arc - ok
19:40:46.0124 0x1bd0  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:40:46.0134 0x1bd0  arcsas - ok
19:40:46.0174 0x1bd0  [ 10E9A8034C6843CA516BDB79D5D57B02, DDE72382AADD1477344308671E802157E59C8D9F11C0BF8D58722326B57B7645 ] asahci64        C:\Windows\system32\DRIVERS\asahci64.sys
19:40:46.0214 0x1bd0  asahci64 - ok
19:40:46.0234 0x1bd0  [ 6FE3237C1177E66437E7AD0E8AC1A6E5, 3223D4E57150DE8F768BC1BE0E6DCFFC6CA5B09DC7D7ADF283C90929100B0B7B ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
19:40:46.0334 0x1bd0  asmthub3 - ok
19:40:46.0404 0x1bd0  [ C4043E39A2ABBC56581CA25DF161E9F7, 1B53A8BEE4823EA842A00F5304428F0B4D14078045CF84ED20D8DF0FB8826040 ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
19:40:46.0504 0x1bd0  asmtxhci - ok
19:40:46.0794 0x1bd0  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:40:46.0994 0x1bd0  aspnet_state - ok
19:40:47.0024 0x1bd0  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:40:47.0084 0x1bd0  AsyncMac - ok
19:40:47.0234 0x1bd0  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
19:40:47.0244 0x1bd0  atapi - ok
19:40:47.0474 0x1bd0  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:40:47.0554 0x1bd0  AudioEndpointBuilder - ok
19:40:47.0614 0x1bd0  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:40:47.0634 0x1bd0  AudioSrv - ok
19:40:47.0925 0x1bd0  [ D1A9AE485FFF7C72CA50D8949B2210B9, 937E02439519E3837DBEFE3D17123104BA5B1636E7AC322B634DC135B3024B50 ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
19:40:48.0045 0x1bd0  AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
19:40:50.0475 0x1bd0  Detect skipped due to KSN trusted
19:40:50.0475 0x1bd0  AVM WLAN Connection Service - ok
19:40:50.0585 0x1bd0  [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject        C:\Windows\system32\drivers\avmeject.sys
19:40:50.0625 0x1bd0  avmeject - ok
19:40:50.0685 0x1bd0  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:40:50.0755 0x1bd0  AxInstSV - ok
19:40:50.0795 0x1bd0  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
19:40:50.0845 0x1bd0  b06bdrv - ok
19:40:50.0885 0x1bd0  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:40:50.0915 0x1bd0  b57nd60a - ok
19:40:50.0975 0x1bd0  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:40:51.0035 0x1bd0  BDESVC - ok
19:40:51.0055 0x1bd0  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:40:51.0075 0x1bd0  Beep - ok
19:40:51.0155 0x1bd0  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
19:40:51.0295 0x1bd0  BFE - ok
19:40:51.0485 0x1bd0  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
19:40:51.0555 0x1bd0  BITS - ok
19:40:51.0615 0x1bd0  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:40:51.0655 0x1bd0  blbdrive - ok
19:40:51.0835 0x1bd0  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:40:51.0855 0x1bd0  Bonjour Service - ok
19:40:51.0915 0x1bd0  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:40:52.0005 0x1bd0  bowser - ok
19:40:52.0025 0x1bd0  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
19:40:52.0055 0x1bd0  BrFiltLo - ok
19:40:52.0085 0x1bd0  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
19:40:52.0125 0x1bd0  BrFiltUp - ok
19:40:52.0145 0x1bd0  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
19:40:52.0165 0x1bd0  Browser - ok
19:40:52.0185 0x1bd0  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:40:52.0255 0x1bd0  Brserid - ok
19:40:52.0265 0x1bd0  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:40:52.0305 0x1bd0  BrSerWdm - ok
19:40:52.0335 0x1bd0  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:40:52.0365 0x1bd0  BrUsbMdm - ok
19:40:52.0405 0x1bd0  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:40:52.0435 0x1bd0  BrUsbSer - ok
19:40:52.0465 0x1bd0  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:40:52.0485 0x1bd0  BTHMODEM - ok
19:40:52.0525 0x1bd0  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
19:40:52.0575 0x1bd0  bthserv - ok
19:40:52.0605 0x1bd0  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:40:52.0635 0x1bd0  cdfs - ok
19:40:52.0675 0x1bd0  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:40:52.0715 0x1bd0  cdrom - ok
19:40:52.0775 0x1bd0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
19:40:52.0825 0x1bd0  CertPropSvc - ok
19:40:52.0895 0x1bd0  [ 3B6316004C773CFAD5E6C38EC5DDDBD4, 7F8A68A6267E0C8EC11F84A1034F71991DBD78BB1C7440B6D4AE025EFBCBB534 ] cfwids          C:\Windows\system32\drivers\cfwids.sys
19:40:52.0915 0x1bd0  cfwids - ok
19:40:52.0935 0x1bd0  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
19:40:52.0965 0x1bd0  circlass - ok
19:40:53.0075 0x1bd0  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
19:40:53.0105 0x1bd0  CLFS - ok
19:40:53.0765 0x1bd0  [ 399F2E92269D4559F1A813624DD78496, 731606646390D2B279B2A51C8AE0E38E5CDE271CDA7D00061186EBBC3E37A72E ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
19:40:53.0825 0x1bd0  ClickToRunSvc - ok
19:40:54.0055 0x1bd0  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:40:54.0095 0x1bd0  clr_optimization_v2.0.50727_32 - ok
19:40:54.0175 0x1bd0  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:40:54.0215 0x1bd0  clr_optimization_v2.0.50727_64 - ok
19:40:54.0495 0x1bd0  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:40:54.0795 0x1bd0  clr_optimization_v4.0.30319_32 - ok
19:40:54.0805 0x1bd0  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:40:54.0915 0x1bd0  clr_optimization_v4.0.30319_64 - ok
19:40:54.0935 0x1bd0  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
19:40:54.0985 0x1bd0  CmBatt - ok
19:40:55.0025 0x1bd0  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:40:55.0035 0x1bd0  cmdide - ok
19:40:55.0145 0x1bd0  [ E45CDE1C8340DFEDF1D6724263F39E5B, 8B8091D0A8FF08170F34DA01A4201DAE7C3D026226BC77B5C2EC67657C670168 ] CNG             C:\Windows\system32\Drivers\cng.sys
19:40:55.0195 0x1bd0  CNG - ok
19:40:55.0445 0x1bd0  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
19:40:55.0485 0x1bd0  Compbatt - ok
19:40:55.0595 0x1bd0  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
19:40:55.0625 0x1bd0  CompositeBus - ok
19:40:55.0645 0x1bd0  COMSysApp - ok
19:40:55.0655 0x1bd0  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
19:40:55.0675 0x1bd0  crcdisk - ok
19:40:55.0765 0x1bd0  [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:40:55.0835 0x1bd0  CryptSvc - ok
19:40:55.0915 0x1bd0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:40:55.0985 0x1bd0  DcomLaunch - ok
19:40:56.0065 0x1bd0  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
19:40:56.0155 0x1bd0  defragsvc - ok
19:40:56.0205 0x1bd0  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:40:56.0235 0x1bd0  DfsC - ok
19:40:56.0275 0x1bd0  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:40:56.0495 0x1bd0  Dhcp - ok
19:40:56.0545 0x1bd0  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
19:40:56.0695 0x1bd0  discache - ok
19:40:56.0745 0x1bd0  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
19:40:56.0755 0x1bd0  Disk - ok
19:40:56.0825 0x1bd0  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:40:56.0845 0x1bd0  Dnscache - ok
19:40:56.0905 0x1bd0  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:40:56.0985 0x1bd0  dot3svc - ok
19:40:57.0075 0x1bd0  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
19:40:57.0195 0x1bd0  DPS - ok
19:40:57.0725 0x1bd0  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:40:57.0885 0x1bd0  drmkaud - ok
19:40:58.0475 0x1bd0  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:40:58.0535 0x1bd0  DXGKrnl - ok
19:40:58.0595 0x1bd0  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
19:40:58.0655 0x1bd0  EapHost - ok
19:40:59.0166 0x1bd0  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
19:40:59.0396 0x1bd0  ebdrv - ok
19:40:59.0526 0x1bd0  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] EFS             C:\Windows\System32\lsass.exe
19:40:59.0556 0x1bd0  EFS - ok
19:40:59.0786 0x1bd0  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:41:00.0126 0x1bd0  ehRecvr - ok
19:41:00.0166 0x1bd0  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
19:41:00.0266 0x1bd0  ehSched - ok
19:41:00.0376 0x1bd0  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
19:41:00.0426 0x1bd0  elxstor - ok
19:41:00.0436 0x1bd0  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:41:00.0526 0x1bd0  ErrDev - ok
19:41:00.0716 0x1bd0  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
19:41:00.0996 0x1bd0  EventSystem - ok
19:41:01.0036 0x1bd0  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
19:41:01.0206 0x1bd0  exfat - ok
19:41:01.0356 0x1bd0  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:41:01.0676 0x1bd0  fastfat - ok
19:41:01.0896 0x1bd0  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
19:41:02.0276 0x1bd0  Fax - ok
19:41:02.0316 0x1bd0  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
19:41:02.0406 0x1bd0  fdc - ok
19:41:02.0476 0x1bd0  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
19:41:02.0516 0x1bd0  fdPHost - ok
19:41:02.0566 0x1bd0  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:41:02.0616 0x1bd0  FDResPub - ok
19:41:02.0666 0x1bd0  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:41:02.0686 0x1bd0  FileInfo - ok
19:41:02.0716 0x1bd0  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:41:05.0136 0x1bd0  Filetrace - ok
19:41:05.0156 0x1bd0  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
19:41:05.0256 0x1bd0  flpydisk - ok
19:41:05.0486 0x1bd0  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:41:05.0516 0x1bd0  FltMgr - ok
19:41:05.0676 0x1bd0  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
19:41:05.0886 0x1bd0  FontCache - ok
19:41:05.0976 0x1bd0  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:41:05.0996 0x1bd0  FontCache3.0.0.0 - ok
19:41:06.0026 0x1bd0  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:41:06.0046 0x1bd0  FsDepends - ok
19:41:06.0076 0x1bd0  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:41:06.0106 0x1bd0  Fs_Rec - ok
19:41:06.0206 0x1bd0  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:41:06.0266 0x1bd0  fvevol - ok
19:41:06.0376 0x1bd0  [ 444534CBA693DD23C1CC589681E01656, DF8ED7FFA66E0A88EBB58A491A177D8CEB35B08B0911D7A1F4B8865755DC27CE ] FWLANUSB        C:\Windows\system32\DRIVERS\fwlanusb.sys
19:41:06.0566 0x1bd0  FWLANUSB - ok
19:41:06.0596 0x1bd0  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:41:06.0626 0x1bd0  gagp30kx - ok
19:41:06.0686 0x1bd0  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:41:06.0726 0x1bd0  GEARAspiWDM - ok
19:41:07.0027 0x1bd0  [ A27A06D8359BC5202F2F8E3240DE205F, C2BB64106D6894E6CF45121FE3ECCDE2A00CAE9268CF5ECA11F436C10DBFC6F0 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
19:41:07.0067 0x1bd0  GfExperienceService - ok
19:41:07.0237 0x1bd0  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
19:41:07.0317 0x1bd0  gpsvc - ok
19:41:07.0427 0x1bd0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:41:07.0437 0x1bd0  gupdate - ok
19:41:07.0507 0x1bd0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:41:07.0527 0x1bd0  gupdatem - ok
19:41:07.0557 0x1bd0  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:41:07.0667 0x1bd0  hcw85cir - ok
19:41:07.0837 0x1bd0  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:41:07.0907 0x1bd0  HdAudAddService - ok
19:41:07.0947 0x1bd0  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:41:08.0027 0x1bd0  HDAudBus - ok
19:41:08.0077 0x1bd0  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
19:41:08.0127 0x1bd0  HidBatt - ok
19:41:08.0157 0x1bd0  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:41:08.0187 0x1bd0  HidBth - ok
19:41:08.0237 0x1bd0  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
19:41:08.0277 0x1bd0  HidIr - ok
19:41:08.0317 0x1bd0  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
19:41:08.0387 0x1bd0  hidserv - ok
19:41:08.0477 0x1bd0  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:41:08.0527 0x1bd0  HidUsb - ok
19:41:08.0737 0x1bd0  [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK      C:\Windows\system32\drivers\HipShieldK.sys
19:41:08.0917 0x1bd0  HipShieldK - ok
19:41:08.0947 0x1bd0  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:41:09.0007 0x1bd0  hkmsvc - ok
19:41:09.0077 0x1bd0  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:41:09.0127 0x1bd0  HomeGroupListener - ok
19:41:09.0207 0x1bd0  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:41:09.0287 0x1bd0  HomeGroupProvider - ok
19:41:09.0617 0x1bd0  [ B2C832BBF64964F755D39174BC49F7B9, 324088F2A8B88AC2FDBBC7A0B49239E32F87980CCA1A97E86A828813B5C637C8 ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
19:41:09.0657 0x1bd0  HomeNetSvc - ok
19:41:09.0687 0x1bd0  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:41:09.0707 0x1bd0  HpSAMD - ok
19:41:09.0907 0x1bd0  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:41:10.0057 0x1bd0  HTTP - ok
19:41:10.0077 0x1bd0  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:41:10.0097 0x1bd0  hwpolicy - ok
19:41:10.0137 0x1bd0  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
19:41:10.0167 0x1bd0  i8042prt - ok
19:41:10.0267 0x1bd0  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:41:10.0367 0x1bd0  iaStorV - ok
19:41:10.0557 0x1bd0  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:41:10.0607 0x1bd0  idsvc - ok
19:41:10.0667 0x1bd0  IEEtwCollectorService - ok
19:41:10.0687 0x1bd0  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
19:41:10.0697 0x1bd0  iirsp - ok
19:41:10.0907 0x1bd0  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
19:41:11.0077 0x1bd0  IKEEXT - ok
19:41:11.0387 0x1bd0  [ 254FAAE42AFC641C0BE628DE123EA9DE, 9F59D4A71A37E3135736482685191316C0EF67D230206CAFA95C8561BB3F1C4C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:41:11.0557 0x1bd0  IntcAzAudAddService - ok
19:41:11.0607 0x1bd0  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:41:11.0617 0x1bd0  intelide - ok
19:41:11.0667 0x1bd0  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:41:11.0687 0x1bd0  intelppm - ok
19:41:11.0737 0x1bd0  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:41:11.0817 0x1bd0  IPBusEnum - ok
19:41:11.0857 0x1bd0  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:41:11.0927 0x1bd0  IpFilterDriver - ok
19:41:12.0157 0x1bd0  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:41:12.0317 0x1bd0  iphlpsvc - ok
19:41:12.0377 0x1bd0  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:41:12.0427 0x1bd0  IPMIDRV - ok
19:41:12.0447 0x1bd0  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:41:12.0487 0x1bd0  IPNAT - ok
19:41:12.0647 0x1bd0  [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:41:12.0737 0x1bd0  iPod Service - ok
19:41:12.0777 0x1bd0  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:41:12.0807 0x1bd0  IRENUM - ok
19:41:12.0837 0x1bd0  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:41:12.0877 0x1bd0  isapnp - ok
19:41:12.0967 0x1bd0  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:41:13.0027 0x1bd0  iScsiPrt - ok
19:41:13.0067 0x1bd0  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:41:13.0097 0x1bd0  kbdclass - ok
19:41:13.0127 0x1bd0  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:41:13.0157 0x1bd0  kbdhid - ok
19:41:13.0187 0x1bd0  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] KeyIso          C:\Windows\system32\lsass.exe
19:41:13.0207 0x1bd0  KeyIso - ok
19:41:13.0267 0x1bd0  [ C60C6B9A2E50B0404F6789C62B428C03, 0DFFAACBA038FB3D994049E7BBC8E0C63CB8B4A68C4AB770AD995B66B017C25B ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:41:13.0297 0x1bd0  KSecDD - ok
19:41:13.0397 0x1bd0  [ 78D152A9FD5747FF6AA89C79F0346F62, 69138077E84E5324751E3C8B80D05BE58EDF03CEC84F69B734537F10F6998F3B ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:41:13.0487 0x1bd0  KSecPkg - ok
19:41:13.0537 0x1bd0  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:41:13.0587 0x1bd0  ksthunk - ok
19:41:13.0657 0x1bd0  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:41:13.0897 0x1bd0  KtmRm - ok
19:41:13.0967 0x1bd0  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:41:14.0077 0x1bd0  LanmanServer - ok
19:41:14.0147 0x1bd0  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:41:14.0187 0x1bd0  LanmanWorkstation - ok
19:41:14.0237 0x1bd0  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:41:14.0307 0x1bd0  lltdio - ok
19:41:14.0417 0x1bd0  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:41:14.0537 0x1bd0  lltdsvc - ok
19:41:14.0577 0x1bd0  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:41:14.0637 0x1bd0  lmhosts - ok
19:41:14.0737 0x1bd0  [ DF86570FFC4F8A7E38595CC072B19A5B, A2E38C323BF55018990349E22E82EA48866EC3B6BB634CF2EB00ACE64926E3A3 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:41:14.0777 0x1bd0  LMS - ok
19:41:14.0857 0x1bd0  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:41:14.0887 0x1bd0  LSI_FC - ok
19:41:14.0957 0x1bd0  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:41:14.0977 0x1bd0  LSI_SAS - ok
19:41:15.0017 0x1bd0  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
19:41:15.0037 0x1bd0  LSI_SAS2 - ok
19:41:15.0077 0x1bd0  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:41:15.0097 0x1bd0  LSI_SCSI - ok
19:41:15.0137 0x1bd0  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
19:41:15.0177 0x1bd0  luafv - ok
19:41:15.0417 0x1bd0  [ 2D94EFDD340BBD9DE7D5F627B298512D, A9DE485352616A37DFD32270BBB65CA15B34CF26394A9418A5182801569AEBCD ] McAfee SiteAdvisor Service c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
19:41:15.0447 0x1bd0  McAfee SiteAdvisor Service - ok
19:41:15.0687 0x1bd0  [ BAE3593DD40B29D0451E704A7B3FE72B, AAFB2DF27BD637B5D968AEE11DAF73EDEEE4AE04F3F04D0ED3BF8FF5E203DB11 ] McAPExe         C:\Program Files\McAfee\MSC\McAPExe.exe
19:41:15.0727 0x1bd0  McAPExe - ok
19:41:15.0947 0x1bd0  [ BF9EB1361EF8D456AB15D5AC2765D860, 5A622F26203438BAF768EFAFCAFD78971E90EE6A0A9FC954FE8A68D5B4C9E9C9 ] mccspsvc        C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe
19:41:15.0987 0x1bd0  mccspsvc - ok
19:41:16.0117 0x1bd0  [ B2C832BBF64964F755D39174BC49F7B9, 324088F2A8B88AC2FDBBC7A0B49239E32F87980CCA1A97E86A828813B5C637C8 ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
19:41:16.0137 0x1bd0  McMPFSvc - ok
19:41:16.0217 0x1bd0  [ B2C832BBF64964F755D39174BC49F7B9, 324088F2A8B88AC2FDBBC7A0B49239E32F87980CCA1A97E86A828813B5C637C8 ] McNaiAnn        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
19:41:16.0237 0x1bd0  McNaiAnn - ok
19:41:16.0457 0x1bd0  [ 23CBDFFE2B580A649DB2D4BB50B1DADF, 771FC99477FDCF98994691CA1BDFB65DF07B93CD563A77068665DC85BF919CB8 ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
19:41:16.0487 0x1bd0  McODS - ok
19:41:16.0557 0x1bd0  [ B2C832BBF64964F755D39174BC49F7B9, 324088F2A8B88AC2FDBBC7A0B49239E32F87980CCA1A97E86A828813B5C637C8 ] mcpltsvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
19:41:16.0587 0x1bd0  mcpltsvc - ok
19:41:16.0607 0x1bd0  [ B2C832BBF64964F755D39174BC49F7B9, 324088F2A8B88AC2FDBBC7A0B49239E32F87980CCA1A97E86A828813B5C637C8 ] McProxy         C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
19:41:16.0627 0x1bd0  McProxy - ok
19:41:16.0667 0x1bd0  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:41:16.0707 0x1bd0  Mcx2Svc - ok
19:41:16.0717 0x1bd0  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
19:41:16.0737 0x1bd0  megasas - ok
19:41:16.0847 0x1bd0  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
19:41:16.0887 0x1bd0  MegaSR - ok
19:41:16.0958 0x1bd0  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
19:41:16.0978 0x1bd0  MEIx64 - ok
19:41:17.0078 0x1bd0  [ 1A0C96A38A888838DF9523C973E3FE87, 9C41EDBFA21DF2684EED81AD56FC440AED002FB5C760DECFF1A454835273637B ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys
19:41:17.0108 0x1bd0  mfeapfk - ok
19:41:17.0228 0x1bd0  [ 3EAF75ED747B2D60ABA4E45107D96E80, DC8141AAE425417F64D5070D573A0BDA40CF4FBDE041240FB331B2DDF0F8A361 ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
19:41:17.0328 0x1bd0  mfeavfk - ok
19:41:17.0518 0x1bd0  [ 862CCECA53B237BDF3AA52EDD681FCE1, 752850CE18FD2ED747EDB4A2DE4D9B7730A704A992FDC2C99C84A7E48F1CCDA4 ] mfecore         C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
19:41:17.0588 0x1bd0  mfecore - ok
19:41:17.0828 0x1bd0  [ 12279E1080026A15D272AE6AAB97FBC7, A52F2D9B7CECA6D1CF28B72F5766F001F1480F08C7ACDC32BC7F9057FBBF9277 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
19:41:17.0848 0x1bd0  mfefire - ok
19:41:18.0018 0x1bd0  [ 07CFCE5D75C27474E20DE8715794F229, C20F36B242DB592D2FE1EB43EA339514969BAB9561D76FAC7CA6204F6AFCB8B8 ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
19:41:18.0118 0x1bd0  mfefirek - ok
19:41:18.0228 0x1bd0  [ 29D0483A9EBB01DB2036A52E3BF23D6B, D4D6FDE489E937634BEA2C2F5DF65C560E5160AD9EA85088A59AE88FD9C06B2E ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
19:41:18.0328 0x1bd0  mfehidk - ok
19:41:18.0478 0x1bd0  [ 7E0CB59045BEB5976B32C3541DB0BFBB, 8D9B760772D885611DAD5AB4C82705FC8608B8C7F2BC30A19883506A81A804B1 ] mfencbdc        C:\Windows\system32\DRIVERS\mfencbdc.sys
19:41:18.0548 0x1bd0  mfencbdc - ok
19:41:18.0608 0x1bd0  [ 4B34DFBC138C5C8FAC6F814575E41376, 584F76A0EA8ADAC415D118796E7B08969ABE717CB0FCC2D3B505BF86450D4E40 ] mfencrk         C:\Windows\system32\DRIVERS\mfencrk.sys
19:41:18.0628 0x1bd0  mfencrk - ok
19:41:18.0728 0x1bd0  [ 9A642F163F1FB12DE395A6010A9AD687, A86E092417C0C40E6FB9F6206D82391CEE4495FFA6F8A442BE50D349ACBA44B9 ] mfevtp          C:\Windows\system32\mfevtps.exe
19:41:18.0768 0x1bd0  mfevtp - ok
19:41:18.0858 0x1bd0  [ 1134C87CC1184F5B88F0C7002ACFDC99, 9029E15BF5186258CACF7D46F0E182949E93B78B3F17ED680FE8ECF12EFFF646 ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
19:41:18.0918 0x1bd0  mfewfpk - ok
19:41:18.0958 0x1bd0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
19:41:19.0018 0x1bd0  MMCSS - ok
19:41:19.0048 0x1bd0  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
19:41:19.0118 0x1bd0  Modem - ok
19:41:19.0178 0x1bd0  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:41:19.0238 0x1bd0  monitor - ok
19:41:19.0288 0x1bd0  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:41:19.0318 0x1bd0  mouclass - ok
19:41:19.0318 0x1bd0  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:41:19.0348 0x1bd0  mouhid - ok
19:41:19.0358 0x1bd0  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:41:19.0388 0x1bd0  mountmgr - ok
19:41:19.0488 0x1bd0  [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:41:19.0508 0x1bd0  MozillaMaintenance - ok
19:41:19.0528 0x1bd0  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:41:19.0548 0x1bd0  mpio - ok
19:41:19.0578 0x1bd0  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:41:19.0618 0x1bd0  mpsdrv - ok
19:41:19.0738 0x1bd0  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:41:19.0828 0x1bd0  MpsSvc - ok
19:41:19.0878 0x1bd0  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:41:19.0968 0x1bd0  MRxDAV - ok
19:41:20.0008 0x1bd0  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:41:20.0078 0x1bd0  mrxsmb - ok
19:41:20.0148 0x1bd0  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:41:20.0178 0x1bd0  mrxsmb10 - ok
19:41:20.0228 0x1bd0  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:41:20.0258 0x1bd0  mrxsmb20 - ok
19:41:20.0308 0x1bd0  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:41:20.0338 0x1bd0  msahci - ok
19:41:20.0378 0x1bd0  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:41:20.0418 0x1bd0  msdsm - ok
19:41:20.0468 0x1bd0  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
19:41:20.0478 0x1bd0  MSDTC - ok
19:41:20.0508 0x1bd0  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:41:20.0568 0x1bd0  Msfs - ok
19:41:20.0588 0x1bd0  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:41:20.0668 0x1bd0  mshidkmdf - ok
19:41:20.0708 0x1bd0  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:41:20.0728 0x1bd0  msisadrv - ok
19:41:20.0808 0x1bd0  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:41:20.0908 0x1bd0  MSiSCSI - ok
19:41:20.0908 0x1bd0  msiserver - ok
19:41:21.0018 0x1bd0  [ B2C832BBF64964F755D39174BC49F7B9, 324088F2A8B88AC2FDBBC7A0B49239E32F87980CCA1A97E86A828813B5C637C8 ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
19:41:21.0058 0x1bd0  MSK80Service - ok
19:41:21.0118 0x1bd0  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:41:21.0528 0x1bd0  MSKSSRV - ok
19:41:21.0558 0x1bd0  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:41:21.0618 0x1bd0  MSPCLOCK - ok
19:41:21.0668 0x1bd0  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:41:21.0748 0x1bd0  MSPQM - ok
19:41:21.0828 0x1bd0  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:41:21.0878 0x1bd0  MsRPC - ok
19:41:21.0908 0x1bd0  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
19:41:21.0918 0x1bd0  mssmbios - ok
19:41:21.0948 0x1bd0  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:41:22.0018 0x1bd0  MSTEE - ok
19:41:22.0068 0x1bd0  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
19:41:22.0098 0x1bd0  MTConfig - ok
19:41:22.0138 0x1bd0  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
19:41:22.0158 0x1bd0  Mup - ok
19:41:22.0268 0x1bd0  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
19:41:22.0368 0x1bd0  napagent - ok
19:41:22.0468 0x1bd0  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:41:22.0588 0x1bd0  NativeWifiP - ok
19:41:22.0798 0x1bd0  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:41:22.0848 0x1bd0  NDIS - ok
19:41:22.0898 0x1bd0  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:41:22.0928 0x1bd0  NdisCap - ok
19:41:22.0958 0x1bd0  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:41:22.0988 0x1bd0  NdisTapi - ok
19:41:23.0028 0x1bd0  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:41:23.0078 0x1bd0  Ndisuio - ok
19:41:23.0118 0x1bd0  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:41:23.0218 0x1bd0  NdisWan - ok
19:41:23.0268 0x1bd0  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:41:23.0318 0x1bd0  NDProxy - ok
19:41:23.0378 0x1bd0  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:41:23.0438 0x1bd0  NetBIOS - ok
19:41:23.0528 0x1bd0  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:41:23.0578 0x1bd0  NetBT - ok
19:41:23.0588 0x1bd0  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] Netlogon        C:\Windows\system32\lsass.exe
19:41:23.0598 0x1bd0  Netlogon - ok
19:41:23.0678 0x1bd0  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
19:41:23.0748 0x1bd0  Netman - ok
19:41:23.0858 0x1bd0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:41:23.0918 0x1bd0  NetMsmqActivator - ok
19:41:23.0928 0x1bd0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:41:23.0938 0x1bd0  NetPipeActivator - ok
19:41:24.0048 0x1bd0  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
19:41:24.0158 0x1bd0  netprofm - ok
19:41:24.0168 0x1bd0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:41:24.0188 0x1bd0  NetTcpActivator - ok
19:41:24.0188 0x1bd0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:41:24.0208 0x1bd0  NetTcpPortSharing - ok
19:41:24.0228 0x1bd0  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
19:41:24.0248 0x1bd0  nfrd960 - ok
19:41:24.0348 0x1bd0  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:41:24.0428 0x1bd0  NlaSvc - ok
19:41:24.0448 0x1bd0  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:41:24.0498 0x1bd0  Npfs - ok
19:41:24.0528 0x1bd0  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
19:41:24.0558 0x1bd0  nsi - ok
19:41:24.0578 0x1bd0  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:41:24.0658 0x1bd0  nsiproxy - ok
19:41:24.0838 0x1bd0  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:41:24.0908 0x1bd0  Ntfs - ok
19:41:24.0939 0x1bd0  NTIOLib_1_0_C - ok
19:41:24.0959 0x1bd0  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
19:41:25.0049 0x1bd0  Null - ok
19:41:25.0139 0x1bd0  [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
19:41:25.0169 0x1bd0  NVHDA - ok
19:41:26.0589 0x1bd0  [ 2232AE1BB51A96A7381A2CA17DF12E24, 4813E27BC14EB3CBD55AF89B098EA5C8DA4C7FF0B6CCB7AACFC43BC0E578C988 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:41:27.0059 0x1bd0  nvlddmkm - ok
19:41:27.0399 0x1bd0  [ 507E699BD36530491BA0F95251B22F06, BDE6EB91FADBCB8CE16C31EF43A97DC6CC5D0F4EBAEA7903810556D0D70F54BC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
19:41:27.0549 0x1bd0  NvNetworkService - ok
19:41:27.0589 0x1bd0  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:41:27.0629 0x1bd0  nvraid - ok
19:41:27.0709 0x1bd0  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:41:27.0739 0x1bd0  nvstor - ok
19:41:27.0919 0x1bd0  [ 7E4C1879248629A2C9CC9ADF52CBB9B7, 856FF60FD111C3C80B137BC62B7EF92D3B95FBA462A29F97D65457A5A507506E ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
19:41:27.0959 0x1bd0  NvStreamKms - ok
19:41:29.0669 0x1bd0  [ C3EB27E4BC00283CA166A9FC42B90FC7, FED7F68D1C6EB442292E40DCFAEE7339AE21D5EF726A9DC9BCB6AB5C5873B3E0 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
19:41:33.0209 0x1bd0  NvStreamSvc - ok
19:41:33.0479 0x1bd0  [ 2C8DD5A34A81715865D66D7AF39362A6, 62F9D873127921EE2EAA80B73E8994C4BF6DA7EEDACAEA030B8D58E086FD3850 ] nvsvc           C:\Windows\system32\nvvsvc.exe
19:41:33.0549 0x1bd0  nvsvc - ok
19:41:33.0679 0x1bd0  [ 1AF619620613869C07F9C147BC37520F, 0AD4E100354E201D5E72BA236C1464F5083A7E3B58C4AC6BA712489D258955F5 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
19:41:33.0699 0x1bd0  nvvad_WaveExtensible - ok
19:41:33.0749 0x1bd0  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:41:33.0779 0x1bd0  nv_agp - ok
19:41:33.0799 0x1bd0  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:41:33.0889 0x1bd0  ohci1394 - ok
19:41:34.0019 0x1bd0  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:41:34.0049 0x1bd0  ose - ok
19:41:34.0879 0x1bd0  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:41:35.0050 0x1bd0  osppsvc - ok
19:41:35.0150 0x1bd0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:41:35.0220 0x1bd0  p2pimsvc - ok
19:41:35.0280 0x1bd0  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
19:41:35.0330 0x1bd0  p2psvc - ok
19:41:35.0370 0x1bd0  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
19:41:35.0400 0x1bd0  Parport - ok
19:41:35.0450 0x1bd0  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:41:35.0480 0x1bd0  partmgr - ok
19:41:35.0580 0x1bd0  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:41:35.0700 0x1bd0  PcaSvc - ok
19:41:35.0740 0x1bd0  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
19:41:35.0790 0x1bd0  pci - ok
19:41:35.0840 0x1bd0  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
19:41:35.0860 0x1bd0  pciide - ok
19:41:35.0900 0x1bd0  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:41:35.0920 0x1bd0  pcmcia - ok
19:41:35.0950 0x1bd0  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:41:35.0970 0x1bd0  pcw - ok
19:41:36.0050 0x1bd0  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:41:36.0130 0x1bd0  PEAUTH - ok
19:41:36.0800 0x1bd0  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:41:37.0050 0x1bd0  PerfHost - ok
19:41:37.0240 0x1bd0  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
19:41:37.0350 0x1bd0  pla - ok
19:41:37.0450 0x1bd0  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:41:37.0590 0x1bd0  PlugPlay - ok
19:41:37.0640 0x1bd0  PnkBstrA - ok
19:41:37.0670 0x1bd0  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:41:37.0740 0x1bd0  PNRPAutoReg - ok
19:41:37.0850 0x1bd0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:41:37.0890 0x1bd0  PNRPsvc - ok
19:41:38.0020 0x1bd0  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:41:38.0130 0x1bd0  PolicyAgent - ok
19:41:38.0170 0x1bd0  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
19:41:38.0260 0x1bd0  Power - ok
19:41:38.0300 0x1bd0  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:41:38.0330 0x1bd0  PptpMiniport - ok
19:41:38.0350 0x1bd0  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
19:41:38.0370 0x1bd0  Processor - ok
19:41:38.0520 0x1bd0  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:41:38.0580 0x1bd0  ProfSvc - ok
19:41:38.0620 0x1bd0  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:41:38.0640 0x1bd0  ProtectedStorage - ok
19:41:38.0690 0x1bd0  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:41:38.0770 0x1bd0  Psched - ok
19:41:39.0140 0x1bd0  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:41:39.0200 0x1bd0  ql2300 - ok
19:41:39.0240 0x1bd0  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:41:39.0270 0x1bd0  ql40xx - ok
19:41:39.0300 0x1bd0  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
19:41:39.0340 0x1bd0  QWAVE - ok
19:41:39.0350 0x1bd0  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:41:39.0410 0x1bd0  QWAVEdrv - ok
19:41:39.0440 0x1bd0  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:41:39.0500 0x1bd0  RasAcd - ok
19:41:39.0560 0x1bd0  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:41:39.0600 0x1bd0  RasAgileVpn - ok
19:41:39.0650 0x1bd0  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
19:41:39.0680 0x1bd0  RasAuto - ok
19:41:39.0710 0x1bd0  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:41:39.0770 0x1bd0  Rasl2tp - ok
19:41:39.0820 0x1bd0  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
19:41:39.0930 0x1bd0  RasMan - ok
19:41:39.0970 0x1bd0  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:41:40.0070 0x1bd0  RasPppoe - ok
19:41:40.0120 0x1bd0  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:41:40.0190 0x1bd0  RasSstp - ok
19:41:40.0280 0x1bd0  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:41:40.0360 0x1bd0  rdbss - ok
19:41:40.0380 0x1bd0  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
19:41:40.0470 0x1bd0  rdpbus - ok
19:41:40.0520 0x1bd0  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:41:40.0570 0x1bd0  RDPCDD - ok
19:41:40.0620 0x1bd0  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:41:40.0670 0x1bd0  RDPENCDD - ok
19:41:40.0720 0x1bd0  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:41:40.0770 0x1bd0  RDPREFMP - ok
19:41:40.0860 0x1bd0  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:41:40.0970 0x1bd0  RDPWD - ok
19:41:41.0030 0x1bd0  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:41:41.0070 0x1bd0  rdyboost - ok
19:41:41.0150 0x1bd0  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:41:41.0190 0x1bd0  RemoteAccess - ok
19:41:41.0240 0x1bd0  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:41:41.0370 0x1bd0  RemoteRegistry - ok
19:41:41.0400 0x1bd0  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:41:41.0450 0x1bd0  RpcEptMapper - ok
19:41:41.0490 0x1bd0  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
19:41:41.0520 0x1bd0  RpcLocator - ok
19:41:41.0550 0x1bd0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
19:41:41.0590 0x1bd0  RpcSs - ok
19:41:41.0670 0x1bd0  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:41:41.0720 0x1bd0  rspndr - ok
19:41:41.0830 0x1bd0  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
19:41:41.0860 0x1bd0  RTL8167 - ok
19:41:41.0920 0x1bd0  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] SamSs           C:\Windows\system32\lsass.exe
19:41:41.0950 0x1bd0  SamSs - ok
19:41:41.0980 0x1bd0  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:41:42.0000 0x1bd0  sbp2port - ok
19:41:42.0060 0x1bd0  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:41:42.0170 0x1bd0  SCardSvr - ok
19:41:42.0210 0x1bd0  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:41:42.0270 0x1bd0  scfilter - ok
19:41:42.0460 0x1bd0  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
19:41:42.0570 0x1bd0  Schedule - ok
19:41:42.0610 0x1bd0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:41:42.0640 0x1bd0  SCPolicySvc - ok
19:41:42.0670 0x1bd0  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:41:42.0720 0x1bd0  SDRSVC - ok
19:41:42.0740 0x1bd0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:41:42.0770 0x1bd0  secdrv - ok
19:41:42.0790 0x1bd0  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
19:41:42.0820 0x1bd0  seclogon - ok
19:41:42.0840 0x1bd0  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
19:41:42.0900 0x1bd0  SENS - ok
19:41:42.0910 0x1bd0  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:41:43.0020 0x1bd0  SensrSvc - ok
19:41:43.0060 0x1bd0  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
19:41:43.0110 0x1bd0  Serenum - ok
19:41:43.0140 0x1bd0  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
19:41:43.0170 0x1bd0  Serial - ok
19:41:43.0200 0x1bd0  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:41:43.0230 0x1bd0  sermouse - ok
19:41:43.0250 0x1bd0  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
19:41:43.0290 0x1bd0  SessionEnv - ok
19:41:43.0310 0x1bd0  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:41:43.0350 0x1bd0  sffdisk - ok
19:41:43.0350 0x1bd0  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:41:43.0370 0x1bd0  sffp_mmc - ok
19:41:43.0400 0x1bd0  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:41:43.0440 0x1bd0  sffp_sd - ok
19:41:43.0460 0x1bd0  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
19:41:43.0480 0x1bd0  sfloppy - ok
19:41:43.0560 0x1bd0  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:41:43.0620 0x1bd0  SharedAccess - ok
19:41:43.0650 0x1bd0  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:41:43.0690 0x1bd0  ShellHWDetection - ok
19:41:43.0710 0x1bd0  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
19:41:43.0730 0x1bd0  SiSRaid2 - ok
19:41:43.0750 0x1bd0  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:41:43.0770 0x1bd0  SiSRaid4 - ok
19:41:43.0890 0x1bd0  [ A9C057A9463C25490CF99EA8DF8A4B35, 8F4D1C40D0F17EDBF84ED455B8946F782C7552383F0A07E410A9B6CFF7F51D63 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
19:41:43.0910 0x1bd0  SkypeUpdate - ok
19:41:43.0940 0x1bd0  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:41:43.0970 0x1bd0  Smb - ok
19:41:44.0010 0x1bd0  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:41:44.0030 0x1bd0  SNMPTRAP - ok
19:41:44.0040 0x1bd0  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:41:44.0050 0x1bd0  spldr - ok
19:41:44.0170 0x1bd0  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
19:41:44.0290 0x1bd0  Spooler - ok
19:41:44.0590 0x1bd0  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
19:41:44.0720 0x1bd0  sppsvc - ok
19:41:44.0750 0x1bd0  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:41:44.0780 0x1bd0  sppuinotify - ok
19:41:44.0860 0x1bd0  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:41:44.0900 0x1bd0  srv - ok
19:41:44.0960 0x1bd0  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:41:45.0010 0x1bd0  srv2 - ok
19:41:45.0030 0x1bd0  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:41:45.0050 0x1bd0  srvnet - ok
19:41:45.0100 0x1bd0  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:41:45.0150 0x1bd0  SSDPSRV - ok
19:41:45.0180 0x1bd0  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:41:45.0250 0x1bd0  SstpSvc - ok
19:41:45.0560 0x1bd0  [ CC7ED069C2FC82B5B1555C2044C765CC, CE43363544A3EE2C5133CD0D47BF34AFAFA4EAD6AC9EB9A772EE55E89D4D89D4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:41:45.0610 0x1bd0  Steam Client Service - ok
19:41:45.0810 0x1bd0  [ D2230317777033CD0456990BFC4994E5, 0F2F559593EAD7AB4596E67E9AE56E5ABF5C945201366CFC972357C22A4F776A ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:41:45.0920 0x1bd0  Stereo Service - ok
19:41:45.0941 0x1bd0  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
19:41:45.0961 0x1bd0  stexstor - ok
19:41:46.0011 0x1bd0  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\drivers\serscan.sys
19:41:46.0061 0x1bd0  StillCam - ok
19:41:46.0181 0x1bd0  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
19:41:46.0261 0x1bd0  stisvc - ok
19:41:46.0281 0x1bd0  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
19:41:46.0301 0x1bd0  swenum - ok
19:41:46.0371 0x1bd0  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
19:41:46.0491 0x1bd0  swprv - ok
19:41:46.0701 0x1bd0  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
19:41:46.0771 0x1bd0  SysMain - ok
19:41:46.0781 0x1bd0  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:41:46.0841 0x1bd0  TabletInputService - ok
19:41:46.0911 0x1bd0  [ B08740047145B9BCE15BF75CA0F9718A, 3E2A8A5A2A4DC4D0F05E22EA2C0EBD85AA5C7C6854E873D53538D1F54B8F7C63 ] tap0901t        C:\Windows\system32\DRIVERS\tap0901t.sys
19:41:47.0021 0x1bd0  tap0901t - detected UnsignedFile.Multi.Generic ( 1 )
19:41:49.0441 0x1bd0  Detect skipped due to KSN trusted
19:41:49.0441 0x1bd0  tap0901t - ok
19:41:49.0531 0x1bd0  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:41:49.0591 0x1bd0  TapiSrv - ok
19:41:49.0641 0x1bd0  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
19:41:49.0691 0x1bd0  TBS - ok
19:41:49.0971 0x1bd0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:41:50.0091 0x1bd0  Tcpip - ok
19:41:50.0241 0x1bd0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:41:50.0291 0x1bd0  TCPIP6 - ok
19:41:50.0361 0x1bd0  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:41:50.0381 0x1bd0  tcpipreg - ok
19:41:50.0401 0x1bd0  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:41:50.0461 0x1bd0  TDPIPE - ok
19:41:50.0471 0x1bd0  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:41:50.0521 0x1bd0  TDTCP - ok
19:41:50.0581 0x1bd0  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:41:50.0621 0x1bd0  tdx - ok
19:41:50.0651 0x1bd0  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
19:41:50.0681 0x1bd0  TermDD - ok
19:41:50.0801 0x1bd0  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
19:41:50.0931 0x1bd0  TermService - ok
19:41:50.0951 0x1bd0  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
19:41:50.0971 0x1bd0  Themes - ok
19:41:51.0001 0x1bd0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
19:41:51.0031 0x1bd0  THREADORDER - ok
19:41:51.0061 0x1bd0  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
19:41:51.0111 0x1bd0  TrkWks - ok
19:41:51.0191 0x1bd0  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:41:51.0231 0x1bd0  TrustedInstaller - ok
19:41:51.0291 0x1bd0  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:41:51.0301 0x1bd0  tssecsrv - ok
19:41:51.0331 0x1bd0  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:41:51.0391 0x1bd0  TsUsbFlt - ok
19:41:51.0401 0x1bd0  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
19:41:51.0431 0x1bd0  TsUsbGD - ok
19:41:51.0481 0x1bd0  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:41:51.0581 0x1bd0  tunnel - ok
19:41:51.0831 0x1bd0  [ 2FD0FE0A0C721C8E47C5A3AE16E519B1, C0DE61AF32F01CF9BDA3E325F5F15D249C0FA4BB5FF720ED1916214907B4AF55 ] TunngleService  C:\Program Files (x86)\Tunngle\TnglCtrl.exe
19:41:51.0931 0x1bd0  TunngleService - detected UnsignedFile.Multi.Generic ( 1 )
19:41:54.0361 0x1bd0  Detect skipped due to KSN trusted
19:41:54.0361 0x1bd0  TunngleService - ok
19:41:54.0371 0x1bd0  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:41:54.0391 0x1bd0  uagp35 - ok
19:41:54.0451 0x1bd0  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:41:54.0541 0x1bd0  udfs - ok
19:41:54.0581 0x1bd0  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:41:54.0611 0x1bd0  UI0Detect - ok
19:41:54.0651 0x1bd0  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:41:54.0671 0x1bd0  uliagpkx - ok
19:41:54.0691 0x1bd0  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:41:54.0711 0x1bd0  umbus - ok
19:41:54.0721 0x1bd0  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
19:41:54.0751 0x1bd0  UmPass - ok
19:41:55.0061 0x1bd0  [ 1D2596FE2D7CF36C6F5F0D6B71E90E1E, B740DE7C7A3E5C4E5DF177673E823BC649C1351EE8AAAAAA76BBAE07606868D2 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:41:55.0151 0x1bd0  UNS - ok
19:41:55.0181 0x1bd0  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
19:41:55.0231 0x1bd0  upnphost - ok
19:41:55.0291 0x1bd0  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
19:41:55.0341 0x1bd0  USBAAPL64 - ok
19:41:55.0401 0x1bd0  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:41:55.0481 0x1bd0  usbccgp - ok
19:41:55.0541 0x1bd0  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:41:55.0631 0x1bd0  usbcir - ok
19:41:55.0661 0x1bd0  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
19:41:55.0711 0x1bd0  usbehci - ok
19:41:55.0781 0x1bd0  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:41:55.0831 0x1bd0  usbhub - ok
19:41:55.0871 0x1bd0  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:41:55.0881 0x1bd0  usbohci - ok
19:41:55.0911 0x1bd0  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
19:41:55.0951 0x1bd0  usbprint - ok
19:41:55.0971 0x1bd0  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:41:55.0991 0x1bd0  USBSTOR - ok
19:41:56.0041 0x1bd0  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
19:41:56.0071 0x1bd0  usbuhci - ok
19:41:56.0121 0x1bd0  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
19:41:56.0151 0x1bd0  UxSms - ok
19:41:56.0171 0x1bd0  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] VaultSvc        C:\Windows\system32\lsass.exe
19:41:56.0181 0x1bd0  VaultSvc - ok
19:41:56.0221 0x1bd0  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:41:56.0231 0x1bd0  vdrvroot - ok
19:41:56.0261 0x1bd0  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
19:41:56.0321 0x1bd0  vds - ok
19:41:56.0361 0x1bd0  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:41:56.0381 0x1bd0  vga - ok
19:41:56.0391 0x1bd0  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:41:56.0451 0x1bd0  VgaSave - ok
19:41:56.0471 0x1bd0  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:41:56.0491 0x1bd0  vhdmp - ok
19:41:56.0551 0x1bd0  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:41:56.0561 0x1bd0  viaide - ok
19:41:56.0591 0x1bd0  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:41:56.0601 0x1bd0  volmgr - ok
19:41:56.0721 0x1bd0  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:41:56.0781 0x1bd0  volmgrx - ok
19:41:56.0831 0x1bd0  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:41:56.0851 0x1bd0  volsnap - ok
19:41:56.0891 0x1bd0  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:41:56.0911 0x1bd0  vsmraid - ok
19:41:57.0142 0x1bd0  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
19:41:57.0252 0x1bd0  VSS - ok
19:41:57.0322 0x1bd0  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
19:41:57.0352 0x1bd0  vwifibus - ok
19:41:57.0512 0x1bd0  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
19:41:57.0572 0x1bd0  W32Time - ok
19:41:57.0712 0x1bd0  [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] W3SVC           C:\Windows\system32\inetsrv\iisw3adm.dll
19:41:57.0762 0x1bd0  W3SVC - ok
19:41:57.0792 0x1bd0  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:41:57.0812 0x1bd0  WacomPen - ok
19:41:57.0842 0x1bd0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:41:57.0872 0x1bd0  WANARP - ok
19:41:57.0882 0x1bd0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:41:57.0902 0x1bd0  Wanarpv6 - ok
19:41:58.0032 0x1bd0  [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
19:41:58.0052 0x1bd0  WAS - ok
19:41:58.0292 0x1bd0  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
19:41:58.0412 0x1bd0  wbengine - ok
19:41:58.0452 0x1bd0  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:41:58.0472 0x1bd0  WbioSrvc - ok
19:41:58.0582 0x1bd0  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:41:58.0632 0x1bd0  wcncsvc - ok
19:41:58.0662 0x1bd0  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:41:58.0682 0x1bd0  WcsPlugInService - ok
19:41:58.0712 0x1bd0  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
19:41:58.0732 0x1bd0  Wd - ok
19:41:58.0892 0x1bd0  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:41:58.0942 0x1bd0  Wdf01000 - ok
19:41:58.0982 0x1bd0  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:41:59.0162 0x1bd0  WdiServiceHost - ok
19:41:59.0172 0x1bd0  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:41:59.0182 0x1bd0  WdiSystemHost - ok
19:41:59.0232 0x1bd0  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
19:41:59.0442 0x1bd0  WebClient - ok
19:41:59.0492 0x1bd0  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:41:59.0552 0x1bd0  Wecsvc - ok
19:41:59.0582 0x1bd0  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:41:59.0642 0x1bd0  wercplsupport - ok
19:41:59.0672 0x1bd0  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:41:59.0722 0x1bd0  WerSvc - ok
19:41:59.0752 0x1bd0  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:41:59.0802 0x1bd0  WfpLwf - ok
19:41:59.0822 0x1bd0  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:41:59.0852 0x1bd0  WIMMount - ok
19:41:59.0862 0x1bd0  WinDefend - ok
19:42:00.0002 0x1bd0  WindowsMangerProtect - ok
19:42:00.0032 0x1bd0  WinHttpAutoProxySvc - ok
19:42:00.0312 0x1bd0  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:42:00.0392 0x1bd0  Winmgmt - ok
19:42:00.0672 0x1bd0  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
19:42:00.0792 0x1bd0  WinRM - ok
19:42:00.0882 0x1bd0  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:42:00.0892 0x1bd0  WinUsb - ok
19:42:01.0082 0x1bd0  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:42:01.0132 0x1bd0  Wlansvc - ok
19:42:01.0152 0x1bd0  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
19:42:01.0182 0x1bd0  WmiAcpi - ok
19:42:01.0232 0x1bd0  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:42:01.0282 0x1bd0  wmiApSrv - ok
19:42:01.0332 0x1bd0  WMPNetworkSvc - ok
19:42:01.0352 0x1bd0  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:42:01.0382 0x1bd0  WPCSvc - ok
19:42:01.0412 0x1bd0  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:42:01.0522 0x1bd0  WPDBusEnum - ok
19:42:01.0542 0x1bd0  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:42:01.0592 0x1bd0  ws2ifsl - ok
19:42:01.0612 0x1bd0  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
19:42:01.0652 0x1bd0  wscsvc - ok
19:42:01.0652 0x1bd0  WSearch - ok
19:42:02.0042 0x1bd0  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:42:02.0452 0x1bd0  wuauserv - ok
19:42:02.0542 0x1bd0  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:42:02.0582 0x1bd0  WudfPf - ok
19:42:02.0622 0x1bd0  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:42:02.0652 0x1bd0  WUDFRd - ok
19:42:02.0682 0x1bd0  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:42:02.0692 0x1bd0  wudfsvc - ok
19:42:02.0772 0x1bd0  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:42:02.0842 0x1bd0  WwanSvc - ok
19:42:02.0922 0x1bd0  ================ Scan global ===============================
19:42:02.0942 0x1bd0  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
19:42:03.0012 0x1bd0  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
19:42:03.0112 0x1bd0  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
19:42:03.0132 0x1bd0  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:42:03.0172 0x1bd0  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
19:42:03.0212 0x1bd0  [ Global ] - ok
19:42:03.0212 0x1bd0  ================ Scan MBR ==================================
19:42:03.0222 0x1bd0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:42:07.0593 0x1bd0  \Device\Harddisk0\DR0 - ok
19:42:11.0464 0x1bd0  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
19:42:11.0564 0x1bd0  \Device\Harddisk1\DR1 - ok
19:42:11.0564 0x1bd0  ================ Scan VBR ==================================
19:42:11.0594 0x1bd0  [ F21A8AEC1BD290F29816A2AAA950A846 ] \Device\Harddisk0\DR0\Partition1
19:42:11.0594 0x1bd0  \Device\Harddisk0\DR0\Partition1 - ok
19:42:11.0604 0x1bd0  [ 22F5657DE29CA13244B70918581735B2 ] \Device\Harddisk0\DR0\Partition2
19:42:11.0604 0x1bd0  \Device\Harddisk0\DR0\Partition2 - ok
19:42:11.0604 0x1bd0  [ DFBDD57855D8EE48471707783CF4A43C ] \Device\Harddisk1\DR1\Partition1
19:42:11.0674 0x1bd0  \Device\Harddisk1\DR1\Partition1 - ok
19:42:11.0674 0x1bd0  ================ Scan generic autorun ======================
19:42:11.0904 0x1bd0  [ 06AE17E25394F483E62E84F336B05C85, 5BC07033F4F121E299D82B404C5B5B061694502BD24595AE8D54F62969D27AF5 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
19:42:12.0105 0x1bd0  RTHDVCPL - ok
19:42:12.0135 0x1bd0  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
19:42:12.0145 0x1bd0  ShadowPlay - ok
19:42:12.0255 0x1bd0  [ 4F011F572DAC7057DF9D6E9064AA77E8, CC05441572740A9996525C3B9382191022E4F918C45C09EC0DE4C11215F81008 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
19:42:12.0310 0x1bd0  NvBackend - ok
19:42:12.0335 0x1bd0  [ DBC3E6A9FC1EEDD366C86073854A5A1F, 1D079BBF43E36AED727FE3BDF1E0743C79F0D0CA30E4B7FB93170A40FCE2F2D4 ] C:\Program Files (x86)\MSI\Super-Charger\StartSuperCharger.exe
19:42:12.0375 0x1bd0  Super-Charger - detected UnsignedFile.Multi.Generic ( 1 )
19:42:14.0856 0x1bd0  Super-Charger ( UnsignedFile.Multi.Generic ) - warning
19:42:17.0366 0x1bd0  [ 851383DAEF93961E9868A1474AFFEEBD, 6262E7FF3D356FA4FC9523D941A0D9B09E7450AA466EA6063A0C264F1B99F1AE ] C:\Program Files (x86)\avmwlanstick\wlangui.exe
19:42:17.0626 0x1bd0  AVMWlanClient - detected UnsignedFile.Multi.Generic ( 1 )
19:42:20.0066 0x1bd0  Detect skipped due to KSN trusted
19:42:20.0066 0x1bd0  AVMWlanClient - ok
19:42:20.0196 0x1bd0  [ DA6DA7B1546E0D26EB2E1A015E24757C, 8DD459ECA7C72C900BDB70079D6861EC352EE2E4F0722EBD4FEB694885660462 ] C:\Program Files\Common~1\McAfee\Platform\mcuicnt.exe
19:42:20.0216 0x1bd0  mcpltui_exe - ok
19:42:20.0486 0x1bd0  [ 07A3A88C8E8FD71EAA2B7F39134788DA, 0AAB731BF14B8A96FF6DB84CDD2579C1DFE5E56838EF3D92B03AE738E89A92D1 ] C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe
19:42:20.0516 0x1bd0  ROCCAT Savu Gaming Mouse - detected UnsignedFile.Multi.Generic ( 1 )
19:42:22.0956 0x1bd0  Detect skipped due to KSN trusted
19:42:22.0956 0x1bd0  ROCCAT Savu Gaming Mouse - ok
19:42:23.0368 0x1bd0  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
19:42:23.0448 0x1bd0  HP Software Update - ok
19:42:23.0520 0x1bd0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:42:23.0600 0x1bd0  Sidebar - ok
19:42:23.0620 0x1bd0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:42:23.0711 0x1bd0  mctadmin - ok
19:42:23.0752 0x1bd0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:42:23.0782 0x1bd0  Sidebar - ok
19:42:23.0792 0x1bd0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:42:23.0802 0x1bd0  mctadmin - ok
19:42:24.0172 0x1bd0  [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
19:42:24.0272 0x1bd0  HP Officejet Pro 8600 (NET) - ok
19:42:24.0432 0x1bd0  [ 08DFA176E4FC0E63ACD8EC854449D2B0, B8CA204C3F318CD9D12F61CDDA5C66184A48D6206F019AD11DB2605FDBEB288D ] C:\Users\Nutzer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
19:42:24.0502 0x1bd0  Spotify Web Helper - ok
19:42:24.0584 0x1bd0  [ 19B5E09DC34F08816B60D20B99550608, 42F835AF3986581F8F09F10800FC869D11F6BD140C78189041C2FD5808229B3D ] C:\Users\Nutzer\AppData\Roaming\Microsoft\msdbd6a8407.exe
19:42:24.0624 0x1bd0  msdbd6a8407.exe - detected UnsignedFile.Multi.Generic ( 1 )
19:42:27.0065 0x1bd0  Detect turned to UDS exact due to KSN untrusted
19:42:27.0065 0x1bd0  msdbd6a8407.exe ( UDS:DangerousObject.Multi.Generic ) - infected
19:42:27.0065 0x1bd0  Force sending object to P2P due to detect: C:\Users\Nutzer\AppData\Roaming\Microsoft\msdbd6a8407.exe
19:42:29.0565 0x1bd0  Object send P2P result: true
19:42:31.0955 0x1bd0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:42:31.0996 0x1bd0  Sidebar - ok
19:42:32.0011 0x1bd0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:42:32.0027 0x1bd0  mctadmin - ok
19:42:32.0280 0x1bd0  AV detected via SS2: McAfee Anti-Virus und Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 13.6.0.0 ), 0x51000 ( enabled : updated )
19:42:32.0288 0x1bd0  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 13.6.0.0 ), 0x51010 ( enabled )
19:42:34.0661 0x1bd0  ============================================================
19:42:34.0661 0x1bd0  Scan finished
19:42:34.0661 0x1bd0  ============================================================
19:42:34.0661 0x06c4  Detected object count: 2
19:42:34.0661 0x06c4  Actual detected object count: 2
20:25:01.0563 0x06c4  Super-Charger ( UnsignedFile.Multi.Generic ) - skipped by user
20:25:02.0373 0x06c4  Super-Charger ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:25:02.0373 0x06c4  msdbd6a8407.exe ( UDS:DangerousObject.Multi.Generic ) - skipped by user
20:25:02.0373 0x06c4  msdbd6a8407.exe ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip
         

