Zeus Trojaner eingefangen lt. email vom Abuse-Team der Telekom!

tinetine · 07.05.2015, 08:13

Hallo Experten, ich hoffe ich bin hier richtig mit meinem Problem....

Auch ich habe gestern per Mail eine Benachrichtigung von der Telekom bekommen , dass auf einem Rechner der an meinem Internetzugang angeschlossen ist der Zeus-Trojaner sein Unwesen treib.

Ich hatte zu dem angegebenen Zeitpunkt einen Laptop, ein Tablet und ein Smartphone im WLAN.

Jetzt habe ich auf allen Geräten bereits mehrere Virenscanner laufen lassen wobei nirgends etwas gefunden wurde. Smartphone hab ich gestern schon auf Werkseinstellungen zurückgesetzt.

Kann mir jemand helfen? Mein Tablet möchte ich ungern zurücksetzen, da sind soviele Daten drauf

Und Laptop (Vista) weiß ich auch nicht Ob der infiziert ist.

viele grüße
Tanja

schrauber · 07.05.2015, 08:18

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

tinetine · 07.05.2015, 10:54

Hallo, danke für die schnelle Antwort, ich hoffe das sind die entsprechende dateien

tinetine · 07.05.2015, 11:15

FRST

[CODE][
FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-05-2015 01
Ran by Tanja (administrator) on TANJA-PC on 07-05-2015 10:10:01
Running from C:\Users\Tanja\Desktop
Loaded Profiles: Tanja (Available profiles: Tanja)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 7 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
() C:\WINDOWS\System32\WLTRYSVC.EXE
(Dell Inc.) C:\WINDOWS\System32\BCMWLTRY.EXE
(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(UPEK Inc.) C:\Program Files\Protector Suite QL\upeksvr.exe
(Andrea Electronics Corporation) C:\WINDOWS\System32\AEstSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtsvc.exe
(IDT, Inc.) C:\WINDOWS\System32\stacsv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Creative Technology Ltd.) C:\WINDOWS\OEM02Mon.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Dell Inc.) C:\WINDOWS\System32\WLTRAY.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(CyberLink Corp.) C:\Program Files\Dell\MediaDirect\PCMService.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtcmd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Sony Corporation) C:\Program Files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe
(Eastman Kodak Company) C:\WINDOWS\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files\MP4 Player\Mp4Player.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehmsas.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(UPEK Inc.) C:\Program Files\Protector Suite QL\psqltray.exe
(Microsoft Corporation) C:\WINDOWS\System32\conime.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Microsoft Corporation) C:\WINDOWS\System32\wuauclt.exe
(Google Inc.) C:\Users\Tanja\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tanja\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tanja\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [167936 2008-01-25] (Alps Electric Co., Ltd.)
HKLM\...\Run: [OEM02Mon.exe] => C:\Windows\OEM02Mon.exe [36864 2008-03-04] (Creative Technology Ltd.)
HKLM\...\Run: [NvSvc] => RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [NVHotkey] => rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [3563520 2008-07-03] (Dell Inc.)
HKLM\...\Run: [PSQLLauncher] => C:\Program Files\Protector Suite QL\launcher.exe [49168 2007-03-28] (UPEK Inc.)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [174872 2007-03-21] (Intel Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] => c:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [PCMService] => C:\Program Files\Dell\MediaDirect\PCMService.exe [184320 2007-12-21] (CyberLink Corp.)
HKLM\...\Run: [dellsupportcenter] => C:\Program Files\Dell Support Center\bin\sprtcmd.exe [206064 2008-08-26] (SupportSoft, Inc.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [726320 2015-05-06] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM\...\Run: [Reader Library Launcher] => C:\Program Files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe [906648 2010-07-13] (Sony Corporation)
HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe [1638400 2010-09-02] (Eastman Kodak Company)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AgentMonitor] => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe [401280 2014-06-20] ()
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll [2008-11-17] (Citrix Online, a division of Citrix Systems, Inc.)
Winlogon\Notify\psfus: C:\Windows\system32\psqlpwd.dll [2007-03-28] (UPEK Inc.)
HKU\S-1-5-21-2384940018-3218363825-3958638645-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2008-11-17] (Google Inc.)
HKU\S-1-5-21-2384940018-3218363825-3958638645-1000\...\Run: [Google Update] => C:\Users\Tanja\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-07-26] (Google Inc.)
HKU\S-1-5-21-2384940018-3218363825-3958638645-1000\...\Run: [MP4 Player] => C:\Program Files\MP4 Player\mp4Player.exe [772096 2008-11-06] ()
HKU\S-1-5-21-2384940018-3218363825-3958638645-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-2384940018-3218363825-3958638645-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
Lsa: [Notification Packages] scecli psqlpwd
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk [2008-11-17]
ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk [2008-11-17]
ShortcutTarget: QuickSet.lnk -> C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2008-11-17]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2008-11-17]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk [2013-07-26]
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
ShellIconOverlayIdentifiers: [UEAFOverlay] -> {F2F31467-B1AC-4df0-AE79-FD5FA085E22B} => C:\Program Files\Protector Suite QL\farchns.dll [2007-03-28] (UPEK Inc.)
ShellIconOverlayIdentifiers: [UEAFOverlayOpen] -> {A3E208F7-0E3A-4182-A7A6-B169D5D691AA} => C:\Program Files\Protector Suite QL\farchns.dll [2007-03-28] (UPEK Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-2384940018-3218363825-3958638645-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=2081118
HKU\S-1-5-21-2384940018-3218363825-3958638645-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=2081118
HKU\S-1-5-21-2384940018-3218363825-3958638645-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-05-04] (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.10.11023.1534\swg.dll [2015-05-06] (Google Inc.)
BHO: CBrowserHelperObject Object -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} -> C:\Program Files\Dell\BAE\BAE.dll [2006-11-09] (Dell Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-05-04] (Google Inc.)
Toolbar: HKU\S-1-5-21-2384940018-3218363825-3958638645-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-05-04] (Google Inc.)
Toolbar: HKU\S-1-5-21-2384940018-3218363825-3958638645-1000 -> No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-11-29] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-04-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-04-21] (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2013-07-26] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2013-07-26] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2013-07-26] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2013-07-26] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2013-07-26] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2013-07-26] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2013-07-26] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2013-07-26] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 20 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2013-07-26] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Tanja\AppData\Roaming\Mozilla\Firefox\Profiles\so0hosv4.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-05-04] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2013-04-08] ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Windows\system32\npDeployJava1.dll [2013-10-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @sony.com/eBookLibrary -> C:\Program Files\Sony\Reader\Data\bin\npebldetectmoz.dll [2010-07-13] (Sony Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-05-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-05-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-2384940018-3218363825-3958638645-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Tanja\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-05-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-2384940018-3218363825-3958638645-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Tanja\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-05-04] (Google Inc.)
FF Extension: Avira Browser Safety - C:\Users\Tanja\AppData\Roaming\Mozilla\Firefox\Profiles\so0hosv4.default\Extensions\abs@avira.com [2015-05-04]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-07-30]

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Profile: C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-26]
CHR Extension: (Google Drive) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-26]
CHR Extension: (YouTube) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-26]
CHR Extension: (Google Search) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-26]
CHR Extension: (Bookmark Manager) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-06]
CHR Extension: (Google Wallet) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-30]
CHR Extension: (Gmail) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-26]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.A5PANYAOFJR4QDA5T4X7DU36RE - C:\Users\Tanja\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [815352 2015-05-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [434424 2015-05-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-06] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1004032 2015-05-06] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-09-23] (Stardock Corporation) [File not signed]
S3 GoToAssist; C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe [16680 2008-11-17] (Citrix Online, a division of Citrix Systems, Inc.)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [106248 2015-05-06] (SurfRight B.V.)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 Sony SCSI Helper Service; C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2010-04-02] (Sony Corporation) [File not signed]
R2 sprtsvc_DellSupportCenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968 2008-08-26] (SupportSoft, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2654208 2008-07-03] (Dell Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105864 2015-05-06] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2015-05-06] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-05-12] (Avira Operations GmbH & Co. KG)
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2008-07-03] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-07 10:10 - 2015-05-07 10:10 - 00020405 _____ () C:\Users\Tanja\Desktop\FRST.txt
2015-05-07 10:09 - 2015-05-07 10:10 - 00000000 ____D () C:\FRST
2015-05-07 10:09 - 2015-05-07 10:09 - 01141248 _____ (Farbar) C:\Users\Tanja\Desktop\FRST.exe
2015-05-07 10:08 - 2015-05-07 10:09 - 01141248 _____ (Farbar) C:\Users\Tanja\Downloads\FRST.exe
2015-05-06 22:07 - 2015-05-06 22:16 - 00000000 ____D () C:\Users\Tanja\AppData\Roaming\MyPhoneExplorer
2015-05-06 22:04 - 2015-05-06 22:04 - 00001856 _____ () C:\Users\Public\Desktop\MyPhoneExplorer.lnk
2015-05-06 22:04 - 2015-05-06 22:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
2015-05-06 22:03 - 2015-05-06 22:04 - 00000000 ____D () C:\Program Files\MyPhoneExplorer
2015-05-06 21:59 - 2015-05-06 22:02 - 07332272 _____ () C:\Users\Tanja\Downloads\MyPhoneExplorer_Setup_v1.8.6.exe
2015-05-06 20:12 - 2015-05-06 22:38 - 00000000 ____D () C:\Users\Tanja\Desktop\SamsungHandy
2015-05-06 17:33 - 2015-05-06 17:33 - 00001746 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2015-05-06 17:33 - 2015-05-06 17:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2015-05-06 17:33 - 2015-05-06 17:33 - 00000000 ____D () C:\Program Files\HitmanPro
2015-05-06 17:28 - 2015-05-06 18:17 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-05-06 17:24 - 2015-05-06 17:32 - 10109856 _____ (SurfRight B.V.) C:\Users\Tanja\Downloads\hitmanpro.exe
2015-05-06 13:17 - 2015-05-06 13:17 - 00001820 _____ () C:\Users\Tanja\Desktop\Entfernen des Avira EU-Cleaners.lnk
2015-05-06 13:17 - 2015-05-06 13:17 - 00001764 _____ () C:\Users\Tanja\Desktop\Avira EU-Cleaner.lnk
2015-05-06 13:15 - 2015-05-06 13:16 - 02209056 _____ () C:\Users\Tanja\Downloads\avira-eu-cleaner_de.exe
2015-05-06 12:09 - 2015-05-06 12:15 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-06 12:09 - 2015-05-06 12:09 - 00000901 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-05-06 12:09 - 2015-05-06 12:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-05-06 12:09 - 2015-05-06 12:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-06 12:09 - 2015-05-06 12:09 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2015-05-06 12:09 - 2015-04-14 09:37 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-06 12:09 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-06 12:09 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-06 11:05 - 2015-05-06 11:20 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Tanja\Downloads\mbam-setup-majorgeeks-2.1.6.1022.exe
2015-05-04 14:21 - 2015-05-04 14:21 - 00000000 ____D () C:\Users\Tanja\AppData\Local\Macromedia
2015-05-04 12:27 - 2015-05-04 12:27 - 00001002 _____ () C:\Users\Public\Desktop\Avira.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-07 10:03 - 2013-08-05 17:02 - 00027839 _____ () C:\ProgramData\nvModes.dat
2015-05-07 10:03 - 2013-08-05 17:02 - 00027839 _____ () C:\ProgramData\nvModes.001
2015-05-07 10:03 - 2006-11-02 14:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-07 10:03 - 2006-11-02 14:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-07 09:33 - 2013-07-26 21:55 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-07 09:22 - 2013-07-26 22:30 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2384940018-3218363825-3958638645-1000UA.job
2015-05-07 09:18 - 2014-06-26 16:16 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-07 08:20 - 2008-01-21 09:16 - 01445310 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-07 08:17 - 2008-11-17 20:39 - 01463760 _____ () C:\Windows\WindowsUpdate.log
2015-05-07 08:14 - 2013-07-26 21:55 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-07 08:13 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-07 00:09 - 2008-11-17 20:40 - 00003617 _____ () C:\Windows\bthservsdp.dat
2015-05-07 00:09 - 2006-11-02 15:01 - 00024896 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-06 22:25 - 2006-11-02 14:52 - 00194462 _____ () C:\Windows\setupact.log
2015-05-06 21:27 - 2013-07-26 21:22 - 00000000 ____D () C:\Users\Tanja\Documents\Bluetooth-Exchange-Ordner
2015-05-06 15:19 - 2008-01-21 04:47 - 00280112 _____ () C:\Windows\PFRO.log
2015-05-06 13:22 - 2013-07-26 22:30 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2384940018-3218363825-3958638645-1000Core.job
2015-05-06 12:49 - 2013-07-26 22:46 - 00000000 ____D () C:\Users\Tanja\AppData\Roaming\Avira
2015-05-06 12:48 - 2013-07-26 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-05-06 12:48 - 2013-07-26 21:40 - 00000000 ____D () C:\ProgramData\Avira
2015-05-06 11:52 - 2013-07-26 22:44 - 00002036 _____ () C:\Users\Tanja\Desktop\Google Chrome.lnk
2015-05-06 10:30 - 2013-07-26 21:40 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-05-06 10:30 - 2013-07-26 21:40 - 00105864 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-05-04 14:31 - 2014-06-26 16:16 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-05-04 14:31 - 2014-06-26 16:16 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-05-04 12:27 - 2014-12-11 23:09 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-04 12:27 - 2013-07-26 21:40 - 00000000 ____D () C:\Program Files\Avira