mbar lass ich gleich durchlaufen.

Hi,
hier der schonmal das Logfile des ersten Durchlaufs von mbar. War mir nicht sicher, ob nur das Logfile vom Scan nach dem ersten Reboot gefordert ist, oder beides. Deswegen poste ich lieber mal alles.

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.03.05.03
  rootkit: v2015.02.25.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17633
Nutzer :: NUTZER-PC [administrator]

05.03.2015 20:40:52
mbar-log-2015-03-05 (20-40-52).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 396139
Time elapsed: 18 minute(s), 

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKU\S-1-5-21-421047855-1012536844-3739120656-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|msdbd6a8407.exe (Trojan.Agent.QAZ) -> Data: "C:\Users\Nutzer\AppData\Roaming\Microsoft\msdbd6a8407.exe" -> Delete on reboot. [8a5dc87981097fb7b980623f7f84f10f]

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\ProgramData\600440862 (Rogue.Multiple) -> Delete on reboot. [a146142d8a008caa1ca7fd592ed5fa06]

Files Detected: 1
C:\Users\Nutzer\AppData\Roaming\Microsoft\msdbd6a8407.exe (Trojan.Agent.QAZ) -> Delete on reboot. [8a5dc87981097fb7b980623f7f84f10f]

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
So, beim zweiten Durchlauf kam jetzt die Meldung "no Malware found."
Dennoch hier auch noch mal das dazugehörige Logfile

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.03.05.03
  rootkit: v2015.02.25.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17633
Nutzer :: NUTZER-PC [administrator]

05.03.2015 21:07:05
mbar-log-2015-03-05 (21-07-05).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 395916
Time elapsed: 20 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
__________________

Alt 06.03.2015, 10:54   #4
schrauber
/// the machine
/// TB-Ausbilder
 

DHL-Fake-Email Link geöffnet - Standard

DHL-Fake-Email Link geöffnet



Starte TDSSkiller.exe mit Doppelklick.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Drücke auf Start Scan.
    Mache während dem Scan nichts am Rechner
  • Gehe sicher das Cure ( default ) angehackt ist !
  • Drücke Continue --> Reboot.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ )
Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt

Poste den Inhalt bitte hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 06.03.2015, 11:55   #5
G00gler
 
DHL-Fake-Email Link geöffnet - Standard

Tdsskiller



hi schrauber,
vorneweg ich habe gestern auch mal den mbam laufen lassen, nur als Info falls ich damit irgendwelche Sachen verfälscht habe. Hänge dir deswegen erstmal das mbam logfile und anschließend die logfiles von TDSSKiller an, ok?

mbam.txt

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 05.03.2015
Suchlauf-Zeit: 21:59:49
Logdatei: mbamaktuell.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.03.05.03
Rootkit Datenbank: v2015.02.25.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Nutzer

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 384949
Verstrichene Zeit: 10 Min, 47 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 1
PUP.Optional.WindowsProtectManger.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, 1360, Löschen bei Neustart, [be29f34e7317d1653098fdcf7e83b848]

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 18
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, Keine Aktion durch Benutzer, [9e4962dfa4e6bf77b594e86a867dca36], 
PUP.Optional.WindowsProtectManger.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, In Quarantäne, [be29f34e7317d1653098fdcf7e83b848], 
PUP.Optional.WindowsProtectManger.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WindowsMangerProtect, In Quarantäne, [be29f34e7317d1653098fdcf7e83b848], 
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [9e4962dfa4e6bf77b594e86a867dca36], 
PUP.Optional.NewTab.VCom, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F386E548-C533-472E-8C61-C026FB14FEA9}, In Quarantäne, [09deba874d3d6fc7494a83cc2ad927d9], 
PUP.Optional.NewTab.VCom, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{F386E548-C533-472E-8C61-C026FB14FEA9}, In Quarantäne, [09deba874d3d6fc7494a83cc2ad927d9], 
PUP.Optional.NewTab.VCom, HKU\S-1-5-21-421047855-1012536844-3739120656-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{F386E548-C533-472E-8C61-C026FB14FEA9}, In Quarantäne, [09deba874d3d6fc7494a83cc2ad927d9], 
PUP.Optional.NewTab.VCom, HKU\S-1-5-21-421047855-1012536844-3739120656-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{F386E548-C533-472E-8C61-C026FB14FEA9}, In Quarantäne, [09deba874d3d6fc7494a83cc2ad927d9], 
PUP.Optional.FasterLight.A, HKLM\SOFTWARE\WOW6432NODE\Faster Light, In Quarantäne, [5097b38ee1a900367f075160f40f3dc3], 
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, In Quarantäne, [ba2d47fa484292a4f25729fd34d1758b], 
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\sweet-pageSoftware, In Quarantäne, [3cabac9573175fd714d423f7c2438f71], 
PUP.Optional.22ChromeEXT.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ijblflkdjdopkpdgllkmlbgcffjbnfda, In Quarantäne, [e0076dd48efc67cf43b872499f6448b8], 
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, In Quarantäne, [4b9c0041ec9ebd790d3a4d6ad62dcf31], 
PUP.Optional.FasterLight.A, HKU\S-1-5-21-421047855-1012536844-3739120656-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Faster Light, In Quarantäne, [9f48ff42c8c20d2991f45c55dd2652ae], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-421047855-1012536844-3739120656-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [c81f1e230486de58496408e833d08c74], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-421047855-1012536844-3739120656-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, In Quarantäne, [23c4d66bd5b50135612915f11ce99070], 
PUP.Optional.FastStart.A, HKU\S-1-5-21-421047855-1012536844-3739120656-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS, In Quarantäne, [14d3152c1d6d93a314116956748f9f61], 
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\sweet-page uninstall, In Quarantäne, [9c4baa978dfd69cdbfcf3f4c0201b749], 

Registrierungswerte: 3
PUP.Optional.FastStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|faststartff@gmail.com, C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\dbvvazox.default\extensions\faststartff@gmail.com, In Quarantäne, [1dcaba87dab03cfa571363c263a2dc24]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-421047855-1012536844-3739120656-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0V1D1S1R1D0V1O, In Quarantäne, [23c4d66bd5b50135612915f11ce99070]
PUP.Optional.FastStart.A, HKU\S-1-5-21-421047855-1012536844-3739120656-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, In Quarantäne, [14d3152c1d6d93a314116956748f9f61]

Registrierungsdaten: 11
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.sweet-page.com/web/?type=ds&ts=1417633359&from=cor&uid=ST500DM002-1BD142_Z2AJ74N5XXXXZ2AJ74N5&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1417633359&from=cor&uid=ST500DM002-1BD142_Z2AJ74N5XXXXZ2AJ74N5&q={searchTerms}),Ersetzt,[658246fb8ffb5ed8b414508ce5207090]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.sweet-page.com/?type=hp&ts=1417633359&from=cor&uid=ST500DM002-1BD142_Z2AJ74N5XXXXZ2AJ74N5, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/?type=hp&ts=1417633359&from=cor&uid=ST500DM002-1BD142_Z2AJ74N5XXXXZ2AJ74N5),Ersetzt,[955272cf4941ce6896318a52808508f8]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.sweet-page.com/web/?type=ds&ts=1417633359&from=cor&uid=ST500DM002-1BD142_Z2AJ74N5XXXXZ2AJ74N5&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1417633359&from=cor&uid=ST500DM002-1BD142_Z2AJ74N5XXXXZ2AJ74N5&q={searchTerms}),Ersetzt,[b82f122f840673c306d6d2ffff06dc24]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[3daa142d8406102669fa18c462a32ad6]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.sweet-page.com/web/?type=ds&ts=1417633359&from=cor&uid=ST500DM002-1BD142_Z2AJ74N5XXXXZ2AJ74N5&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1417633359&from=cor&uid=ST500DM002-1BD142_Z2AJ74N5XXXXZ2AJ74N5&q={searchTerms}),Ersetzt,[8c5b63dec4c69f97ae1a4696ae57b24e]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.sweet-page.com/?type=hp&ts=1417633359&from=cor&uid=ST500DM002-1BD142_Z2AJ74N5XXXXZ2AJ74N5, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/?type=hp&ts=1417633359&from=cor&uid=ST500DM002-1BD142_Z2AJ74N5XXXXZ2AJ74N5),Ersetzt,[b82fd0710783a78f50779448867fda26]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.sweet-page.com/web/?type=ds&ts=1417633359&from=cor&uid=ST500DM002-1BD142_Z2AJ74N5XXXXZ2AJ74N5&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1417633359&from=cor&uid=ST500DM002-1BD142_Z2AJ74N5XXXXZ2AJ74N5&q={searchTerms}),Ersetzt,[29be7fc298f20135459727aa996cc838]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[4d9a3e032e5c74c2f370dc00ce37bd43]
PUP.Optional.SweetPage.A, HKU\S-1-5-21-421047855-1012536844-3739120656-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.sweet-page.com/?type=hp&ts=1417633359&from=cor&uid=ST500DM002-1BD142_Z2AJ74N5XXXXZ2AJ74N5, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/?type=hp&ts=1417633359&from=cor&uid=ST500DM002-1BD142_Z2AJ74N5XXXXZ2AJ74N5),Ersetzt,[0ddaa8999febe551774ce7f59471a25e]
PUP.Optional.V9.A, HKU\S-1-5-21-421047855-1012536844-3739120656-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.v9.com/newtab, Gut: (www.google.com), Schlecht: (hxxp://www.v9.com/newtab),Ersetzt,[bc2bf74ad6b450e62a094a88f01560a0]
PUP.Optional.V9.A, HKU\S-1-5-21-421047855-1012536844-3739120656-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.v9.com/newtab, Gut: (www.google.com), Schlecht: (hxxp://www.v9.com/newtab),Ersetzt,[01e694adeb9f82b419186b67fb0a1ce4]

Ordner: 5
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Löschen bei Neustart, [8c5b5de44a40a98d93e1b4c9fa097d83], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, In Quarantäne, [8c5b5de44a40a98d93e1b4c9fa097d83], 
PUP.Optional.SweetPage.A, C:\Users\Nutzer\AppData\Roaming\sweet-page, In Quarantäne, [9c4baa978dfd69cdbfcf3f4c0201b749], 
PUP.Optional.SweetPage.A, C:\Users\Nutzer\AppData\Roaming\sweet-page\images, In Quarantäne, [9c4baa978dfd69cdbfcf3f4c0201b749], 
PUP.Optional.SweetPage.A, C:\Users\Nutzer\AppData\Roaming\sweet-page\images\code, In Quarantäne, [9c4baa978dfd69cdbfcf3f4c0201b749], 