==================== Files in the root of some directories =======

2013-08-06 20:35 - 2013-08-06 20:35 - 0000036 ____H () C:\Users\Tanja\AppData\Roaming\swk.ini
2014-02-09 00:47 - 2014-02-09 00:48 - 0000146 _____ () C:\Users\Tanja\AppData\Roaming\wklnhst.dat
2013-07-29 20:04 - 2013-07-29 20:04 - 0000680 _____ () C:\Users\Tanja\AppData\Local\d3d9caps.dat
2013-07-26 21:15 - 2014-12-24 16:54 - 0028160 _____ () C:\Users\Tanja\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-08-05 17:02 - 2015-05-07 10:03 - 0027839 _____ () C:\ProgramData\nvModes.001
2013-08-05 17:02 - 2015-05-07 10:03 - 0027839 _____ () C:\ProgramData\nvModes.dat

Some content of TEMP:
====================
C:\Users\Tanja\AppData\Local\Temp\avgnt.exe
C:\Users\Tanja\AppData\Local\Temp\eblinstaller.exe
C:\Users\Tanja\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Tanja\AppData\Local\Temp\Storio2_DE_ger_Setup_pid_12681.exe
C:\Users\Tanja\AppData\Local\Temp\{0C8BF355-0616-4494-8A27-0EA5552C9ECA}-GoogleUpdateSetup.exe
C:\Users\Tanja\AppData\Local\Temp\{1FDBB60A-F25A-4FA6-988C-B5F0BD9A69B4}-GoogleUpdateSetup.exe
C:\Users\Tanja\AppData\Local\Temp\{63E17CB6-D87F-4BBF-B899-5F6C7FF4FE9E}-GoogleUpdateSetup.exe
C:\Users\Tanja\AppData\Local\Temp\{8C2B0B7E-8C2F-4975-A3C5-0A3AFAADB07D}-GoogleUpdateSetup.exe
C:\Users\Tanja\AppData\Local\Temp\{8D1B869F-09DD-4F1F-B56A-295371EEA068}-GoogleToolbarInstaller_updater_signed.exe
C:\Users\Tanja\AppData\Local\Temp\{9108DD6A-45B0-49E3-8CD0-601B124241C4}-32.0.1700.107_31.0.1650.63_chrome_updater.exe
C:\Users\Tanja\AppData\Local\Temp\{A134B5AF-D5E6-4D14-9EBF-C857F10A6B95}-GoogleToolbarInstaller_updater_signed.exe
C:\Users\Tanja\AppData\Local\Temp\{F129594B-CE23-4DFE-968A-74E8CCA2EF0F}-31.0.1650.57_chrome_installer.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-07 08:21

==================== End Of Log ============================

--- --- ---

--- --- ---
/CODE]

ADDITION

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 06-05-2015 01
Ran by Tanja at 2015-05-07 10:10:29
Running from C:\Users\Tanja\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2384940018-3218363825-3958638645-500 - Administrator - Disabled)
Gast (S-1-5-21-2384940018-3218363825-3958638645-501 - Limited - Disabled)
Tanja (S-1-5-21-2384940018-3218363825-3958638645-1000 - Administrator - Enabled) => C:\Users\Tanja

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader 9 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version:  - )
Advanced Video FX Engine (HKLM\...\Advanced Video FX Engine) (Version:  - )
Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.9.504 - Avira Operations GmbH & Co. KG)
AVM FRITZ!Box Dokumentation (HKLM\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Browser Address Error Redirector (HKLM\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell)
calibre (HKLM\...\{B652DD9C-F162-4B40-B38F-A1D0F866CAFA}) (Version: 0.9.41 - Kovid Goyal)
Cisco EAP-FAST Module (HKLM\...\{6D3963B0-E13B-4FC3-B0FF-506A304BB043}) (Version: 2.1.3 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Dell Dock (HKLM\...\{F6CB42B9-F033-4152-8813-FF11DA8E6A78}) (Version: 1.0.0 - Dell)
Dell Handbuch zum Einstieg (HKLM\...\{FD023F61-65E9-465C-B558-7C64EB2B97E6}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (Support Software) (HKLM\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.2.08100 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1.103.4 - Alps Electric)
Dell Webcam Center (HKLM\...\Dell Webcam Center) (Version:  - )
Dell Webcam Manager (HKLM\...\Dell Webcam Manager) (Version:  - )
Desktopicon amazon.de (HKLM\...\DesktopIconAmazon) (Version: 1.0.1 - )
Dienstprogramm für Dell Wireless WLAN Karte (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.170.77.13 - Dell Inc.)
EDocs (HKLM\...\{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}) (Version:  - )
Google Chrome (HKU\S-1-5-21-2384940018-3218363825-3958638645-1000\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (HKLM\...\GoToAssist) (Version:  - )
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.240 - SurfRight B.V.)
Intel(R) Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - )
iThmb Converter Version 1.80.0.618 (HKLM\...\{AC7FF208-CE56-455E-96CB-1D96A0AF33EF}_is1) (Version: 1.80.0.618 - Dec Software)
iTunes (HKLM\...\{91FD46D2-4FB7-4A51-8637-556E1BE1DB7C}) (Version: 11.0.4.4 - Apple Inc.)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java(TM) 6 Update 7 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
Kaminfeuer Comprehensive Edition Free (HKLM\...\ST5UNST #1) (Version:  - )
Laptop Integrated Webcam Driver (1.04.01.1011)   (HKLM\...\Creative OEM002) (Version:  - )
Live! Cam Avatar (HKLM\...\{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}) (Version: 1.0 - Creative Technology Ltd.)
Live! Cam Avatar Creator (HKLM\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.0817.1 - Creative Technology Ltd.)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
MediaDirect (HKLM\...\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}) (Version: 3.5 - Dell)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 de) (HKLM\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Mozilla Thunderbird 17.0.7 (x86 de) (HKLM\...\Mozilla Thunderbird 17.0.7 (x86 de)) (Version: 17.0.7 - Mozilla)
MP4 Player  (HKLM\...\MP4 Player) (Version:  - )
MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
OutlookAddinSetup (HKLM\...\{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}) (Version: 1.0.0 - CyberLink)
Protector Suite QL 5.6 (HKLM\...\{A2289997-10A3-48F2-AA03-99180D761661}) (Version: 5.6.2.3447 - UPEK Inc.)
PRS-500 USB driver (HKLM\...\{A212E6C2-20F7-4A8E-BD8E-DC3EE7483FA2}) (Version: 1.0.00.08110 - Sony)
QuickSet (HKLM\...\{4B6AD248-D3BF-426A-8D64-847288154F13}) (Version: 8.2.20 - Dell Inc.)
Ravensburger tiptoi (HKLM\...\Ravensburger tiptoi) (Version:  - )
Reader Library by Sony (HKLM\...\{B70E5793-F912-4C62-AFE2-C4F0B078FD31}) (Version: 3.3.00.07130 - Sony)
Roxio Creator DE (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - Roxio)
Universal Document Converter (Demo) (HKLM\...\Universal Document Converter_is1) (Version: 5.8 - fCoder Group, Inc.)
VTech Download Agent Library (Version: 1.00.0000 - VTech) Hidden
VTech Download Manager (HKLM\...\VTechDownloadManager) (Version:  - VTech)
WIDCOMM Bluetooth Software 6.0.1.3100 (HKLM\...\{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}) (Version: 6.0.1.3100 - Dell)
Windows Driver Package - Sony Corporation (PRSUSB) USB  (08/08/2006 1.0.03.08080) (HKLM\...\75070B1806113224B16C70296B90DD1AD8A53479) (Version: 08/08/2006 1.0.03.08080 - Sony Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2384940018-3218363825-3958638645-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Tanja\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2384940018-3218363825-3958638645-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Tanja\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2384940018-3218363825-3958638645-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Tanja\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2384940018-3218363825-3958638645-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Tanja\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2384940018-3218363825-3958638645-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Tanja\AppData\Local\Google\Chrome\Application\42.0.2311.135\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2384940018-3218363825-3958638645-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Tanja\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2384940018-3218363825-3958638645-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Tanja\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2384940018-3218363825-3958638645-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Tanja\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2384940018-3218363825-3958638645-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Tanja\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2384940018-3218363825-3958638645-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Tanja\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2384940018-3218363825-3958638645-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Tanja\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2384940018-3218363825-3958638645-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Tanja\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2384940018-3218363825-3958638645-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Tanja\AppData\Local\Google\Update\1.3.25.11\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2384940018-3218363825-3958638645-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Tanja\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2384940018-3218363825-3958638645-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Tanja\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2384940018-3218363825-3958638645-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Tanja\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2384940018-3218363825-3958638645-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Tanja\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File

==================== Restore Points  =========================

01-11-2013 11:26:32 Windows Update
22-11-2013 12:52:53 Windows Update
28-11-2013 18:22:51 Windows Update
30-11-2013 23:39:04 Installed Java 7 Update 45
01-12-2013 23:56:54 Windows Update
18-12-2013 20:00:37 Windows Update
22-01-2014 21:37:58 Windows Update
12-05-2014 16:19:47 Windows Update
25-05-2014 13:02:11 Windows Update
14-06-2014 20:59:29 Windows Update
19-06-2014 18:04:43 Windows Update
26-06-2014 16:05:51 Windows Update
12-07-2014 18:22:28 Geplanter Prüfpunkt
12-07-2014 18:31:28 Windows Update
20-07-2014 11:50:24 Windows Update
28-07-2014 20:16:44 Windows Update
12-12-2014 10:52:04 Windows Update
14-12-2014 13:38:35 Windows Update
24-12-2014 15:58:49 Windows Update
17-01-2015 20:54:38 Windows Update
05-02-2015 18:12:23 Windows Update
06-05-2015 11:27:23 Windows Update
06-05-2015 18:15:46 Prüfpunkt von HitmanPro
06-05-2015 18:16:36 Prüfpunkt von HitmanPro
07-05-2015 09:11:47 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {8233BF12-6D9D-4239-9292-2DE5C22B2A84} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2384940018-3218363825-3958638645-1000Core => C:\Users\Tanja\AppData\Local\Google\Update\GoogleUpdate.exe [2013-07-26] (Google Inc.)
Task: {AACABCE0-A38D-4C13-8215-A01146B1485F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-12] (Google Inc.)
Task: {B260A9E7-EB78-489B-A44E-5E3D910FD1DA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-12] (Google Inc.)
Task: {EEAAFE47-C73F-4C20-8F11-5EFF1B0F81BF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2384940018-3218363825-3958638645-1000UA => C:\Users\Tanja\AppData\Local\Google\Update\GoogleUpdate.exe [2013-07-26] (Google Inc.)
Task: {EEC45BEA-3589-415A-AB2C-A1022EB691E1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-04] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2384940018-3218363825-3958638645-1000Core.job => C:\Users\Tanja\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2384940018-3218363825-3958638645-1000UA.job => C:\Users\Tanja\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2008-11-17 19:55 - 2008-07-03 14:29 - 00024064 _____ () C:\Windows\System32\WLTRYSVC.EXE
2008-11-17 19:55 - 2008-07-03 14:28 - 00055808 _____ () C:\Windows\System32\bcmwlrmt.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2008-11-17 19:55 - 2008-07-03 14:28 - 00055808 _____ () C:\WINDOWS\System32\bcmwlrmt.dll
2010-07-13 01:28 - 2010-07-13 01:28 - 00856064 _____ () C:\Program Files\Sony\Reader\Data\bin\launcher\fsk.dll
2010-07-13 01:13 - 2010-07-13 01:13 - 00033792 _____ () C:\Program Files\Sony\Reader\Data\bin\FskMediaPlayers.dll
2010-07-13 01:15 - 2010-07-13 01:15 - 00233472 _____ () C:\Program Files\Sony\Reader\Data\bin\Fskin.dll
2010-07-13 01:22 - 2010-07-13 01:22 - 00020480 _____ () C:\Program Files\Sony\Reader\Data\bin\FskinLocalize.dll
2010-04-02 21:23 - 2010-04-02 21:23 - 00815104 _____ () C:\Program Files\Sony\Reader\Data\bin\FskSecurity.dll
2010-07-13 01:16 - 2010-07-13 01:16 - 00118784 _____ () C:\Program Files\Sony\Reader\Data\bin\FskDocumentViewer.dll
2010-07-13 01:22 - 2010-07-13 01:22 - 00009728 _____ () C:\Program Files\Sony\Reader\Data\bin\FskPower.dll
2010-07-13 01:26 - 2010-07-13 01:26 - 00018432 _____ () C:\Program Files\Sony\Reader\Data\bin\launcher\FskNetInterface.dll
2010-07-13 01:15 - 2010-07-13 01:15 - 00010240 _____ () C:\Program Files\Sony\Reader\Data\bin\FskMobileMediaDevice.dll
2010-07-13 01:25 - 2010-07-13 01:25 - 00008704 _____ () C:\Program Files\Sony\Reader\Data\bin\launcher\FskTimeHardware.dll
2010-07-13 01:25 - 2010-07-13 01:25 - 00028160 _____ () C:\Program Files\Sony\Reader\Data\bin\launcher\ticket.dll
2010-07-13 01:25 - 2010-07-13 01:25 - 00011776 _____ () C:\Program Files\Sony\Reader\Data\bin\launcher\ebookDeviceNotifier.dll
2010-04-02 20:44 - 2010-04-02 20:44 - 00086016 _____ () C:\Program Files\Sony\Reader\Data\bin\launcher\ebookUsb.dll
2010-07-13 01:29 - 2010-07-13 01:29 - 00143360 _____ () C:\Program Files\Sony\Reader\Data\bin\launcher\connectionDetector.dll
2010-07-13 01:10 - 2010-07-13 01:10 - 00172032 _____ () C:\Program Files\Sony\Reader\Data\bin\launcher\USBDetector.dll
2014-07-03 03:41 - 2014-06-20 08:42 - 00401280 _____ () C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
2014-07-03 03:41 - 2014-03-04 13:20 - 00117760 _____ () C:\Program Files\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
2014-07-03 03:41 - 2014-04-22 04:14 - 00065536 _____ () C:\Program Files\VTech\DownloadManager\System\QHttpServer.dll
2014-07-03 03:41 - 2014-05-06 07:39 - 00861184 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\platforms\qwindows.dll
2014-07-03 03:41 - 2014-05-06 07:38 - 00021504 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qgif.dll
2014-07-03 03:41 - 2014-05-06 07:38 - 00020992 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qico.dll
2014-07-03 03:41 - 2014-05-06 07:38 - 00204800 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qjpeg.dll
2014-07-03 03:41 - 2014-05-06 12:44 - 00218112 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qmng.dll
2014-07-03 03:41 - 2014-05-06 07:58 - 00015872 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qsvg.dll
2014-07-03 03:41 - 2014-05-06 12:44 - 00015360 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qtga.dll
2014-07-03 03:41 - 2014-05-06 12:44 - 00307712 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qtiff.dll
2014-07-03 03:41 - 2014-05-06 12:44 - 00014848 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\imageformats\qwbmp.dll
2014-07-03 03:41 - 2014-05-06 08:31 - 00015872 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\sensors\qtsensors_dummy.dll
2014-07-03 03:41 - 2014-05-06 07:38 - 00036352 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\bearer\qgenericbearer.dll
2014-07-03 03:41 - 2014-05-06 07:38 - 00038912 _____ () C:\Program Files\VTech\DownloadManager\System\plugins\bearer\qnativewifibearer.dll
2008-11-06 19:23 - 2008-11-06 19:23 - 00772096 _____ () C:\Program Files\MP4 Player\Mp4Player.exe
2006-11-03 18:25 - 2006-11-03 18:25 - 00389120 _____ () C:\Windows\system32\btwhidcs.DLL
2006-11-03 18:46 - 2006-11-03 18:46 - 00126976 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2013-08-05 17:19 - 2013-08-05 17:19 - 00284160 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\37fcf6436994c36769a13e2f60f5fe6f\VistaBridgeLibrary.ni.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2384940018-3218363825-3958638645-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\Wallpaper\img24.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{B8BD3074-2DAA-4CC7-96C9-FE036A4F5733}] => (Allow) C:\Program Files\Dell\MediaDirect\MediaDirect.exe
FirewallRules: [{53FA3F4E-300C-48EC-806B-1F8F6A5B4BD6}] => (Allow) C:\Program Files\Dell\MediaDirect\PCMService.exe
FirewallRules: [{4BBE310D-EC42-459E-897F-911301D8021D}] => (Allow) C:\Program Files\Dell\MediaDirect\Kernel\DMP\CLBrowserEngine.exe
FirewallRules: [{4756772F-B836-419D-96E2-3D8B28342FCA}] => (Allow) C:\Program Files\Dell\MediaDirect\Kernel\DMS\CLMSService.exe
FirewallRules: [{0C20F8B0-42E7-49EB-9F44-BB16557572BC}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{246AC947-2A39-44AD-927D-068A954E9A52}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C0B7E2EA-CF09-4A4E-9598-758625F0F21A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8747F233-9ACC-4F3D-861E-D525F8006937}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{8527657A-5E71-4A87-9909-E6269DD4895A}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{95B3AE11-3951-49D4-85DC-6AB72EABA8C7}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{565225E5-4098-441B-A12E-3615CE8C238F}] => (Allow) LPort=80
FirewallRules: [{EECF7DBD-5CE6-480F-B59E-FF5403E9469B}] => (Allow) LPort=80
FirewallRules: [{8A2DEBB1-FD3B-4C95-82A8-21897AD54B36}] => (Allow) LPort=80
FirewallRules: [{B4C1694E-BECA-4AF2-9AA3-366A6ED4C88D}] => (Allow) E:\fsetup.exe
FirewallRules: [{A136E3F1-C839-400D-88D1-34C213CE0E98}] => (Allow) E:\fsetup.exe
FirewallRules: [TCP Query User{E07EC060-8275-4FBA-B381-65B82FC80BAE}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{FDBDEFF0-1F54-4D7F-9589-4991FADC75F8}C:\program files\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files\myphoneexplorer\myphoneexplorer.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/07/2015 09:43:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15616

Error: (05/07/2015 09:43:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15616

Error: (05/07/2015 09:43:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/07/2015 08:15:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/07/2015 00:09:14 AM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{AA44355E-6911-4447-BA5D-6720480579AF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (05/06/2015 09:00:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung mp4Player.exe, Version 2.0.0.0, Zeitstempel 0x49132805, fehlerhaftes Modul kernel32.dll, Version 6.0.6001.18631, Zeitstempel 0x4da467f0, Ausnahmecode 0xc0000005, Fehleroffset 0x000bf865,
Prozess-ID 0x1318, Anwendungsstartzeit mp4Player.exe0.

Error: (05/06/2015 08:59:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung Mp4Player.exe, Version 2.0.0.0, Zeitstempel 0x49132805, fehlerhaftes Modul kernel32.dll, Version 6.0.6001.18631, Zeitstempel 0x4da467f0, Ausnahmecode 0xc0000005, Fehleroffset 0x000bf865,
Prozess-ID 0x370, Anwendungsstartzeit Mp4Player.exe0.

Error: (05/06/2015 06:20:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/06/2015 06:18:11 PM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{AA44355E-6911-4447-BA5D-6720480579AF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (05/06/2015 06:17:22 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "RegSetValueExW(0x000002e4,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,0389F95C.64)". hr = 0x80070005.


System errors:
=============
Error: (05/07/2015 08:15:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: iPod-Dienst%%1053

Error: (05/07/2015 08:15:56 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000iPod-Dienst

Error: (05/07/2015 08:15:56 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053iPod Service{063D34A4-BF84-4B8D-B699-E8CA06504DDE}

Error: (05/07/2015 08:15:32 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Avira Service Host

Error: (05/07/2015 08:13:53 AM) (Source: HTTP) (EventID: 15016) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (05/06/2015 10:10:07 PM) (Source: WPDMTPDriver) (EventID: 15300) (User: )
Description: MTP WPD Driver0x8007001f

Error: (05/06/2015 10:10:06 PM) (Source: WPDMTPDriver) (EventID: 15300) (User: )
Description: MTP WPD Driver0x8007001f

Error: (05/06/2015 10:10:05 PM) (Source: WPDMTPDriver) (EventID: 15300) (User: )
Description: MTP WPD Driver0x80070005

Error: (05/06/2015 10:10:00 PM) (Source: WPDMTPDriver) (EventID: 15300) (User: )
Description: MTP WPD Driver0x8007001f

Error: (05/06/2015 08:05:51 PM) (Source: WPDMTPDriver) (EventID: 15300) (User: )
Description: MTP WPD Driver0x8007001f


Microsoft Office Sessions:
=========================
Error: (05/07/2015 09:43:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15616

Error: (05/07/2015 09:43:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15616

Error: (05/07/2015 09:43:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/07/2015 08:15:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/07/2015 00:09:14 AM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{AA44355E-6911-4447-BA5D-6720480579AF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (05/06/2015 09:00:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mp4Player.exe2.0.0.049132805kernel32.dll6.0.6001.186314da467f0c0000005000bf865131801d0882edc117855

Error: (05/06/2015 08:59:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Mp4Player.exe2.0.0.049132805kernel32.dll6.0.6001.186314da467f0c0000005000bf86537001d0881877a8bc45