Dateien: 33
PUP.Optional.WindowsProtectManger.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, Löschen bei Neustart, [be29f34e7317d1653098fdcf7e83b848], 
PUP.Optional.NewTab.VCom, C:\Windows\SysWOW64\Newtabs_v9.dll, In Quarantäne, [09deba874d3d6fc7494a83cc2ad927d9], 
PUP.Optional.OutBrowse, C:\Users\Nutzer\Downloads\setup.exe, In Quarantäne, [3bacd76ac1c9f4426c891c85c43d7e82], 
PUP.Optional.FasterLight.A, C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\dbvvazox.default\extensions\firefox@fasterlight.info.xpi, In Quarantäne, [a24595aca0eaba7c5c27d9d821e238c8], 
PUP.Optional.SweetPage.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\sweet-page.xml, In Quarantäne, [3aad52efbad06dc9895e3ddd6d98fb05], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, In Quarantäne, [8c5b5de44a40a98d93e1b4c9fa097d83], 
PUP.Optional.SweetPage.A, C:\Users\Nutzer\AppData\Roaming\sweet-page\294.json, In Quarantäne, [9c4baa978dfd69cdbfcf3f4c0201b749], 
PUP.Optional.SweetPage.A, C:\Users\Nutzer\AppData\Roaming\sweet-page\MessageBox.xml, In Quarantäne, [9c4baa978dfd69cdbfcf3f4c0201b749], 
PUP.Optional.SweetPage.A, C:\Users\Nutzer\AppData\Roaming\sweet-page\un.ini, In Quarantäne, [9c4baa978dfd69cdbfcf3f4c0201b749], 
PUP.Optional.SweetPage.A, C:\Users\Nutzer\AppData\Roaming\sweet-page\uninstallDlg2.xml, In Quarantäne, [9c4baa978dfd69cdbfcf3f4c0201b749], 
PUP.Optional.SweetPage.A, C:\Users\Nutzer\AppData\Roaming\sweet-page\UninstallManager.exe, In Quarantäne, [9c4baa978dfd69cdbfcf3f4c0201b749], 
PUP.Optional.SweetPage.A, C:\Users\Nutzer\AppData\Roaming\sweet-page\images\bg.png, In Quarantäne, [9c4baa978dfd69cdbfcf3f4c0201b749], 
PUP.Optional.SweetPage.A, C:\Users\Nutzer\AppData\Roaming\sweet-page\images\bg1.png, In Quarantäne, [9c4baa978dfd69cdbfcf3f4c0201b749], 
PUP.Optional.SweetPage.A, C:\Users\Nutzer\AppData\Roaming\sweet-page\images\bk_shadow.png, In Quarantäne, [9c4baa978dfd69cdbfcf3f4c0201b749], 
PUP.Optional.SweetPage.A, C:\Users\Nutzer\AppData\Roaming\sweet-page\images\button.png, In Quarantäne, [9c4baa978dfd69cdbfcf3f4c0201b749], 
PUP.Optional.SweetPage.A, C:\Users\Nutzer\AppData\Roaming\sweet-page\images\button1.png, In Quarantäne, [9c4baa978dfd69cdbfcf3f4c0201b749], 
PUP.Optional.SweetPage.A, C:\Users\Nutzer\AppData\Roaming\sweet-page\images\checkbox.png, In Quarantäne, [9c4baa978dfd69cdbfcf3f4c0201b749], 
PUP.Optional.SweetPage.A, C:\Users\Nutzer\AppData\Roaming\sweet-page\images\checkbox_select.png, In Quarantäne, [9c4baa978dfd69cdbfcf3f4c0201b749], 
PUP.Optional.SweetPage.A, C:\Users\Nutzer\AppData\Roaming\sweet-page\images\checked.png, In Quarantäne, [9c4baa978dfd69cdbfcf3f4c0201b749], 
PUP.Optional.SweetPage.A, C:\Users\Nutzer\AppData\Roaming\sweet-page\images\close.png, In Quarantäne, [9c4baa978dfd69cdbfcf3f4c0201b749], 
PUP.Optional.SweetPage.A, C:\Users\Nutzer\AppData\Roaming\sweet-page\images\loading_bg.png, In Quarantäne, [9c4baa978dfd69cdbfcf3f4c0201b749], 
PUP.Optional.SweetPage.A, C:\Users\Nutzer\AppData\Roaming\sweet-page\images\loading_light.png, In Quarantäne, [9c4baa978dfd69cdbfcf3f4c0201b749], 
PUP.Optional.SweetPage.A, C:\Users\Nutzer\AppData\Roaming\sweet-page\images\min.png, In Quarantäne, [9c4baa978dfd69cdbfcf3f4c0201b749], 
PUP.Optional.SweetPage.A, C:\Users\Nutzer\AppData\Roaming\sweet-page\images\scrollbar.bmp, In Quarantäne, [9c4baa978dfd69cdbfcf3f4c0201b749], 
PUP.Optional.SweetPage.A, C:\Users\Nutzer\AppData\Roaming\sweet-page\images\Thumbs.db, In Quarantäne, [9c4baa978dfd69cdbfcf3f4c0201b749], 
PUP.Optional.SweetPage.A, C:\Users\Nutzer\AppData\Roaming\sweet-page\images\unchecked.png, In Quarantäne, [9c4baa978dfd69cdbfcf3f4c0201b749], 
PUP.Optional.SweetPage.A, C:\Users\Nutzer\AppData\Roaming\sweet-page\images\code\code1.jpg, In Quarantäne, [9c4baa978dfd69cdbfcf3f4c0201b749], 
PUP.Optional.SweetPage.A, C:\Users\Nutzer\AppData\Roaming\sweet-page\images\code\code2.jpg, In Quarantäne, [9c4baa978dfd69cdbfcf3f4c0201b749], 
PUP.Optional.SweetPage.A, C:\Users\Nutzer\AppData\Roaming\sweet-page\images\code\code3.jpg, In Quarantäne, [9c4baa978dfd69cdbfcf3f4c0201b749], 
PUP.Optional.SweetPage.A, C:\Users\Nutzer\AppData\Roaming\sweet-page\images\code\code4.jpg, In Quarantäne, [9c4baa978dfd69cdbfcf3f4c0201b749], 
PUP.Optional.SweetPage.A, C:\Users\Nutzer\AppData\Roaming\sweet-page\images\code\code5.jpg, In Quarantäne, [9c4baa978dfd69cdbfcf3f4c0201b749], 
PUP.Optional.SweetPage.A, C:\Users\Nutzer\AppData\Roaming\sweet-page\images\code\code6.jpg, In Quarantäne, [9c4baa978dfd69cdbfcf3f4c0201b749], 
PUP.Optional.SweetPage.A, C:\Users\Nutzer\AppData\Roaming\sweet-page\images\code\Thumbs.db, In Quarantäne, [9c4baa978dfd69cdbfcf3f4c0201b749], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         
Hoffe das hat nich allzu viel geändert. Hab alles was damit gefunden wurde in die Quarantäne verschoben.


Alt 06.03.2015, 11:57   #6
G00gler
 
DHL-Fake-Email Link geöffnet - Standard

TDSSKiller



Hier die Logfiles von TDSSKiller, war mir unsicher ob du das vor oder nach dem Reboot möchtest, deswegen poste ich dir mal beide rein.

TDSSKiller logfile vor dem Reboot

Code:
ATTFilter
TDSSkiller

logfile vor dem Reboot:

Code:
ATTFilter
12:37:30.0880 0x22c4  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
12:37:35.0150 0x22c4  ============================================================
12:37:35.0150 0x22c4  Current date / time: 2015/03/06 12:37:35.0150
12:37:35.0150 0x22c4  SystemInfo:
12:37:35.0150 0x22c4  
12:37:35.0150 0x22c4  OS Version: 6.1.7601 ServicePack: 1.0
12:37:35.0150 0x22c4  Product type: Workstation
12:37:35.0150 0x22c4  ComputerName: NUTZER-PC
12:37:35.0150 0x22c4  UserName: Nutzer
12:37:35.0150 0x22c4  Windows directory: C:\Windows
12:37:35.0150 0x22c4  System windows directory: C:\Windows
12:37:35.0150 0x22c4  Running under WOW64
12:37:35.0150 0x22c4  Processor architecture: Intel x64
12:37:35.0150 0x22c4  Number of processors: 4
12:37:35.0150 0x22c4  Page size: 0x1000
12:37:35.0150 0x22c4  Boot type: Normal boot
12:37:35.0150 0x22c4  ============================================================
12:37:35.0920 0x22c4  KLMD registered as C:\Windows\system32\drivers\49677651.sys
12:37:36.0220 0x22c4  System UUID: {BEFB01BA-1466-E8CA-C251-13052CC479ED}
12:37:36.0500 0x22c4  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:37:36.0510 0x22c4  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:37:40.0371 0x22c4  ============================================================
12:37:40.0371 0x22c4  \Device\Harddisk0\DR0:
12:37:40.0371 0x22c4  MBR partitions:
12:37:40.0371 0x22c4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:37:40.0371 0x22c4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
12:37:40.0371 0x22c4  \Device\Harddisk1\DR1:
12:37:40.0371 0x22c4  MBR partitions:
12:37:40.0371 0x22c4  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A385FF0
12:37:40.0371 0x22c4  ============================================================
12:37:40.0391 0x22c4  C: <-> \Device\Harddisk0\DR0\Partition2
12:37:40.0421 0x22c4  E: <-> \Device\Harddisk1\DR1\Partition1
12:37:40.0421 0x22c4  ============================================================
12:37:40.0421 0x22c4  Initialize success
12:37:40.0421 0x22c4  ============================================================
12:37:47.0362 0x2330  ============================================================
12:37:47.0362 0x2330  Scan started
12:37:47.0362 0x2330  Mode: Manual; SigCheck; TDLFS; 
12:37:47.0362 0x2330  ============================================================
12:37:47.0362 0x2330  KSN ping started
12:38:00.0963 0x2330  KSN ping finished: true
12:38:04.0594 0x2330  ================ Scan system memory ========================
12:38:04.0594 0x2330  System memory - ok
12:38:04.0594 0x2330  ================ Scan services =============================
12:38:04.0684 0x2330  0261901425629778mcinstcleanup - ok
12:38:04.0764 0x2330  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:38:04.0804 0x2330  1394ohci - ok
12:38:04.0844 0x2330  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] 51cdb72         C:\Windows\system32\rundll32.exe
12:38:04.0864 0x2330  51cdb72 - ok
12:38:04.0874 0x2330  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:38:04.0884 0x2330  ACPI - ok
12:38:04.0914 0x2330  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:38:04.0924 0x2330  AcpiPmi - ok
12:38:05.0014 0x2330  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:38:05.0024 0x2330  AdobeARMservice - ok
12:38:05.0194 0x2330  [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:38:05.0204 0x2330  AdobeFlashPlayerUpdateSvc - ok
12:38:05.0234 0x2330  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
12:38:05.0254 0x2330  adp94xx - ok
12:38:05.0294 0x2330  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
12:38:05.0304 0x2330  adpahci - ok
12:38:05.0324 0x2330  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
12:38:05.0334 0x2330  adpu320 - ok
12:38:05.0364 0x2330  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:38:05.0384 0x2330  AeLookupSvc - ok
12:38:05.0434 0x2330  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
12:38:05.0454 0x2330  AFD - ok
12:38:05.0464 0x2330  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
12:38:05.0474 0x2330  agp440 - ok
12:38:05.0494 0x2330  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
12:38:05.0504 0x2330  ALG - ok
12:38:05.0544 0x2330  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:38:05.0554 0x2330  aliide - ok
12:38:05.0554 0x2330  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:38:05.0564 0x2330  amdide - ok
12:38:05.0584 0x2330  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
12:38:05.0594 0x2330  AmdK8 - ok
12:38:05.0604 0x2330  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
12:38:05.0614 0x2330  AmdPPM - ok
12:38:05.0644 0x2330  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:38:05.0654 0x2330  amdsata - ok
12:38:05.0684 0x2330  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
12:38:05.0694 0x2330  amdsbs - ok
12:38:05.0704 0x2330  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:38:05.0714 0x2330  amdxata - ok
12:38:05.0764 0x2330  [ 59D01FA91962C9C1E9B4022B2D3B46DB, 3A111588538B77F010B5C900FB8425DDE55A08DBAC308CA7FB7BD9FCCCDEC69F ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
12:38:05.0774 0x2330  AppHostSvc - ok
12:38:05.0794 0x2330  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
12:38:05.0814 0x2330  AppID - ok
12:38:05.0834 0x2330  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:38:05.0854 0x2330  AppIDSvc - ok
12:38:05.0904 0x2330  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
12:38:05.0914 0x2330  Appinfo - ok
12:38:05.0994 0x2330  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:38:05.0994 0x2330  Apple Mobile Device - ok
12:38:06.0014 0x2330  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
12:38:06.0024 0x2330  arc - ok
12:38:06.0044 0x2330  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
12:38:06.0054 0x2330  arcsas - ok
12:38:06.0074 0x2330  [ 10E9A8034C6843CA516BDB79D5D57B02, DDE72382AADD1477344308671E802157E59C8D9F11C0BF8D58722326B57B7645 ] asahci64        C:\Windows\system32\DRIVERS\asahci64.sys
12:38:06.0084 0x2330  asahci64 - ok
12:38:06.0104 0x2330  [ 6FE3237C1177E66437E7AD0E8AC1A6E5, 3223D4E57150DE8F768BC1BE0E6DCFFC6CA5B09DC7D7ADF283C90929100B0B7B ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
12:38:06.0114 0x2330  asmthub3 - ok
12:38:06.0134 0x2330  [ C4043E39A2ABBC56581CA25DF161E9F7, 1B53A8BEE4823EA842A00F5304428F0B4D14078045CF84ED20D8DF0FB8826040 ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
12:38:06.0154 0x2330  asmtxhci - ok
12:38:06.0254 0x2330  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:38:06.0264 0x2330  aspnet_state - ok
12:38:06.0294 0x2330  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:38:06.0314 0x2330  AsyncMac - ok
12:38:06.0354 0x2330  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:38:06.0364 0x2330  atapi - ok
12:38:06.0424 0x2330  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:38:06.0444 0x2330  AudioEndpointBuilder - ok
12:38:06.0454 0x2330  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:38:06.0474 0x2330  AudioSrv - ok
12:38:06.0544 0x2330  [ D1A9AE485FFF7C72CA50D8949B2210B9, 937E02439519E3837DBEFE3D17123104BA5B1636E7AC322B634DC135B3024B50 ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
12:38:06.0564 0x2330  AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
12:38:08.0925 0x2330  Detect skipped due to KSN trusted
12:38:08.0925 0x2330  AVM WLAN Connection Service - ok
12:38:08.0965 0x2330  [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject        C:\Windows\system32\drivers\avmeject.sys
12:38:08.0975 0x2330  avmeject - ok
12:38:09.0005 0x2330  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:38:09.0015 0x2330  AxInstSV - ok
12:38:09.0055 0x2330  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
12:38:09.0075 0x2330  b06bdrv - ok
12:38:09.0105 0x2330  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:38:09.0115 0x2330  b57nd60a - ok
12:38:09.0145 0x2330  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:38:09.0155 0x2330  BDESVC - ok
12:38:09.0165 0x2330  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:38:09.0195 0x2330  Beep - ok
12:38:09.0255 0x2330  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
12:38:09.0275 0x2330  BFE - ok
12:38:09.0305 0x2330  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
12:38:09.0345 0x2330  BITS - ok
12:38:09.0365 0x2330  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:38:09.0375 0x2330  blbdrive - ok
12:38:09.0455 0x2330  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:38:09.0475 0x2330  Bonjour Service - ok
12:38:09.0495 0x2330  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:38:09.0515 0x2330  bowser - ok
12:38:09.0535 0x2330  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
12:38:09.0545 0x2330  BrFiltLo - ok
12:38:09.0565 0x2330  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
12:38:09.0575 0x2330  BrFiltUp - ok
12:38:09.0595 0x2330  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
12:38:09.0615 0x2330  Browser - ok
12:38:09.0625 0x2330  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:38:09.0645 0x2330  Brserid - ok
12:38:09.0655 0x2330  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:38:09.0675 0x2330  BrSerWdm - ok
12:38:09.0685 0x2330  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:38:09.0695 0x2330  BrUsbMdm - ok
12:38:09.0705 0x2330  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:38:09.0705 0x2330  BrUsbSer - ok
12:38:09.0725 0x2330  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
12:38:09.0735 0x2330  BTHMODEM - ok
12:38:09.0775 0x2330  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
12:38:09.0795 0x2330  bthserv - ok
12:38:09.0805 0x2330  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:38:09.0835 0x2330  cdfs - ok
12:38:09.0845 0x2330  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:38:09.0855 0x2330  cdrom - ok
12:38:09.0885 0x2330  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:38:09.0905 0x2330  CertPropSvc - ok
12:38:09.0965 0x2330  [ 3B6316004C773CFAD5E6C38EC5DDDBD4, 7F8A68A6267E0C8EC11F84A1034F71991DBD78BB1C7440B6D4AE025EFBCBB534 ] cfwids          C:\Windows\system32\drivers\cfwids.sys
12:38:09.0975 0x2330  cfwids - ok
12:38:10.0005 0x2330  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
12:38:10.0025 0x2330  circlass - ok
12:38:10.0035 0x2330  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
12:38:10.0055 0x2330  CLFS - ok
12:38:10.0225 0x2330  [ 399F2E92269D4559F1A813624DD78496, 731606646390D2B279B2A51C8AE0E38E5CDE271CDA7D00061186EBBC3E37A72E ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
12:38:10.0275 0x2330  ClickToRunSvc - ok
12:38:10.0335 0x2330  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:38:10.0345 0x2330  clr_optimization_v2.0.50727_32 - ok
12:38:10.0365 0x2330  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:38:10.0375 0x2330  clr_optimization_v2.0.50727_64 - ok
12:38:10.0455 0x2330  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:38:10.0465 0x2330  clr_optimization_v4.0.30319_32 - ok
12:38:10.0475 0x2330  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:38:10.0485 0x2330  clr_optimization_v4.0.30319_64 - ok
12:38:10.0515 0x2330  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
12:38:10.0525 0x2330  CmBatt - ok
12:38:10.0565 0x2330  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:38:10.0565 0x2330  cmdide - ok
12:38:10.0625 0x2330  [ E45CDE1C8340DFEDF1D6724263F39E5B, 8B8091D0A8FF08170F34DA01A4201DAE7C3D026226BC77B5C2EC67657C670168 ] CNG             C:\Windows\system32\Drivers\cng.sys
12:38:10.0655 0x2330  CNG - ok
12:38:10.0665 0x2330  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
12:38:10.0675 0x2330  Compbatt - ok
12:38:10.0695 0x2330  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
12:38:10.0705 0x2330  CompositeBus - ok
12:38:10.0705 0x2330  COMSysApp - ok
12:38:10.0715 0x2330  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
12:38:10.0725 0x2330  crcdisk - ok
12:38:10.0775 0x2330  [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:38:10.0785 0x2330  CryptSvc - ok
12:38:10.0825 0x2330  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:38:10.0855 0x2330  DcomLaunch - ok
12:38:10.0875 0x2330  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:38:10.0905 0x2330  defragsvc - ok
12:38:10.0915 0x2330  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:38:10.0935 0x2330  DfsC - ok
12:38:10.0955 0x2330  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:38:10.0965 0x2330  Dhcp - ok
12:38:10.0985 0x2330  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
12:38:11.0015 0x2330  discache - ok
12:38:11.0025 0x2330  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
12:38:11.0035 0x2330  Disk - ok
12:38:11.0065 0x2330  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:38:11.0075 0x2330  Dnscache - ok
12:38:11.0095 0x2330  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:38:11.0115 0x2330  dot3svc - ok
12:38:11.0125 0x2330  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
12:38:11.0155 0x2330  DPS - ok
12:38:11.0205 0x2330  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:38:11.0215 0x2330  drmkaud - ok
12:38:11.0275 0x2330  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:38:11.0305 0x2330  DXGKrnl - ok
12:38:11.0335 0x2330  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
12:38:11.0365 0x2330  EapHost - ok
12:38:11.0476 0x2330  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
12:38:11.0536 0x2330  ebdrv - ok
12:38:11.0566 0x2330  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] EFS             C:\Windows\System32\lsass.exe
12:38:11.0576 0x2330  EFS - ok
12:38:11.0636 0x2330  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:38:11.0656 0x2330  ehRecvr - ok
12:38:11.0666 0x2330  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
12:38:11.0676 0x2330  ehSched - ok
12:38:11.0706 0x2330  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
12:38:11.0726 0x2330  elxstor - ok
12:38:11.0746 0x2330  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:38:11.0756 0x2330  ErrDev - ok
12:38:11.0796 0x2330  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
12:38:11.0826 0x2330  EventSystem - ok
12:38:11.0846 0x2330  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:38:11.0866 0x2330  exfat - ok
12:38:11.0886 0x2330  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:38:11.0906 0x2330  fastfat - ok
12:38:11.0936 0x2330  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
12:38:11.0956 0x2330  Fax - ok
12:38:11.0966 0x2330  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
12:38:11.0976 0x2330  fdc - ok
12:38:12.0006 0x2330  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
12:38:12.0026 0x2330  fdPHost - ok
12:38:12.0036 0x2330  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:38:12.0056 0x2330  FDResPub - ok
12:38:12.0076 0x2330  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:38:12.0086 0x2330  FileInfo - ok
12:38:12.0096 0x2330  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:38:12.0126 0x2330  Filetrace - ok
12:38:12.0136 0x2330  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
12:38:12.0146 0x2330  flpydisk - ok
12:38:12.0166 0x2330  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:38:12.0176 0x2330  FltMgr - ok
12:38:12.0236 0x2330  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
12:38:12.0266 0x2330  FontCache - ok
12:38:12.0306 0x2330  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:38:12.0316 0x2330  FontCache3.0.0.0 - ok
12:38:12.0326 0x2330  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:38:12.0336 0x2330  FsDepends - ok
12:38:12.0346 0x2330  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:38:12.0356 0x2330  Fs_Rec - ok
12:38:12.0426 0x2330  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:38:12.0436 0x2330  fvevol - ok
12:38:12.0466 0x2330  [ 444534CBA693DD23C1CC589681E01656, DF8ED7FFA66E0A88EBB58A491A177D8CEB35B08B0911D7A1F4B8865755DC27CE ] FWLANUSB        C:\Windows\system32\DRIVERS\fwlanusb.sys
12:38:12.0486 0x2330  FWLANUSB - ok
12:38:12.0506 0x2330  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
12:38:12.0506 0x2330  gagp30kx - ok
12:38:12.0546 0x2330  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:38:12.0556 0x2330  GEARAspiWDM - ok
12:38:12.0666 0x2330  [ A27A06D8359BC5202F2F8E3240DE205F, C2BB64106D6894E6CF45121FE3ECCDE2A00CAE9268CF5ECA11F436C10DBFC6F0 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
12:38:12.0696 0x2330  GfExperienceService - ok
12:38:12.0736 0x2330  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:38:12.0766 0x2330  gpsvc - ok
12:38:12.0826 0x2330  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:38:12.0836 0x2330  gupdate - ok
12:38:12.0846 0x2330  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:38:12.0856 0x2330  gupdatem - ok
12:38:12.0876 0x2330  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:38:12.0886 0x2330  hcw85cir - ok
12:38:12.0926 0x2330  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:38:12.0936 0x2330  HdAudAddService - ok
12:38:12.0966 0x2330  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
12:38:12.0976 0x2330  HDAudBus - ok
12:38:12.0996 0x2330  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
12:38:13.0006 0x2330  HidBatt - ok
12:38:13.0016 0x2330  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
12:38:13.0026 0x2330  HidBth - ok
12:38:13.0046 0x2330  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
12:38:13.0056 0x2330  HidIr - ok
12:38:13.0076 0x2330  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
12:38:13.0096 0x2330  hidserv - ok
12:38:13.0146 0x2330  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:38:13.0166 0x2330  HidUsb - ok
12:38:13.0216 0x2330  [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK      C:\Windows\system32\drivers\HipShieldK.sys
12:38:13.0226 0x2330  HipShieldK - ok
12:38:13.0246 0x2330  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:38:13.0276 0x2330  hkmsvc - ok
12:38:13.0316 0x2330  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:38:13.0326 0x2330  HomeGroupListener - ok
12:38:13.0356 0x2330  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:38:13.0366 0x2330  HomeGroupProvider - ok
12:38:13.0526 0x2330  [ B2C832BBF64964F755D39174BC49F7B9, 324088F2A8B88AC2FDBBC7A0B49239E32F87980CCA1A97E86A828813B5C637C8 ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
12:38:13.0536 0x2330  HomeNetSvc - ok
12:38:13.0556 0x2330  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:38:13.0566 0x2330  HpSAMD - ok
12:38:13.0596 0x2330  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:38:13.0636 0x2330  HTTP - ok
12:38:13.0646 0x2330  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:38:13.0656 0x2330  hwpolicy - ok
12:38:13.0666 0x2330  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
12:38:13.0676 0x2330  i8042prt - ok
12:38:13.0696 0x2330  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:38:13.0706 0x2330  iaStorV - ok
12:38:13.0776 0x2330  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:38:13.0796 0x2330  idsvc - ok
12:38:13.0826 0x2330  IEEtwCollectorService - ok
12:38:13.0846 0x2330  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
12:38:13.0856 0x2330  iirsp - ok
12:38:13.0906 0x2330  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
12:38:13.0936 0x2330  IKEEXT - ok
12:38:14.0026 0x2330  [ 254FAAE42AFC641C0BE628DE123EA9DE, 9F59D4A71A37E3135736482685191316C0EF67D230206CAFA95C8561BB3F1C4C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:38:14.0116 0x2330  IntcAzAudAddService - ok
12:38:14.0146 0x2330  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:38:14.0156 0x2330  intelide - ok
12:38:14.0176 0x2330  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:38:14.0186 0x2330  intelppm - ok
12:38:14.0216 0x2330  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:38:14.0236 0x2330  IPBusEnum - ok
12:38:14.0256 0x2330  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:38:14.0276 0x2330  IpFilterDriver - ok
12:38:14.0336 0x2330  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:38:14.0346 0x2330  iphlpsvc - ok
12:38:14.0366 0x2330  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:38:14.0376 0x2330  IPMIDRV - ok
12:38:14.0386 0x2330  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:38:14.0416 0x2330  IPNAT - ok
12:38:14.0476 0x2330  [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:38:14.0496 0x2330  iPod Service - ok
12:38:14.0506 0x2330  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:38:14.0516 0x2330  IRENUM - ok
12:38:14.0526 0x2330  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:38:14.0536 0x2330  isapnp - ok
12:38:14.0576 0x2330  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:38:14.0606 0x2330  iScsiPrt - ok
12:38:14.0616 0x2330  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:38:14.0626 0x2330  kbdclass - ok
12:38:14.0646 0x2330  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:38:14.0656 0x2330  kbdhid - ok
12:38:14.0676 0x2330  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] KeyIso          C:\Windows\system32\lsass.exe
12:38:14.0686 0x2330  KeyIso - ok
12:38:14.0726 0x2330  [ C60C6B9A2E50B0404F6789C62B428C03, 0DFFAACBA038FB3D994049E7BBC8E0C63CB8B4A68C4AB770AD995B66B017C25B ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:38:14.0736 0x2330  KSecDD - ok
12:38:14.0746 0x2330  [ 78D152A9FD5747FF6AA89C79F0346F62, 69138077E84E5324751E3C8B80D05BE58EDF03CEC84F69B734537F10F6998F3B ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:38:14.0756 0x2330  KSecPkg - ok
12:38:14.0766 0x2330  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:38:14.0796 0x2330  ksthunk - ok
12:38:14.0816 0x2330  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:38:14.0846 0x2330  KtmRm - ok
12:38:14.0876 0x2330  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:38:14.0896 0x2330  LanmanServer - ok
12:38:14.0916 0x2330  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:38:14.0936 0x2330  LanmanWorkstation - ok
12:38:14.0956 0x2330  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:38:14.0976 0x2330  lltdio - ok
12:38:15.0006 0x2330  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:38:15.0036 0x2330  lltdsvc - ok
12:38:15.0066 0x2330  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:38:15.0086 0x2330  lmhosts - ok
12:38:15.0126 0x2330  [ DF86570FFC4F8A7E38595CC072B19A5B, A2E38C323BF55018990349E22E82EA48866EC3B6BB634CF2EB00ACE64926E3A3 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:38:15.0136 0x2330  LMS - ok
12:38:15.0206 0x2330  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
12:38:15.0226 0x2330  LSI_FC - ok
12:38:15.0256 0x2330  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
12:38:15.0266 0x2330  LSI_SAS - ok
12:38:15.0286 0x2330  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
12:38:15.0296 0x2330  LSI_SAS2 - ok
12:38:15.0306 0x2330  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
12:38:15.0316 0x2330  LSI_SCSI - ok
12:38:15.0336 0x2330  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:38:15.0366 0x2330  luafv - ok
12:38:15.0466 0x2330  [ 2D94EFDD340BBD9DE7D5F627B298512D, A9DE485352616A37DFD32270BBB65CA15B34CF26394A9418A5182801569AEBCD ] McAfee SiteAdvisor Service c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
12:38:15.0476 0x2330  McAfee SiteAdvisor Service - ok
12:38:15.0546 0x2330  [ BAE3593DD40B29D0451E704A7B3FE72B, AAFB2DF27BD637B5D968AEE11DAF73EDEEE4AE04F3F04D0ED3BF8FF5E203DB11 ] McAPExe         C:\Program Files\McAfee\MSC\McAPExe.exe
12:38:15.0556 0x2330  McAPExe - ok
12:38:15.0616 0x2330  [ BF9EB1361EF8D456AB15D5AC2765D860, 5A622F26203438BAF768EFAFCAFD78971E90EE6A0A9FC954FE8A68D5B4C9E9C9 ] mccspsvc        C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe
12:38:15.0636 0x2330  mccspsvc - ok
12:38:15.0656 0x2330  [ B2C832BBF64964F755D39174BC49F7B9, 324088F2A8B88AC2FDBBC7A0B49239E32F87980CCA1A97E86A828813B5C637C8 ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
12:38:15.0666 0x2330  McMPFSvc - ok
12:38:15.0676 0x2330  [ B2C832BBF64964F755D39174BC49F7B9, 324088F2A8B88AC2FDBBC7A0B49239E32F87980CCA1A97E86A828813B5C637C8 ] McNaiAnn        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
12:38:15.0686 0x2330  McNaiAnn - ok
12:38:15.0776 0x2330  [ 23CBDFFE2B580A649DB2D4BB50B1DADF, 771FC99477FDCF98994691CA1BDFB65DF07B93CD563A77068665DC85BF919CB8 ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
12:38:15.0796 0x2330  McODS - ok
12:38:15.0816 0x2330  [ B2C832BBF64964F755D39174BC49F7B9, 324088F2A8B88AC2FDBBC7A0B49239E32F87980CCA1A97E86A828813B5C637C8 ] mcpltsvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
12:38:15.0836 0x2330  mcpltsvc - ok
12:38:15.0846 0x2330  [ B2C832BBF64964F755D39174BC49F7B9, 324088F2A8B88AC2FDBBC7A0B49239E32F87980CCA1A97E86A828813B5C637C8 ] McProxy         C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
12:38:15.0866 0x2330  McProxy - ok
12:38:15.0886 0x2330  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:38:15.0896 0x2330  Mcx2Svc - ok
12:38:15.0906 0x2330  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
12:38:15.0916 0x2330  megasas - ok
12:38:15.0956 0x2330  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
12:38:15.0976 0x2330  MegaSR - ok
12:38:15.0996 0x2330  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
12:38:15.0996 0x2330  MEIx64 - ok
12:38:16.0036 0x2330  [ 1A0C96A38A888838DF9523C973E3FE87, 9C41EDBFA21DF2684EED81AD56FC440AED002FB5C760DECFF1A454835273637B ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys
12:38:16.0046 0x2330  mfeapfk - ok
12:38:16.0096 0x2330  [ 3EAF75ED747B2D60ABA4E45107D96E80, DC8141AAE425417F64D5070D573A0BDA40CF4FBDE041240FB331B2DDF0F8A361 ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
12:38:16.0106 0x2330  mfeavfk - ok
12:38:16.0176 0x2330  [ 862CCECA53B237BDF3AA52EDD681FCE1, 752850CE18FD2ED747EDB4A2DE4D9B7730A704A992FDC2C99C84A7E48F1CCDA4 ] mfecore         C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
12:38:16.0206 0x2330  mfecore - ok
12:38:16.0286 0x2330  [ 12279E1080026A15D272AE6AAB97FBC7, A52F2D9B7CECA6D1CF28B72F5766F001F1480F08C7ACDC32BC7F9057FBBF9277 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
12:38:16.0296 0x2330  mfefire - ok
12:38:16.0326 0x2330  [ 07CFCE5D75C27474E20DE8715794F229, C20F36B242DB592D2FE1EB43EA339514969BAB9561D76FAC7CA6204F6AFCB8B8 ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
12:38:16.0346 0x2330  mfefirek - ok
12:38:16.0396 0x2330  [ 29D0483A9EBB01DB2036A52E3BF23D6B, D4D6FDE489E937634BEA2C2F5DF65C560E5160AD9EA85088A59AE88FD9C06B2E ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
12:38:16.0416 0x2330  mfehidk - ok
12:38:16.0466 0x2330  [ 7E0CB59045BEB5976B32C3541DB0BFBB, 8D9B760772D885611DAD5AB4C82705FC8608B8C7F2BC30A19883506A81A804B1 ] mfencbdc        C:\Windows\system32\DRIVERS\mfencbdc.sys
12:38:16.0486 0x2330  mfencbdc - ok
12:38:16.0516 0x2330  [ 4B34DFBC138C5C8FAC6F814575E41376, 584F76A0EA8ADAC415D118796E7B08969ABE717CB0FCC2D3B505BF86450D4E40 ] mfencrk         C:\Windows\system32\DRIVERS\mfencrk.sys
12:38:16.0526 0x2330  mfencrk - ok
12:38:16.0546 0x2330  [ 9A642F163F1FB12DE395A6010A9AD687, A86E092417C0C40E6FB9F6206D82391CEE4495FFA6F8A442BE50D349ACBA44B9 ] mfevtp          C:\Windows\system32\mfevtps.exe
12:38:16.0556 0x2330  mfevtp - ok
12:38:16.0596 0x2330  [ 1134C87CC1184F5B88F0C7002ACFDC99, 9029E15BF5186258CACF7D46F0E182949E93B78B3F17ED680FE8ECF12EFFF646 ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
12:38:16.0606 0x2330  mfewfpk - ok
12:38:16.0626 0x2330  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
12:38:16.0656 0x2330  MMCSS - ok
12:38:16.0666 0x2330  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
12:38:16.0686 0x2330  Modem - ok
12:38:16.0726 0x2330  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:38:16.0736 0x2330  monitor - ok
12:38:16.0756 0x2330  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:38:16.0766 0x2330  mouclass - ok
12:38:16.0766 0x2330  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:38:16.0776 0x2330  mouhid - ok
12:38:16.0786 0x2330  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:38:16.0796 0x2330  mountmgr - ok
12:38:16.0836 0x2330  [ 5C2B2F10C847834C6DA4E680A4093BA3, 0222EBC8789765613184F47339A1DBD118ED209B72BC5565A8A7D4FB4CCF5418 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:38:16.0846 0x2330  MozillaMaintenance - ok
12:38:16.0866 0x2330  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:38:16.0876 0x2330  mpio - ok
12:38:16.0906 0x2330  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:38:16.0926 0x2330  mpsdrv - ok
12:38:16.0956 0x2330  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:38:16.0996 0x2330  MpsSvc - ok
12:38:17.0036 0x2330  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:38:17.0056 0x2330  MRxDAV - ok
12:38:17.0086 0x2330  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:38:17.0106 0x2330  mrxsmb - ok
12:38:17.0126 0x2330  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:38:17.0136 0x2330  mrxsmb10 - ok
12:38:17.0146 0x2330  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:38:17.0156 0x2330  mrxsmb20 - ok
12:38:17.0196 0x2330  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:38:17.0206 0x2330  msahci - ok
12:38:17.0236 0x2330  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:38:17.0236 0x2330  msdsm - ok
12:38:17.0256 0x2330  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
12:38:17.0266 0x2330  MSDTC - ok
12:38:17.0276 0x2330  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:38:17.0306 0x2330  Msfs - ok
12:38:17.0316 0x2330  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:38:17.0336 0x2330  mshidkmdf - ok
12:38:17.0356 0x2330  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:38:17.0356 0x2330  msisadrv - ok
12:38:17.0396 0x2330  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:38:17.0426 0x2330  MSiSCSI - ok
12:38:17.0426 0x2330  msiserver - ok
12:38:17.0456 0x2330  [ B2C832BBF64964F755D39174BC49F7B9, 324088F2A8B88AC2FDBBC7A0B49239E32F87980CCA1A97E86A828813B5C637C8 ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
12:38:17.0476 0x2330  MSK80Service - ok
12:38:17.0496 0x2330  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:38:17.0516 0x2330  MSKSSRV - ok
12:38:17.0526 0x2330  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:38:17.0546 0x2330  MSPCLOCK - ok
12:38:17.0556 0x2330  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:38:17.0576 0x2330  MSPQM - ok
12:38:17.0596 0x2330  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:38:17.0616 0x2330  MsRPC - ok
12:38:17.0626 0x2330  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
12:38:17.0646 0x2330  mssmbios - ok
12:38:17.0656 0x2330  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:38:17.0676 0x2330  MSTEE - ok
12:38:17.0686 0x2330  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
12:38:17.0696 0x2330  MTConfig - ok
12:38:17.0706 0x2330  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
12:38:17.0716 0x2330  Mup - ok
12:38:17.0746 0x2330  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
12:38:17.0776 0x2330  napagent - ok
12:38:17.0806 0x2330  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:38:17.0826 0x2330  NativeWifiP - ok
12:38:17.0866 0x2330  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:38:17.0886 0x2330  NDIS - ok
12:38:17.0896 0x2330  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:38:17.0926 0x2330  NdisCap - ok
12:38:17.0946 0x2330  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:38:17.0976 0x2330  NdisTapi - ok
12:38:17.0986 0x2330  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:38:18.0016 0x2330  Ndisuio - ok
12:38:18.0026 0x2330  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:38:18.0056 0x2330  NdisWan - ok
12:38:18.0056 0x2330  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:38:18.0086 0x2330  NDProxy - ok
12:38:18.0086 0x2330  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:38:18.0116 0x2330  NetBIOS - ok
12:38:18.0126 0x2330  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:38:18.0156 0x2330  NetBT - ok
12:38:18.0166 0x2330  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] Netlogon        C:\Windows\system32\lsass.exe
12:38:18.0186 0x2330  Netlogon - ok
12:38:18.0206 0x2330  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
12:38:18.0236 0x2330  Netman - ok
12:38:18.0286 0x2330  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:38:18.0296 0x2330  NetMsmqActivator - ok
12:38:18.0306 0x2330  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:38:18.0316 0x2330  NetPipeActivator - ok
12:38:18.0336 0x2330  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
12:38:18.0366 0x2330  netprofm - ok
12:38:18.0366 0x2330  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:38:18.0376 0x2330  NetTcpActivator - ok
12:38:18.0386 0x2330  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:38:18.0396 0x2330  NetTcpPortSharing - ok
12:38:18.0406 0x2330  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
12:38:18.0416 0x2330  nfrd960 - ok
12:38:18.0456 0x2330  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:38:18.0476 0x2330  NlaSvc - ok
12:38:18.0486 0x2330  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:38:18.0506 0x2330  Npfs - ok
12:38:18.0516 0x2330  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
12:38:18.0536 0x2330  nsi - ok
12:38:18.0546 0x2330  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:38:18.0576 0x2330  nsiproxy - ok
12:38:18.0636 0x2330  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:38:18.0686 0x2330  Ntfs - ok
12:38:18.0706 0x2330  NTIOLib_1_0_C - ok
12:38:18.0716 0x2330  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
12:38:18.0736 0x2330  Null - ok
12:38:18.0786 0x2330  [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
12:38:18.0796 0x2330  NVHDA - ok
12:38:19.0106 0x2330  [ 2232AE1BB51A96A7381A2CA17DF12E24, 4813E27BC14EB3CBD55AF89B098EA5C8DA4C7FF0B6CCB7AACFC43BC0E578C988 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:38:19.0426 0x2330  nvlddmkm - ok
12:38:19.0557 0x2330  [ 507E699BD36530491BA0F95251B22F06, BDE6EB91FADBCB8CE16C31EF43A97DC6CC5D0F4EBAEA7903810556D0D70F54BC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
12:38:19.0587 0x2330  NvNetworkService - ok
12:38:19.0607 0x2330  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:38:19.0617 0x2330  nvraid - ok
12:38:19.0627 0x2330  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:38:19.0637 0x2330  nvstor - ok
12:38:19.0717 0x2330  [ 7E4C1879248629A2C9CC9ADF52CBB9B7, 856FF60FD111C3C80B137BC62B7EF92D3B95FBA462A29F97D65457A5A507506E ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
12:38:19.0717 0x2330  NvStreamKms - ok
12:38:20.0177 0x2330  [ C3EB27E4BC00283CA166A9FC42B90FC7, FED7F68D1C6EB442292E40DCFAEE7339AE21D5EF726A9DC9BCB6AB5C5873B3E0 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
12:38:20.0667 0x2330  NvStreamSvc - ok
12:38:20.0737 0x2330  [ 2C8DD5A34A81715865D66D7AF39362A6, 62F9D873127921EE2EAA80B73E8994C4BF6DA7EEDACAEA030B8D58E086FD3850 ] nvsvc           C:\Windows\system32\nvvsvc.exe
12:38:20.0757 0x2330  nvsvc - ok
12:38:20.0797 0x2330  [ 1AF619620613869C07F9C147BC37520F, 0AD4E100354E201D5E72BA236C1464F5083A7E3B58C4AC6BA712489D258955F5 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
12:38:20.0807 0x2330  nvvad_WaveExtensible - ok
12:38:20.0827 0x2330  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:38:20.0837 0x2330  nv_agp - ok
12:38:20.0847 0x2330  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:38:20.0857 0x2330  ohci1394 - ok
12:38:20.0927 0x2330  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:38:20.0937 0x2330  ose - ok
12:38:21.0117 0x2330  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:38:21.0257 0x2330  osppsvc - ok
12:38:21.0287 0x2330  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:38:21.0307 0x2330  p2pimsvc - ok
12:38:21.0317 0x2330  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
12:38:21.0337 0x2330  p2psvc - ok
12:38:21.0357 0x2330  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
12:38:21.0377 0x2330  Parport - ok
12:38:21.0397 0x2330  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:38:21.0397 0x2330  partmgr - ok
12:38:21.0417 0x2330  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:38:21.0437 0x2330  PcaSvc - ok
12:38:21.0447 0x2330  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
12:38:21.0457 0x2330  pci - ok
12:38:21.0497 0x2330  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:38:21.0507 0x2330  pciide - ok
12:38:21.0527 0x2330  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
12:38:21.0537 0x2330  pcmcia - ok
12:38:21.0547 0x2330  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:38:21.0557 0x2330  pcw - ok
12:38:21.0577 0x2330  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:38:21.0617 0x2330  PEAUTH - ok
12:38:21.0657 0x2330  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:38:21.0667 0x2330  PerfHost - ok
12:38:21.0717 0x2330  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
12:38:21.0777 0x2330  pla - ok
12:38:21.0817 0x2330  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:38:21.0827 0x2330  PlugPlay - ok
12:38:21.0837 0x2330  PnkBstrA - ok
12:38:21.0857 0x2330  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:38:21.0867 0x2330  PNRPAutoReg - ok
12:38:21.0877 0x2330  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:38:21.0897 0x2330  PNRPsvc - ok
12:38:21.0927 0x2330  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:38:21.0957 0x2330  PolicyAgent - ok
12:38:21.0977 0x2330  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
12:38:22.0007 0x2330  Power - ok
12:38:22.0037 0x2330  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:38:22.0057 0x2330  PptpMiniport - ok
12:38:22.0067 0x2330  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
12:38:22.0077 0x2330  Processor - ok
12:38:22.0117 0x2330  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:38:22.0147 0x2330  ProfSvc - ok
12:38:22.0157 0x2330  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:38:22.0167 0x2330  ProtectedStorage - ok
12:38:22.0177 0x2330  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:38:22.0207 0x2330  Psched - ok
12:38:22.0247 0x2330  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
12:38:22.0307 0x2330  ql2300 - ok
12:38:22.0327 0x2330  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
12:38:22.0337 0x2330  ql40xx - ok
12:38:22.0357 0x2330  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
12:38:22.0377 0x2330  QWAVE - ok
12:38:22.0387 0x2330  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:38:22.0397 0x2330  QWAVEdrv - ok
12:38:22.0407 0x2330  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:38:22.0427 0x2330  RasAcd - ok
12:38:22.0457 0x2330  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:38:22.0477 0x2330  RasAgileVpn - ok
12:38:22.0487 0x2330  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
12:38:22.0517 0x2330  RasAuto - ok
12:38:22.0527 0x2330  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:38:22.0557 0x2330  Rasl2tp - ok
12:38:22.0567 0x2330  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
12:38:22.0607 0x2330  RasMan - ok
12:38:22.0617 0x2330  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:38:22.0637 0x2330  RasPppoe - ok
12:38:22.0647 0x2330  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:38:22.0677 0x2330  RasSstp - ok
12:38:22.0697 0x2330  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:38:22.0727 0x2330  rdbss - ok
12:38:22.0737 0x2330  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
12:38:22.0747 0x2330  rdpbus - ok
12:38:22.0757 0x2330  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:38:22.0777 0x2330  RDPCDD - ok
12:38:22.0807 0x2330  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:38:22.0827 0x2330  RDPENCDD - ok
12:38:22.0837 0x2330  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:38:22.0867 0x2330  RDPREFMP - ok
12:38:22.0897 0x2330  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:38:22.0917 0x2330  RDPWD - ok
12:38:22.0927 0x2330  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:38:22.0937 0x2330  rdyboost - ok
12:38:22.0967 0x2330  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:38:22.0987 0x2330  RemoteAccess - ok
12:38:23.0007 0x2330  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:38:23.0027 0x2330  RemoteRegistry - ok
12:38:23.0037 0x2330  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:38:23.0067 0x2330  RpcEptMapper - ok
12:38:23.0077 0x2330  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
12:38:23.0087 0x2330  RpcLocator - ok
12:38:23.0107 0x2330  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
12:38:23.0137 0x2330  RpcSs - ok
12:38:23.0147 0x2330  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:38:23.0177 0x2330  rspndr - ok
12:38:23.0217 0x2330  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
12:38:23.0237 0x2330  RTL8167 - ok
12:38:23.0247 0x2330  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] SamSs           C:\Windows\system32\lsass.exe
12:38:23.0257 0x2330  SamSs - ok
12:38:23.0267 0x2330  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:38:23.0277 0x2330  sbp2port - ok
12:38:23.0307 0x2330  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:38:23.0327 0x2330  SCardSvr - ok
12:38:23.0337 0x2330  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:38:23.0367 0x2330  scfilter - ok
12:38:23.0427 0x2330  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
12:38:23.0467 0x2330  Schedule - ok
12:38:23.0487 0x2330  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:38:23.0507 0x2330  SCPolicySvc - ok
12:38:23.0517 0x2330  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:38:23.0527 0x2330  SDRSVC - ok
12:38:23.0677 0x2330  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
12:38:23.0707 0x2330  SDScannerService - ok
12:38:23.0767 0x2330  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
12:38:23.0827 0x2330  SDUpdateService - ok
12:38:23.0857 0x2330  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
12:38:23.0867 0x2330  SDWSCService - ok
12:38:23.0887 0x2330  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:38:23.0917 0x2330  secdrv - ok
12:38:23.0927 0x2330  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
12:38:23.0957 0x2330  seclogon - ok
12:38:23.0967 0x2330  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
12:38:23.0997 0x2330  SENS - ok
12:38:24.0007 0x2330  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:38:24.0017 0x2330  SensrSvc - ok
12:38:24.0027 0x2330  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:38:24.0027 0x2330  Serenum - ok
12:38:24.0047 0x2330  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:38:24.0067 0x2330  Serial - ok
12:38:24.0067 0x2330  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
12:38:24.0077 0x2330  sermouse - ok
12:38:24.0097 0x2330  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
12:38:24.0127 0x2330  SessionEnv - ok
12:38:24.0137 0x2330  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:38:24.0147 0x2330  sffdisk - ok
12:38:24.0157 0x2330  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:38:24.0167 0x2330  sffp_mmc - ok
12:38:24.0177 0x2330  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:38:24.0187 0x2330  sffp_sd - ok
12:38:24.0197 0x2330  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
12:38:24.0207 0x2330  sfloppy - ok
12:38:24.0237 0x2330  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:38:24.0267 0x2330  SharedAccess - ok
12:38:24.0287 0x2330  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:38:24.0317 0x2330  ShellHWDetection - ok
12:38:24.0327 0x2330  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
12:38:24.0337 0x2330  SiSRaid2 - ok
12:38:24.0347 0x2330  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
12:38:24.0357 0x2330  SiSRaid4 - ok
12:38:24.0437 0x2330  [ A9C057A9463C25490CF99EA8DF8A4B35, 8F4D1C40D0F17EDBF84ED455B8946F782C7552383F0A07E410A9B6CFF7F51D63 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
12:38:24.0447 0x2330  SkypeUpdate - ok
12:38:24.0477 0x2330  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:38:24.0497 0x2330  Smb - ok
12:38:24.0537 0x2330  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:38:24.0547 0x2330  SNMPTRAP - ok
12:38:24.0557 0x2330  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:38:24.0567 0x2330  spldr - ok
12:38:24.0597 0x2330  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
12:38:24.0617 0x2330  Spooler - ok
12:38:24.0697 0x2330  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
12:38:24.0777 0x2330  sppsvc - ok
12:38:24.0797 0x2330  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:38:24.0817 0x2330  sppuinotify - ok
12:38:24.0847 0x2330  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:38:24.0867 0x2330  srv - ok
12:38:24.0887 0x2330  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:38:24.0897 0x2330  srv2 - ok
12:38:24.0907 0x2330  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:38:24.0917 0x2330  srvnet - ok
12:38:24.0937 0x2330  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:38:24.0967 0x2330  SSDPSRV - ok
12:38:24.0977 0x2330  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:38:25.0007 0x2330  SstpSvc - ok
12:38:25.0077 0x2330  [ CC7ED069C2FC82B5B1555C2044C765CC, CE43363544A3EE2C5133CD0D47BF34AFAFA4EAD6AC9EB9A772EE55E89D4D89D4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:38:25.0097 0x2330  Steam Client Service - ok
12:38:25.0207 0x2330  [ D2230317777033CD0456990BFC4994E5, 0F2F559593EAD7AB4596E67E9AE56E5ABF5C945201366CFC972357C22A4F776A ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:38:25.0217 0x2330  Stereo Service - ok
12:38:25.0237 0x2330  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
12:38:25.0247 0x2330  stexstor - ok
12:38:25.0287 0x2330  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\drivers\serscan.sys
12:38:25.0307 0x2330  StillCam - ok
12:38:25.0347 0x2330  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
12:38:25.0367 0x2330  stisvc - ok
12:38:25.0397 0x2330  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
12:38:25.0407 0x2330  swenum - ok
12:38:25.0427 0x2330  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
12:38:25.0467 0x2330  swprv - ok
12:38:25.0517 0x2330  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
12:38:25.0567 0x2330  SysMain - ok
12:38:25.0617 0x2330  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:38:25.0637 0x2330  TabletInputService - ok
12:38:25.0697 0x2330  [ B08740047145B9BCE15BF75CA0F9718A, 3E2A8A5A2A4DC4D0F05E22EA2C0EBD85AA5C7C6854E873D53538D1F54B8F7C63 ] tap0901t        C:\Windows\system32\DRIVERS\tap0901t.sys
12:38:25.0707 0x2330  tap0901t - detected UnsignedFile.Multi.Generic ( 1 )
12:38:28.0077 0x2330  Detect skipped due to KSN trusted
12:38:28.0077 0x2330  tap0901t - ok
12:38:28.0107 0x2330  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:38:28.0137 0x2330  TapiSrv - ok
12:38:28.0147 0x2330  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
12:38:28.0167 0x2330  TBS - ok
12:38:28.0247 0x2330  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:38:28.0287 0x2330  Tcpip - ok
12:38:28.0347 0x2330  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:38:28.0387 0x2330  TCPIP6 - ok
12:38:28.0407 0x2330  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:38:28.0417 0x2330  tcpipreg - ok
12:38:28.0447 0x2330  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:38:28.0447 0x2330  TDPIPE - ok
12:38:28.0467 0x2330  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:38:28.0477 0x2330  TDTCP - ok
12:38:28.0517 0x2330  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:38:28.0527 0x2330  tdx - ok
12:38:28.0537 0x2330  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
12:38:28.0547 0x2330  TermDD - ok
12:38:28.0597 0x2330  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
12:38:28.0617 0x2330  TermService - ok
12:38:28.0627 0x2330  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
12:38:28.0637 0x2330  Themes - ok
12:38:28.0657 0x2330  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
12:38:28.0677 0x2330  THREADORDER - ok
12:38:28.0697 0x2330  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
12:38:28.0717 0x2330  TrkWks - ok
12:38:28.0747 0x2330  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:38:28.0777 0x2330  TrustedInstaller - ok
12:38:28.0817 0x2330  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:38:28.0827 0x2330  tssecsrv - ok
12:38:28.0857 0x2330  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:38:28.0877 0x2330  TsUsbFlt - ok
12:38:28.0887 0x2330  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
12:38:28.0897 0x2330  TsUsbGD - ok
12:38:28.0927 0x2330  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:38:28.0957 0x2330  tunnel - ok
12:38:29.0037 0x2330  [ 2FD0FE0A0C721C8E47C5A3AE16E519B1, C0DE61AF32F01CF9BDA3E325F5F15D249C0FA4BB5FF720ED1916214907B4AF55 ] TunngleService  C:\Program Files (x86)\Tunngle\TnglCtrl.exe
12:38:29.0047 0x2330  TunngleService - detected UnsignedFile.Multi.Generic ( 1 )
12:38:31.0438 0x2330  Detect skipped due to KSN trusted
12:38:31.0438 0x2330  TunngleService - ok
12:38:31.0458 0x2330  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
12:38:31.0468 0x2330  uagp35 - ok
12:38:31.0478 0x2330  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:38:31.0508 0x2330  udfs - ok
12:38:31.0538 0x2330  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:38:31.0548 0x2330  UI0Detect - ok
12:38:31.0568 0x2330  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:38:31.0578 0x2330  uliagpkx - ok
12:38:31.0598 0x2330  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:38:31.0608 0x2330  umbus - ok
12:38:31.0628 0x2330  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
12:38:31.0638 0x2330  UmPass - ok
12:38:31.0738 0x2330  [ 1D2596FE2D7CF36C6F5F0D6B71E90E1E, B740DE7C7A3E5C4E5DF177673E823BC649C1351EE8AAAAAA76BBAE07606868D2 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:38:31.0788 0x2330  UNS - ok
12:38:31.0808 0x2330  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
12:38:31.0838 0x2330  upnphost - ok
12:38:31.0878 0x2330  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
12:38:31.0888 0x2330  USBAAPL64 - ok
12:38:31.0928 0x2330  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:38:31.0938 0x2330  usbccgp - ok
12:38:31.0978 0x2330  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:38:31.0988 0x2330  usbcir - ok
12:38:32.0028 0x2330  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
12:38:32.0038 0x2330  usbehci - ok
12:38:32.0058 0x2330  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:38:32.0078 0x2330  usbhub - ok
12:38:32.0108 0x2330  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
12:38:32.0118 0x2330  usbohci - ok
12:38:32.0138 0x2330  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
12:38:32.0148 0x2330  usbprint - ok
12:38:32.0168 0x2330  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:38:32.0178 0x2330  USBSTOR - ok
12:38:32.0188 0x2330  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
12:38:32.0198 0x2330  usbuhci - ok
12:38:32.0218 0x2330  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
12:38:32.0238 0x2330  UxSms - ok
12:38:32.0248 0x2330  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] VaultSvc        C:\Windows\system32\lsass.exe
12:38:32.0258 0x2330  VaultSvc - ok
12:38:32.0278 0x2330  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:38:32.0288 0x2330  vdrvroot - ok
12:38:32.0308 0x2330  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
12:38:32.0348 0x2330  vds - ok
12:38:32.0358 0x2330  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:38:32.0368 0x2330  vga - ok
12:38:32.0378 0x2330  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:38:32.0398 0x2330  VgaSave - ok
12:38:32.0418 0x2330  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:38:32.0428 0x2330  vhdmp - ok
12:38:32.0468 0x2330  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:38:32.0478 0x2330  viaide - ok
12:38:32.0488 0x2330  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:38:32.0498 0x2330  volmgr - ok
12:38:32.0508 0x2330  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:38:32.0528 0x2330  volmgrx - ok
12:38:32.0538 0x2330  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:38:32.0558 0x2330  volsnap - ok
12:38:32.0578 0x2330  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
12:38:32.0588 0x2330  vsmraid - ok
12:38:32.0638 0x2330  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
12:38:32.0708 0x2330  VSS - ok
12:38:32.0718 0x2330  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
12:38:32.0738 0x2330  vwifibus - ok
12:38:32.0768 0x2330  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
12:38:32.0798 0x2330  W32Time - ok
12:38:32.0848 0x2330  [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] W3SVC           C:\Windows\system32\inetsrv\iisw3adm.dll
12:38:32.0868 0x2330  W3SVC - ok
12:38:32.0888 0x2330  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
12:38:32.0898 0x2330  WacomPen - ok
12:38:32.0928 0x2330  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:38:32.0948 0x2330  WANARP - ok
12:38:32.0948 0x2330  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:38:32.0978 0x2330  Wanarpv6 - ok
12:38:33.0008 0x2330  [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
12:38:33.0018 0x2330  WAS - ok
12:38:33.0068 0x2330  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
12:38:33.0128 0x2330  wbengine - ok
12:38:33.0138 0x2330  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:38:33.0148 0x2330  WbioSrvc - ok
12:38:33.0168 0x2330  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:38:33.0188 0x2330  wcncsvc - ok
12:38:33.0198 0x2330  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:38:33.0208 0x2330  WcsPlugInService - ok
12:38:33.0228 0x2330  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
12:38:33.0238 0x2330  Wd - ok
12:38:33.0298 0x2330  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:38:33.0318 0x2330  Wdf01000 - ok
12:38:33.0368 0x2330  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:38:33.0388 0x2330  WdiServiceHost - ok
12:38:33.0398 0x2330  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:38:33.0408 0x2330  WdiSystemHost - ok
12:38:33.0428 0x2330  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
12:38:33.0448 0x2330  WebClient - ok
12:38:33.0478 0x2330  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:38:33.0498 0x2330  Wecsvc - ok
12:38:33.0518 0x2330  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:38:33.0538 0x2330  wercplsupport - ok
12:38:33.0558 0x2330  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:38:33.0588 0x2330  WerSvc - ok
12:38:33.0608 0x2330  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:38:33.0628 0x2330  WfpLwf - ok
12:38:33.0638 0x2330  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:38:33.0648 0x2330  WIMMount - ok
12:38:33.0668 0x2330  WinDefend - ok
12:38:33.0688 0x2330  WinHttpAutoProxySvc - ok
12:38:33.0728 0x2330  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:38:33.0748 0x2330  Winmgmt - ok
12:38:33.0828 0x2330  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
12:38:33.0868 0x2330  WinRM - ok
12:38:33.0908 0x2330  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
12:38:33.0928 0x2330  WinUsb - ok
12:38:33.0958 0x2330  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:38:33.0988 0x2330  Wlansvc - ok
12:38:34.0008 0x2330  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
12:38:34.0018 0x2330  WmiAcpi - ok
12:38:34.0038 0x2330  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:38:34.0048 0x2330  wmiApSrv - ok
12:38:34.0078 0x2330  WMPNetworkSvc - ok
12:38:34.0088 0x2330  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:38:34.0098 0x2330  WPCSvc - ok
12:38:34.0108 0x2330  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:38:34.0118 0x2330  WPDBusEnum - ok
12:38:34.0138 0x2330  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:38:34.0168 0x2330  ws2ifsl - ok
12:38:34.0178 0x2330  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
12:38:34.0188 0x2330  wscsvc - ok
12:38:34.0198 0x2330  WSearch - ok
12:38:34.0288 0x2330  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:38:34.0358 0x2330  wuauserv - ok
12:38:34.0398 0x2330  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:38:34.0408 0x2330  WudfPf - ok
12:38:34.0438 0x2330  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:38:34.0448 0x2330  WUDFRd - ok
12:38:34.0448 0x2330  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:38:34.0458 0x2330  wudfsvc - ok
12:38:34.0508 0x2330  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:38:34.0528 0x2330  WwanSvc - ok
12:38:34.0548 0x2330  ================ Scan global ===============================
12:38:34.0568 0x2330  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:38:34.0608 0x2330  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:38:34.0618 0x2330  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:38:34.0638 0x2330  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:38:34.0648 0x2330  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:38:34.0648 0x2330  [ Global ] - ok
12:38:34.0648 0x2330  ================ Scan MBR ==================================
12:38:34.0658 0x2330  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:38:34.0868 0x2330  \Device\Harddisk0\DR0 - ok
12:38:38.0739 0x2330  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
12:38:38.0829 0x2330  \Device\Harddisk1\DR1 - ok
12:38:38.0829 0x2330  ================ Scan VBR ==================================
12:38:38.0839 0x2330  [ F21A8AEC1BD290F29816A2AAA950A846 ] \Device\Harddisk0\DR0\Partition1
12:38:38.0839 0x2330  \Device\Harddisk0\DR0\Partition1 - ok
12:38:38.0849 0x2330  [ 22F5657DE29CA13244B70918581735B2 ] \Device\Harddisk0\DR0\Partition2
12:38:38.0849 0x2330  \Device\Harddisk0\DR0\Partition2 - ok
12:38:38.0849 0x2330  [ DFBDD57855D8EE48471707783CF4A43C ] \Device\Harddisk1\DR1\Partition1
12:38:38.0929 0x2330  \Device\Harddisk1\DR1\Partition1 - ok
12:38:38.0929 0x2330  ================ Scan generic autorun ======================
12:38:39.0109 0x2330  [ 06AE17E25394F483E62E84F336B05C85, 5BC07033F4F121E299D82B404C5B5B061694502BD24595AE8D54F62969D27AF5 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
12:38:39.0239 0x2330  RTHDVCPL - ok
12:38:39.0259 0x2330  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
12:38:39.0269 0x2330  ShadowPlay - ok
12:38:39.0359 0x2330  [ 4F011F572DAC7057DF9D6E9064AA77E8, CC05441572740A9996525C3B9382191022E4F918C45C09EC0DE4C11215F81008 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
12:38:39.0409 0x2330  NvBackend - ok
12:38:39.0429 0x2330  [ DBC3E6A9FC1EEDD366C86073854A5A1F, 1D079BBF43E36AED727FE3BDF1E0743C79F0D0CA30E4B7FB93170A40FCE2F2D4 ] C:\Program Files (x86)\MSI\Super-Charger\StartSuperCharger.exe
12:38:39.0439 0x2330  Super-Charger - detected UnsignedFile.Multi.Generic ( 1 )
12:38:41.0849 0x2330  Super-Charger ( UnsignedFile.Multi.Generic ) - warning
12:38:44.0379 0x2330  [ 851383DAEF93961E9868A1474AFFEEBD, 6262E7FF3D356FA4FC9523D941A0D9B09E7450AA466EA6063A0C264F1B99F1AE ] C:\Program Files (x86)\avmwlanstick\wlangui.exe
12:38:44.0419 0x2330  AVMWlanClient - detected UnsignedFile.Multi.Generic ( 1 )
12:38:46.0779 0x2330  Detect skipped due to KSN trusted
12:38:46.0779 0x2330  AVMWlanClient - ok
12:38:46.0889 0x2330  [ DA6DA7B1546E0D26EB2E1A015E24757C, 8DD459ECA7C72C900BDB70079D6861EC352EE2E4F0722EBD4FEB694885660462 ] C:\Program Files\Common~1\McAfee\Platform\mcuicnt.exe
12:38:46.0909 0x2330  mcpltui_exe - ok
12:38:46.0979 0x2330  [ 07A3A88C8E8FD71EAA2B7F39134788DA, 0AAB731BF14B8A96FF6DB84CDD2579C1DFE5E56838EF3D92B03AE738E89A92D1 ] C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe
12:38:46.0999 0x2330  ROCCAT Savu Gaming Mouse - detected UnsignedFile.Multi.Generic ( 1 )
12:38:49.0370 0x2330  Detect skipped due to KSN trusted
12:38:49.0370 0x2330  ROCCAT Savu Gaming Mouse - ok
12:38:49.0440 0x2330  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
12:38:49.0450 0x2330  HP Software Update - ok
12:38:49.0520 0x2330  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:38:49.0560 0x2330  Sidebar - ok
12:38:49.0590 0x2330  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:38:49.0600 0x2330  mctadmin - ok
12:38:49.0640 0x2330  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:38:49.0670 0x2330  Sidebar - ok
12:38:49.0670 0x2330  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:38:49.0690 0x2330  mctadmin - ok
12:38:49.0790 0x2330  [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
12:38:49.0840 0x2330  HP Officejet Pro 8600 (NET) - ok
12:38:49.0980 0x2330  [ 08DFA176E4FC0E63ACD8EC854449D2B0, B8CA204C3F318CD9D12F61CDDA5C66184A48D6206F019AD11DB2605FDBEB288D ] C:\Users\Nutzer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
12:38:50.0010 0x2330  Spotify Web Helper - ok
12:38:50.0050 0x2330  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:38:50.0080 0x2330  Sidebar - ok
12:38:50.0090 0x2330  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:38:50.0100 0x2330  mctadmin - ok
12:38:50.0100 0x2330  Waiting for KSN requests completion. In queue: 10
12:38:51.0100 0x2330  Waiting for KSN requests completion. In queue: 10
12:38:52.0100 0x2330  Waiting for KSN requests completion. In queue: 9
12:38:53.0110 0x2330  AV detected via SS2: McAfee Anti-Virus und Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 13.6.0.0 ), 0x51000 ( enabled : updated )
12:38:53.0110 0x2330  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 13.6.0.0 ), 0x51010 ( enabled )
12:38:55.0460 0x2330  ============================================================
12:38:55.0460 0x2330  Scan finished
12:38:55.0460 0x2330  ============================================================
12:38:55.0460 0x1d80  Detected object count: 1
12:38:55.0460 0x1d80  Actual detected object count: 1
12:39:00.0531 0x1d80  C:\Program Files (x86)\MSI\Super-Charger\StartSuperCharger.exe - copied to quarantine
12:39:00.0531 0x1d80  HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run:Super-Charger - will be deleted on reboot
12:39:00.0531 0x1d80  C:\Program Files (x86)\MSI\Super-Charger\StartSuperCharger.exe - will be deleted on reboot
12:39:00.0531 0x1d80  Super-Charger ( UnsignedFile.Multi.Generic ) - User select action: Delete 
12:39:00.0751 0x1d80  KLMD registered as C:\Windows\system32\drivers\86163685.sys
12:39:08.0411 0x1928  Deinitialize success
         

Alt 06.03.2015, 11:58   #7
G00gler
 
DHL-Fake-Email Link geöffnet - Standard

TDSSKiller logfile nach dem Reboot



Logfile nach Reboot:


Code:
ATTFilter
TDSSkiller

logfile vor dem Reboot:

Code:
ATTFilter
12:37:30.0880 0x22c4  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
12:37:35.0150 0x22c4  ============================================================
12:37:35.0150 0x22c4  Current date / time: 2015/03/06 12:37:35.0150
12:37:35.0150 0x22c4  SystemInfo:
12:37:35.0150 0x22c4  
12:37:35.0150 0x22c4  OS Version: 6.1.7601 ServicePack: 1.0
12:37:35.0150 0x22c4  Product type: Workstation
12:37:35.0150 0x22c4  ComputerName: NUTZER-PC
12:37:35.0150 0x22c4  UserName: Nutzer
12:37:35.0150 0x22c4  Windows directory: C:\Windows
12:37:35.0150 0x22c4  System windows directory: C:\Windows
12:37:35.0150 0x22c4  Running under WOW64
12:37:35.0150 0x22c4  Processor architecture: Intel x64
12:37:35.0150 0x22c4  Number of processors: 4
12:37:35.0150 0x22c4  Page size: 0x1000
12:37:35.0150 0x22c4  Boot type: Normal boot
12:37:35.0150 0x22c4  ============================================================
12:37:35.0920 0x22c4  KLMD registered as C:\Windows\system32\drivers\49677651.sys
12:37:36.0220 0x22c4  System UUID: {BEFB01BA-1466-E8CA-C251-13052CC479ED}
12:37:36.0500 0x22c4  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:37:36.0510 0x22c4  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:37:40.0371 0x22c4  ============================================================
12:37:40.0371 0x22c4  \Device\Harddisk0\DR0:
12:37:40.0371 0x22c4  MBR partitions:
12:37:40.0371 0x22c4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:37:40.0371 0x22c4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
12:37:40.0371 0x22c4  \Device\Harddisk1\DR1:
12:37:40.0371 0x22c4  MBR partitions:
12:37:40.0371 0x22c4  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A385FF0
12:37:40.0371 0x22c4  ============================================================
12:37:40.0391 0x22c4  C: <-> \Device\Harddisk0\DR0\Partition2
12:37:40.0421 0x22c4  E: <-> \Device\Harddisk1\DR1\Partition1
12:37:40.0421 0x22c4  ============================================================
12:37:40.0421 0x22c4  Initialize success
12:37:40.0421 0x22c4  ============================================================
12:37:47.0362 0x2330  ============================================================
12:37:47.0362 0x2330  Scan started
12:37:47.0362 0x2330  Mode: Manual; SigCheck; TDLFS; 
12:37:47.0362 0x2330  ============================================================
12:37:47.0362 0x2330  KSN ping started
12:38:00.0963 0x2330  KSN ping finished: true
12:38:04.0594 0x2330  ================ Scan system memory ========================
12:38:04.0594 0x2330  System memory - ok
12:38:04.0594 0x2330  ================ Scan services =============================
12:38:04.0684 0x2330  0261901425629778mcinstcleanup - ok
12:38:04.0764 0x2330  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:38:04.0804 0x2330  1394ohci - ok
12:38:04.0844 0x2330  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] 51cdb72         C:\Windows\system32\rundll32.exe
12:38:04.0864 0x2330  51cdb72 - ok
12:38:04.0874 0x2330  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:38:04.0884 0x2330  ACPI - ok
12:38:04.0914 0x2330  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:38:04.0924 0x2330  AcpiPmi - ok
12:38:05.0014 0x2330  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:38:05.0024 0x2330  AdobeARMservice - ok
12:38:05.0194 0x2330  [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:38:05.0204 0x2330  AdobeFlashPlayerUpdateSvc - ok
12:38:05.0234 0x2330  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
12:38:05.0254 0x2330  adp94xx - ok
12:38:05.0294 0x2330  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
12:38:05.0304 0x2330  adpahci - ok
12:38:05.0324 0x2330  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
12:38:05.0334 0x2330  adpu320 - ok
12:38:05.0364 0x2330  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:38:05.0384 0x2330  AeLookupSvc - ok
12:38:05.0434 0x2330  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
12:38:05.0454 0x2330  AFD - ok
12:38:05.0464 0x2330  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
12:38:05.0474 0x2330  agp440 - ok
12:38:05.0494 0x2330  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
12:38:05.0504 0x2330  ALG - ok
12:38:05.0544 0x2330  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:38:05.0554 0x2330  aliide - ok
12:38:05.0554 0x2330  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:38:05.0564 0x2330  amdide - ok
12:38:05.0584 0x2330  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
12:38:05.0594 0x2330  AmdK8 - ok
12:38:05.0604 0x2330  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
12:38:05.0614 0x2330  AmdPPM - ok
12:38:05.0644 0x2330  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:38:05.0654 0x2330  amdsata - ok
12:38:05.0684 0x2330  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
12:38:05.0694 0x2330  amdsbs - ok
12:38:05.0704 0x2330  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:38:05.0714 0x2330  amdxata - ok
12:38:05.0764 0x2330  [ 59D01FA91962C9C1E9B4022B2D3B46DB, 3A111588538B77F010B5C900FB8425DDE55A08DBAC308CA7FB7BD9FCCCDEC69F ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
12:38:05.0774 0x2330  AppHostSvc - ok
12:38:05.0794 0x2330  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
12:38:05.0814 0x2330  AppID - ok
12:38:05.0834 0x2330  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:38:05.0854 0x2330  AppIDSvc - ok
12:38:05.0904 0x2330  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
12:38:05.0914 0x2330  Appinfo - ok
12:38:05.0994 0x2330  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:38:05.0994 0x2330  Apple Mobile Device - ok
12:38:06.0014 0x2330  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
12:38:06.0024 0x2330  arc - ok
12:38:06.0044 0x2330  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
12:38:06.0054 0x2330  arcsas - ok
12:38:06.0074 0x2330  [ 10E9A8034C6843CA516BDB79D5D57B02, DDE72382AADD1477344308671E802157E59C8D9F11C0BF8D58722326B57B7645 ] asahci64        C:\Windows\system32\DRIVERS\asahci64.sys
12:38:06.0084 0x2330  asahci64 - ok
12:38:06.0104 0x2330  [ 6FE3237C1177E66437E7AD0E8AC1A6E5, 3223D4E57150DE8F768BC1BE0E6DCFFC6CA5B09DC7D7ADF283C90929100B0B7B ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
12:38:06.0114 0x2330  asmthub3 - ok
12:38:06.0134 0x2330  [ C4043E39A2ABBC56581CA25DF161E9F7, 1B53A8BEE4823EA842A00F5304428F0B4D14078045CF84ED20D8DF0FB8826040 ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
12:38:06.0154 0x2330  asmtxhci - ok
12:38:06.0254 0x2330  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:38:06.0264 0x2330  aspnet_state - ok
12:38:06.0294 0x2330  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:38:06.0314 0x2330  AsyncMac - ok
12:38:06.0354 0x2330  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:38:06.0364 0x2330  atapi - ok
12:38:06.0424 0x2330  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:38:06.0444 0x2330  AudioEndpointBuilder - ok
12:38:06.0454 0x2330  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:38:06.0474 0x2330  AudioSrv - ok
12:38:06.0544 0x2330  [ D1A9AE485FFF7C72CA50D8949B2210B9, 937E02439519E3837DBEFE3D17123104BA5B1636E7AC322B634DC135B3024B50 ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
12:38:06.0564 0x2330  AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
12:38:08.0925 0x2330  Detect skipped due to KSN trusted
12:38:08.0925 0x2330  AVM WLAN Connection Service - ok
12:38:08.0965 0x2330  [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject        C:\Windows\system32\drivers\avmeject.sys
12:38:08.0975 0x2330  avmeject - ok
12:38:09.0005 0x2330  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:38:09.0015 0x2330  AxInstSV - ok
12:38:09.0055 0x2330  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
12:38:09.0075 0x2330  b06bdrv - ok
12:38:09.0105 0x2330  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:38:09.0115 0x2330  b57nd60a - ok
12:38:09.0145 0x2330  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:38:09.0155 0x2330  BDESVC - ok
12:38:09.0165 0x2330  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:38:09.0195 0x2330  Beep - ok
12:38:09.0255 0x2330  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
12:38:09.0275 0x2330  BFE - ok
12:38:09.0305 0x2330  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
12:38:09.0345 0x2330  BITS - ok
12:38:09.0365 0x2330  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:38:09.0375 0x2330  blbdrive - ok
12:38:09.0455 0x2330  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:38:09.0475 0x2330  Bonjour Service - ok
12:38:09.0495 0x2330  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:38:09.0515 0x2330  bowser - ok
12:38:09.0535 0x2330  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
12:38:09.0545 0x2330  BrFiltLo - ok
12:38:09.0565 0x2330  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
12:38:09.0575 0x2330  BrFiltUp - ok
12:38:09.0595 0x2330  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
12:38:09.0615 0x2330  Browser - ok
12:38:09.0625 0x2330  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:38:09.0645 0x2330  Brserid - ok
12:38:09.0655 0x2330  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:38:09.0675 0x2330  BrSerWdm - ok
12:38:09.0685 0x2330  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:38:09.0695 0x2330  BrUsbMdm - ok
12:38:09.0705 0x2330  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:38:09.0705 0x2330  BrUsbSer - ok
12:38:09.0725 0x2330  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
12:38:09.0735 0x2330  BTHMODEM - ok
12:38:09.0775 0x2330  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
12:38:09.0795 0x2330  bthserv - ok
12:38:09.0805 0x2330  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:38:09.0835 0x2330  cdfs - ok
12:38:09.0845 0x2330  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:38:09.0855 0x2330  cdrom - ok
12:38:09.0885 0x2330  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:38:09.0905 0x2330  CertPropSvc - ok
12:38:09.0965 0x2330  [ 3B6316004C773CFAD5E6C38EC5DDDBD4, 7F8A68A6267E0C8EC11F84A1034F71991DBD78BB1C7440B6D4AE025EFBCBB534 ] cfwids          C:\Windows\system32\drivers\cfwids.sys
12:38:09.0975 0x2330  cfwids - ok
12:38:10.0005 0x2330  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
12:38:10.0025 0x2330  circlass - ok
12:38:10.0035 0x2330  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
12:38:10.0055 0x2330  CLFS - ok
12:38:10.0225 0x2330  [ 399F2E92269D4559F1A813624DD78496, 731606646390D2B279B2A51C8AE0E38E5CDE271CDA7D00061186EBBC3E37A72E ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
12:38:10.0275 0x2330  ClickToRunSvc - ok
12:38:10.0335 0x2330  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:38:10.0345 0x2330  clr_optimization_v2.0.50727_32 - ok
12:38:10.0365 0x2330  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:38:10.0375 0x2330  clr_optimization_v2.0.50727_64 - ok
12:38:10.0455 0x2330  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:38:10.0465 0x2330  clr_optimization_v4.0.30319_32 - ok
12:38:10.0475 0x2330  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:38:10.0485 0x2330  clr_optimization_v4.0.30319_64 - ok
12:38:10.0515 0x2330  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
12:38:10.0525 0x2330  CmBatt - ok
12:38:10.0565 0x2330  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:38:10.0565 0x2330  cmdide - ok
12:38:10.0625 0x2330  [ E45CDE1C8340DFEDF1D6724263F39E5B, 8B8091D0A8FF08170F34DA01A4201DAE7C3D026226BC77B5C2EC67657C670168 ] CNG             C:\Windows\system32\Drivers\cng.sys
12:38:10.0655 0x2330  CNG - ok
12:38:10.0665 0x2330  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
12:38:10.0675 0x2330  Compbatt - ok
12:38:10.0695 0x2330  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
12:38:10.0705 0x2330  CompositeBus - ok
12:38:10.0705 0x2330  COMSysApp - ok
12:38:10.0715 0x2330  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
12:38:10.0725 0x2330  crcdisk - ok
12:38:10.0775 0x2330  [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:38:10.0785 0x2330  CryptSvc - ok
12:38:10.0825 0x2330  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:38:10.0855 0x2330  DcomLaunch - ok
12:38:10.0875 0x2330  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:38:10.0905 0x2330  defragsvc - ok
12:38:10.0915 0x2330  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:38:10.0935 0x2330  DfsC - ok
12:38:10.0955 0x2330  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:38:10.0965 0x2330  Dhcp - ok
12:38:10.0985 0x2330  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
12:38:11.0015 0x2330  discache - ok
12:38:11.0025 0x2330  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
12:38:11.0035 0x2330  Disk - ok
12:38:11.0065 0x2330  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:38:11.0075 0x2330  Dnscache - ok
12:38:11.0095 0x2330  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:38:11.0115 0x2330  dot3svc - ok
12:38:11.0125 0x2330  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
12:38:11.0155 0x2330  DPS - ok
12:38:11.0205 0x2330  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:38:11.0215 0x2330  drmkaud - ok
12:38:11.0275 0x2330  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:38:11.0305 0x2330  DXGKrnl - ok
12:38:11.0335 0x2330  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
12:38:11.0365 0x2330  EapHost - ok
12:38:11.0476 0x2330  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
12:38:11.0536 0x2330  ebdrv - ok
12:38:11.0566 0x2330  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] EFS             C:\Windows\System32\lsass.exe
12:38:11.0576 0x2330  EFS - ok
12:38:11.0636 0x2330  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:38:11.0656 0x2330  ehRecvr - ok
12:38:11.0666 0x2330  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
12:38:11.0676 0x2330  ehSched - ok
12:38:11.0706 0x2330  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
12:38:11.0726 0x2330  elxstor - ok
12:38:11.0746 0x2330  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:38:11.0756 0x2330  ErrDev - ok
12:38:11.0796 0x2330  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
12:38:11.0826 0x2330  EventSystem - ok
12:38:11.0846 0x2330  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:38:11.0866 0x2330  exfat - ok
12:38:11.0886 0x2330  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:38:11.0906 0x2330  fastfat - ok
12:38:11.0936 0x2330  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
12:38:11.0956 0x2330  Fax - ok
12:38:11.0966 0x2330  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
12:38:11.0976 0x2330  fdc - ok
12:38:12.0006 0x2330  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
12:38:12.0026 0x2330  fdPHost - ok
12:38:12.0036 0x2330  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:38:12.0056 0x2330  FDResPub - ok
12:38:12.0076 0x2330  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:38:12.0086 0x2330  FileInfo - ok
12:38:12.0096 0x2330  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:38:12.0126 0x2330  Filetrace - ok
12:38:12.0136 0x2330  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
12:38:12.0146 0x2330  flpydisk - ok
12:38:12.0166 0x2330  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:38:12.0176 0x2330  FltMgr - ok
12:38:12.0236 0x2330  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
12:38:12.0266 0x2330  FontCache - ok
12:38:12.0306 0x2330  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:38:12.0316 0x2330  FontCache3.0.0.0 - ok
12:38:12.0326 0x2330  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:38:12.0336 0x2330  FsDepends - ok
12:38:12.0346 0x2330  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:38:12.0356 0x2330  Fs_Rec - ok
12:38:12.0426 0x2330  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:38:12.0436 0x2330  fvevol - ok
12:38:12.0466 0x2330  [ 444534CBA693DD23C1CC589681E01656, DF8ED7FFA66E0A88EBB58A491A177D8CEB35B08B0911D7A1F4B8865755DC27CE ] FWLANUSB        C:\Windows\system32\DRIVERS\fwlanusb.sys
12:38:12.0486 0x2330  FWLANUSB - ok
12:38:12.0506 0x2330  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
12:38:12.0506 0x2330  gagp30kx - ok
12:38:12.0546 0x2330  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:38:12.0556 0x2330  GEARAspiWDM - ok
12:38:12.0666 0x2330  [ A27A06D8359BC5202F2F8E3240DE205F, C2BB64106D6894E6CF45121FE3ECCDE2A00CAE9268CF5ECA11F436C10DBFC6F0 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
12:38:12.0696 0x2330  GfExperienceService - ok
12:38:12.0736 0x2330  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:38:12.0766 0x2330  gpsvc - ok
12:38:12.0826 0x2330  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:38:12.0836 0x2330  gupdate - ok
12:38:12.0846 0x2330  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:38:12.0856 0x2330  gupdatem - ok
12:38:12.0876 0x2330  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:38:12.0886 0x2330  hcw85cir - ok
12:38:12.0926 0x2330  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:38:12.0936 0x2330  HdAudAddService - ok
12:38:12.0966 0x2330  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
12:38:12.0976 0x2330  HDAudBus - ok
12:38:12.0996 0x2330  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
12:38:13.0006 0x2330  HidBatt - ok
12:38:13.0016 0x2330  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
12:38:13.0026 0x2330  HidBth - ok
12:38:13.0046 0x2330  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
12:38:13.0056 0x2330  HidIr - ok
12:38:13.0076 0x2330  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
12:38:13.0096 0x2330  hidserv - ok
12:38:13.0146 0x2330  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:38:13.0166 0x2330  HidUsb - ok
12:38:13.0216 0x2330  [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK      C:\Windows\system32\drivers\HipShieldK.sys
12:38:13.0226 0x2330  HipShieldK - ok
12:38:13.0246 0x2330  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:38:13.0276 0x2330  hkmsvc - ok
12:38:13.0316 0x2330  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:38:13.0326 0x2330  HomeGroupListener - ok
12:38:13.0356 0x2330  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:38:13.0366 0x2330  HomeGroupProvider - ok
12:38:13.0526 0x2330  [ B2C832BBF64964F755D39174BC49F7B9, 324088F2A8B88AC2FDBBC7A0B49239E32F87980CCA1A97E86A828813B5C637C8 ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
12:38:13.0536 0x2330  HomeNetSvc - ok
12:38:13.0556 0x2330  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:38:13.0566 0x2330  HpSAMD - ok
12:38:13.0596 0x2330  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:38:13.0636 0x2330  HTTP - ok
12:38:13.0646 0x2330  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:38:13.0656 0x2330  hwpolicy - ok
12:38:13.0666 0x2330  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
12:38:13.0676 0x2330  i8042prt - ok
12:38:13.0696 0x2330  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:38:13.0706 0x2330  iaStorV - ok
12:38:13.0776 0x2330  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:38:13.0796 0x2330  idsvc - ok
12:38:13.0826 0x2330  IEEtwCollectorService - ok
12:38:13.0846 0x2330  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
12:38:13.0856 0x2330  iirsp - ok
12:38:13.0906 0x2330  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
12:38:13.0936 0x2330  IKEEXT - ok
12:38:14.0026 0x2330  [ 254FAAE42AFC641C0BE628DE123EA9DE, 9F59D4A71A37E3135736482685191316C0EF67D230206CAFA95C8561BB3F1C4C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:38:14.0116 0x2330  IntcAzAudAddService - ok
12:38:14.0146 0x2330  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:38:14.0156 0x2330  intelide - ok
12:38:14.0176 0x2330  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:38:14.0186 0x2330  intelppm - ok
12:38:14.0216 0x2330  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:38:14.0236 0x2330  IPBusEnum - ok
12:38:14.0256 0x2330  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:38:14.0276 0x2330  IpFilterDriver - ok
12:38:14.0336 0x2330  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:38:14.0346 0x2330  iphlpsvc - ok
12:38:14.0366 0x2330  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:38:14.0376 0x2330  IPMIDRV - ok
12:38:14.0386 0x2330  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:38:14.0416 0x2330  IPNAT - ok
12:38:14.0476 0x2330  [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:38:14.0496 0x2330  iPod Service - ok
12:38:14.0506 0x2330  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:38:14.0516 0x2330  IRENUM - ok
12:38:14.0526 0x2330  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:38:14.0536 0x2330  isapnp - ok
12:38:14.0576 0x2330  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:38:14.0606 0x2330  iScsiPrt - ok
12:38:14.0616 0x2330  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:38:14.0626 0x2330  kbdclass - ok
12:38:14.0646 0x2330  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:38:14.0656 0x2330  kbdhid - ok
12:38:14.0676 0x2330  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] KeyIso          C:\Windows\system32\lsass.exe
12:38:14.0686 0x2330  KeyIso - ok
12:38:14.0726 0x2330  [ C60C6B9A2E50B0404F6789C62B428C03, 0DFFAACBA038FB3D994049E7BBC8E0C63CB8B4A68C4AB770AD995B66B017C25B ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:38:14.0736 0x2330  KSecDD - ok
12:38:14.0746 0x2330  [ 78D152A9FD5747FF6AA89C79F0346F62, 69138077E84E5324751E3C8B80D05BE58EDF03CEC84F69B734537F10F6998F3B ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:38:14.0756 0x2330  KSecPkg - ok
12:38:14.0766 0x2330  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:38:14.0796 0x2330  ksthunk - ok
12:38:14.0816 0x2330  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:38:14.0846 0x2330  KtmRm - ok
12:38:14.0876 0x2330  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:38:14.0896 0x2330  LanmanServer - ok
12:38:14.0916 0x2330  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:38:14.0936 0x2330  LanmanWorkstation - ok
12:38:14.0956 0x2330  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:38:14.0976 0x2330  lltdio - ok
12:38:15.0006 0x2330  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:38:15.0036 0x2330  lltdsvc - ok
12:38:15.0066 0x2330  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:38:15.0086 0x2330  lmhosts - ok
12:38:15.0126 0x2330  [ DF86570FFC4F8A7E38595CC072B19A5B, A2E38C323BF55018990349E22E82EA48866EC3B6BB634CF2EB00ACE64926E3A3 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:38:15.0136 0x2330  LMS - ok
12:38:15.0206 0x2330  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
12:38:15.0226 0x2330  LSI_FC - ok
12:38:15.0256 0x2330  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
12:38:15.0266 0x2330  LSI_SAS - ok
12:38:15.0286 0x2330  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
12:38:15.0296 0x2330  LSI_SAS2 - ok
12:38:15.0306 0x2330  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
12:38:15.0316 0x2330  LSI_SCSI - ok
12:38:15.0336 0x2330  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:38:15.0366 0x2330  luafv - ok
12:38:15.0466 0x2330  [ 2D94EFDD340BBD9DE7D5F627B298512D, A9DE485352616A37DFD32270BBB65CA15B34CF26394A9418A5182801569AEBCD ] McAfee SiteAdvisor Service c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
12:38:15.0476 0x2330  McAfee SiteAdvisor Service - ok
12:38:15.0546 0x2330  [ BAE3593DD40B29D0451E704A7B3FE72B, AAFB2DF27BD637B5D968AEE11DAF73EDEEE4AE04F3F04D0ED3BF8FF5E203DB11 ] McAPExe         C:\Program Files\McAfee\MSC\McAPExe.exe
12:38:15.0556 0x2330  McAPExe - ok
12:38:15.0616 0x2330  [ BF9EB1361EF8D456AB15D5AC2765D860, 5A622F26203438BAF768EFAFCAFD78971E90EE6A0A9FC954FE8A68D5B4C9E9C9 ] mccspsvc        C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe
12:38:15.0636 0x2330  mccspsvc - ok
12:38:15.0656 0x2330  [ B2C832BBF64964F755D39174BC49F7B9, 324088F2A8B88AC2FDBBC7A0B49239E32F87980CCA1A97E86A828813B5C637C8 ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
12:38:15.0666 0x2330  McMPFSvc - ok
12:38:15.0676 0x2330  [ B2C832BBF64964F755D39174BC49F7B9, 324088F2A8B88AC2FDBBC7A0B49239E32F87980CCA1A97E86A828813B5C637C8 ] McNaiAnn        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
12:38:15.0686 0x2330  McNaiAnn - ok
12:38:15.0776 0x2330  [ 23CBDFFE2B580A649DB2D4BB50B1DADF, 771FC99477FDCF98994691CA1BDFB65DF07B93CD563A77068665DC85BF919CB8 ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
12:38:15.0796 0x2330  McODS - ok
12:38:15.0816 0x2330  [ B2C832BBF64964F755D39174BC49F7B9, 324088F2A8B88AC2FDBBC7A0B49239E32F87980CCA1A97E86A828813B5C637C8 ] mcpltsvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
12:38:15.0836 0x2330  mcpltsvc - ok
12:38:15.0846 0x2330  [ B2C832BBF64964F755D39174BC49F7B9, 324088F2A8B88AC2FDBBC7A0B49239E32F87980CCA1A97E86A828813B5C637C8 ] McProxy         C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
12:38:15.0866 0x2330  McProxy - ok
12:38:15.0886 0x2330  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:38:15.0896 0x2330  Mcx2Svc - ok
12:38:15.0906 0x2330  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
12:38:15.0916 0x2330  megasas - ok
12:38:15.0956 0x2330  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
12:38:15.0976 0x2330  MegaSR - ok
12:38:15.0996 0x2330  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
12:38:15.0996 0x2330  MEIx64 - ok
12:38:16.0036 0x2330  [ 1A0C96A38A888838DF9523C973E3FE87, 9C41EDBFA21DF2684EED81AD56FC440AED002FB5C760DECFF1A454835273637B ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys
12:38:16.0046 0x2330  mfeapfk - ok
12:38:16.0096 0x2330  [ 3EAF75ED747B2D60ABA4E45107D96E80, DC8141AAE425417F64D5070D573A0BDA40CF4FBDE041240FB331B2DDF0F8A361 ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
12:38:16.0106 0x2330  mfeavfk - ok
12:38:16.0176 0x2330  [ 862CCECA53B237BDF3AA52EDD681FCE1, 752850CE18FD2ED747EDB4A2DE4D9B7730A704A992FDC2C99C84A7E48F1CCDA4 ] mfecore         C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
12:38:16.0206 0x2330  mfecore - ok
12:38:16.0286 0x2330  [ 12279E1080026A15D272AE6AAB97FBC7, A52F2D9B7CECA6D1CF28B72F5766F001F1480F08C7ACDC32BC7F9057FBBF9277 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
12:38:16.0296 0x2330  mfefire - ok
12:38:16.0326 0x2330  [ 07CFCE5D75C27474E20DE8715794F229, C20F36B242DB592D2FE1EB43EA339514969BAB9561D76FAC7CA6204F6AFCB8B8 ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
12:38:16.0346 0x2330  mfefirek - ok
12:38:16.0396 0x2330  [ 29D0483A9EBB01DB2036A52E3BF23D6B, D4D6FDE489E937634BEA2C2F5DF65C560E5160AD9EA85088A59AE88FD9C06B2E ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
12:38:16.0416 0x2330  mfehidk - ok
12:38:16.0466 0x2330  [ 7E0CB59045BEB5976B32C3541DB0BFBB, 8D9B760772D885611DAD5AB4C82705FC8608B8C7F2BC30A19883506A81A804B1 ] mfencbdc        C:\Windows\system32\DRIVERS\mfencbdc.sys
12:38:16.0486 0x2330  mfencbdc - ok
12:38:16.0516 0x2330  [ 4B34DFBC138C5C8FAC6F814575E41376, 584F76A0EA8ADAC415D118796E7B08969ABE717CB0FCC2D3B505BF86450D4E40 ] mfencrk         C:\Windows\system32\DRIVERS\mfencrk.sys
12:38:16.0526 0x2330  mfencrk - ok
12:38:16.0546 0x2330  [ 9A642F163F1FB12DE395A6010A9AD687, A86E092417C0C40E6FB9F6206D82391CEE4495FFA6F8A442BE50D349ACBA44B9 ] mfevtp          C:\Windows\system32\mfevtps.exe
12:38:16.0556 0x2330  mfevtp - ok
12:38:16.0596 0x2330  [ 1134C87CC1184F5B88F0C7002ACFDC99, 9029E15BF5186258CACF7D46F0E182949E93B78B3F17ED680FE8ECF12EFFF646 ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
12:38:16.0606 0x2330  mfewfpk - ok
12:38:16.0626 0x2330  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
12:38:16.0656 0x2330  MMCSS - ok
12:38:16.0666 0x2330  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
12:38:16.0686 0x2330  Modem - ok
12:38:16.0726 0x2330  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:38:16.0736 0x2330  monitor - ok
12:38:16.0756 0x2330  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:38:16.0766 0x2330  mouclass - ok
12:38:16.0766 0x2330  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:38:16.0776 0x2330  mouhid - ok
12:38:16.0786 0x2330  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:38:16.0796 0x2330  mountmgr - ok
12:38:16.0836 0x2330  [ 5C2B2F10C847834C6DA4E680A4093BA3, 0222EBC8789765613184F47339A1DBD118ED209B72BC5565A8A7D4FB4CCF5418 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:38:16.0846 0x2330  MozillaMaintenance - ok
12:38:16.0866 0x2330  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:38:16.0876 0x2330  mpio - ok
12:38:16.0906 0x2330  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:38:16.0926 0x2330  mpsdrv - ok
12:38:16.0956 0x2330  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:38:16.0996 0x2330  MpsSvc - ok
12:38:17.0036 0x2330  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:38:17.0056 0x2330  MRxDAV - ok
12:38:17.0086 0x2330  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:38:17.0106 0x2330  mrxsmb - ok
12:38:17.0126 0x2330  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:38:17.0136 0x2330  mrxsmb10 - ok
12:38:17.0146 0x2330  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:38:17.0156 0x2330  mrxsmb20 - ok
12:38:17.0196 0x2330  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:38:17.0206 0x2330  msahci - ok
12:38:17.0236 0x2330  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:38:17.0236 0x2330  msdsm - ok
12:38:17.0256 0x2330  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
12:38:17.0266 0x2330  MSDTC - ok
12:38:17.0276 0x2330  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:38:17.0306 0x2330  Msfs - ok
12:38:17.0316 0x2330  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:38:17.0336 0x2330  mshidkmdf - ok
12:38:17.0356 0x2330  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:38:17.0356 0x2330  msisadrv - ok
12:38:17.0396 0x2330  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:38:17.0426 0x2330  MSiSCSI - ok
12:38:17.0426 0x2330  msiserver - ok
12:38:17.0456 0x2330  [ B2C832BBF64964F755D39174BC49F7B9, 324088F2A8B88AC2FDBBC7A0B49239E32F87980CCA1A97E86A828813B5C637C8 ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
12:38:17.0476 0x2330  MSK80Service - ok
12:38:17.0496 0x2330  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:38:17.0516 0x2330  MSKSSRV - ok
12:38:17.0526 0x2330  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:38:17.0546 0x2330  MSPCLOCK - ok
12:38:17.0556 0x2330  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:38:17.0576 0x2330  MSPQM - ok
12:38:17.0596 0x2330  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:38:17.0616 0x2330  MsRPC - ok
12:38:17.0626 0x2330  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
12:38:17.0646 0x2330  mssmbios - ok
12:38:17.0656 0x2330  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:38:17.0676 0x2330  MSTEE - ok
12:38:17.0686 0x2330  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
12:38:17.0696 0x2330  MTConfig - ok
12:38:17.0706 0x2330  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
12:38:17.0716 0x2330  Mup - ok
12:38:17.0746 0x2330  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
12:38:17.0776 0x2330  napagent - ok
12:38:17.0806 0x2330  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:38:17.0826 0x2330  NativeWifiP - ok
12:38:17.0866 0x2330  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:38:17.0886 0x2330  NDIS - ok
12:38:17.0896 0x2330  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:38:17.0926 0x2330  NdisCap - ok
12:38:17.0946 0x2330  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:38:17.0976 0x2330  NdisTapi - ok
12:38:17.0986 0x2330  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:38:18.0016 0x2330  Ndisuio - ok
12:38:18.0026 0x2330  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:38:18.0056 0x2330  NdisWan - ok
12:38:18.0056 0x2330  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:38:18.0086 0x2330  NDProxy - ok
12:38:18.0086 0x2330  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:38:18.0116 0x2330  NetBIOS - ok
12:38:18.0126 0x2330  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:38:18.0156 0x2330  NetBT - ok
12:38:18.0166 0x2330  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] Netlogon        C:\Windows\system32\lsass.exe
12:38:18.0186 0x2330  Netlogon - ok
12:38:18.0206 0x2330  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
12:38:18.0236 0x2330  Netman - ok
12:38:18.0286 0x2330  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:38:18.0296 0x2330  NetMsmqActivator - ok
12:38:18.0306 0x2330  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:38:18.0316 0x2330  NetPipeActivator - ok
12:38:18.0336 0x2330  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
12:38:18.0366 0x2330  netprofm - ok
12:38:18.0366 0x2330  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:38:18.0376 0x2330  NetTcpActivator - ok
12:38:18.0386 0x2330  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:38:18.0396 0x2330  NetTcpPortSharing - ok
12:38:18.0406 0x2330  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
12:38:18.0416 0x2330  nfrd960 - ok
12:38:18.0456 0x2330  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:38:18.0476 0x2330  NlaSvc - ok
12:38:18.0486 0x2330  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:38:18.0506 0x2330  Npfs - ok
12:38:18.0516 0x2330  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
12:38:18.0536 0x2330  nsi - ok
12:38:18.0546 0x2330  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:38:18.0576 0x2330  nsiproxy - ok
12:38:18.0636 0x2330  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:38:18.0686 0x2330  Ntfs - ok
12:38:18.0706 0x2330  NTIOLib_1_0_C - ok
12:38:18.0716 0x2330  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
12:38:18.0736 0x2330  Null - ok
12:38:18.0786 0x2330  [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
12:38:18.0796 0x2330  NVHDA - ok
12:38:19.0106 0x2330  [ 2232AE1BB51A96A7381A2CA17DF12E24, 4813E27BC14EB3CBD55AF89B098EA5C8DA4C7FF0B6CCB7AACFC43BC0E578C988 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:38:19.0426 0x2330  nvlddmkm - ok
12:38:19.0557 0x2330  [ 507E699BD36530491BA0F95251B22F06, BDE6EB91FADBCB8CE16C31EF43A97DC6CC5D0F4EBAEA7903810556D0D70F54BC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
12:38:19.0587 0x2330  NvNetworkService - ok
12:38:19.0607 0x2330  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:38:19.0617 0x2330  nvraid - ok
12:38:19.0627 0x2330  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:38:19.0637 0x2330  nvstor - ok
12:38:19.0717 0x2330  [ 7E4C1879248629A2C9CC9ADF52CBB9B7, 856FF60FD111C3C80B137BC62B7EF92D3B95FBA462A29F97D65457A5A507506E ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
12:38:19.0717 0x2330  NvStreamKms - ok
12:38:20.0177 0x2330  [ C3EB27E4BC00283CA166A9FC42B90FC7, FED7F68D1C6EB442292E40DCFAEE7339AE21D5EF726A9DC9BCB6AB5C5873B3E0 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
12:38:20.0667 0x2330  NvStreamSvc - ok
12:38:20.0737 0x2330  [ 2C8DD5A34A81715865D66D7AF39362A6, 62F9D873127921EE2EAA80B73E8994C4BF6DA7EEDACAEA030B8D58E086FD3850 ] nvsvc           C:\Windows\system32\nvvsvc.exe
12:38:20.0757 0x2330  nvsvc - ok
12:38:20.0797 0x2330  [ 1AF619620613869C07F9C147BC37520F, 0AD4E100354E201D5E72BA236C1464F5083A7E3B58C4AC6BA712489D258955F5 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
12:38:20.0807 0x2330  nvvad_WaveExtensible - ok
12:38:20.0827 0x2330  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:38:20.0837 0x2330  nv_agp - ok
12:38:20.0847 0x2330  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:38:20.0857 0x2330  ohci1394 - ok
12:38:20.0927 0x2330  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:38:20.0937 0x2330  ose - ok
12:38:21.0117 0x2330  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:38:21.0257 0x2330  osppsvc - ok
12:38:21.0287 0x2330  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:38:21.0307 0x2330  p2pimsvc - ok
12:38:21.0317 0x2330  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
12:38:21.0337 0x2330  p2psvc - ok
12:38:21.0357 0x2330  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
12:38:21.0377 0x2330  Parport - ok
12:38:21.0397 0x2330  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:38:21.0397 0x2330  partmgr - ok
12:38:21.0417 0x2330  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:38:21.0437 0x2330  PcaSvc - ok
12:38:21.0447 0x2330  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
12:38:21.0457 0x2330  pci - ok
12:38:21.0497 0x2330  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:38:21.0507 0x2330  pciide - ok
12:38:21.0527 0x2330  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
12:38:21.0537 0x2330  pcmcia - ok
12:38:21.0547 0x2330  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:38:21.0557 0x2330  pcw - ok
12:38:21.0577 0x2330  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:38:21.0617 0x2330  PEAUTH - ok
12:38:21.0657 0x2330  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:38:21.0667 0x2330  PerfHost - ok
12:38:21.0717 0x2330  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
12:38:21.0777 0x2330  pla - ok
12:38:21.0817 0x2330  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:38:21.0827 0x2330  PlugPlay - ok
12:38:21.0837 0x2330  PnkBstrA - ok
12:38:21.0857 0x2330  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:38:21.0867 0x2330  PNRPAutoReg - ok
12:38:21.0877 0x2330  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:38:21.0897 0x2330  PNRPsvc - ok
12:38:21.0927 0x2330  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:38:21.0957 0x2330  PolicyAgent - ok
12:38:21.0977 0x2330  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
12:38:22.0007 0x2330  Power - ok
12:38:22.0037 0x2330  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:38:22.0057 0x2330  PptpMiniport - ok
12:38:22.0067 0x2330  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
12:38:22.0077 0x2330  Processor - ok
12:38:22.0117 0x2330  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:38:22.0147 0x2330  ProfSvc - ok
12:38:22.0157 0x2330  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:38:22.0167 0x2330  ProtectedStorage - ok
12:38:22.0177 0x2330  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:38:22.0207 0x2330  Psched - ok
12:38:22.0247 0x2330  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
12:38:22.0307 0x2330  ql2300 - ok
12:38:22.0327 0x2330  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
12:38:22.0337 0x2330  ql40xx - ok
12:38:22.0357 0x2330  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
12:38:22.0377 0x2330  QWAVE - ok
12:38:22.0387 0x2330  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:38:22.0397 0x2330  QWAVEdrv - ok
12:38:22.0407 0x2330  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:38:22.0427 0x2330  RasAcd - ok
12:38:22.0457 0x2330  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:38:22.0477 0x2330  RasAgileVpn - ok
12:38:22.0487 0x2330  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
12:38:22.0517 0x2330  RasAuto - ok
12:38:22.0527 0x2330  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:38:22.0557 0x2330  Rasl2tp - ok
12:38:22.0567 0x2330  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
12:38:22.0607 0x2330  RasMan - ok
12:38:22.0617 0x2330  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:38:22.0637 0x2330  RasPppoe - ok
12:38:22.0647 0x2330  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:38:22.0677 0x2330  RasSstp - ok
12:38:22.0697 0x2330  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:38:22.0727 0x2330  rdbss - ok
12:38:22.0737 0x2330  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
12:38:22.0747 0x2330  rdpbus - ok
12:38:22.0757 0x2330  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:38:22.0777 0x2330  RDPCDD - ok
12:38:22.0807 0x2330  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:38:22.0827 0x2330  RDPENCDD - ok
12:38:22.0837 0x2330  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:38:22.0867 0x2330  RDPREFMP - ok
12:38:22.0897 0x2330  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:38:22.0917 0x2330  RDPWD - ok
12:38:22.0927 0x2330  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:38:22.0937 0x2330  rdyboost - ok
12:38:22.0967 0x2330  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:38:22.0987 0x2330  RemoteAccess - ok
12:38:23.0007 0x2330  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:38:23.0027 0x2330  RemoteRegistry - ok
12:38:23.0037 0x2330  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:38:23.0067 0x2330  RpcEptMapper - ok
12:38:23.0077 0x2330  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
12:38:23.0087 0x2330  RpcLocator - ok
12:38:23.0107 0x2330  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
12:38:23.0137 0x2330  RpcSs - ok
12:38:23.0147 0x2330  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:38:23.0177 0x2330  rspndr - ok
12:38:23.0217 0x2330  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
12:38:23.0237 0x2330  RTL8167 - ok
12:38:23.0247 0x2330  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] SamSs           C:\Windows\system32\lsass.exe
12:38:23.0257 0x2330  SamSs - ok
12:38:23.0267 0x2330  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:38:23.0277 0x2330  sbp2port - ok
12:38:23.0307 0x2330  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:38:23.0327 0x2330  SCardSvr - ok
12:38:23.0337 0x2330  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:38:23.0367 0x2330  scfilter - ok
12:38:23.0427 0x2330  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
12:38:23.0467 0x2330  Schedule - ok
12:38:23.0487 0x2330  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:38:23.0507 0x2330  SCPolicySvc - ok
12:38:23.0517 0x2330  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:38:23.0527 0x2330  SDRSVC - ok
12:38:23.0677 0x2330  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
12:38:23.0707 0x2330  SDScannerService - ok
12:38:23.0767 0x2330  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
12:38:23.0827 0x2330  SDUpdateService - ok
12:38:23.0857 0x2330  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
12:38:23.0867 0x2330  SDWSCService - ok
12:38:23.0887 0x2330  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:38:23.0917 0x2330  secdrv - ok
12:38:23.0927 0x2330  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
12:38:23.0957 0x2330  seclogon - ok
12:38:23.0967 0x2330  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
12:38:23.0997 0x2330  SENS - ok
12:38:24.0007 0x2330  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:38:24.0017 0x2330  SensrSvc - ok
12:38:24.0027 0x2330  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:38:24.0027 0x2330  Serenum - ok
12:38:24.0047 0x2330  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:38:24.0067 0x2330  Serial - ok
12:38:24.0067 0x2330  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
12:38:24.0077 0x2330  sermouse - ok
12:38:24.0097 0x2330  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
12:38:24.0127 0x2330  SessionEnv - ok
12:38:24.0137 0x2330  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:38:24.0147 0x2330  sffdisk - ok
12:38:24.0157 0x2330  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:38:24.0167 0x2330  sffp_mmc - ok
12:38:24.0177 0x2330  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:38:24.0187 0x2330  sffp_sd - ok
12:38:24.0197 0x2330  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
12:38:24.0207 0x2330  sfloppy - ok
12:38:24.0237 0x2330  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:38:24.0267 0x2330  SharedAccess - ok
12:38:24.0287 0x2330  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:38:24.0317 0x2330  ShellHWDetection - ok
12:38:24.0327 0x2330  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
12:38:24.0337 0x2330  SiSRaid2 - ok
12:38:24.0347 0x2330  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
12:38:24.0357 0x2330  SiSRaid4 - ok
12:38:24.0437 0x2330  [ A9C057A9463C25490CF99EA8DF8A4B35, 8F4D1C40D0F17EDBF84ED455B8946F782C7552383F0A07E410A9B6CFF7F51D63 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
12:38:24.0447 0x2330  SkypeUpdate - ok
12:38:24.0477 0x2330  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:38:24.0497 0x2330  Smb - ok
12:38:24.0537 0x2330  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:38:24.0547 0x2330  SNMPTRAP - ok
12:38:24.0557 0x2330  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:38:24.0567 0x2330  spldr - ok
12:38:24.0597 0x2330  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
12:38:24.0617 0x2330  Spooler - ok
12:38:24.0697 0x2330  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
12:38:24.0777 0x2330  sppsvc - ok
12:38:24.0797 0x2330  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:38:24.0817 0x2330  sppuinotify - ok
12:38:24.0847 0x2330  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:38:24.0867 0x2330  srv - ok
12:38:24.0887 0x2330  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:38:24.0897 0x2330  srv2 - ok
12:38:24.0907 0x2330  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:38:24.0917 0x2330  srvnet - ok
12:38:24.0937 0x2330  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:38:24.0967 0x2330  SSDPSRV - ok
12:38:24.0977 0x2330  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:38:25.0007 0x2330  SstpSvc - ok
12:38:25.0077 0x2330  [ CC7ED069C2FC82B5B1555C2044C765CC, CE43363544A3EE2C5133CD0D47BF34AFAFA4EAD6AC9EB9A772EE55E89D4D89D4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:38:25.0097 0x2330  Steam Client Service - ok
12:38:25.0207 0x2330  [ D2230317777033CD0456990BFC4994E5, 0F2F559593EAD7AB4596E67E9AE56E5ABF5C945201366CFC972357C22A4F776A ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:38:25.0217 0x2330  Stereo Service - ok
12:38:25.0237 0x2330  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
12:38:25.0247 0x2330  stexstor - ok
12:38:25.0287 0x2330  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\drivers\serscan.sys
12:38:25.0307 0x2330  StillCam - ok
12:38:25.0347 0x2330  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
12:38:25.0367 0x2330  stisvc - ok
12:38:25.0397 0x2330  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
12:38:25.0407 0x2330  swenum - ok
12:38:25.0427 0x2330  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
12:38:25.0467 0x2330  swprv - ok
12:38:25.0517 0x2330  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
12:38:25.0567 0x2330  SysMain - ok
12:38:25.0617 0x2330  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:38:25.0637 0x2330  TabletInputService - ok
12:38:25.0697 0x2330  [ B08740047145B9BCE15BF75CA0F9718A, 3E2A8A5A2A4DC4D0F05E22EA2C0EBD85AA5C7C6854E873D53538D1F54B8F7C63 ] tap0901t        C:\Windows\system32\DRIVERS\tap0901t.sys
12:38:25.0707 0x2330  tap0901t - detected UnsignedFile.Multi.Generic ( 1 )
12:38:28.0077 0x2330  Detect skipped due to KSN trusted
12:38:28.0077 0x2330  tap0901t - ok
12:38:28.0107 0x2330  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:38:28.0137 0x2330  TapiSrv - ok
12:38:28.0147 0x2330  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
12:38:28.0167 0x2330  TBS - ok
12:38:28.0247 0x2330  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:38:28.0287 0x2330  Tcpip - ok
12:38:28.0347 0x2330  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:38:28.0387 0x2330  TCPIP6 - ok
12:38:28.0407 0x2330  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:38:28.0417 0x2330  tcpipreg - ok
12:38:28.0447 0x2330  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:38:28.0447 0x2330  TDPIPE - ok
12:38:28.0467 0x2330  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:38:28.0477 0x2330  TDTCP - ok
12:38:28.0517 0x2330  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:38:28.0527 0x2330  tdx - ok
12:38:28.0537 0x2330  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
12:38:28.0547 0x2330  TermDD - ok
12:38:28.0597 0x2330  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
12:38:28.0617 0x2330  TermService - ok
12:38:28.0627 0x2330  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
12:38:28.0637 0x2330  Themes - ok
12:38:28.0657 0x2330  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
12:38:28.0677 0x2330  THREADORDER - ok
12:38:28.0697 0x2330  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
12:38:28.0717 0x2330  TrkWks - ok
12:38:28.0747 0x2330  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:38:28.0777 0x2330  TrustedInstaller - ok
12:38:28.0817 0x2330  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:38:28.0827 0x2330  tssecsrv - ok
12:38:28.0857 0x2330  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:38:28.0877 0x2330  TsUsbFlt - ok
12:38:28.0887 0x2330  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
12:38:28.0897 0x2330  TsUsbGD - ok
12:38:28.0927 0x2330  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:38:28.0957 0x2330  tunnel - ok
12:38:29.0037 0x2330  [ 2FD0FE0A0C721C8E47C5A3AE16E519B1, C0DE61AF32F01CF9BDA3E325F5F15D249C0FA4BB5FF720ED1916214907B4AF55 ] TunngleService  C:\Program Files (x86)\Tunngle\TnglCtrl.exe
12:38:29.0047 0x2330  TunngleService - detected UnsignedFile.Multi.Generic ( 1 )
12:38:31.0438 0x2330  Detect skipped due to KSN trusted
12:38:31.0438 0x2330  TunngleService - ok
12:38:31.0458 0x2330  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
12:38:31.0468 0x2330  uagp35 - ok
12:38:31.0478 0x2330  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:38:31.0508 0x2330  udfs - ok
12:38:31.0538 0x2330  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:38:31.0548 0x2330  UI0Detect - ok
12:38:31.0568 0x2330  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:38:31.0578 0x2330  uliagpkx - ok
12:38:31.0598 0x2330  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:38:31.0608 0x2330  umbus - ok
12:38:31.0628 0x2330  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
12:38:31.0638 0x2330  UmPass - ok
12:38:31.0738 0x2330  [ 1D2596FE2D7CF36C6F5F0D6B71E90E1E, B740DE7C7A3E5C4E5DF177673E823BC649C1351EE8AAAAAA76BBAE07606868D2 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:38:31.0788 0x2330  UNS - ok
12:38:31.0808 0x2330  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
12:38:31.0838 0x2330  upnphost - ok
12:38:31.0878 0x2330  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
12:38:31.0888 0x2330  USBAAPL64 - ok
12:38:31.0928 0x2330  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:38:31.0938 0x2330  usbccgp - ok
12:38:31.0978 0x2330  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:38:31.0988 0x2330  usbcir - ok
12:38:32.0028 0x2330  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
12:38:32.0038 0x2330  usbehci - ok
12:38:32.0058 0x2330  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:38:32.0078 0x2330  usbhub - ok
12:38:32.0108 0x2330  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
12:38:32.0118 0x2330  usbohci - ok
12:38:32.0138 0x2330  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
12:38:32.0148 0x2330  usbprint - ok
12:38:32.0168 0x2330  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:38:32.0178 0x2330  USBSTOR - ok
12:38:32.0188 0x2330  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
12:38:32.0198 0x2330  usbuhci - ok
12:38:32.0218 0x2330  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
12:38:32.0238 0x2330  UxSms - ok
12:38:32.0248 0x2330  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] VaultSvc        C:\Windows\system32\lsass.exe
12:38:32.0258 0x2330  VaultSvc - ok
12:38:32.0278 0x2330  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:38:32.0288 0x2330  vdrvroot - ok
12:38:32.0308 0x2330  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
12:38:32.0348 0x2330  vds - ok
12:38:32.0358 0x2330  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:38:32.0368 0x2330  vga - ok
12:38:32.0378 0x2330  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:38:32.0398 0x2330  VgaSave - ok
12:38:32.0418 0x2330  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:38:32.0428 0x2330  vhdmp - ok
12:38:32.0468 0x2330  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:38:32.0478 0x2330  viaide - ok
12:38:32.0488 0x2330  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:38:32.0498 0x2330  volmgr - ok
12:38:32.0508 0x2330  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:38:32.0528 0x2330  volmgrx - ok
12:38:32.0538 0x2330  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:38:32.0558 0x2330  volsnap - ok
12:38:32.0578 0x2330  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
12:38:32.0588 0x2330  vsmraid - ok
12:38:32.0638 0x2330  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
12:38:32.0708 0x2330  VSS - ok
12:38:32.0718 0x2330  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
12:38:32.0738 0x2330  vwifibus - ok
12:38:32.0768 0x2330  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
12:38:32.0798 0x2330  W32Time - ok
12:38:32.0848 0x2330  [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] W3SVC           C:\Windows\system32\inetsrv\iisw3adm.dll
12:38:32.0868 0x2330  W3SVC - ok
12:38:32.0888 0x2330  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
12:38:32.0898 0x2330  WacomPen - ok
12:38:32.0928 0x2330  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:38:32.0948 0x2330  WANARP - ok
12:38:32.0948 0x2330  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:38:32.0978 0x2330  Wanarpv6 - ok
12:38:33.0008 0x2330  [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
12:38:33.0018 0x2330  WAS - ok
12:38:33.0068 0x2330  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
12:38:33.0128 0x2330  wbengine - ok
12:38:33.0138 0x2330  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:38:33.0148 0x2330  WbioSrvc - ok
12:38:33.0168 0x2330  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:38:33.0188 0x2330  wcncsvc - ok
12:38:33.0198 0x2330  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:38:33.0208 0x2330  WcsPlugInService - ok
12:38:33.0228 0x2330  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
12:38:33.0238 0x2330  Wd - ok
12:38:33.0298 0x2330  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:38:33.0318 0x2330  Wdf01000 - ok
12:38:33.0368 0x2330  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:38:33.0388 0x2330  WdiServiceHost - ok
12:38:33.0398 0x2330  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:38:33.0408 0x2330  WdiSystemHost - ok
12:38:33.0428 0x2330  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
12:38:33.0448 0x2330  WebClient - ok
12:38:33.0478 0x2330  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:38:33.0498 0x2330  Wecsvc - ok
12:38:33.0518 0x2330  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:38:33.0538 0x2330  wercplsupport - ok
12:38:33.0558 0x2330  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:38:33.0588 0x2330  WerSvc - ok
12:38:33.0608 0x2330  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:38:33.0628 0x2330  WfpLwf - ok
12:38:33.0638 0x2330  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:38:33.0648 0x2330  WIMMount - ok
12:38:33.0668 0x2330  WinDefend - ok
12:38:33.0688 0x2330  WinHttpAutoProxySvc - ok
12:38:33.0728 0x2330  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:38:33.0748 0x2330  Winmgmt - ok
12:38:33.0828 0x2330  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
12:38:33.0868 0x2330  WinRM - ok
12:38:33.0908 0x2330  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
12:38:33.0928 0x2330  WinUsb - ok
12:38:33.0958 0x2330  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:38:33.0988 0x2330  Wlansvc - ok
12:38:34.0008 0x2330  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
12:38:34.0018 0x2330  WmiAcpi - ok
12:38:34.0038 0x2330  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:38:34.0048 0x2330  wmiApSrv - ok
12:38:34.0078 0x2330  WMPNetworkSvc - ok
12:38:34.0088 0x2330  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:38:34.0098 0x2330  WPCSvc - ok
12:38:34.0108 0x2330  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:38:34.0118 0x2330  WPDBusEnum - ok
12:38:34.0138 0x2330  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:38:34.0168 0x2330  ws2ifsl - ok
12:38:34.0178 0x2330  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
12:38:34.0188 0x2330  wscsvc - ok
12:38:34.0198 0x2330  WSearch - ok
12:38:34.0288 0x2330  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:38:34.0358 0x2330  wuauserv - ok
12:38:34.0398 0x2330  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:38:34.0408 0x2330  WudfPf - ok
12:38:34.0438 0x2330  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:38:34.0448 0x2330  WUDFRd - ok
12:38:34.0448 0x2330  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:38:34.0458 0x2330  wudfsvc - ok
12:38:34.0508 0x2330  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:38:34.0528 0x2330  WwanSvc - ok
12:38:34.0548 0x2330  ================ Scan global ===============================
12:38:34.0568 0x2330  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:38:34.0608 0x2330  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:38:34.0618 0x2330  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:38:34.0638 0x2330  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:38:34.0648 0x2330  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:38:34.0648 0x2330  [ Global ] - ok
12:38:34.0648 0x2330  ================ Scan MBR ==================================
12:38:34.0658 0x2330  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:38:34.0868 0x2330  \Device\Harddisk0\DR0 - ok
12:38:38.0739 0x2330  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
12:38:38.0829 0x2330  \Device\Harddisk1\DR1 - ok
12:38:38.0829 0x2330  ================ Scan VBR ==================================
12:38:38.0839 0x2330  [ F21A8AEC1BD290F29816A2AAA950A846 ] \Device\Harddisk0\DR0\Partition1
12:38:38.0839 0x2330  \Device\Harddisk0\DR0\Partition1 - ok
12:38:38.0849 0x2330  [ 22F5657DE29CA13244B70918581735B2 ] \Device\Harddisk0\DR0\Partition2
12:38:38.0849 0x2330  \Device\Harddisk0\DR0\Partition2 - ok
12:38:38.0849 0x2330  [ DFBDD57855D8EE48471707783CF4A43C ] \Device\Harddisk1\DR1\Partition1
12:38:38.0929 0x2330  \Device\Harddisk1\DR1\Partition1 - ok
12:38:38.0929 0x2330  ================ Scan generic autorun ======================
12:38:39.0109 0x2330  [ 06AE17E25394F483E62E84F336B05C85, 5BC07033F4F121E299D82B404C5B5B061694502BD24595AE8D54F62969D27AF5 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
12:38:39.0239 0x2330  RTHDVCPL - ok
12:38:39.0259 0x2330  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
12:38:39.0269 0x2330  ShadowPlay - ok
12:38:39.0359 0x2330  [ 4F011F572DAC7057DF9D6E9064AA77E8, CC05441572740A9996525C3B9382191022E4F918C45C09EC0DE4C11215F81008 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
12:38:39.0409 0x2330  NvBackend - ok
12:38:39.0429 0x2330  [ DBC3E6A9FC1EEDD366C86073854A5A1F, 1D079BBF43E36AED727FE3BDF1E0743C79F0D0CA30E4B7FB93170A40FCE2F2D4 ] C:\Program Files (x86)\MSI\Super-Charger\StartSuperCharger.exe
12:38:39.0439 0x2330  Super-Charger - detected UnsignedFile.Multi.Generic ( 1 )
12:38:41.0849 0x2330  Super-Charger ( UnsignedFile.Multi.Generic ) - warning
12:38:44.0379 0x2330  [ 851383DAEF93961E9868A1474AFFEEBD, 6262E7FF3D356FA4FC9523D941A0D9B09E7450AA466EA6063A0C264F1B99F1AE ] C:\Program Files (x86)\avmwlanstick\wlangui.exe
12:38:44.0419 0x2330  AVMWlanClient - detected UnsignedFile.Multi.Generic ( 1 )
12:38:46.0779 0x2330  Detect skipped due to KSN trusted
12:38:46.0779 0x2330  AVMWlanClient - ok
12:38:46.0889 0x2330  [ DA6DA7B1546E0D26EB2E1A015E24757C, 8DD459ECA7C72C900BDB70079D6861EC352EE2E4F0722EBD4FEB694885660462 ] C:\Program Files\Common~1\McAfee\Platform\mcuicnt.exe
12:38:46.0909 0x2330  mcpltui_exe - ok
12:38:46.0979 0x2330  [ 07A3A88C8E8FD71EAA2B7F39134788DA, 0AAB731BF14B8A96FF6DB84CDD2579C1DFE5E56838EF3D92B03AE738E89A92D1 ] C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe
12:38:46.0999 0x2330  ROCCAT Savu Gaming Mouse - detected UnsignedFile.Multi.Generic ( 1 )
12:38:49.0370 0x2330  Detect skipped due to KSN trusted
12:38:49.0370 0x2330  ROCCAT Savu Gaming Mouse - ok
12:38:49.0440 0x2330  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
12:38:49.0450 0x2330  HP Software Update - ok
12:38:49.0520 0x2330  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:38:49.0560 0x2330  Sidebar - ok
12:38:49.0590 0x2330  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:38:49.0600 0x2330  mctadmin - ok
12:38:49.0640 0x2330  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:38:49.0670 0x2330  Sidebar - ok
12:38:49.0670 0x2330  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:38:49.0690 0x2330  mctadmin - ok
12:38:49.0790 0x2330  [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
12:38:49.0840 0x2330  HP Officejet Pro 8600 (NET) - ok
12:38:49.0980 0x2330  [ 08DFA176E4FC0E63ACD8EC854449D2B0, B8CA204C3F318CD9D12F61CDDA5C66184A48D6206F019AD11DB2605FDBEB288D ] C:\Users\Nutzer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
12:38:50.0010 0x2330  Spotify Web Helper - ok
12:38:50.0050 0x2330  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:38:50.0080 0x2330  Sidebar - ok
12:38:50.0090 0x2330  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:38:50.0100 0x2330  mctadmin - ok
12:38:50.0100 0x2330  Waiting for KSN requests completion. In queue: 10
12:38:51.0100 0x2330  Waiting for KSN requests completion. In queue: 10
12:38:52.0100 0x2330  Waiting for KSN requests completion. In queue: 9
12:38:53.0110 0x2330  AV detected via SS2: McAfee Anti-Virus und Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 13.6.0.0 ), 0x51000 ( enabled : updated )
12:38:53.0110 0x2330  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 13.6.0.0 ), 0x51010 ( enabled )
12:38:55.0460 0x2330  ============================================================
12:38:55.0460 0x2330  Scan finished
12:38:55.0460 0x2330  ============================================================
12:38:55.0460 0x1d80  Detected object count: 1
12:38:55.0460 0x1d80  Actual detected object count: 1
12:39:00.0531 0x1d80  C:\Program Files (x86)\MSI\Super-Charger\StartSuperCharger.exe - copied to quarantine
12:39:00.0531 0x1d80  HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run:Super-Charger - will be deleted on reboot
12:39:00.0531 0x1d80  C:\Program Files (x86)\MSI\Super-Charger\StartSuperCharger.exe - will be deleted on reboot
12:39:00.0531 0x1d80  Super-Charger ( UnsignedFile.Multi.Generic ) - User select action: Delete 
12:39:00.0751 0x1d80  KLMD registered as C:\Windows\system32\drivers\86163685.sys
12:39:08.0411 0x1928  Deinitialize success
         