Error: (05/06/2015 06:20:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/06/2015 06:18:11 PM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{AA44355E-6911-4447-BA5D-6720480579AF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (05/06/2015 06:17:22 PM) (Source: VSS) (EventID: 12289) (User: )
Description: RegSetValueExW(0x000002e4,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,0389F95C.64)0x80070005


CodeIntegrity Errors:
===================================
  Date: 2015-05-07 10:10:25.538
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-07 10:10:25.476
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-07 10:10:25.413
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-07 10:10:25.366
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-07 10:10:25.210
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-07 10:10:25.132
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-07 10:10:25.070
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-07 10:10:25.008
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-07 10:10:10.266
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-07 10:10:10.203
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU T9300 @ 2.50GHz
Percentage of memory in use: 37%
Total physical RAM: 3581.14 MB
Available physical RAM: 2232.12 MB
Total Pagefile: 7365.29 MB
Available Pagefile: 5864.08 MB
Total Virtual: 2047.88 MB
Available Virtual: 1900.28 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:453.14 GB) (Free:317.22 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:4.61 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 90000000)
Partition 1: (Not Active) - (Size=125 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=453.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2.5 GB) - (Type=OF Extended)

==================== End Of Log ============================

schrauber · 08.05.2015, 08:49

hi,

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

tinetine · 08.05.2015, 12:38

bei beiden Programmen ist nix gefunden worden,
hier die Logfile´s

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.05.08.02
  rootkit: v2015.04.21.01

Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 7.0.6001.18000
Tanja :: TANJA-PC [administrator]

08.05.2015 10:51:20
mbar-log-2015-05-08 (10-51-20).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 327316
Time elapsed: 36 minute(s), 22 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Code:

ATTFilter

13:11:48.0147 0x1214  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
13:12:03.0987 0x1214  ============================================================
13:12:04.0002 0x1214  Current date / time: 2015/05/08 13:12:03.0987
13:12:04.0002 0x1214  SystemInfo:
13:12:04.0002 0x1214  
13:12:04.0002 0x1214  OS Version: 6.0.6001 ServicePack: 1.0
13:12:04.0002 0x1214  Product type: Workstation
13:12:04.0002 0x1214  ComputerName: TANJA-PC
13:12:04.0002 0x1214  UserName: Tanja
13:12:04.0002 0x1214  Windows directory: C:\Windows
13:12:04.0002 0x1214  System windows directory: C:\Windows
13:12:04.0002 0x1214  Processor architecture: Intel x86
13:12:04.0002 0x1214  Number of processors: 2
13:12:04.0002 0x1214  Page size: 0x1000
13:12:04.0002 0x1214  Boot type: Normal boot
13:12:04.0002 0x1214  ============================================================
13:12:06.0124 0x1214  KLMD registered as C:\Windows\system32\drivers\58720330.sys
13:12:06.0202 0x1214  System UUID: {0E744FF6-0589-949D-7BD5-100BB4DBB747}
13:12:06.0857 0x1214  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:12:06.0857 0x1214  ============================================================
13:12:06.0857 0x1214  \Device\Harddisk0\DR0:
13:12:06.0857 0x1214  MBR partitions:
13:12:06.0857 0x1214  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F000, BlocksNum 0x1400000
13:12:06.0857 0x1214  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x143F000, BlocksNum 0x38A467F8
13:12:06.0888 0x1214  ============================================================
13:12:06.0951 0x1214  C: <-> \Device\Harddisk0\DR0\Partition2
13:12:06.0998 0x1214  D: <-> \Device\Harddisk0\DR0\Partition1
13:12:06.0998 0x1214  ============================================================
13:12:06.0998 0x1214  Initialize success
13:12:06.0998 0x1214  ============================================================
13:13:14.0437 0x0418  ============================================================
13:13:14.0437 0x0418  Scan started
13:13:14.0437 0x0418  Mode: Manual; SigCheck; TDLFS; 
13:13:14.0437 0x0418  ============================================================
13:13:14.0437 0x0418  KSN ping started
13:13:30.0214 0x0418  KSN ping finished: true
13:13:30.0557 0x0418  ================ Scan system memory ========================
13:13:30.0557 0x0418  System memory - ok
13:13:30.0557 0x0418  ================ Scan services =============================
13:13:30.0885 0x0418  [ FCB8C7210F0135E24C6580F7F649C73C, 7E5E3D0B4F4BD418E6CC551850C672E1AF347CBB2E665B6F72638786CE5079C5 ] ACPI            C:\Windows\system32\drivers\acpi.sys
13:13:31.0010 0x0418  ACPI - ok
13:13:31.0181 0x0418  [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:13:31.0181 0x0418  AdobeFlashPlayerUpdateSvc - ok
13:13:31.0259 0x0418  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
13:13:31.0275 0x0418  adp94xx - ok
13:13:31.0337 0x0418  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
13:13:31.0353 0x0418  adpahci - ok
13:13:31.0369 0x0418  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
13:13:31.0369 0x0418  adpu160m - ok
13:13:31.0400 0x0418  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
13:13:31.0415 0x0418  adpu320 - ok
13:13:31.0447 0x0418  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:13:31.0571 0x0418  AeLookupSvc - ok
13:13:31.0634 0x0418  [ EF1142512BEC12F1C2C87735DA1755BE, 236EFD8FBA717123E0CF5A136ACEBB80A2BE1FA4B1A9A2C74728BC4EB4E787D8 ] AESTFilters     C:\Windows\system32\aestsrv.exe
13:13:31.0665 0x0418  AESTFilters - ok
13:13:31.0759 0x0418  [ 48EB99503533C27AC6135648E5474457, 344A83008F41AAC3CDFC52EFC4F2EFF441971C58182597D2FBED315B3FC62137 ] AFD             C:\Windows\system32\drivers\afd.sys
13:13:31.0821 0x0418  AFD - ok
13:13:31.0868 0x0418  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys
13:13:31.0883 0x0418  agp440 - ok
13:13:31.0930 0x0418  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
13:13:31.0930 0x0418  aic78xx - ok
13:13:31.0946 0x0418  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
13:13:32.0008 0x0418  ALG - ok
13:13:32.0055 0x0418  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide          C:\Windows\system32\drivers\aliide.sys
13:13:32.0055 0x0418  aliide - ok
13:13:32.0086 0x0418  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
13:13:32.0102 0x0418  amdagp - ok
13:13:32.0117 0x0418  [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide          C:\Windows\system32\drivers\amdide.sys
13:13:32.0133 0x0418  amdide - ok
13:13:32.0164 0x0418  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
13:13:32.0227 0x0418  AmdK7 - ok
13:13:32.0242 0x0418  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
13:13:32.0305 0x0418  AmdK8 - ok
13:13:32.0554 0x0418  [ 4428DC966DD5D0659AA7CA913D1D7652, 267D0F64354A105A2A64AB41607E3EB22CF8B448D2EBEC62C31829F03736836D ] AntiVirMailService C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
13:13:32.0601 0x0418  AntiVirMailService - ok
13:13:32.0695 0x0418  [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
13:13:32.0741 0x0418  AntiVirSchedulerService - ok
13:13:32.0804 0x0418  [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
13:13:32.0835 0x0418  AntiVirService - ok
13:13:32.0944 0x0418  [ 266C0506DF8BA3990E12885E64EE4420, 60995CFE54B8594179BEAB06C4498CBF997B0C85147E5DD747CE238C89F6979D ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
13:13:33.0022 0x0418  AntiVirWebService - ok
13:13:33.0085 0x0418  [ A80230BD04F0B8BF05185B369BB1CBB8, 8B167D2E31E7687E3B8E166938095DD7E5D77D270CDD78332CA68199A041F72F ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
13:13:33.0225 0x0418  ApfiltrService - ok
13:13:33.0303 0x0418  [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo         C:\Windows\System32\appinfo.dll
13:13:33.0397 0x0418  Appinfo - ok
13:13:33.0490 0x0418  [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:13:33.0521 0x0418  Apple Mobile Device - ok
13:13:33.0568 0x0418  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys
13:13:33.0568 0x0418  arc - ok
13:13:33.0615 0x0418  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:13:33.0631 0x0418  arcsas - ok
13:13:33.0662 0x0418  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:13:33.0709 0x0418  AsyncMac - ok
13:13:33.0740 0x0418  [ 0D83C87A801A3DFCD1BF73893FE7518C, 0EEB3DFFC73B370CEBB6C5115ADC769C38B2993F0EAC0EA19E273773390DA82F ] atapi           C:\Windows\system32\drivers\atapi.sys
13:13:33.0755 0x0418  atapi - ok
13:13:33.0802 0x0418  [ 42076E29AAFA0830A2C5D4E310F58DD1, 13BB794C09BB602AECF53DB8147677159DC154E994FFEAE89C0298BD65FA9C7B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:13:33.0849 0x0418  AudioEndpointBuilder - ok
13:13:33.0849 0x0418  [ 42076E29AAFA0830A2C5D4E310F58DD1, 13BB794C09BB602AECF53DB8147677159DC154E994FFEAE89C0298BD65FA9C7B ] Audiosrv        C:\Windows\System32\Audiosrv.dll
13:13:33.0880 0x0418  Audiosrv - ok
13:13:33.0958 0x0418  [ EC17E91BC9026C5ED580FB2B13E341AB, 2D9421AE05F3D4A8DBD69D73B4B562EA4F93FBD12AB2F77C52DA8B411626EBF1 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
13:13:33.0974 0x0418  avgntflt - ok
13:13:34.0021 0x0418  [ 7BAA36ED6C6098899D9E1269A61085C3, 2D101F1C6C79B0BD722BDB5939344F65728EC2F5B747B6619640775E6FDEFC0A ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
13:13:34.0021 0x0418  avipbb - ok
13:13:34.0130 0x0418  [ 0D32033DCB359FD98B4C3513EF849FE6, 5870D67526BC29D888DAF8DBAB04B1E97ED5C7C51484ED400A5E65D0EB61576A ] Avira.OE.ServiceHost C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
13:13:34.0145 0x0418  Avira.OE.ServiceHost - ok
13:13:34.0161 0x0418  [ F80F5DCA8A5D9D93CC5BE933D20CAF05, 2AFBB2D62127FACBCABBB3E78F3568A6BA016ED4A97A1490BAA29A1EFB7A4408 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
13:13:34.0161 0x0418  avkmgr - ok
13:13:34.0192 0x0418  [ 7BD70AEED0D975285A1B20BD012EBF4E, 67A90F035405369C9C5FC30F25F04E70E86E7AE56A441E2E3D06F765C8794F7D ] BCM42RLY        C:\Windows\system32\drivers\BCM42RLY.sys
13:13:34.0208 0x0418  BCM42RLY - ok
13:13:34.0301 0x0418  [ FA6707A346CD122407F3B0BAD1C47639, 9E8E4C0720169745BF9A566C3025307643C368489B7A076DBA9F4795B2F17C63 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys
13:13:34.0395 0x0418  BCM43XX - ok
13:13:34.0426 0x0418  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:13:34.0473 0x0418  Beep - ok
13:13:34.0520 0x0418  [ 8582E233C346AEFE759833E8A30DD697, 2B0A4FB7F0C3256A5003821634DFA04BA8C3FBB46E942E8BC5D114AF8D1E5354 ] BFE             C:\Windows\System32\bfe.dll
13:13:34.0582 0x0418  BFE - ok
13:13:34.0645 0x0418  [ 02ED7B4DBC2A3232A389106DA7515C3D, 0DFCD03CB967D1A980D56124603F353DC1D800E3A5E436EEE95C65FDE17398CF ] BITS            C:\Windows\System32\qmgr.dll
13:13:34.0738 0x0418  BITS - ok
13:13:34.0769 0x0418  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
13:13:34.0816 0x0418  blbdrive - ok
13:13:34.0925 0x0418  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:13:34.0941 0x0418  Bonjour Service - ok
13:13:34.0988 0x0418  [ 8153396D5551276227FA146900F734E6, 0AE06774162D542D9E95246B7112A40D7C463EF331B4F56C9CF8AD99A0341E38 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:13:35.0050 0x0418  bowser - ok
13:13:35.0081 0x0418  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
13:13:35.0113 0x0418  BrFiltLo - ok
13:13:35.0128 0x0418  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
13:13:35.0175 0x0418  BrFiltUp - ok
13:13:35.0206 0x0418  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
13:13:35.0253 0x0418  Browser - ok
13:13:35.0269 0x0418  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
13:13:35.0456 0x0418  Brserid - ok
13:13:35.0487 0x0418  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
13:13:35.0534 0x0418  BrSerWdm - ok
13:13:35.0565 0x0418  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
13:13:35.0612 0x0418  BrUsbMdm - ok
13:13:35.0643 0x0418  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
13:13:35.0690 0x0418  BrUsbSer - ok
13:13:35.0737 0x0418  [ E5145A9DEC2A863DE262D40EFF7D793A, 020BC017E776D8957BFC303380047AF37F6EEEC0BCDE1214AE59EDB3102B0533 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
13:13:35.0799 0x0418  BthEnum - ok
13:13:35.0861 0x0418  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
13:13:35.0908 0x0418  BTHMODEM - ok
13:13:35.0924 0x0418  [ 5904EFA25F829BF84EA6FB045134A1D8, 66E4160CC404744576BA6E9DD606B533F42B3D4A3E2FDD457DAA016CC72A81CC ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
13:13:35.0971 0x0418  BthPan - ok
13:13:36.0002 0x0418  [ 9F299C5274672900591E7C616D725F56, 825A423AF1630D3D93E9FC8624D3DAE06B61E183DDD636C673F191806483DFFF ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
13:13:36.0049 0x0418  BTHPORT - ok
13:13:36.0080 0x0418  [ 58EE7F5E68310BC8D4E7CEBD8358C12E, 2EBA4A861E2C2AA56016DD8F5AE7C969BF515EF1B3E153F97F1E48E0983F17BB ] BthServ         C:\Windows\System32\bthserv.dll
13:13:36.0095 0x0418  BthServ - ok
13:13:36.0111 0x0418  [ 31C9453DF130B4B89EAFCDC97319CCC2, 204FC25D87C12C8DBD9E502D55E60B970B25A94EDF90DF43570A3BFEE74905D5 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
13:13:36.0142 0x0418  BTHUSB - ok
13:13:36.0189 0x0418  [ 4A28E7BD365377D0512B7EF8C7596D2C, C55337A59929744FD493D1155ED2EF7B0684963D364437767F1567298DCF9290 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
13:13:36.0205 0x0418  btwaudio - ok
13:13:36.0220 0x0418  [ 5FFDE57253D665067B0886612817EB11, 5A6FFA7900CD0CCDF5C7FACEDFD6D941EE01527BC1B873676089D8308480D31C ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
13:13:36.0236 0x0418  btwavdt - ok
13:13:36.0251 0x0418  [ AB07DC8B05C31A4F95FC73019BE9DB15, A0A0FBD61A63C9374BD1DD9573E2ADD482CC5039CA34E8C0FB9EA3D7762E3D02 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
13:13:36.0251 0x0418  btwrchid - ok
13:13:36.0283 0x0418  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:13:36.0329 0x0418  cdfs - ok
13:13:36.0376 0x0418  [ 1EC25CEA0DE6AC4718BF89F9E1778B57, 019E12C30E7A395259F3906EC55AFF86949CFDBB443060208C8B91B9EB7F9FB7 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:13:36.0407 0x0418  cdrom - ok
13:13:36.0470 0x0418  [ 87C2D0377B23E2D8A41093C2F5FB1A5B, 94725CD764318461A1163FCD1B507B92490C5F52CB5089E6C7245FD91F2D1D05 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:13:36.0517 0x0418  CertPropSvc - ok