Alt 06.03.2015, 15:36   #8
schrauber
/// the machine
/// TB-Ausbilder
 

DHL-Fake-Email Link geöffnet - Standard

DHL-Fake-Email Link geöffnet



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Interenet Optimizer

    NewTabs Uninstall

    sweet-page uninstall

    WindowsMangerProtect20.0.0.1277 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.1277 - WindowsProtect LIMITED) <==== ATTENTION


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.03.2015, 19:50   #9
G00gler
 
DHL-Fake-Email Link geöffnet - Standard

DHL-Fake-Email Link geöffnet



Alles klar, bin jetzt eine Woche im Urlaub. Setz mich dann sofort dran, wenn ich wieder daheim bin.
Danke schonmal soweit

Alt 09.03.2015, 11:59   #10
schrauber
/// the machine
/// TB-Ausbilder
 

DHL-Fake-Email Link geöffnet - Standard

DHL-Fake-Email Link geöffnet



ok
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 13.03.2015, 16:56   #11
G00gler
 
DHL-Fake-Email Link geöffnet - Standard

DHL-Fake-Email Link geöffnet



So, bin wieder daheim.

Die beiden Programme habe ich mit Revo Uninstaller nicht gefunden:

sweet-page uninstall

WindowsMangerProtect20.0.0.1277 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.1277 - WindowsProtect LIMITED) <==== ATTENTION

die anderen beiden hab ich deinstalliert.




Combofix-Logfile:

Code:
ATTFilter
ComboFix 15-03-09.01 - Nutzer 13.03.2015  17:46:48.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8173.5364 [GMT 1:00]
ausgeführt von:: c:\users\Nutzer\Desktop\ComboFix.exe
AV: McAfee Anti-Virus und Anti-Spyware *Disabled/Updated* {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
FW: McAfee Firewall *Disabled* {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
SP: McAfee Anti-Virus und Anti-Spyware *Disabled/Updated* {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\wininit.ini
E:\install.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-02-13 bis 2015-03-13  ))))))))))))))))))))))))))))))
.
.
2015-03-13 16:34 . 2015-01-29 09:07	11910896	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{5FB6E575-4B1E-44F3-9906-ECC44E830CDF}\mpengine.dll
2015-03-13 16:24 . 2015-03-13 16:24	--------	d-----w-	c:\program files (x86)\VS Revo Group
2015-03-06 11:35 . 2015-03-06 11:39	--------	d-----w-	C:\TDSSKiller_Quarantine
2015-03-06 09:03 . 2015-03-06 09:03	--------	d-----w-	c:\program files (x86)\Common Files\Java
2015-03-06 09:00 . 2015-02-23 10:50	169584	----a-w-	c:\program files (x86)\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll
2015-03-06 09:00 . 2015-02-23 10:50	50288	----a-w-	c:\program files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2015-03-06 09:00 . 2015-02-23 13:47	924040	----a-w-	c:\program files (x86)\Mozilla Firefox\uninstall\helper.exe
2015-03-06 09:00 . 2013-10-05 09:38	970912	----a-w-	c:\program files (x86)\Mozilla Firefox\msvcr120.dll
2015-03-06 09:00 . 2013-10-05 09:38	455328	----a-w-	c:\program files (x86)\Mozilla Firefox\msvcp120.dll
2015-03-06 09:00 . 2013-08-22 05:03	3466856	----a-w-	c:\program files (x86)\Mozilla Firefox\d3dcompiler_47.dll
2015-03-05 22:34 . 2015-03-05 22:34	--------	d-----w-	C:\AdwCleaner
2015-03-05 19:40 . 2015-03-05 22:48	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-03-05 18:54 . 2015-03-13 16:44	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy 2
2015-03-05 18:51 . 2015-03-05 22:53	129752	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-03-05 18:50 . 2015-03-05 20:05	107736	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-03-05 18:50 . 2014-11-21 05:14	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-03-05 18:50 . 2014-11-21 05:14	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-03-05 18:50 . 2015-03-05 18:51	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2015-03-05 18:50 . 2015-03-05 18:50	--------	d-----w-	c:\programdata\Malwarebytes
2015-03-05 17:56 . 2015-03-05 17:59	--------	d-----w-	C:\FRST
2015-03-05 16:48 . 2015-03-05 16:48	--------	d-----w-	c:\programdata\Licenses
2015-03-05 16:38 . 2015-03-05 16:38	--------	d-----w-	c:\users\Nutzer\AppData\Roaming\Simply Super Software
2015-03-05 16:38 . 2015-03-05 16:38	--------	d-----w-	c:\program files (x86)\Trojan Remover
2015-03-05 16:38 . 2015-03-05 16:38	--------	d-----w-	c:\programdata\Simply Super Software
2015-03-05 16:36 . 2015-03-05 16:36	--------	d-----w-	C:\Quarantine
2015-03-05 16:34 . 2015-03-05 19:40	--------	d-----w-	c:\program files (x86)\stinger
2015-03-05 16:34 . 2015-03-05 16:34	--------	d-----w-	c:\users\Nutzer\AppData\Roaming\DesktopIconAmazon
2015-03-04 10:44 . 2015-03-04 10:44	163504	----a-w-	c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2015-03-03 10:49 . 2015-03-03 10:49	--------	d-----w-	c:\users\Nutzer\dwhelper
2015-03-02 15:34 . 2015-03-02 15:34	--------	d-----w-	c:\users\Nutzer\AppData\Local\Steam
2015-02-26 17:11 . 2015-01-09 03:14	91136	----a-w-	c:\windows\system32\wdi.dll
2015-02-26 17:11 . 2015-01-09 03:14	950272	----a-w-	c:\windows\system32\perftrack.dll
2015-02-26 17:11 . 2015-01-09 03:14	29696	----a-w-	c:\windows\system32\powertracker.dll
2015-02-26 17:11 . 2015-01-09 02:48	76800	----a-w-	c:\windows\SysWow64\wdi.dll
2015-02-22 07:42 . 2015-01-23 04:42	814080	----a-w-	c:\windows\system32\jscript9diag.dll
2015-02-22 07:42 . 2015-01-23 04:41	6041600	----a-w-	c:\windows\system32\jscript9.dll
2015-02-22 07:42 . 2015-01-23 03:43	620032	----a-w-	c:\windows\SysWow64\jscript9diag.dll
2015-02-22 07:42 . 2015-01-23 03:17	4300800	----a-w-	c:\windows\SysWow64\jscript9.dll
2015-02-17 08:30 . 2015-02-04 03:16	609280	----a-w-	c:\windows\system32\generaltel.dll
2015-02-17 08:30 . 2015-02-04 03:16	894976	----a-w-	c:\windows\system32\appraiser.dll
2015-02-17 08:30 . 2015-02-04 03:16	762368	----a-w-	c:\windows\system32\invagent.dll
2015-02-17 08:30 . 2015-02-04 03:16	414720	----a-w-	c:\windows\system32\devinv.dll
2015-02-17 08:30 . 2015-02-04 03:16	227328	----a-w-	c:\windows\system32\aepdu.dll
2015-02-17 08:30 . 2015-02-04 03:16	192000	----a-w-	c:\windows\system32\aepic.dll
2015-02-17 08:30 . 2015-02-04 03:13	1098752	----a-w-	c:\windows\system32\aeinv.dll
2015-02-17 08:30 . 2015-01-27 23:36	1239720	----a-w-	c:\windows\system32\aitstatic.exe
2015-02-17 08:27 . 2015-01-13 03:10	1424384	----a-w-	c:\windows\system32\WindowsCodecs.dll
2015-02-17 08:27 . 2015-01-13 02:49	1230336	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2015-02-17 08:25 . 2015-01-09 02:03	3201536	----a-w-	c:\windows\system32\win32k.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-06 09:02 . 2014-10-19 18:54	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-02-24 02:17 . 2010-11-21 03:27	295552	------w-	c:\windows\system32\MpSigStub.exe
2015-02-17 08:32 . 2012-09-28 09:47	116773704	----a-w-	c:\windows\system32\MRT.exe
2015-02-06 09:29 . 2012-09-29 15:53	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-06 09:29 . 2012-09-29 15:53	701616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-14 04:03 . 2013-11-07 13:07	627912	----a-w-	c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-12-19 22:33 . 2012-10-26 13:16	281688	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2014-12-19 22:33 . 2012-10-26 12:20	281688	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2014-12-19 03:06 . 2015-01-16 17:36	210432	----a-w-	c:\windows\system32\profsvc.dll
2014-12-19 01:46 . 2015-01-16 17:36	141312	----a-w-	c:\windows\system32\drivers\mrxdav.sys
2014-12-18 20:13 . 2012-10-26 12:20	281688	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-11-07 14:09	222712	----a-w-	c:\users\Nutzer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-11-07 14:09	222712	----a-w-	c:\users\Nutzer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-11-07 14:09	222712	----a-w-	c:\users\Nutzer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12	152544	----a-w-	c:\users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12	152544	----a-w-	c:\users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12	152544	----a-w-	c:\users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12	152544	----a-w-	c:\users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12	152544	----a-w-	c:\users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12	152544	----a-w-	c:\users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12	152544	----a-w-	c:\users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12	152544	----a-w-	c:\users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Officejet Pro 8600 (NET)"="c:\program files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" [2012-10-17 2573416]
"Spotify Web Helper"="c:\users\Nutzer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-12-11 1676344]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVMWlanClient"="c:\program files (x86)\avmwlanstick\wlangui.exe" [2009-03-20 1904640]
"mcpltui_exe"="c:\program files\Common~1\McAfee\Platform\mcuicnt.exe" [2014-09-17 643064]
"ROCCAT Savu Gaming Mouse"="c:\program files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe" [2012-09-10 872048]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2013-05-30 96056]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-10-15 157480]
"TrojanScanner"="c:\program files (x86)\Trojan Remover\Trjscan.exe" [2014-10-16 1791856]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-02-10 335232]
.
c:\users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
An OneNote senden.lnk - c:\program files\Microsoft Office 15\root\office15\ONENOTEM.EXE /tsr [2014-9-26 195240]
Dropbox.lnk - c:\users\Nutzer\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-2-11 42555824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R2 0007051426264173mcinstcleanup;McAfee Application Installer Cleanup (0007051426264173);c:\windows\TEMP\000705~1.EXE;c:\windows\TEMP\000705~1.EXE [x]
R2 51cdb72;Optimizer Pro Crash Monitor;c:\windows\system32\rundll32.exe;c:\windows\SYSNATIVE\rundll32.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys;c:\windows\SYSNATIVE\DRIVERS\mfencrk.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;d:\ntiolib_x64.sys;d:\NTIOLib_X64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys;c:\windows\SYSNATIVE\DRIVERS\asahci64.sys [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
S2 ClickToRunSvc;Microsoft Office-Klick-und-Los-Dienst;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [x]
S2 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x]
S2 mccspsvc;McAfee CSP Service;c:\program files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe;c:\program files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe [x]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [x]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
S3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\DRIVERS\fwlanusb.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusb.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys;c:\windows\SYSNATIVE\DRIVERS\mfencbdc.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs	REG_MULTI_SZ   	w3svc was
apphost	REG_MULTI_SZ   	apphostsvc
.
Inhalt des "geplante Tasks" Ordners
.
2015-03-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-29 09:29]
.
2015-03-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-15 17:02]
.
2015-03-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-15 17:02]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-11-07 14:09	261624	----a-w-	c:\users\Nutzer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-11-07 14:09	261624	----a-w-	c:\users\Nutzer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-11-07 14:09	261624	----a-w-	c:\users\Nutzer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-01-14 07:20	2334928	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-01-14 07:20	2334928	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-01-14 07:20	2334928	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12	185824	----a-w-	c:\users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12	185824	----a-w-	c:\users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12	185824	----a-w-	c:\users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12	185824	----a-w-	c:\users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12	185824	----a-w-	c:\users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12	185824	----a-w-	c:\users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12	185824	----a-w-	c:\users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12	185824	----a-w-	c:\users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-09-09 7466600]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-09-17 2799784]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-09-17 2460488]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mDefault_Search_URL = www.google.com
mDefault_Page_URL = www.google.com
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = www.google.com
uInternet Settings,ProxyOverride = fritz.box;*.local
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\dbvvazox.default\
FF - prefs.js: browser.search.selectedEngine - Sichere Suche
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxps://de.search.yahoo.com/search?fr=mcafee&type=B111DE0D20130825&p=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
SafeBoot-48622806.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-421047855-1012536844-3739120656-1000\Software\SecuROM\License information*]
"datasecu"=hex:f7,3a,a8,61,c6,f2,bf,d1,d8,5a,5b,77,ab,cd,7c,f7,93,24,26,18,40,
   67,c5,11,be,65,a2,94,a6,78,01,42,f4,02,24,80,a2,25,5c,ef,e0,78,e1,d6,f3,f4,\
"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-03-13  17:53:55
ComboFix-quarantined-files.txt  2015-03-13 16:53
.
Vor Suchlauf: 19 Verzeichnis(se), 64.103.354.368 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 63.815.057.408 Bytes frei
.
- - End Of File - - FCB9A50E2731BF3003199840B4D6998B
A36C5E4F47E84449FF07ED3517B43A31
         

Alt 14.03.2015, 08:37   #12
schrauber
/// the machine
/// TB-Ausbilder
 

DHL-Fake-Email Link geöffnet - Standard

DHL-Fake-Email Link geöffnet



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 14.03.2015, 10:14   #13
G00gler
 
DHL-Fake-Email Link geöffnet - Standard

DHL-Fake-Email Link geöffnet



mbam Logfile:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 14.03.2015
Suchlauf-Zeit: 10:34:13
Logdatei: mbam2.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.03.14.02
Rootkit Datenbank: v2015.02.25.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Nutzer

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 400715
Verstrichene Zeit: 13 Min, 55 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 1
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [d7932c19791174c20441c6938f74629e], 

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         



AdwCleaner Logfile:

Code:
ATTFilter
# AdwCleaner v4.112 - Bericht erstellt 14/03/2015 um 10:52:48
# Aktualisiert 09/03/2015 von Xplode
# Datenbank : 2015-03-05.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Nutzer - NUTZER-PC
# Gestarted von : C:\Users\Nutzer\Desktop\AdwCleaner_4.112.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : 51cdb72

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\ProShopper
Ordner Gelöscht : C:\ProgramData\fb1400bdf8fbd833
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Player
Ordner Gelöscht : C:\Program Files (x86)\FLV Player
Ordner Gelöscht : C:\Users\Nutzer\Documents\Optimizer Pro

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Schlüssel Gelöscht : HKLM\SOFTWARE\V9Software
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DesktopIconAmazon
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - fritz.box;*.local

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17689

Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v36.0.1 (x86 de)

[dbvvazox.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.PjvgZhbQIG8OPFd5.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[dbvvazox.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.PjvgZhbQIG8OPFd5.url", "hxxp://sweetdiaryset.info/sync2/?q=hfZ9oemPC7FPtNbPhd96qHCMg708BNmGWj8wmihGheDUojw9rjsGrTsHrdkGrchIC7n0rjnFrTsGrTrGrHnHtNhVCT94tMVKhd9Grjn6qdYHqTn6tNqHhd9[...]
[dbvvazox.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.quick_start.enable_search1", false);
[dbvvazox.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", true);
[dbvvazox.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none}  #psa-teoma-result .ptbs .WRCN,  #teoma-results .ptbs .WRCN {display:inline !important; background: url(\"IMAGE\") right no-[...]
[dbvvazox.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");

-\\ Chromium v


*************************

AdwCleaner[R0].txt - [3992 Bytes] - [14/03/2015 10:51:50]
AdwCleaner[S0].txt - [3663 Bytes] - [14/03/2015 10:52:48]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3722  Bytes] ##########
         

JRT Logfile:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.3 (03.01.2015:1)
OS: Windows 7 Home Premium x64
Ran by Nutzer on 14.03.2015 at 11:01:21,46
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Emptied folder: C:\Users\Nutzer\AppData\Roaming\mozilla\firefox\profiles\dbvvazox.default\minidumps [191 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.03.2015 at 11:03:38,92
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Und hier die frischen FRST Logs

FRST:


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Nutzer (administrator) on NUTZER-PC on 14-03-2015 11:09:51
Running from C:\Users\Nutzer\Desktop
Loaded Profiles: Nutzer (Available profiles: Nutzer & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Spotify Ltd) C:\Users\Nutzer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
() C:\Windows\SysWOW64\PnkBstrA.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7466600 2011-09-09] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [1904640 2009-03-20] (AVM Berlin)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [643064 2014-09-17] (McAfee, Inc.)
HKLM-x32\...\Run: [ROCCAT Savu Gaming Mouse] => C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe [872048 2012-09-10] (ROCCAT GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [TrojanScanner] => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1791856 2014-10-16] (Simply Super Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-421047855-1012536844-3739120656-1000\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-421047855-1012536844-3739120656-1000\...\Run: [Spotify Web Helper] => C:\Users\Nutzer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-11] (Spotify Ltd)
HKU\S-1-5-18\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoControlPanel] 0
Startup: C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-421047855-1012536844-3739120656-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-421047855-1012536844-3739120656-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-421047855-1012536844-3739120656-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-12-02] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-12-03] (Oracle Corporation)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-01-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-12-03] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-06] (Oracle Corporation)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-01-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-06] (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-08-26] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-01-13] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-01-13] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\dbvvazox.default
FF NewTab: about:blank
FF SearchEngineOrder.1: Sichere Suche
FF SelectedSearchEngine: Sichere Suche
FF Homepage: about:home
FF Keyword.URL: https://de.search.yahoo.com/search?fr=mcafee&type=B111DE0D20130825&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-06] ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-12-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-12-03] (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-01-13] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-06] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll [2012-09-07] (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-06] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-01-13] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-11-07] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-421047855-1012536844-3739120656-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-12-18] ()
FF SearchPlugin: C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\dbvvazox.default\searchplugins\google-images.xml [2014-11-26]
FF SearchPlugin: C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\dbvvazox.default\searchplugins\google-maps.xml [2014-11-26]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-03-06]
FF Extension: DownloadHelper - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\dbvvazox.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-05]
FF Extension: Cliqz Beta - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\dbvvazox.default\Extensions\cliqz@cliqz.com.xpi [2014-11-26]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-06-21]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-06-21]
FF HKU\S-1-5-21-421047855-1012536844-3739120656-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\dbvvazox.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-03-13]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-03-13]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [368640 2009-03-20] (AVM Berlin) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2711736 2015-01-13] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McAfee SiteAdvisor Service; c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [154856 2015-03-11] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2015-01-13] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe [422632 2014-11-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [601864 2015-01-07] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1050952 2014-11-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-12-12] ()
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [745368 2012-11-26] (Tunngle.net GmbH) [File not signed]
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 0007051426264173mcinstcleanup; C:\Windows\TEMP\000705~1.EXE -cleanup -nolog [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [36448 2011-03-02] (Asmedia Technology)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2009-03-20] (AVM Berlin)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2009-03-20] (AVM GmbH)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-14] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-14 11:09 - 2015-03-14 11:10 - 00023949 _____ () C:\Users\Nutzer\Desktop\FRST.txt
2015-03-14 11:09 - 2015-03-14 11:09 - 00000000 ____D () C:\Users\Nutzer\Desktop\FRST-OlderVersion
2015-03-14 11:03 - 2015-03-14 11:03 - 00000830 _____ () C:\Users\Nutzer\Desktop\JRT.txt
2015-03-14 10:59 - 2015-03-14 10:59 - 01388333 _____ (Thisisu) C:\Users\Nutzer\Desktop\JRT(1).exe
2015-03-14 10:50 - 2015-03-14 10:50 - 02171392 _____ () C:\Users\Nutzer\Desktop\AdwCleaner_4.112.exe
2015-03-14 10:49 - 2015-03-14 10:49 - 00001315 _____ () C:\Users\Nutzer\Desktop\mbam2.txt
2015-03-13 17:55 - 2015-03-13 17:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-13 17:53 - 2015-03-13 17:53 - 00031848 _____ () C:\ComboFix.txt
2015-03-13 17:45 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-03-13 17:45 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-03-13 17:45 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-03-13 17:45 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-03-13 17:45 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-03-13 17:45 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-03-13 17:45 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-03-13 17:45 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-03-13 17:42 - 2015-03-13 17:53 - 00000000 ____D () C:\Qoobox
2015-03-13 17:42 - 2015-03-13 17:52 - 00000000 ____D () C:\Windows\erdnt
2015-03-13 17:38 - 2015-02-20 05:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-13 17:38 - 2015-02-20 05:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-13 17:38 - 2015-02-20 05:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-13 17:38 - 2015-02-20 05:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-13 17:38 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-13 17:38 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-13 17:38 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-13 17:38 - 2015-02-20 05:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-13 17:38 - 2015-02-20 04:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-13 17:38 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-13 17:38 - 2015-02-03 04:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-13 17:38 - 2015-02-03 04:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-13 17:38 - 2015-02-03 04:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-13 17:38 - 2015-02-03 04:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-13 17:38 - 2015-02-03 04:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-13 17:38 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-13 17:38 - 2015-02-03 04:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-13 17:38 - 2015-02-03 04:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-13 17:38 - 2015-02-03 04:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-13 17:38 - 2015-02-03 04:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-13 17:38 - 2015-02-03 04:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-13 17:38 - 2015-02-03 04:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-13 17:38 - 2015-02-03 04:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-13 17:38 - 2015-02-03 04:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-13 17:38 - 2015-02-03 04:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-13 17:38 - 2015-02-03 04:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-13 17:38 - 2015-02-03 04:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-13 17:38 - 2015-02-03 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-13 17:38 - 2015-02-03 04:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-13 17:38 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-13 17:38 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-13 17:38 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-13 17:38 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-13 17:38 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-13 17:38 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-13 17:38 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-13 17:38 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-13 17:38 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-13 17:38 - 2015-02-03 03:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-13 17:38 - 2014-10-31 23:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-13 17:38 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-13 17:38 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-13 17:37 - 2015-03-06 06:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-13 17:37 - 2015-03-06 06:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-13 17:37 - 2015-03-06 06:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-13 17:37 - 2015-03-06 06:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-13 17:37 - 2015-03-06 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-13 17:37 - 2015-03-06 06:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-13 17:37 - 2015-03-06 06:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-13 17:37 - 2015-03-06 06:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-13 17:37 - 2015-03-06 06:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-13 17:37 - 2015-03-06 06:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-13 17:37 - 2015-03-06 06:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-13 17:37 - 2015-03-06 06:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-13 17:37 - 2015-03-06 06:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-13 17:37 - 2015-03-06 06:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-13 17:37 - 2015-03-06 06:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-13 17:37 - 2015-03-06 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-13 17:37 - 2015-03-06 06:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-13 17:37 - 2015-03-06 06:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-13 17:37 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-13 17:37 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-13 17:37 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-13 17:37 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-13 17:37 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-13 17:37 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-13 17:37 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-13 17:37 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-13 17:37 - 2015-03-06 06:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-13 17:37 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-13 17:37 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-13 17:37 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-13 17:37 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-13 17:37 - 2015-02-26 04:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-13 17:37 - 2015-02-24 04:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-13 17:37 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-13 17:37 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-13 17:37 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-13 17:37 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-13 17:37 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-13 17:37 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-13 17:37 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-13 17:37 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-13 17:37 - 2015-02-20 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-13 17:37 - 2015-02-20 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-13 17:37 - 2015-02-20 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-13 17:37 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-13 17:37 - 2015-02-20 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-13 17:37 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-13 17:37 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-13 17:37 - 2015-02-20 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-13 17:37 - 2015-02-20 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-13 17:37 - 2015-02-20 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-13 17:37 - 2015-02-20 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-13 17:37 - 2015-02-20 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-13 17:37 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-13 17:37 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-13 17:37 - 2015-02-20 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-13 17:37 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-13 17:37 - 2015-02-20 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-13 17:37 - 2015-02-20 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-13 17:37 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-13 17:37 - 2015-02-20 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-13 17:37 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-13 17:37 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-13 17:37 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-13 17:37 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-13 17:37 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-13 17:37 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-13 17:37 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-13 17:37 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-13 17:37 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-13 17:37 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-13 17:37 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-13 17:37 - 2015-02-20 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-13 17:37 - 2015-02-20 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-13 17:37 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-13 17:37 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-13 17:37 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-13 17:37 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-13 17:37 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-13 17:37 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-13 17:37 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-13 17:37 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-13 17:37 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-13 17:37 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-13 17:37 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-13 17:37 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-13 17:37 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-13 17:37 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-13 17:37 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-13 17:37 - 2015-02-13 06:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-13 17:37 - 2015-02-03 04:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-13 17:37 - 2015-02-03 04:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-13 17:37 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-13 17:37 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-13 17:37 - 2015-01-31 00:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-13 17:37 - 2015-01-17 03:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-13 17:37 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-13 17:34 - 2015-02-04 04:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-13 17:34 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-13 17:24 - 2015-03-13 17:24 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Nutzer\Downloads\revosetup95.exe
2015-03-13 17:24 - 2015-03-13 17:24 - 00001270 _____ () C:\Users\Nutzer\Desktop\Revo Uninstaller.lnk
2015-03-13 17:24 - 2015-03-13 17:24 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-03-06 12:35 - 2015-03-06 12:39 - 00000000 ____D () C:\TDSSKiller_Quarantine
2015-03-05 23:36 - 2015-03-05 23:36 - 01388333 _____ (Thisisu) C:\Users\Nutzer\Downloads\JRT.exe
2015-03-05 23:34 - 2015-03-14 10:52 - 00000000 ____D () C:\AdwCleaner
2015-03-05 23:34 - 2015-03-05 23:34 - 02126848 _____ () C:\Users\Nutzer\Downloads\AdwCleaner_4.111.exe
2015-03-05 20:40 - 2015-03-05 23:48 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-05 20:29 - 2015-03-05 21:27 - 00000000 ____D () C:\Users\Nutzer\Desktop\mbar
2015-03-05 19:54 - 2015-03-13 18:15 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-03-05 19:52 - 2015-03-05 19:53 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Nutzer\Desktop\mbar-1.09.1.1004.exe
2015-03-05 19:51 - 2015-03-14 10:33 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-05 19:51 - 2015-03-05 19:51 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-05 19:51 - 2015-03-05 19:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-03-05 19:50 - 2015-03-05 21:05 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-05 19:50 - 2015-03-05 19:51 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-03-05 19:50 - 2015-03-05 19:50 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-05 19:50 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-05 19:50 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-05 19:47 - 2015-03-05 19:47 - 01203488 _____ () C:\Users\Nutzer\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2015-03-05 19:39 - 2015-03-05 19:39 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Nutzer\Desktop\tdsskiller.exe
2015-03-05 19:35 - 2015-03-05 23:55 - 00000000 ____D () C:\Users\Nutzer\Desktop\Möglicher Trojanerbefall
2015-03-05 19:11 - 2015-03-05 19:11 - 02347384 _____ (ESET) C:\Users\Nutzer\Downloads\esetsmartinstaller_deu.exe
2015-03-05 18:58 - 2015-03-05 18:59 - 00041286 _____ () C:\Users\Nutzer\Downloads\Addition.txt
2015-03-05 18:56 - 2015-03-14 11:09 - 00000000 ____D () C:\FRST
2015-03-05 18:56 - 2015-03-05 18:59 - 00049770 _____ () C:\Users\Nutzer\Downloads\FRST.txt
2015-03-05 18:55 - 2015-03-14 11:09 - 02095616 _____ (Farbar) C:\Users\Nutzer\Desktop\FRST64.exe
2015-03-05 18:41 - 2015-03-05 18:42 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Nutzer\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-05 18:03 - 2015-03-05 20:39 - 00000890 _____ () C:\Users\Nutzer\Downloads\Stinger_05032015_180338.html
2015-03-05 17:56 - 2015-03-13 23:51 - 00016974 _____ () C:\Windows\PFRO.log
2015-03-05 17:52 - 2015-03-05 17:52 - 00148472 _____ () C:\Users\Nutzer\Documents\cc_20150305_175230.reg
2015-03-05 17:48 - 2015-03-05 17:48 - 00000000 ____D () C:\ProgramData\Licenses
2015-03-05 17:40 - 2015-03-05 17:40 - 00000000 _____ () C:\Users\Nutzer\Downloads\Stinger_05032015_174047.html
2015-03-05 17:38 - 2015-03-05 17:38 - 00000000 ____D () C:\Users\Nutzer\Documents\Simply Super Software
2015-03-05 17:38 - 2015-03-05 17:38 - 00000000 ____D () C:\Users\Nutzer\AppData\Roaming\Simply Super Software
2015-03-05 17:38 - 2015-03-05 17:38 - 00000000 ____D () C:\ProgramData\Simply Super Software
2015-03-05 17:38 - 2015-03-05 17:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
2015-03-05 17:38 - 2015-03-05 17:38 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2015-03-05 17:37 - 2015-03-05 17:39 - 00000858 _____ () C:\Users\Nutzer\Downloads\Stinger_05032015_173706.html
2015-03-05 17:36 - 2015-03-05 17:36 - 00000000 ____D () C:\Quarantine
2015-03-05 17:34 - 2015-03-05 20:40 - 00000116 ___RH () C:\Users\Nutzer\Downloads\Stinger.opt
2015-03-05 17:34 - 2015-03-05 20:40 - 00000000 ____D () C:\Program Files (x86)\stinger
2015-03-05 17:34 - 2015-03-05 17:36 - 11582832 _____ (McAfee Inc) C:\Users\Nutzer\Downloads\stinger32(1).exe
2015-03-05 17:34 - 2015-03-05 17:34 - 00001472 _____ () C:\Users\Nutzer\Desktop\amazon.de.lnk
2015-03-05 17:34 - 2015-03-05 17:34 - 00000000 ____D () C:\Users\Nutzer\AppData\Roaming\DesktopIconAmazon
2015-03-05 17:33 - 2015-03-05 17:33 - 01203488 _____ () C:\Users\Nutzer\Downloads\Trojan Remover - CHIP-Installer.exe
2015-03-05 17:31 - 2015-03-05 17:33 - 14459760 _____ (McAfee Inc) C:\Users\Nutzer\Downloads\stinger32.exe
2015-03-05 17:30 - 2015-03-14 10:54 - 00001848 _____ () C:\Windows\setupact.log
2015-03-05 17:30 - 2015-03-05 17:30 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-03 11:49 - 2015-03-03 11:49 - 00000000 ____D () C:\Users\Nutzer\dwhelper
2015-03-02 16:34 - 2015-03-02 16:34 - 00000000 ____D () C:\Users\Nutzer\AppData\Local\Steam
2015-03-01 14:15 - 2015-03-01 14:15 - 00000000 ____D () C:\Windows\pss
2015-03-01 14:14 - 2015-03-14 10:58 - 01526226 _____ () C:\Windows\WindowsUpdate.log
2015-02-26 18:11 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-26 18:11 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-26 18:11 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-26 18:11 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-25 15:12 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 15:12 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-17 09:30 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-17 09:30 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-17 09:30 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-17 09:30 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-17 09:30 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-17 09:30 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-17 09:30 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-17 09:30 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-17 09:26 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-17 09:26 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-17 09:26 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-17 09:26 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-17 09:26 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-17 09:26 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-17 09:26 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-14 11:10 - 2013-06-13 20:57 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-14 11:02 - 2009-07-14 05:45 - 00028912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-14 11:02 - 2009-07-14 05:45 - 00028912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-14 11:00 - 2013-02-02 15:52 - 00000000 ___RD () C:\Users\Nutzer\Dropbox
2015-03-14 10:56 - 2013-02-02 15:50 - 00000000 ____D () C:\Users\Nutzer\AppData\Roaming\Dropbox
2015-03-14 10:54 - 2013-12-15 18:02 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-14 10:54 - 2012-09-28 10:33 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-14 10:54 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-14 10:50 - 2013-12-15 18:02 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-13 23:57 - 2013-02-02 15:52 - 00001029 _____ () C:\Users\Nutzer\Desktop\Dropbox.lnk
2015-03-13 23:57 - 2013-02-02 15:50 - 00000000 ____D () C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-03-13 23:51 - 2012-09-29 16:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-13 20:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-03-13 18:19 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-13 18:19 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-13 18:18 - 2009-07-14 05:45 - 00328216 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-13 18:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-13 18:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-13 18:06 - 2013-07-22 09:43 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-13 18:04 - 2014-03-15 13:40 - 00000000 ____D () C:\Users\DefaultAppPool
2015-03-13 17:59 - 2012-09-28 10:47 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-13 17:53 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-03-13 17:52 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-03-13 17:49 - 2013-02-27 16:16 - 00000000 ____D () C:\ProgramData\Temp
2015-03-13 17:44 - 2013-06-24 12:37 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-03-13 17:29 - 2013-06-21 18:30 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-03-06 10:28 - 2012-11-16 20:13 - 00000000 ____D () C:\Users\Nutzer\AppData\Roaming\Skype
2015-03-06 10:08 - 2014-09-05 16:16 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-06 10:08 - 2012-11-16 20:13 - 00000000 ____D () C:\ProgramData\Skype
2015-03-06 10:02 - 2014-10-19 19:54 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-03-06 10:02 - 2014-10-19 19:54 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-06 10:00 - 2012-09-29 16:57 - 00001165 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-06 10:00 - 2012-09-29 16:57 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-05 23:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Registration
2015-03-05 22:47 - 2014-12-18 14:03 - 00000000 ____D () C:\Users\Nutzer\AppData\Roaming\uTorrent
2015-03-05 17:13 - 2012-11-09 22:31 - 00000000 ____D () C:\Users\Nutzer\AppData\Roaming\TS3Client
2015-03-05 17:13 - 2012-10-01 16:48 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-04 00:09 - 2012-12-27 16:39 - 00000000 ____D () C:\Users\Nutzer\AppData\Roaming\.minecraft
2015-03-03 19:51 - 2012-11-05 20:23 - 00000000 ____D () C:\Users\Nutzer\AppData\Roaming\Spotify
2015-03-03 11:49 - 2012-09-28 10:20 - 00000000 ____D () C:\Users\Nutzer
2015-03-02 11:29 - 2012-11-05 20:25 - 00000000 ____D () C:\Users\Nutzer\AppData\Local\Spotify
2015-03-01 15:03 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-01 14:13 - 2014-06-03 09:07 - 00000000 ____D () C:\Users\Nutzer\AppData\Roaming\Curse Client
2015-03-01 14:09 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-27 11:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-24 03:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-22 08:43 - 2013-11-07 13:26 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-02-17 09:54 - 2014-12-11 14:40 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-17 09:54 - 2014-05-06 09:08 - 00000000 ___SD () C:\Windows\system32\CompatTel

==================== Files in the root of some directories =======

2014-04-03 15:51 - 2014-04-03 15:51 - 0000268 ___RH () C:\Users\Nutzer\AppData\Roaming\External Build System
2014-04-03 15:52 - 2014-04-03 15:52 - 0000268 ___RH () C:\Users\Nutzer\AppData\Roaming\File Templates
2014-04-03 15:51 - 2014-04-03 15:51 - 0000268 ___RH () C:\Users\Nutzer\AppData\Roaming\Filesystems
2014-04-03 15:51 - 2014-04-03 15:51 - 0000268 ___RH () C:\Users\Nutzer\AppData\Roaming\Framework
2014-11-25 22:01 - 2014-12-18 15:17 - 0000254 _____ () C:\Users\Nutzer\AppData\Roaming\mainhst.zgh
2013-09-04 12:21 - 2013-09-04 12:21 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-04-03 15:51 - 2014-04-03 15:51 - 0000268 ___RH () C:\ProgramData\Filters
2014-04-03 15:52 - 2014-04-03 15:52 - 0000268 ___RH () C:\ProgramData\Flags
2014-04-03 15:51 - 2014-04-03 15:51 - 0000268 ___RH () C:\ProgramData\Flange Saw
2012-10-28 22:01 - 2013-05-22 10:41 - 0006614 _____ () C:\ProgramData\flcd_proxy.log
2014-04-03 15:51 - 2014-04-03 15:51 - 0000268 ___RH () C:\ProgramData\Galactic Static
2014-04-03 15:51 - 2014-04-03 15:51 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2014-04-03 15:52 - 2014-04-03 15:52 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2014-04-03 15:51 - 2014-05-04 17:53 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2014-04-03 15:51 - 2014-05-04 17:52 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT

Some content of TEMP:
====================
C:\Users\Nutzer\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpe34fas.dll
C:\Users\Nutzer\AppData\Local\Temp\Quarantine.exe
C:\Users\Nutzer\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-05 16:02

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---



Addition Log:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Nutzer at 2015-03-14 11:10:40
Running from C:\Users\Nutzer\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1030 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AntiBrowserSpy (HKLM-x32\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 4.0.110 - Abelssoft)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.1.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.2.1.000 - Asmedia Technology)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 1.138.0 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty 4: Modern Warfare (HKLM-x32\...\Steam App 7940) (Version:  - Infinity Ward)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - )
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 4.04 - Piriform)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.31 - Cliqz.com)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3618 - CyberLink Corp.)
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
Dead Island Riptide (HKLM-x32\...\Steam App 216250) (Version:  - Techland)
Defy Gravity (HKLM-x32\...\Steam App 96100) (Version:  - Fish Factory Games)
Deus Ex: Human Revolution - Director's Cut (HKLM-x32\...\Steam App 238010) (Version:  - Eidos Montreal)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
Dropbox (HKU\S-1-5-21-421047855-1012536844-3739120656-1000\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
Far Cry 3 Blood Dragon (HKLM-x32\...\{A071F478-73E0-4143-AE55-4DD6BABD74F5}) (Version: 1.00 - Ubisoft)
Fragen-Lern-CD 4.0 (HKLM-x32\...\de.3m5.wendel.flcd.FLCDB.4E7DF207D694E815646D9C9DD7DC91A41EB7FD23.1) (Version: 4.0.1 - Wendel-Verlag GmbH)
Fragen-Lern-CD 4.0 (x32 Version: 4.0.1 - Wendel-Verlag GmbH) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{D2D05FDB-4EDA-462D-8DB6-E0B9AD4FA25F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Hilfe (HKLM-x32\...\{FDE820DD-CC88-4395-AD5C-801365B8F316}) (Version: 28.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Kane & Lynch 2: Dog Days (HKLM-x32\...\Steam App 28000) (Version:  - IO Interactive)
Kane & Lynch: Dead Men (HKLM-x32\...\Steam App 8080) (Version:  - IO Interactive)
Lara Croft and the Guardian of Light (HKLM-x32\...\Steam App 35130) (Version:  - Crystal Dynamics)
League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 13.6.1529 - McAfee, Inc.)
Medal of Honor™ Warfighter (HKLM-x32\...\{48379835-BF2E-4487-9CB1-D5E654502B53}) (Version: 1.0.0.0 - Electronic Arts)
Mendeley Desktop 1.10.1 (HKLM-x32\...\Mendeley Desktop) (Version: 1.10.1 - Mendeley Ltd.)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - THQ)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4693.1002 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-421047855-1012536844-3739120656-1000\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mozilla Firefox 36.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla)
MURDERED: SOUL SUSPECT™ (HKLM-x32\...\Steam App 233290) (Version:  - Airtight Games)
Mystery Murders - Jack the Ripper 2 (HKLM-x32\...\Mystery Murders - Jack the Ripper 2) (Version: 1.0.0.221.de - Rondomedia)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.6.0 - Nikon)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4693.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4693.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4693.1002 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.7 - Nikon)
PokerStars.net (HKLM-x32\...\PokerStars.net) (Version:  - PokerStars.net)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6458 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
Savu Mouse (HKLM-x32\...\{6F4B8EA6-4546-4160-A05F-0706F7DC1EFF}) (Version: 1.1.9 - ROCCAT GmbH)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.199 - McAfee, Inc.)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version:  - United Front Games)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - )
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Spotify (HKU\S-1-5-21-421047855-1012536844-3739120656-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Startopia (HKLM-x32\...\Steam App 243040) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - Team Meat)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.0.111 - MSI)
Supreme Commander 2 (HKLM-x32\...\Steam App 40100) (Version:  - Gas Powered Games)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Test Drive Unlimited 2 (HKLM-x32\...\Test Drive Unlimited 2_is1) (Version:  - Atari)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Tiny Bang Story (HKLM-x32\...\Steam App 96000) (Version:  - Colibri Games)
Thief (HKLM-x32\...\Steam App 239160) (Version:  - Eidos-Montréal)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
Trojan Remover 6.9.1 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.1 - Simply Super Software)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Tyre (HKLM-x32\...\Tyre_is1) (Version: 6.1.3.5 - 't Schrijverke)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.6.0 - Nikon)
Winki (HKLM-x32\...\{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1) (Version: 3.2.115 - MSI)
ZipGenius 6 (HKLM-x32\...\{EC3B598C-1151-4191-B5B4-A9072ADE6259}_is1) (Version: 6.3 - The ZipGenius Team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Nutzer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Nutzer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Nutzer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Nutzer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Nutzer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points  =========================

27-02-2015 02:37:05 Windows Update
28-02-2015 11:46:30 Windows Defender Checkpoint
03-03-2015 11:36:53 Windows Update
05-03-2015 21:00:20 Malwarebytes Anti-Rootkit Restore Point
06-03-2015 09:57:49 McAfee  Vulnerability Scanner
13-03-2015 17:27:32 Revo Uninstaller's restore point - Interenet Optimizer
13-03-2015 17:30:39 Revo Uninstaller's restore point - NewTabs Uninstall
13-03-2015 17:34:25 Windows Update
13-03-2015 17:58:24 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-03-13 17:51 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {2EDE4FF2-B110-4373-B579-B52C268AD44C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {4D4FF097-AC9F-48F9-82EA-4A87F84F72BD} - System32\Tasks\{68C7D2E5-579C-4DF9-94D2-7E6DE749538F} => C:\Riot Games\League of Legends\lol.launcher.admin.exe [2012-04-24] ()
Task: {5AEFF91F-C7CF-4996-998C-C810BB8A8569} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {63365E94-AEB8-4D8A-9352-6350A0635E05} - System32\Tasks\{420748D8-23D1-4A48-967D-474785D464EA} => Firefox.exe hxxp://ui.skype.com/ui/0/6.0.60.120/de/abandoninstall?page=tsPlugin
Task: {6990127C-7F6D-4AEE-90E0-49F98DA926E1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-15] (Google Inc.)
Task: {B29D3B2A-3162-44AD-BECA-626BF77A4881} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-12-30] (Microsoft Corporation)
Task: {C0813119-6EA6-4C12-9DF7-CA17D135D8B9} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {D1C03B3D-D32F-4FAB-8A6F-69FFB25138FA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06] (Adobe Systems Incorporated)
Task: {E8DA67DB-28EF-44E4-9FFD-6F93FF9FED9C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-15] (Google Inc.)
Task: {F1FB7308-DA66-4D5D-A589-36B7FA6DC9CC} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-12-30] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2012-09-29 18:25 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-24 16:50 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-10-26 13:20 - 2012-12-12 18:39 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-11-18 10:03 - 2014-11-18 10:03 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\48622806.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\48622806.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-421047855-1012536844-3739120656-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Nutzer^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk => C:\Windows\pss\Curse.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Nikon Message Center 2 => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Nutzer\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Nutzer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: uTorrent => "C:\Users\Nutzer\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED

==================== Accounts: =============================

Administrator (S-1-5-21-421047855-1012536844-3739120656-500 - Administrator - Disabled)
Gast (S-1-5-21-421047855-1012536844-3739120656-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-421047855-1012536844-3739120656-1003 - Limited - Enabled)
Nutzer (S-1-5-21-421047855-1012536844-3739120656-1000 - Administrator - Enabled) => C:\Users\Nutzer

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/14/2015 11:06:56 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (03/14/2015 11:06:56 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Nutzer\Downloads\esetsmartinstaller_deu.exe


CodeIntegrity Errors:
===================================
  Date: 2015-03-13 17:51:33.910
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-13 17:51:33.832
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-05 17:52:59.682
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Nutzer\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-05 17:52:59.602
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Nutzer\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-05 17:52:59.523
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Nutzer\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-05 17:52:59.443
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Nutzer\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-05 17:52:56.759
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Nutzer\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-05 17:52:56.680
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Nutzer\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-05 17:52:56.601
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Nutzer\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-05 17:52:56.521
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Nutzer\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 26%
Total physical RAM: 8172.88 MB
Available physical RAM: 6001.35 MB
Total Pagefile: 16343.95 MB
Available Pagefile: 13914.26 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:465.66 GB) (Free:58.05 GB) NTFS
Drive e: (Externe) (Fixed) (Total:465.76 GB) (Free:201.43 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 7EB73B78)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 0004EE99)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 14.03.2015, 16:10   #14
schrauber
/// the machine
/// TB-Ausbilder
 

DHL-Fake-Email Link geöffnet - Standard

DHL-Fake-Email Link geöffnet




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 14.03.2015, 20:29   #15
G00gler
 
DHL-Fake-Email Link geöffnet - Standard

DHL-Fake-Email Link geöffnet



ESET Scan

Logfile:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=eb56d05058282144a938d560d63b8efe
# engine=22908
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-03-14 08:10:20
# local_time=2015-03-14 09:10:20 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='McAfee Anti-Virus and Anti-Spyware'
# compatibility_mode=5124 16777214 88 100 2203748 189173998 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 13585 177993670 0 0
# scanned=351836
# found=5
# cleaned=0
# scan_time=10936
sh=DF2720369B273CF7E6DBD927D7364B5E44AB0B88 ft=1 fh=3e4d7663164eba0c vn="Variante von Win32/InstallCore.UE evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nutzer\Downloads\jre-7u51-windows-x64_inst.exe"
sh=7DEC4E7BD680B4792698401A762510F8C9F9DF20 ft=1 fh=793a60329e6c7cae vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nutzer\Downloads\SpyBot Search Destroy - CHIP-Installer.exe"
sh=84D6AE92885860C1FE1EA8E4FC60020194D3E51F ft=1 fh=a5b9d1b05c3a4904 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nutzer\Downloads\Trojan Remover - CHIP-Installer.exe"
sh=6927BE519754DE5BA1DCA1264E87E3294326B5E2 ft=1 fh=bcdf837c711cd1a7 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nutzer\Downloads\ZipGenius Suite - CHIP-Installer.exe"
sh=388FE21FE83C5E8FD5F3258021C01E684FB978E6 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="E:\NUTZER-PC\Backup Set 2014-01-22 222225\Backup Files 2014-01-22 222225\Backup files 10.zip"
         