13:13:36.0532 0x0418  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\drivers\circlass.sys
13:13:36.0579 0x0418  circlass - ok
13:13:36.0626 0x0418  [ 0703B9DEE7EEC6D6370EDEBD43D0F5C2, 89ABBF92B9FC143536C18BE882A99E94247A706ACFACA83C02B3A03A1D98EF74 ] CLFS            C:\Windows\system32\CLFS.sys
13:13:36.0657 0x0418  CLFS - ok
13:13:36.0766 0x0418  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:13:36.0797 0x0418  clr_optimization_v2.0.50727_32 - ok
13:13:36.0860 0x0418  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:13:36.0875 0x0418  clr_optimization_v4.0.30319_32 - ok
13:13:36.0907 0x0418  [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:13:36.0953 0x0418  CmBatt - ok
13:13:36.0969 0x0418  [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:13:36.0985 0x0418  cmdide - ok
13:13:37.0000 0x0418  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
13:13:37.0000 0x0418  Compbatt - ok
13:13:37.0000 0x0418  COMSysApp - ok
13:13:37.0016 0x0418  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
13:13:37.0016 0x0418  crcdisk - ok
13:13:37.0047 0x0418  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
13:13:37.0094 0x0418  Crusoe - ok
13:13:37.0141 0x0418  [ 6DE363F9F99334514C46AEC02D3E3678, FF403B8A4D7D6B3D2F23E2711D1353CFB0C748AD7D7927CF5DFBD99CD169D826 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:13:37.0187 0x0418  CryptSvc - ok
13:13:37.0250 0x0418  [ 301AE00E12408650BADDC04DBC832830, 405A392B83942A17F1EB78943C3A3046B5451EA8CB0082A53571CCC0609275A2 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:13:37.0312 0x0418  DcomLaunch - ok
13:13:37.0375 0x0418  [ A3E9FA213F443AC77C7746119D13FEEC, 479B349BFC811D20572C09C4A2228C3880F8F3B4B4BA5F4E56600C7EF583DE7B ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:13:37.0421 0x0418  DfsC - ok
13:13:37.0531 0x0418  [ FA3463F25F9CC9C3BCF1E7912FEFF099, 8CFA0F1DFD975ED877B303EB55BE52B0B1EC2B20FEC36820121A0F5E046E0032 ] DFSR            C:\Windows\system32\DFSR.exe
13:13:37.0702 0x0418  DFSR - ok
13:13:37.0749 0x0418  [ 43A988A9C10333476CB5FB667CBD629D, 7E0DD57E75A50E3671673876631A1E66A4AC16810418BEC1AC2143DFD331F389 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
13:13:37.0811 0x0418  Dhcp - ok
13:13:37.0858 0x0418  [ 64109E623ABD6955C8FB110B592E68B7, 964F456EF44F9AE836B8CAB438FEB18303B2548A2B7D85FEBD72F4F80127B0EE ] disk            C:\Windows\system32\drivers\disk.sys
13:13:37.0874 0x0418  disk - ok
13:13:37.0936 0x0418  [ 4805D9A6D281C7A7DEFD9094DEC6AF7D, 473A5F1C4E795BD6B6DDB32ECB04BA8BF238AA5FBC67FC5D8D8F749464ED0AE9 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:13:37.0983 0x0418  Dnscache - ok
13:13:38.0077 0x0418  [ DB29915209770D8B59654345EC2D943A, 3D55C5F86E8FC46A82ECA4CBE30DE1C53AB9F6CD79D1597571667774DD86ABD2 ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
13:13:38.0108 0x0418  DockLoginService - detected UnsignedFile.Multi.Generic ( 1 )
13:13:41.0199 0x0418  Detect skipped due to KSN trusted
13:13:41.0199 0x0418  DockLoginService - ok
13:13:41.0214 0x0418  [ 5AF620A08C614E24206B79E8153CF1A8, 5BB32FF3C9A5C51C2773F0ECF9647749667F4678EF3C75FEB4420EC6C805913E ] dot3svc         C:\Windows\System32\dot3svc.dll
13:13:41.0261 0x0418  dot3svc - ok
13:13:41.0292 0x0418  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
13:13:41.0339 0x0418  DPS - ok
13:13:41.0386 0x0418  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:13:41.0417 0x0418  drmkaud - ok
13:13:41.0464 0x0418  [ 85F33880B8CFB554BD3D9CCDB486845A, 2D120F94800AEB886D4BA2A45FE2454EBB1FAC3E57BDE552737EBDE7EF8899CF ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:13:41.0557 0x0418  DXGKrnl - ok
13:13:41.0620 0x0418  [ 908ED85B7806E8AF3AF5E9B74F7809D4, 9A763D247035578A946094D2C1CE8204E6EDFFD7237C7BF2058B5F4ECC0306E0 ] e1express       C:\Windows\system32\DRIVERS\e1e6032.sys
13:13:41.0635 0x0418  e1express - ok
13:13:41.0667 0x0418  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
13:13:41.0713 0x0418  E1G60 - ok
13:13:41.0745 0x0418  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
13:13:41.0776 0x0418  EapHost - ok
13:13:41.0807 0x0418  [ DD2CD259D83D8B72C02C5F2331FF9D68, 07E758A414442FEAFE55FB28842D960971553DB16C31D5791FDD0843CBF5E2B4 ] Ecache          C:\Windows\system32\drivers\ecache.sys
13:13:41.0838 0x0418  Ecache - ok
13:13:41.0916 0x0418  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:13:41.0947 0x0418  ehRecvr - ok
13:13:41.0963 0x0418  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
13:13:42.0025 0x0418  ehSched - ok
13:13:42.0041 0x0418  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
13:13:42.0057 0x0418  ehstart - ok
13:13:42.0119 0x0418  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
13:13:42.0150 0x0418  elxstor - ok
13:13:42.0197 0x0418  [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C, 80385AC32CE8388F06341AA4A880F68E0EB5815CCCA5CF8E799846F472DCE360 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
13:13:42.0259 0x0418  EMDMgmt - ok
13:13:42.0291 0x0418  [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:13:42.0337 0x0418  ErrDev - ok
13:13:42.0384 0x0418  [ 3CB3343D720168B575133A0A20DC2465, B356938AC3D9CE833A2C0EBFAA548CDB6B68BEDDB2CCA80222E508BD978FB26B ] EventSystem     C:\Windows\system32\es.dll
13:13:42.0462 0x0418  EventSystem - ok
13:13:42.0493 0x0418  [ 0D858EB20589A34EFB25695ACAA6AA2D, E5C891D8971173D78194176CB38C0D62C1245C71E04DD94EC742A69C2925F843 ] exfat           C:\Windows\system32\drivers\exfat.sys
13:13:42.0571 0x0418  exfat - ok
13:13:42.0587 0x0418  [ 3C489390C2E2064563727752AF8EAB9E, BF528F6D4718AC160C103FD89496C6B7BABED7A17A6BD4222D684AF22FE21A49 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:13:42.0649 0x0418  fastfat - ok
13:13:42.0681 0x0418  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
13:13:42.0743 0x0418  fdc - ok
13:13:42.0774 0x0418  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
13:13:42.0837 0x0418  fdPHost - ok
13:13:42.0868 0x0418  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:13:42.0946 0x0418  FDResPub - ok
13:13:42.0961 0x0418  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:13:42.0993 0x0418  FileInfo - ok
13:13:43.0008 0x0418  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:13:43.0071 0x0418  Filetrace - ok
13:13:43.0086 0x0418  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
13:13:43.0149 0x0418  flpydisk - ok
13:13:43.0180 0x0418  [ 05EA53AFE985443011E36DAB07343B46, E033C1C218E9B0D22B63E1B927D7BBE331B59814F26952B68BEDC914EF881E55 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:13:43.0195 0x0418  FltMgr - ok
13:13:43.0305 0x0418  [ C9BE08664611DDAF98E2331E9288B00B, C645DDAB5FD588486553DF2DD5750AF5A967FEE988F4EB29E05362E3362DF4A2 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:13:43.0320 0x0418  FontCache3.0.0.0 - ok
13:13:43.0351 0x0418  [ 65EA8B77B5851854F0C55C43FA51A198, 150BE6C195094DBEAC4FD73CC1C31FF59B77A73944574E244D280EE2DE69DC2F ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:13:43.0398 0x0418  Fs_Rec - ok
13:13:43.0429 0x0418  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:13:43.0445 0x0418  gagp30kx - ok
13:13:43.0492 0x0418  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:13:43.0507 0x0418  GEARAspiWDM - ok
13:13:43.0570 0x0418  [ D3316F6E3C011435F36E3D6E49B3196C, 941DF52BA26603A146ED6B65A696DB87153868ED0469EF9C2EB09AC7E63525B7 ] GoToAssist      C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
13:13:43.0585 0x0418  GoToAssist - ok
13:13:43.0632 0x0418  [ D9F1113D9401185245573350712F92FC, 7D8E96B61D7FC1FCC7D70A19DB725BCEA78FE94F3D7AFBB1202771D530A628B7 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:13:43.0757 0x0418  gpsvc - ok
13:13:43.0882 0x0418  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
13:13:43.0897 0x0418  gupdate - ok
13:13:43.0897 0x0418  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
13:13:43.0913 0x0418  gupdatem - ok
13:13:43.0960 0x0418  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
13:13:43.0960 0x0418  gusvc - ok
13:13:44.0007 0x0418  [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:13:44.0069 0x0418  HdAudAddService - ok
13:13:44.0085 0x0418  [ C87B1EE051C0464491C1A7B03FA0BC99, 0EF498A7D37A454E8B6DB1BE3C0EADA648B51B34A2BB553171E766463E54EE90 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:13:44.0116 0x0418  HDAudBus - ok
13:13:44.0131 0x0418  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
13:13:44.0194 0x0418  HidBth - ok
13:13:44.0209 0x0418  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
13:13:44.0256 0x0418  HidIr - ok
13:13:44.0287 0x0418  [ 53D5A2F9CE6AE47D7507727DF1DA79F8, 6E468831F6095E222835FDE7FA72DE58C2B2B17014B5E87AC644E360A27B244D ] hidserv         C:\Windows\system32\hidserv.dll
13:13:44.0334 0x0418  hidserv - ok
13:13:44.0350 0x0418  [ 854CA287AB7FAF949617A788306D967E, 8C0BC3727C07634FAD35C7184C72B6D48D428F35E612257A833F00CACF4AAB5D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:13:44.0381 0x0418  HidUsb - ok
13:13:44.0475 0x0418  [ C04C5487155FF65CEA329BF3368787E0, 92EAF39B04F2E01AB69A4D4A7D6E401B95132C7784A8DF90B277BE539EE7B646 ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
13:13:44.0475 0x0418  HitmanProScheduler - ok
13:13:44.0521 0x0418  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:13:44.0553 0x0418  hkmsvc - ok
13:13:44.0568 0x0418  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
13:13:44.0584 0x0418  HpCISSs - ok
13:13:44.0646 0x0418  [ 96E241624C71211A79C84F50A8E71CAB, EB6E679218B781F67FBFF4EB12DDE44769ACA7EA3F83A4404A073EA89C902C25 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:13:44.0699 0x0418  HTTP - ok
13:13:44.0720 0x0418  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
13:13:44.0729 0x0418  i2omp - ok
13:13:44.0775 0x0418  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:13:44.0844 0x0418  i8042prt - ok
13:13:44.0938 0x0418  [ AE38A12F79A4980DDB88F36514F8A1DA, CA7EE57EC2ECA88ABFD087DAF8963021DC12821FDFAAD0336A16F8DC119C0FC4 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
13:13:44.0954 0x0418  IAANTMON - ok
13:13:44.0985 0x0418  [ 92B37E0A61CD710A0C66DC3567A8BF3C, E63CBDF1497FDEA84E321A2AA69C77889CBBB5945844A36CF54E1873117B6E42 ] iaNvStor        C:\Windows\system32\drivers\ianvstor.sys
13:13:45.0032 0x0418  iaNvStor - ok
13:13:45.0063 0x0418  [ 997E8F5939F2D12CD9F2E6B395724C16, C22F10BADE29DA6F7EB79D9F5D81D9FBEC17D4D4F8B25E0AF4E5CEAE28E8ABF6 ] iaStor          C:\Windows\system32\drivers\iastor.sys
13:13:45.0078 0x0418  iaStor - ok
13:13:45.0094 0x0418  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
13:13:45.0110 0x0418  iaStorV - ok
13:13:45.0219 0x0418  [ 7B630ACAED64FEF0C3E1CF255CB56686, 9DCC6953BC6EF77C3916F8AA226CEC0662513A23AB60E9F714D53746E82FB372 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:13:45.0266 0x0418  idsvc - ok
13:13:45.0328 0x0418  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
13:13:45.0328 0x0418  iirsp - ok
13:13:45.0390 0x0418  [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC, ED795B07B38EDBB2850384EDFA04C85539D4D22A7AAB8981C83C84E2EAB5976F ] IKEEXT          C:\Windows\System32\ikeext.dll
13:13:45.0468 0x0418  IKEEXT - ok
13:13:45.0500 0x0418  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
13:13:45.0515 0x0418  intelide - ok
13:13:45.0546 0x0418  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:13:45.0578 0x0418  intelppm - ok
13:13:45.0593 0x0418  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:13:45.0640 0x0418  IPBusEnum - ok
13:13:45.0656 0x0418  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:13:45.0702 0x0418  IpFilterDriver - ok
13:13:45.0734 0x0418  [ 6A35D233693EDC29A12742049BC5E37F, 77275407105492A11CDC232E72C8183F0DFD28F8B9AD2A24AAABDB246F14D38F ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:13:45.0796 0x0418  iphlpsvc - ok
13:13:45.0796 0x0418  IpInIp - ok
13:13:45.0827 0x0418  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
13:13:45.0874 0x0418  IPMIDRV - ok
13:13:45.0890 0x0418  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
13:13:45.0905 0x0418  IPNAT - ok
13:13:45.0999 0x0418  [ FE56897B27ED266F9C4E7D90A0B5DA47, 6B39D25FAFBA886ACF3ABC0A2946E053914B80C3F4769AD36279126C5D4970B6 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:13:46.0014 0x0418  iPod Service - ok
13:13:46.0030 0x0418  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:13:46.0061 0x0418  IRENUM - ok
13:13:46.0092 0x0418  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:13:46.0092 0x0418  isapnp - ok
13:13:46.0139 0x0418  [ F247EEC28317F6C739C16DE420097301, 0F4BE16BB0630DFE2256F70C94D4363B7B71F02F7F6597E7CAE28A3EFEA7BCAD ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
13:13:46.0170 0x0418  iScsiPrt - ok
13:13:46.0186 0x0418  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
13:13:46.0186 0x0418  iteatapi - ok
13:13:46.0264 0x0418  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
13:13:46.0264 0x0418  iteraid - ok
13:13:46.0280 0x0418  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:13:46.0295 0x0418  kbdclass - ok
13:13:46.0295 0x0418  [ 18247836959BA67E3511B62846B9C2E0, 9623FF990A1C11A707C358CC9FDD4306C2992A8C766A50DAFC9534A283AA011D ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:13:46.0342 0x0418  kbdhid - ok
13:13:46.0358 0x0418  [ A911ECAC81F94ADEAFBE8E3F7873EDB0, 5FC9667F306E16722A46FABCA8FB9C8E7AC24768B9D8415B03F45567F90B8438 ] KeyIso          C:\Windows\system32\lsass.exe
13:13:46.0389 0x0418  KeyIso - ok
13:13:46.0451 0x0418  [ 7A0CF7908B6824D6A2A1D313E5AE3DCA, 903CF1169D984BBDAE114827D82D5CCC88C2BC7CAEE6BB3A299E2572B0751BB6 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:13:46.0498 0x0418  KSecDD - ok
13:13:46.0560 0x0418  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:13:46.0623 0x0418  KtmRm - ok
13:13:46.0685 0x0418  [ 1925E63C91CF1610AE41BFD539062079, C25438D19D51B76A8E4C5F3A5D41C76197321166CB37E224217993A4466EBEF9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:13:46.0732 0x0418  LanmanServer - ok
13:13:46.0794 0x0418  [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15, 7B1FAC42B9EA73A8C4E812F8F729EB882BDFD04D2E68FE354CFD6B8379A46D14 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:13:46.0857 0x0418  LanmanWorkstation - ok
13:13:46.0872 0x0418  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:13:46.0935 0x0418  lltdio - ok
13:13:46.0966 0x0418  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:13:47.0028 0x0418  lltdsvc - ok
13:13:47.0060 0x0418  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:13:47.0138 0x0418  lmhosts - ok
13:13:47.0169 0x0418  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
13:13:47.0200 0x0418  LSI_FC - ok
13:13:47.0216 0x0418  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:13:47.0231 0x0418  LSI_SAS - ok
13:13:47.0262 0x0418  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
13:13:47.0278 0x0418  LSI_SCSI - ok
13:13:47.0309 0x0418  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
13:13:47.0356 0x0418  luafv - ok
13:13:47.0403 0x0418  [ 3C21F7E95FFCA33EF1A83AA33D9663CF, C843116969E1CDBA45AEF98B33BEDBA9200C62CDB52CD7056CE6768A1EF3A637 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
13:13:47.0418 0x0418  MBAMProtector - ok
13:13:47.0543 0x0418  [ 2B983F067AEE3F9EB4DF5E97F45D21D1, 0B9ED0E91FF01A5445927650113E320C3C0EA16F1401AA55A509DDBF704DF22F ] MBAMService     C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
13:13:47.0606 0x0418  MBAMService - ok
13:13:47.0684 0x0418  [ 3F435B1E9F5B3EF95669344FD8E9DCF9, 61D0E9CA8B86603C910B0454102C41D305FC002196BF5C221CDE2D9B460DBCA4 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
13:13:47.0699 0x0418  MBAMWebAccessControl - ok
13:13:47.0730 0x0418  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:13:47.0777 0x0418  Mcx2Svc - ok
13:13:47.0808 0x0418  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys
13:13:47.0824 0x0418  megasas - ok
13:13:47.0902 0x0418  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
13:13:47.0964 0x0418  MegaSR - ok
13:13:47.0996 0x0418  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
13:13:48.0074 0x0418  MMCSS - ok
13:13:48.0089 0x0418  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
13:13:48.0136 0x0418  Modem - ok
13:13:48.0152 0x0418  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:13:48.0183 0x0418  monitor - ok
13:13:48.0214 0x0418  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:13:48.0230 0x0418  mouclass - ok
13:13:48.0245 0x0418  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:13:48.0292 0x0418  mouhid - ok
13:13:48.0308 0x0418  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
13:13:48.0308 0x0418  MountMgr - ok
13:13:48.0354 0x0418  [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:13:48.0370 0x0418  MozillaMaintenance - ok
13:13:48.0386 0x0418  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:13:48.0401 0x0418  mpio - ok
13:13:48.0417 0x0418  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:13:48.0448 0x0418  mpsdrv - ok
13:13:48.0479 0x0418  [ D1639BA315B0D79DEC49A4B0E1FB929B, 96420572029217FDD78CD286A022EB5F8BAB76EE30F75E48CD69AEE1A4846B53 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:13:48.0557 0x0418  MpsSvc - ok
13:13:48.0573 0x0418  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
13:13:48.0573 0x0418  Mraid35x - ok
13:13:48.0588 0x0418  [ AE3DE84536B6799D2267443CEC8EDBB9, 787AF9D5BC6D1A1E4A55A66D62F0DF93F45C2FB7EA5BE0BF63F1270604600B40 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:13:48.0651 0x0418  MRxDAV - ok
13:13:48.0713 0x0418  [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1, 2C5F0554D5A763D6B3F1402C9BF36C6091CBBDFFD5139AEE85D69D5B210D2047 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:13:48.0760 0x0418  mrxsmb - ok
13:13:48.0776 0x0418  [ 6B5FA5ADFACAC9DBBE0991F4566D7D55, 9BAD029A6AAF4C2292C682B9F07C57051C84F7FA4F3EBEA52C25CAEF1A41121F ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:13:48.0807 0x0418  mrxsmb10 - ok
13:13:48.0822 0x0418  [ 5C80D8159181C7ABF1B14BA703B01E0B, 414085AD3C36B8E95D1D49E2958671332DECE38739544CCB70FAB30C408E89A2 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:13:48.0854 0x0418  mrxsmb20 - ok
13:13:48.0885 0x0418  [ F70590424EEFBF5C27A40C67AFDB8383, 1F2AC1DA12F7E6F09D8F6622EF1366ABD4B86EBE51DD1915E803D56A568A3412 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:13:48.0885 0x0418  msahci - ok
13:13:48.0932 0x0418  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:13:48.0947 0x0418  msdsm - ok
13:13:48.0963 0x0418  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
13:13:48.0994 0x0418  MSDTC - ok
13:13:49.0025 0x0418  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:13:49.0072 0x0418  Msfs - ok
13:13:49.0072 0x0418  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:13:49.0088 0x0418  msisadrv - ok
13:13:49.0119 0x0418  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:13:49.0166 0x0418  MSiSCSI - ok
13:13:49.0166 0x0418  msiserver - ok
13:13:49.0197 0x0418  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:13:49.0228 0x0418  MSKSSRV - ok
13:13:49.0244 0x0418  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:13:49.0275 0x0418  MSPCLOCK - ok
13:13:49.0275 0x0418  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:13:49.0322 0x0418  MSPQM - ok
13:13:49.0353 0x0418  [ B5614AECB05A9340AA0FB55BF561CC63, 8D1B5E958A0F721F5A81AD649CC5759B4DECB771FC4654F4EDEB29AC7DF1BD40 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:13:49.0384 0x0418  MsRPC - ok
13:13:49.0400 0x0418  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:13:49.0415 0x0418  mssmbios - ok
13:13:49.0446 0x0418  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:13:49.0478 0x0418  MSTEE - ok
13:13:49.0493 0x0418  [ 6DFD1D322DE55B0B7DB7D21B90BEC49C, 95149C41CC9F269C299541A97A9E2E2CCAEE34FE2362EEECD1F813EBC6D4CDC5 ] Mup             C:\Windows\system32\Drivers\mup.sys
13:13:49.0509 0x0418  Mup - ok
13:13:49.0556 0x0418  [ C43B25863FBD65B6D2A142AF3AE320CA, 88E147751CBECFF31CD65954BC978B86CEA74485EB60DBB25AABAB4601797A4E ] napagent        C:\Windows\system32\qagentRT.dll
13:13:49.0602 0x0418  napagent - ok
13:13:49.0649 0x0418  [ 3C21CE48FF529BB73DADB98770B54025, B8541E3D2B120B97947AE51B28A99E2623ACAD3790BC282B1251ACBEC7684F8D ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:13:49.0680 0x0418  NativeWifiP - ok
13:13:49.0727 0x0418  [ C8560010A542B5DCA94C62468DC20784, AE7584D95B0E9F5E340ADD00AA88563C64462A4FC6440F580B7936FD19D173CA ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:13:49.0758 0x0418  NDIS - ok
13:13:49.0774 0x0418  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:13:49.0805 0x0418  NdisTapi - ok
13:13:49.0821 0x0418  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:13:49.0836 0x0418  Ndisuio - ok
13:13:49.0868 0x0418  [ 3D14C3B3496F88890D431E8AA022A411, 9B31451756A35314586F93996172E1039B2CD21132CCBE772B3E61A8D9454A30 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:13:49.0899 0x0418  NdisWan - ok
13:13:49.0914 0x0418  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:13:49.0946 0x0418  NDProxy - ok
13:13:49.0946 0x0418  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:13:49.0992 0x0418  NetBIOS - ok
13:13:50.0008 0x0418  [ 7C5FEE5B1C5728507CD96FB4A13E7A02, EDBA08442AD6AF20463A0610FF24D5929574E5EC012495A2C219F6BA84C97F57 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
13:13:50.0055 0x0418  netbt - ok
13:13:50.0070 0x0418  [ A911ECAC81F94ADEAFBE8E3F7873EDB0, 5FC9667F306E16722A46FABCA8FB9C8E7AC24768B9D8415B03F45567F90B8438 ] Netlogon        C:\Windows\system32\lsass.exe
13:13:50.0086 0x0418  Netlogon - ok
13:13:50.0135 0x0418  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
13:13:50.0197 0x0418  Netman - ok
13:13:50.0213 0x0418  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
13:13:50.0260 0x0418  netprofm - ok
13:13:50.0322 0x0418  [ 0AD5876EF4E9EB77C8F93EB5B2FFF386, 2F23B0979CF2E8DB013D8E58501ACC9265A860FD759E8B741F8FA64F7C2F7756 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:13:50.0338 0x0418  NetTcpPortSharing - ok
13:13:50.0353 0x0418  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
13:13:50.0369 0x0418  nfrd960 - ok
13:13:50.0384 0x0418  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:13:50.0431 0x0418  NlaSvc - ok
13:13:50.0447 0x0418  [ ECB5003F484F9ED6C608D6D6C7886CBB, 45496B84B2FD156499E9F07FC82BC6F032B8F4D9DC194098CF9F5474D5642F9E ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:13:50.0478 0x0418  Npfs - ok
13:13:50.0494 0x0418  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
13:13:50.0525 0x0418  nsi - ok
13:13:50.0525 0x0418  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:13:50.0572 0x0418  nsiproxy - ok
13:13:50.0618 0x0418  [ B4EFFE29EB4F15538FD8A9681108492D, 12AF3C19DD2DE7D92EE4C03AD07BAFD77EB8BFF2333E6FBD9CAAA0F654A35F46 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:13:50.0665 0x0418  Ntfs - ok
13:13:50.0696 0x0418  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
13:13:50.0743 0x0418  ntrigdigi - ok
13:13:50.0759 0x0418  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
13:13:50.0790 0x0418  Null - ok
13:13:51.0102 0x0418  [ 26E48523ACCB361BD81CD64B14424B18, 611DB968782A332D698CC36DB8F47188EB2C5A8569704CF09E49E093BC5FEAF8 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:13:51.0461 0x0418  nvlddmkm - ok
13:13:51.0554 0x0418  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:13:51.0554 0x0418  nvraid - ok
13:13:51.0586 0x0418  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:13:51.0586 0x0418  nvstor - ok
13:13:51.0601 0x0418  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:13:51.0617 0x0418  nv_agp - ok
13:13:51.0617 0x0418  NwlnkFlt - ok
13:13:51.0617 0x0418  NwlnkFwd - ok
13:13:51.0648 0x0418  [ 19CAC780B858822055F46C58A111723C, D91CE501328281B8FEE6943776A145FB3201645B01BA8D1545FFA93A547DE2C7 ] OEM02Dev        C:\Windows\system32\DRIVERS\OEM02Dev.sys
13:13:51.0695 0x0418  OEM02Dev - ok
13:13:51.0726 0x0418  [ 86326062A90494BDD79CE383511D7D69, 43D5682CA8ECB4BA7CC1A5C4C2BF966EE4802E8C3AA84CDEB634CA3C410DAB89 ] OEM02Vfx        C:\Windows\system32\DRIVERS\OEM02Vfx.sys
13:13:51.0742 0x0418  OEM02Vfx - ok
13:13:51.0788 0x0418  [ 790E27C3DB53410B40FF9EF2FD10A1D9, FD06F2702B8F7E04ECF1B6E88602F14301E7AE7FC44AD114282E580FAD530A9C ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
13:13:51.0835 0x0418  ohci1394 - ok
13:13:51.0898 0x0418  [ 5DE1A3972FD3112C75EB17BDCF454169, A3187A9ED867B3B1225A8C3CFB048360C1B92DA823C1B6FF5EF2C17F6BFB6602 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
13:13:51.0991 0x0418  p2pimsvc - ok