Security Check Logfile und frisches FRST log kommen gleich

Security Check Logfile:

Code:
ATTFilter
 Results of screen317's Security Check version 0.99.97  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
McAfee Anti-Virus und Anti-Spyware   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 AntiBrowserSpy     
 SiteAdvisor     
 Trojan Remover 6.9.1   
 Java 7 Update 71  
 Java 8 Update 40  
 Java version 32-bit out of Date! 
  Java 64-bit 8 Update 31  
 Adobe Flash Player 16.0.0.305  
 Adobe Reader XI  
 Mozilla Firefox (36.0.1) 
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
Frisches FRST Log:


FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Nutzer (administrator) on NUTZER-PC on 14-03-2015 21:26:37
Running from C:\Users\Nutzer\Desktop
Loaded Profiles: Nutzer (Available profiles: Nutzer & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(Spotify Ltd) C:\Users\Nutzer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7466600 2011-09-09] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [1904640 2009-03-20] (AVM Berlin)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [643064 2014-09-17] (McAfee, Inc.)
HKLM-x32\...\Run: [ROCCAT Savu Gaming Mouse] => C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe [872048 2012-09-10] (ROCCAT GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [TrojanScanner] => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1791856 2014-10-16] (Simply Super Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-421047855-1012536844-3739120656-1000\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-421047855-1012536844-3739120656-1000\...\Run: [Spotify Web Helper] => C:\Users\Nutzer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-11] (Spotify Ltd)
HKU\S-1-5-18\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoControlPanel] 0
Startup: C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-421047855-1012536844-3739120656-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-421047855-1012536844-3739120656-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-421047855-1012536844-3739120656-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-12-02] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-12-03] (Oracle Corporation)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-01-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-12-03] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-06] (Oracle Corporation)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-01-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-06] (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-08-26] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-03-11] (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-01-13] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-01-13] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\dbvvazox.default
FF NewTab: about:blank
FF SearchEngineOrder.1: Sichere Suche
FF SelectedSearchEngine: Sichere Suche
FF Homepage: about:home
FF Keyword.URL: https://de.search.yahoo.com/search?fr=mcafee&type=B111DE0D20130825&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-06] ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-12-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-12-03] (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-01-13] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-06] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll [2012-09-07] (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-06] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-01-13] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-11-07] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-421047855-1012536844-3739120656-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-12-18] ()
FF SearchPlugin: C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\dbvvazox.default\searchplugins\google-images.xml [2014-11-26]
FF SearchPlugin: C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\dbvvazox.default\searchplugins\google-maps.xml [2014-11-26]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-03-06]
FF Extension: Cliqz Beta - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\dbvvazox.default\Extensions\cliqz@cliqz.com.xpi [2014-11-26]
FF Extension: Video DownloadHelper - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\dbvvazox.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-14]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-06-21]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-06-21]
FF HKU\S-1-5-21-421047855-1012536844-3739120656-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\dbvvazox.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-03-13]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-03-13]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [368640 2009-03-20] (AVM Berlin) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2711736 2015-01-13] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McAfee SiteAdvisor Service; c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [154856 2015-03-11] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2015-01-13] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe [422632 2014-11-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [601864 2015-01-07] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1050952 2014-11-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-12-12] ()
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [745368 2012-11-26] (Tunngle.net GmbH) [File not signed]
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 0007051426264173mcinstcleanup; C:\Windows\TEMP\000705~1.EXE -cleanup -nolog [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [36448 2011-03-02] (Asmedia Technology)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2009-03-20] (AVM Berlin)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2009-03-20] (AVM GmbH)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-14] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-14 21:17 - 2015-03-14 21:17 - 00852604 _____ () C:\Users\Nutzer\Desktop\SecurityCheck.exe
2015-03-14 18:03 - 2015-03-14 18:03 - 02347384 _____ (ESET) C:\Users\Nutzer\Desktop\esetsmartinstaller_deu(1).exe
2015-03-14 11:10 - 2015-03-14 11:11 - 00033635 _____ () C:\Users\Nutzer\Desktop\Addition.txt
2015-03-14 11:09 - 2015-03-14 21:27 - 00024278 _____ () C:\Users\Nutzer\Desktop\FRST.txt
2015-03-14 11:09 - 2015-03-14 11:09 - 00000000 ____D () C:\Users\Nutzer\Desktop\FRST-OlderVersion
2015-03-14 11:03 - 2015-03-14 11:03 - 00000830 _____ () C:\Users\Nutzer\Desktop\JRT.txt
2015-03-14 10:59 - 2015-03-14 10:59 - 01388333 _____ (Thisisu) C:\Users\Nutzer\Desktop\JRT(1).exe
2015-03-14 10:50 - 2015-03-14 10:50 - 02171392 _____ () C:\Users\Nutzer\Desktop\AdwCleaner_4.112.exe
2015-03-14 10:49 - 2015-03-14 10:49 - 00001315 _____ () C:\Users\Nutzer\Desktop\mbam2.txt
2015-03-13 17:55 - 2015-03-13 17:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-13 17:53 - 2015-03-13 17:53 - 00031848 _____ () C:\ComboFix.txt
2015-03-13 17:45 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-03-13 17:45 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-03-13 17:45 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-03-13 17:45 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-03-13 17:45 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-03-13 17:45 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-03-13 17:45 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-03-13 17:45 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-03-13 17:42 - 2015-03-13 17:53 - 00000000 ____D () C:\Qoobox
2015-03-13 17:42 - 2015-03-13 17:52 - 00000000 ____D () C:\Windows\erdnt
2015-03-13 17:38 - 2015-02-20 05:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-13 17:38 - 2015-02-20 05:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-13 17:38 - 2015-02-20 05:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-13 17:38 - 2015-02-20 05:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-13 17:38 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-13 17:38 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-13 17:38 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-13 17:38 - 2015-02-20 05:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-13 17:38 - 2015-02-20 04:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-13 17:38 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-13 17:38 - 2015-02-03 04:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-13 17:38 - 2015-02-03 04:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-13 17:38 - 2015-02-03 04:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-13 17:38 - 2015-02-03 04:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-13 17:38 - 2015-02-03 04:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-13 17:38 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-13 17:38 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-13 17:38 - 2015-02-03 04:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-13 17:38 - 2015-02-03 04:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-13 17:38 - 2015-02-03 04:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-13 17:38 - 2015-02-03 04:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-13 17:38 - 2015-02-03 04:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-13 17:38 - 2015-02-03 04:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-13 17:38 - 2015-02-03 04:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-13 17:38 - 2015-02-03 04:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-13 17:38 - 2015-02-03 04:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-13 17:38 - 2015-02-03 04:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-13 17:38 - 2015-02-03 04:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-13 17:38 - 2015-02-03 04:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-13 17:38 - 2015-02-03 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-13 17:38 - 2015-02-03 04:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-13 17:38 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-13 17:38 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-13 17:38 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-13 17:38 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-13 17:38 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-13 17:38 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-13 17:38 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-13 17:38 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-13 17:38 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-13 17:38 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-13 17:38 - 2015-02-03 03:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-13 17:38 - 2014-10-31 23:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-13 17:38 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-13 17:38 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-13 17:37 - 2015-03-06 06:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-13 17:37 - 2015-03-06 06:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-13 17:37 - 2015-03-06 06:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-13 17:37 - 2015-03-06 06:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-13 17:37 - 2015-03-06 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-13 17:37 - 2015-03-06 06:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-13 17:37 - 2015-03-06 06:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-13 17:37 - 2015-03-06 06:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-13 17:37 - 2015-03-06 06:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-13 17:37 - 2015-03-06 06:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-13 17:37 - 2015-03-06 06:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-13 17:37 - 2015-03-06 06:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-13 17:37 - 2015-03-06 06:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-13 17:37 - 2015-03-06 06:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-13 17:37 - 2015-03-06 06:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-13 17:37 - 2015-03-06 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-13 17:37 - 2015-03-06 06:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-13 17:37 - 2015-03-06 06:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-13 17:37 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-13 17:37 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-13 17:37 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-13 17:37 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-13 17:37 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-13 17:37 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-13 17:37 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-13 17:37 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-13 17:37 - 2015-03-06 06:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-13 17:37 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-13 17:37 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-13 17:37 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-13 17:37 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-13 17:37 - 2015-02-26 04:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-13 17:37 - 2015-02-24 04:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-13 17:37 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-13 17:37 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-13 17:37 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-13 17:37 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-13 17:37 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-13 17:37 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-13 17:37 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-13 17:37 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-13 17:37 - 2015-02-20 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-13 17:37 - 2015-02-20 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-13 17:37 - 2015-02-20 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-13 17:37 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-13 17:37 - 2015-02-20 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-13 17:37 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-13 17:37 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-13 17:37 - 2015-02-20 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-13 17:37 - 2015-02-20 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-13 17:37 - 2015-02-20 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-13 17:37 - 2015-02-20 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-13 17:37 - 2015-02-20 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-13 17:37 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-13 17:37 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-13 17:37 - 2015-02-20 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-13 17:37 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-13 17:37 - 2015-02-20 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-13 17:37 - 2015-02-20 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-13 17:37 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-13 17:37 - 2015-02-20 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-13 17:37 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-13 17:37 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-13 17:37 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-13 17:37 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-13 17:37 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-13 17:37 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-13 17:37 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-13 17:37 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-13 17:37 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-13 17:37 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-13 17:37 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-13 17:37 - 2015-02-20 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-13 17:37 - 2015-02-20 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-13 17:37 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-13 17:37 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-13 17:37 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-13 17:37 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-13 17:37 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-13 17:37 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-13 17:37 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-13 17:37 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-13 17:37 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-13 17:37 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-13 17:37 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-13 17:37 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-13 17:37 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-13 17:37 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-13 17:37 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-13 17:37 - 2015-02-13 06:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-13 17:37 - 2015-02-03 04:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-13 17:37 - 2015-02-03 04:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-13 17:37 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-13 17:37 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-13 17:37 - 2015-01-31 00:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-13 17:37 - 2015-01-17 03:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-13 17:37 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-13 17:34 - 2015-02-04 04:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-13 17:34 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-13 17:24 - 2015-03-13 17:24 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Nutzer\Downloads\revosetup95.exe
2015-03-13 17:24 - 2015-03-13 17:24 - 00001270 _____ () C:\Users\Nutzer\Desktop\Revo Uninstaller.lnk
2015-03-13 17:24 - 2015-03-13 17:24 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-03-06 12:35 - 2015-03-06 12:39 - 00000000 ____D () C:\TDSSKiller_Quarantine
2015-03-05 23:36 - 2015-03-05 23:36 - 01388333 _____ (Thisisu) C:\Users\Nutzer\Downloads\JRT.exe
2015-03-05 23:34 - 2015-03-14 10:52 - 00000000 ____D () C:\AdwCleaner
2015-03-05 23:34 - 2015-03-05 23:34 - 02126848 _____ () C:\Users\Nutzer\Downloads\AdwCleaner_4.111.exe
2015-03-05 20:40 - 2015-03-05 23:48 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-05 20:29 - 2015-03-05 21:27 - 00000000 ____D () C:\Users\Nutzer\Desktop\mbar
2015-03-05 19:54 - 2015-03-13 18:15 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-03-05 19:52 - 2015-03-05 19:53 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Nutzer\Desktop\mbar-1.09.1.1004.exe
2015-03-05 19:51 - 2015-03-14 10:33 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-05 19:51 - 2015-03-05 19:51 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-05 19:51 - 2015-03-05 19:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-03-05 19:50 - 2015-03-05 21:05 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-05 19:50 - 2015-03-05 19:51 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-03-05 19:50 - 2015-03-05 19:50 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-05 19:50 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-05 19:50 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-05 19:47 - 2015-03-05 19:47 - 01203488 _____ () C:\Users\Nutzer\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2015-03-05 19:39 - 2015-03-05 19:39 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Nutzer\Desktop\tdsskiller.exe
2015-03-05 19:35 - 2015-03-05 23:55 - 00000000 ____D () C:\Users\Nutzer\Desktop\Möglicher Trojanerbefall
2015-03-05 19:11 - 2015-03-05 19:11 - 02347384 _____ (ESET) C:\Users\Nutzer\Downloads\esetsmartinstaller_deu.exe
2015-03-05 18:58 - 2015-03-05 18:59 - 00041286 _____ () C:\Users\Nutzer\Downloads\Addition.txt
2015-03-05 18:56 - 2015-03-14 21:26 - 00000000 ____D () C:\FRST
2015-03-05 18:56 - 2015-03-05 18:59 - 00049770 _____ () C:\Users\Nutzer\Downloads\FRST.txt
2015-03-05 18:55 - 2015-03-14 11:09 - 02095616 _____ (Farbar) C:\Users\Nutzer\Desktop\FRST64.exe
2015-03-05 18:41 - 2015-03-05 18:42 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Nutzer\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-05 18:03 - 2015-03-05 20:39 - 00000890 _____ () C:\Users\Nutzer\Downloads\Stinger_05032015_180338.html
2015-03-05 17:56 - 2015-03-13 23:51 - 00016974 _____ () C:\Windows\PFRO.log
2015-03-05 17:52 - 2015-03-05 17:52 - 00148472 _____ () C:\Users\Nutzer\Documents\cc_20150305_175230.reg
2015-03-05 17:48 - 2015-03-05 17:48 - 00000000 ____D () C:\ProgramData\Licenses
2015-03-05 17:40 - 2015-03-05 17:40 - 00000000 _____ () C:\Users\Nutzer\Downloads\Stinger_05032015_174047.html
2015-03-05 17:38 - 2015-03-05 17:38 - 00000000 ____D () C:\Users\Nutzer\Documents\Simply Super Software
2015-03-05 17:38 - 2015-03-05 17:38 - 00000000 ____D () C:\Users\Nutzer\AppData\Roaming\Simply Super Software
2015-03-05 17:38 - 2015-03-05 17:38 - 00000000 ____D () C:\ProgramData\Simply Super Software
2015-03-05 17:38 - 2015-03-05 17:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
2015-03-05 17:38 - 2015-03-05 17:38 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2015-03-05 17:37 - 2015-03-05 17:39 - 00000858 _____ () C:\Users\Nutzer\Downloads\Stinger_05032015_173706.html
2015-03-05 17:36 - 2015-03-05 17:36 - 00000000 ____D () C:\Quarantine
2015-03-05 17:34 - 2015-03-05 20:40 - 00000116 ___RH () C:\Users\Nutzer\Downloads\Stinger.opt
2015-03-05 17:34 - 2015-03-05 20:40 - 00000000 ____D () C:\Program Files (x86)\stinger
2015-03-05 17:34 - 2015-03-05 17:36 - 11582832 _____ (McAfee Inc) C:\Users\Nutzer\Downloads\stinger32(1).exe
2015-03-05 17:34 - 2015-03-05 17:34 - 00001472 _____ () C:\Users\Nutzer\Desktop\amazon.de.lnk
2015-03-05 17:34 - 2015-03-05 17:34 - 00000000 ____D () C:\Users\Nutzer\AppData\Roaming\DesktopIconAmazon
2015-03-05 17:33 - 2015-03-05 17:33 - 01203488 _____ () C:\Users\Nutzer\Downloads\Trojan Remover - CHIP-Installer.exe
2015-03-05 17:31 - 2015-03-05 17:33 - 14459760 _____ (McAfee Inc) C:\Users\Nutzer\Downloads\stinger32.exe
2015-03-05 17:30 - 2015-03-14 13:05 - 00002016 _____ () C:\Windows\setupact.log
2015-03-05 17:30 - 2015-03-05 17:30 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-03 11:49 - 2015-03-03 11:49 - 00000000 ____D () C:\Users\Nutzer\dwhelper
2015-03-02 16:34 - 2015-03-02 16:34 - 00000000 ____D () C:\Users\Nutzer\AppData\Local\Steam
2015-03-01 14:15 - 2015-03-01 14:15 - 00000000 ____D () C:\Windows\pss
2015-03-01 14:14 - 2015-03-14 20:46 - 01560082 _____ () C:\Windows\WindowsUpdate.log
2015-02-26 18:11 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-26 18:11 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-26 18:11 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-26 18:11 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-25 15:12 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 15:12 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-17 09:30 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-17 09:30 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-17 09:30 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-17 09:30 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-17 09:30 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-17 09:30 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-17 09:30 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-17 09:30 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-17 09:26 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-17 09:26 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-17 09:26 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-17 09:26 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-17 09:26 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-17 09:26 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-17 09:26 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-14 21:10 - 2013-06-13 20:57 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-14 20:50 - 2013-12-15 18:02 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-14 18:50 - 2013-12-15 18:02 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-14 13:13 - 2009-07-14 05:45 - 00028912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-14 13:13 - 2009-07-14 05:45 - 00028912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-14 13:08 - 2013-02-02 15:52 - 00000000 ___RD () C:\Users\Nutzer\Dropbox
2015-03-14 13:07 - 2013-02-02 15:50 - 00000000 ____D () C:\Users\Nutzer\AppData\Roaming\Dropbox
2015-03-14 13:05 - 2012-09-28 10:33 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-14 13:05 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-13 23:57 - 2013-02-02 15:52 - 00001029 _____ () C:\Users\Nutzer\Desktop\Dropbox.lnk
2015-03-13 23:57 - 2013-02-02 15:50 - 00000000 ____D () C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-03-13 23:51 - 2012-09-29 16:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-13 20:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-03-13 18:19 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-13 18:19 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-13 18:18 - 2009-07-14 05:45 - 00328216 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-13 18:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-13 18:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-13 18:06 - 2013-07-22 09:43 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-13 18:04 - 2014-03-15 13:40 - 00000000 ____D () C:\Users\DefaultAppPool
2015-03-13 17:59 - 2012-09-28 10:47 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-13 17:53 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-03-13 17:52 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-03-13 17:49 - 2013-02-27 16:16 - 00000000 ____D () C:\ProgramData\Temp
2015-03-13 17:44 - 2013-06-24 12:37 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-03-13 17:29 - 2013-06-21 18:30 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-03-06 10:28 - 2012-11-16 20:13 - 00000000 ____D () C:\Users\Nutzer\AppData\Roaming\Skype
2015-03-06 10:08 - 2014-09-05 16:16 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-06 10:08 - 2012-11-16 20:13 - 00000000 ____D () C:\ProgramData\Skype
2015-03-06 10:02 - 2014-10-19 19:54 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-03-06 10:02 - 2014-10-19 19:54 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-06 10:00 - 2012-09-29 16:57 - 00001165 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-06 10:00 - 2012-09-29 16:57 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-05 23:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Registration
2015-03-05 22:47 - 2014-12-18 14:03 - 00000000 ____D () C:\Users\Nutzer\AppData\Roaming\uTorrent
2015-03-05 17:13 - 2012-11-09 22:31 - 00000000 ____D () C:\Users\Nutzer\AppData\Roaming\TS3Client
2015-03-05 17:13 - 2012-10-01 16:48 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-04 00:09 - 2012-12-27 16:39 - 00000000 ____D () C:\Users\Nutzer\AppData\Roaming\.minecraft
2015-03-03 19:51 - 2012-11-05 20:23 - 00000000 ____D () C:\Users\Nutzer\AppData\Roaming\Spotify
2015-03-03 11:49 - 2012-09-28 10:20 - 00000000 ____D () C:\Users\Nutzer
2015-03-02 11:29 - 2012-11-05 20:25 - 00000000 ____D () C:\Users\Nutzer\AppData\Local\Spotify
2015-03-01 15:03 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-01 14:13 - 2014-06-03 09:07 - 00000000 ____D () C:\Users\Nutzer\AppData\Roaming\Curse Client
2015-03-01 14:09 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-27 11:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-24 03:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-22 08:43 - 2013-11-07 13:26 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-02-17 09:54 - 2014-12-11 14:40 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-17 09:54 - 2014-05-06 09:08 - 00000000 ___SD () C:\Windows\system32\CompatTel

==================== Files in the root of some directories =======

2014-04-03 15:51 - 2014-04-03 15:51 - 0000268 ___RH () C:\Users\Nutzer\AppData\Roaming\External Build System
2014-04-03 15:52 - 2014-04-03 15:52 - 0000268 ___RH () C:\Users\Nutzer\AppData\Roaming\File Templates
2014-04-03 15:51 - 2014-04-03 15:51 - 0000268 ___RH () C:\Users\Nutzer\AppData\Roaming\Filesystems
2014-04-03 15:51 - 2014-04-03 15:51 - 0000268 ___RH () C:\Users\Nutzer\AppData\Roaming\Framework
2014-11-25 22:01 - 2014-12-18 15:17 - 0000254 _____ () C:\Users\Nutzer\AppData\Roaming\mainhst.zgh
2013-09-04 12:21 - 2013-09-04 12:21 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-04-03 15:51 - 2014-04-03 15:51 - 0000268 ___RH () C:\ProgramData\Filters
2014-04-03 15:52 - 2014-04-03 15:52 - 0000268 ___RH () C:\ProgramData\Flags
2014-04-03 15:51 - 2014-04-03 15:51 - 0000268 ___RH () C:\ProgramData\Flange Saw
2012-10-28 22:01 - 2013-05-22 10:41 - 0006614 _____ () C:\ProgramData\flcd_proxy.log
2014-04-03 15:51 - 2014-04-03 15:51 - 0000268 ___RH () C:\ProgramData\Galactic Static
2014-04-03 15:51 - 2014-04-03 15:51 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2014-04-03 15:52 - 2014-04-03 15:52 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2014-04-03 15:51 - 2014-05-04 17:53 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2014-04-03 15:51 - 2014-05-04 17:52 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT

Some content of TEMP:
====================
C:\Users\Nutzer\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpaofy7y.dll
C:\Users\Nutzer\AppData\Local\Temp\Quarantine.exe
C:\Users\Nutzer\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-05 16:02

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---




Addition Log:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Nutzer at 2015-03-14 21:27:40
Running from C:\Users\Nutzer\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1030 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AntiBrowserSpy (HKLM-x32\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 4.0.110 - Abelssoft)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.1.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.2.1.000 - Asmedia Technology)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 1.138.0 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty 4: Modern Warfare (HKLM-x32\...\Steam App 7940) (Version:  - Infinity Ward)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - )
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 4.04 - Piriform)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.31 - Cliqz.com)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3618 - CyberLink Corp.)
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
Dead Island Riptide (HKLM-x32\...\Steam App 216250) (Version:  - Techland)
Defy Gravity (HKLM-x32\...\Steam App 96100) (Version:  - Fish Factory Games)
Deus Ex: Human Revolution - Director's Cut (HKLM-x32\...\Steam App 238010) (Version:  - Eidos Montreal)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
Dropbox (HKU\S-1-5-21-421047855-1012536844-3739120656-1000\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
Far Cry 3 Blood Dragon (HKLM-x32\...\{A071F478-73E0-4143-AE55-4DD6BABD74F5}) (Version: 1.00 - Ubisoft)
Fragen-Lern-CD 4.0 (HKLM-x32\...\de.3m5.wendel.flcd.FLCDB.4E7DF207D694E815646D9C9DD7DC91A41EB7FD23.1) (Version: 4.0.1 - Wendel-Verlag GmbH)
Fragen-Lern-CD 4.0 (x32 Version: 4.0.1 - Wendel-Verlag GmbH) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{D2D05FDB-4EDA-462D-8DB6-E0B9AD4FA25F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Hilfe (HKLM-x32\...\{FDE820DD-CC88-4395-AD5C-801365B8F316}) (Version: 28.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Kane & Lynch 2: Dog Days (HKLM-x32\...\Steam App 28000) (Version:  - IO Interactive)
Kane & Lynch: Dead Men (HKLM-x32\...\Steam App 8080) (Version:  - IO Interactive)
Lara Croft and the Guardian of Light (HKLM-x32\...\Steam App 35130) (Version:  - Crystal Dynamics)
League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 13.6.1529 - McAfee, Inc.)
Medal of Honor™ Warfighter (HKLM-x32\...\{48379835-BF2E-4487-9CB1-D5E654502B53}) (Version: 1.0.0.0 - Electronic Arts)
Mendeley Desktop 1.10.1 (HKLM-x32\...\Mendeley Desktop) (Version: 1.10.1 - Mendeley Ltd.)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - THQ)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4693.1002 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-421047855-1012536844-3739120656-1000\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mozilla Firefox 36.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla)
MURDERED: SOUL SUSPECT™ (HKLM-x32\...\Steam App 233290) (Version:  - Airtight Games)
Mystery Murders - Jack the Ripper 2 (HKLM-x32\...\Mystery Murders - Jack the Ripper 2) (Version: 1.0.0.221.de - Rondomedia)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.6.0 - Nikon)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4693.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4693.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4693.1002 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.7 - Nikon)
PokerStars.net (HKLM-x32\...\PokerStars.net) (Version:  - PokerStars.net)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6458 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
Savu Mouse (HKLM-x32\...\{6F4B8EA6-4546-4160-A05F-0706F7DC1EFF}) (Version: 1.1.9 - ROCCAT GmbH)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.199 - McAfee, Inc.)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version:  - United Front Games)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - )
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Spotify (HKU\S-1-5-21-421047855-1012536844-3739120656-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Startopia (HKLM-x32\...\Steam App 243040) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - Team Meat)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.0.111 - MSI)
Supreme Commander 2 (HKLM-x32\...\Steam App 40100) (Version:  - Gas Powered Games)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Test Drive Unlimited 2 (HKLM-x32\...\Test Drive Unlimited 2_is1) (Version:  - Atari)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Tiny Bang Story (HKLM-x32\...\Steam App 96000) (Version:  - Colibri Games)
Thief (HKLM-x32\...\Steam App 239160) (Version:  - Eidos-Montréal)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
Trojan Remover 6.9.1 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.1 - Simply Super Software)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Tyre (HKLM-x32\...\Tyre_is1) (Version: 6.1.3.5 - 't Schrijverke)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.6.0 - Nikon)
Winki (HKLM-x32\...\{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1) (Version: 3.2.115 - MSI)
ZipGenius 6 (HKLM-x32\...\{EC3B598C-1151-4191-B5B4-A9072ADE6259}_is1) (Version: 6.3 - The ZipGenius Team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Nutzer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Nutzer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Nutzer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Nutzer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Nutzer\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-421047855-1012536844-3739120656-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points  =========================

27-02-2015 02:37:05 Windows Update
28-02-2015 11:46:30 Windows Defender Checkpoint
03-03-2015 11:36:53 Windows Update
05-03-2015 21:00:20 Malwarebytes Anti-Rootkit Restore Point
06-03-2015 09:57:49 McAfee  Vulnerability Scanner
13-03-2015 17:27:32 Revo Uninstaller's restore point - Interenet Optimizer
13-03-2015 17:30:39 Revo Uninstaller's restore point - NewTabs Uninstall
13-03-2015 17:34:25 Windows Update
13-03-2015 17:58:24 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-03-13 17:51 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {2EDE4FF2-B110-4373-B579-B52C268AD44C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {4D4FF097-AC9F-48F9-82EA-4A87F84F72BD} - System32\Tasks\{68C7D2E5-579C-4DF9-94D2-7E6DE749538F} => C:\Riot Games\League of Legends\lol.launcher.admin.exe [2012-04-24] ()
Task: {5AEFF91F-C7CF-4996-998C-C810BB8A8569} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {63365E94-AEB8-4D8A-9352-6350A0635E05} - System32\Tasks\{420748D8-23D1-4A48-967D-474785D464EA} => Firefox.exe hxxp://ui.skype.com/ui/0/6.0.60.120/de/abandoninstall?page=tsPlugin
Task: {6990127C-7F6D-4AEE-90E0-49F98DA926E1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-15] (Google Inc.)
Task: {B29D3B2A-3162-44AD-BECA-626BF77A4881} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-12-30] (Microsoft Corporation)
Task: {C0813119-6EA6-4C12-9DF7-CA17D135D8B9} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {D1C03B3D-D32F-4FAB-8A6F-69FFB25138FA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06] (Adobe Systems Incorporated)
Task: {E8DA67DB-28EF-44E4-9FFD-6F93FF9FED9C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-15] (Google Inc.)
Task: {F1FB7308-DA66-4D5D-A589-36B7FA6DC9CC} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-12-30] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2012-09-29 18:25 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-24 16:50 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-10-26 13:20 - 2012-12-12 18:39 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-11-18 10:03 - 2014-11-18 10:03 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2015-02-06 10:29 - 2015-02-06 10:29 - 16852144 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\48622806.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\48622806.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-421047855-1012536844-3739120656-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Nutzer^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk => C:\Windows\pss\Curse.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Nikon Message Center 2 => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Nutzer\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Nutzer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: uTorrent => "C:\Users\Nutzer\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED

==================== Accounts: =============================

Administrator (S-1-5-21-421047855-1012536844-3739120656-500 - Administrator - Disabled)
Gast (S-1-5-21-421047855-1012536844-3739120656-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-421047855-1012536844-3739120656-1003 - Limited - Enabled)
Nutzer (S-1-5-21-421047855-1012536844-3739120656-1000 - Administrator - Enabled) => C:\Users\Nutzer

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/14/2015 09:16:00 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/14/2015 06:57:32 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (03/14/2015 06:03:34 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/14/2015 06:03:34 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/14/2015 06:03:32 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/14/2015 06:03:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/14/2015 06:03:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/14/2015 01:06:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/14/2015 11:06:56 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (03/14/2015 01:06:25 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (03/14/2015 01:06:23 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.


Microsoft Office Sessions:
=========================
Error: (03/14/2015 09:16:00 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (03/14/2015 06:57:32 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (03/14/2015 06:03:34 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Nutzer\Desktop\esetsmartinstaller_deu(1).exe

Error: (03/14/2015 06:03:34 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Nutzer\Desktop\esetsmartinstaller_deu(1).exe

Error: (03/14/2015 06:03:32 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Nutzer\Desktop\esetsmartinstaller_deu(1).exe

Error: (03/14/2015 06:03:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Nutzer\Desktop\esetsmartinstaller_deu(1).exe

Error: (03/14/2015 06:03:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Nutzer\Downloads\esetsmartinstaller_deu(1).exe

Error: (03/14/2015 01:06:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/14/2015 11:06:56 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Nutzer\Downloads\esetsmartinstaller_deu.exe


CodeIntegrity Errors:
===================================
  Date: 2015-03-13 17:51:33.910
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-13 17:51:33.832
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-05 17:52:59.682
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Nutzer\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-05 17:52:59.602
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Nutzer\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-05 17:52:59.523
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Nutzer\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-05 17:52:59.443
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Nutzer\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-05 17:52:56.759
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Nutzer\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-05 17:52:56.680
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Nutzer\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-05 17:52:56.601
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Nutzer\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-03-05 17:52:56.521
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Nutzer\AppData\Local\Temp\trutil.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 30%
Total physical RAM: 8172.88 MB
Available physical RAM: 5650.53 MB
Total Pagefile: 16343.95 MB
Available Pagefile: 13583.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:465.66 GB) (Free:57.3 GB) NTFS
Drive e: (Externe) (Fixed) (Total:465.76 GB) (Free:201.43 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 7EB73B78)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 0004EE99)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Antwort

Themen zu DHL-Fake-Email Link geöffnet
adware, bonjour, browser, desktop, dhl-mail, e-mail, firefox, flash player, google, homepage, launch, link geöffnet, mozilla, officejet, realtek, registry, rundll, security, siteadvisor, software, system, uds:dangerousobject.multi.generic, windows, windows xp



Ähnliche Themen: DHL-Fake-Email Link geöffnet


  1. Fake Inkasso Email mit Anhang geöffnet
    Plagegeister aller Art und deren Bekämpfung - 29.09.2015 (16)
  2. Link in DHL EMail geöffnet
    Log-Analyse und Auswertung - 27.06.2015 (21)
  3. Fake-Email mit Zip Anhang geöffnet
    Plagegeister aller Art und deren Bekämpfung - 21.06.2015 (21)
  4. DHL Fake Link geöffnet, ZIP extrahiert und .exe Datei geöffnet
    Plagegeister aller Art und deren Bekämpfung - 02.06.2015 (10)
  5. Win 8.1 - DHL Email - link geöffnet
    Log-Analyse und Auswertung - 30.05.2015 (12)
  6. Auf den link einer fake amazon email geklickt
    Plagegeister aller Art und deren Bekämpfung - 20.05.2015 (19)
  7. DHL Paketankündigung fake email - leider versehentlich den Sendungsstatus link angeklickt - Infiziert?
    Plagegeister aller Art und deren Bekämpfung - 13.05.2015 (38)
  8. Macbook / OSX Yosemite 10.10.3: Fake-email link geöffnet, Weiterleitung unklar
    Alles rund um Mac OSX & Linux - 12.05.2015 (5)
  9. Link aus Fake-Email geöffnet - MBAM findet nichts
    Plagegeister aller Art und deren Bekämpfung - 11.05.2015 (11)
  10. DHL-Paketankündigung-Email Link geöffnet
    Log-Analyse und Auswertung - 11.03.2015 (13)
  11. DHL-Email-Link geöffnet
    Plagegeister aller Art und deren Bekämpfung - 10.03.2015 (23)
  12. DHL Fake Email - Phishing Link leider angeklickt
    Plagegeister aller Art und deren Bekämpfung - 08.03.2015 (5)
  13. DHL-Fake-Email Link geöffnet, wie kann ich die Malware entfernen?
    Plagegeister aller Art und deren Bekämpfung - 08.03.2015 (9)
  14. DHL Fake Email - Phishing Link leider angeklickt
    Plagegeister aller Art und deren Bekämpfung - 28.02.2015 (8)
  15. Telekom Fake Link geöffnet. Evtl. Trojaner installiert
    Plagegeister aller Art und deren Bekämpfung - 07.06.2014 (4)
  16. Fake Vodafone-Rechnung Link geöffnet
    Plagegeister aller Art und deren Bekämpfung - 21.01.2014 (3)
  17. Anhang von Fake-Groupon-Email geöffnet - Trojaner
    Log-Analyse und Auswertung - 11.03.2013 (11)

Zum Thema DHL-Fake-Email Link geöffnet - Hallo, habe heute eine falsche DHL-Mail, und deren Anhang geöffnet, weil ich auf ein Paket gewartet habe. Die E-Mail sah in etwas so aus: Liebe(-r) Kundin/Kunde, die Sendung zur Bestellung - DHL-Fake-Email Link geöffnet...
Archiv
Du betrachtest: DHL-Fake-Email Link geöffnet auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.