13:13:52.0022 0x0418  [ 5DE1A3972FD3112C75EB17BDCF454169, A3187A9ED867B3B1225A8C3CFB048360C1B92DA823C1B6FF5EF2C17F6BFB6602 ] p2psvc          C:\Windows\system32\p2psvc.dll
13:13:52.0054 0x0418  p2psvc - ok
13:13:52.0100 0x0418  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
13:13:52.0178 0x0418  Parport - ok
13:13:52.0194 0x0418  [ 3B38467E7C3DAED009DFE359E17F139F, 419BD726E511B3FEFBD8204C9E2BF6131EC05C71D15406070F834688EAFB694F ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:13:52.0210 0x0418  partmgr - ok
13:13:52.0256 0x0418  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
13:13:52.0303 0x0418  Parvdm - ok
13:13:52.0319 0x0418  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:13:52.0366 0x0418  PcaSvc - ok
13:13:52.0366 0x0418  [ 01B94418DEB235DFF777CC80076354B4, 091C4D5954C5CA1F783748C4D7287DD160C5F3357F2CC448DC5C2935B79AC1E9 ] pci             C:\Windows\system32\drivers\pci.sys
13:13:52.0397 0x0418  pci - ok
13:13:52.0444 0x0418  [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE8736851A26C8D2 ] pciide          C:\Windows\system32\drivers\pciide.sys
13:13:52.0459 0x0418  pciide - ok
13:13:52.0490 0x0418  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:13:52.0506 0x0418  pcmcia - ok
13:13:52.0568 0x0418  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:13:52.0678 0x0418  PEAUTH - ok
13:13:52.0740 0x0418  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
13:13:52.0865 0x0418  pla - ok
13:13:52.0896 0x0418  [ 78F975CB6D18265BE6F492EDB2D7BC7B, 112C6FB0A84E605B1EA87F98C8A4C210C9DB84C811029109444AB174011A158C ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:13:52.0958 0x0418  PlugPlay - ok
13:13:52.0990 0x0418  [ 5DE1A3972FD3112C75EB17BDCF454169, A3187A9ED867B3B1225A8C3CFB048360C1B92DA823C1B6FF5EF2C17F6BFB6602 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
13:13:53.0036 0x0418  PNRPAutoReg - ok
13:13:53.0114 0x0418  [ 5DE1A3972FD3112C75EB17BDCF454169, A3187A9ED867B3B1225A8C3CFB048360C1B92DA823C1B6FF5EF2C17F6BFB6602 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
13:13:53.0146 0x0418  PNRPsvc - ok
13:13:53.0255 0x0418  [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A, FAE64867CE80439735F88A9988243667BDE84486B5A768B650E55E1519C85C03 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:13:53.0302 0x0418  PolicyAgent - ok
13:13:53.0348 0x0418  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:13:53.0395 0x0418  PptpMiniport - ok
13:13:53.0411 0x0418  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\drivers\processr.sys
13:13:53.0458 0x0418  Processor - ok
13:13:53.0504 0x0418  [ B627E4FC8585E8843C5905D4D3587A90, 07D7BC1BF8CDD5E34155B260B914D4A9892D3CEAEACDE334D1AF2A608E1FA2D8 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:13:53.0567 0x0418  ProfSvc - ok
13:13:53.0598 0x0418  [ A911ECAC81F94ADEAFBE8E3F7873EDB0, 5FC9667F306E16722A46FABCA8FB9C8E7AC24768B9D8415B03F45567F90B8438 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:13:53.0614 0x0418  ProtectedStorage - ok
13:13:53.0661 0x0418  [ BFEF604508A0ED1EAE2A73E872555FFB, AC817FB5A6126475B4A3CA191AD49651B919FB55429B939D036BC564632E426D ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
13:13:53.0740 0x0418  PSched - ok
13:13:53.0787 0x0418  [ 03E0FE281823BA64B3782F5B38950E73, D47E5536AD28D02B7D784846CFB2F4FD96187BFD64FC07BACDE9DC7B75D1D2E2 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
13:13:53.0803 0x0418  PxHelp20 - ok
13:13:53.0881 0x0418  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys
13:13:53.0943 0x0418  ql2300 - ok
13:13:53.0974 0x0418  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
13:13:53.0990 0x0418  ql40xx - ok
13:13:54.0037 0x0418  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
13:13:54.0115 0x0418  QWAVE - ok
13:13:54.0146 0x0418  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:13:54.0177 0x0418  QWAVEdrv - ok
13:13:54.0333 0x0418  [ E642B131FB74CAF4BB8A014F31113142, 18A81B27FB2DA556AC51DBA8956203A6E821D75B2B09F11049250E732318F573 ] R300            C:\Windows\system32\DRIVERS\atikmdag.sys
13:13:54.0552 0x0418  R300 - ok
13:13:54.0583 0x0418  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:13:54.0645 0x0418  RasAcd - ok
13:13:54.0708 0x0418  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
13:13:54.0770 0x0418  RasAuto - ok
13:13:54.0786 0x0418  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:13:54.0832 0x0418  Rasl2tp - ok
13:13:54.0879 0x0418  [ AFB474438762F0418060653F7294D92C, BFAC1BE3691A2C49EFA4084440878362E934EFDC4E14B83A1438D3E77D5829B5 ] RasMan          C:\Windows\System32\rasmans.dll
13:13:54.0910 0x0418  RasMan - ok
13:13:54.0926 0x0418  [ 3E9D9B048107B40D87B97DF2E48E0744, F7B8DAE57B9372CEB21A912379FC7670B099A9642CF2E7EA8D335ADBD4CF86A2 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:13:54.0942 0x0418  RasPppoe - ok
13:13:54.0957 0x0418  [ A7D141684E9500AC928A772ED8E6B671, C9329ECA4190EE1F4A6F186D45EA42ACF60C04CDBAFEB19973F3C2DF04A1BCEE ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:13:54.0988 0x0418  RasSstp - ok
13:13:55.0004 0x0418  [ 6E1C5D0457622F9EE35F683110E93D14, 9C6BE049FDA5E6CBA486EE33F01AADDD6085CC5F1F08409EC439ADE9137D3F5F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:13:55.0035 0x0418  rdbss - ok
13:13:55.0066 0x0418  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:13:55.0098 0x0418  RDPCDD - ok
13:13:55.0129 0x0418  [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
13:13:55.0160 0x0418  rdpdr - ok
13:13:55.0160 0x0418  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:13:55.0191 0x0418  RDPENCDD - ok
13:13:55.0222 0x0418  [ E1C18F4097A5ABCEC941DC4B2F99DB7E, B38AC355042F18A41F83BF088FE7EB867184C7FE37820365314419BD3810BB68 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:13:55.0254 0x0418  RDPWD - ok
13:13:55.0269 0x0418  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:13:55.0300 0x0418  RemoteAccess - ok
13:13:55.0332 0x0418  [ CC4E32400F3C7253400CF8F3F3A0B676, D2A874BE3D365260AD7C10C30F2DE22F818CBFC12D65AADE2203B9ED02C9BEB5 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:13:55.0363 0x0418  RemoteRegistry - ok
13:13:55.0410 0x0418  [ 10536B0AD6F416FC7F1149977C28CCDC, F0CE929BBA996762D59570338AC2E7DCC920E76E2E945FEB629E8EBE1B311D19 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
13:13:55.0472 0x0418  RFCOMM - ok
13:13:55.0534 0x0418  [ 355AAC141B214BEF1DBC1483AFD9BD50, EB9AF96E81C1644C0190D269119BE71C63B60D50153C6EA2659B488C4456DBDF ] rimmptsk        C:\Windows\system32\DRIVERS\rimmptsk.sys
13:13:55.0566 0x0418  rimmptsk - ok
13:13:55.0581 0x0418  [ A4216C71DD4F60B26418CCFD99CD0815, C189953DD7B3AB31167D8746E8F829D222FEF3F8866317814414EF3E0D92B9E1 ] rimsptsk        C:\Windows\system32\DRIVERS\rimsptsk.sys
13:13:55.0628 0x0418  rimsptsk - ok
13:13:55.0628 0x0418  [ D231B577024AA324AF13A42F3A807D10, F63885D67FA40F3640044C79AE8FAA536D307959D2AE9543C4A8F3CE5447CF91 ] rismxdp         C:\Windows\system32\DRIVERS\rixdptsk.sys
13:13:55.0659 0x0418  rismxdp - ok
13:13:55.0690 0x0418  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
13:13:55.0722 0x0418  RpcLocator - ok
13:13:55.0784 0x0418  [ 301AE00E12408650BADDC04DBC832830, 405A392B83942A17F1EB78943C3A3046B5451EA8CB0082A53571CCC0609275A2 ] RpcSs           C:\Windows\system32\rpcss.dll
13:13:55.0815 0x0418  RpcSs - ok
13:13:55.0862 0x0418  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:13:55.0893 0x0418  rspndr - ok
13:13:55.0893 0x0418  [ A911ECAC81F94ADEAFBE8E3F7873EDB0, 5FC9667F306E16722A46FABCA8FB9C8E7AC24768B9D8415B03F45567F90B8438 ] SamSs           C:\Windows\system32\lsass.exe
13:13:55.0924 0x0418  SamSs - ok
13:13:55.0940 0x0418  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:13:55.0956 0x0418  sbp2port - ok
13:13:55.0987 0x0418  [ 11387E32642269C7E62E8B52C060B3C6, 6225FA14CBDC1D30F2E4CDC2059773DA49C67BE2C00A1DE582E8E07717F20425 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:13:56.0049 0x0418  SCardSvr - ok
13:13:56.0082 0x0418  [ 7B587B8A6D4A99F79D2902D0385F29BD, C29F2EE25F7B11E1821832CB7F4F8506C2AB20804D6702CC5EAF5BA1F3FCA972 ] Schedule        C:\Windows\system32\schedsvc.dll
13:13:56.0195 0x0418  Schedule - ok
13:13:56.0241 0x0418  [ 87C2D0377B23E2D8A41093C2F5FB1A5B, 94725CD764318461A1163FCD1B507B92490C5F52CB5089E6C7245FD91F2D1D05 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:13:56.0273 0x0418  SCPolicySvc - ok
13:13:56.0319 0x0418  [ 126EA89BCC413EE45E3004FB0764888F, 367BE2B56113177AE867E00D019C707C6449E0FC4A642101B11036A0534D6901 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
13:13:56.0366 0x0418  sdbus - ok
13:13:56.0397 0x0418  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:13:56.0444 0x0418  SDRSVC - ok
13:13:56.0460 0x0418  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:13:56.0507 0x0418  secdrv - ok
13:13:56.0522 0x0418  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
13:13:56.0569 0x0418  seclogon - ok
13:13:56.0600 0x0418  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll
13:13:56.0647 0x0418  SENS - ok
13:13:56.0663 0x0418  [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys
13:13:56.0694 0x0418  Serenum - ok
13:13:56.0709 0x0418  [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys
13:13:56.0756 0x0418  Serial - ok
13:13:56.0772 0x0418  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
13:13:56.0803 0x0418  sermouse - ok
13:13:56.0819 0x0418  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
13:13:56.0850 0x0418  SessionEnv - ok
13:13:56.0865 0x0418  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
13:13:56.0897 0x0418  sffdisk - ok
13:13:56.0912 0x0418  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:13:56.0928 0x0418  sffp_mmc - ok
13:13:56.0943 0x0418  [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
13:13:56.0990 0x0418  sffp_sd - ok
13:13:57.0006 0x0418  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
13:13:57.0053 0x0418  sfloppy - ok
13:13:57.0099 0x0418  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:13:57.0146 0x0418  SharedAccess - ok
13:13:57.0209 0x0418  [ 1E3FDB80E40A3CE645F229DFBDFB7694, C58D04CB86E314FC768F2729AC77A7097AFA9C80A35D8AB72690B7005E83D1D6 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:13:57.0271 0x0418  ShellHWDetection - ok
13:13:57.0287 0x0418  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
13:13:57.0302 0x0418  sisagp - ok
13:13:57.0318 0x0418  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
13:13:57.0318 0x0418  SiSRaid2 - ok
13:13:57.0349 0x0418  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:13:57.0349 0x0418  SiSRaid4 - ok
13:13:57.0489 0x0418  [ 0BA91E1358AD25236863039BB2609A2E, ECB3C8E3D9C6FA77C0CF5A898FB90BB9474C6EFBE3698B56C93ECE44535EDACE ] slsvc           C:\Windows\system32\SLsvc.exe
13:13:57.0645 0x0418  slsvc - ok
13:13:57.0677 0x0418  [ 7C6DC44CA0BFA6291629AB764200D1D4, 747CDA89C6F94F8314E5E5C425387ABDF9FF8528D82422F8FF66D96307B47B13 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
13:13:57.0723 0x0418  SLUINotify - ok
13:13:57.0739 0x0418  [ 031E6BCD53C9B2B9ACE111EAFEC347B6, B934129BD77CA6A1434C59EA82B5E93FD4089608E0E41242B6E68070A0F33FB8 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:13:57.0801 0x0418  Smb - ok
13:13:57.0817 0x0418  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:13:57.0848 0x0418  SNMPTRAP - ok
13:13:57.0942 0x0418  [ 3BB48F7E33C2B76184DDF233000C09CD, D1AAE5B0425047CA0C2D376D3E59324D35A90DF9074CD442DFD0ED6E434D3C84 ] Sony SCSI Helper Service C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
13:13:57.0942 0x0418  Sony SCSI Helper Service - detected UnsignedFile.Multi.Generic ( 1 )
13:14:01.0764 0x0418  Detect skipped due to KSN trusted
13:14:01.0764 0x0418  Sony SCSI Helper Service - ok
13:14:01.0795 0x0418  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:14:01.0826 0x0418  spldr - ok
13:14:01.0889 0x0418  [ 3665F79026A3F91FBCA63F2C65A09B19, A9AAE9B4006B5BC6EF4A7AB4CAB131687E4055E7C56900BBD24F78BA155C458A ] Spooler         C:\Windows\System32\spoolsv.exe
13:14:01.0951 0x0418  Spooler - ok
13:14:02.0029 0x0418  [ 777115C9CC675BD98127660712D2F784, F9873482BEB148E6798643820DF1ECDEE2642C3793EE27E94FF2D6B9E4CEB2D4 ] sprtsvc_DellSupportCenter C:\Program Files\Dell Support Center\bin\sprtsvc.exe
13:14:02.0045 0x0418  sprtsvc_DellSupportCenter - ok
13:14:02.0123 0x0418  [ 2252AEF839B1093D16761189F45AF885, D7B79E1B9CD73EDEA855DBE120ED470CC0F67D1AA44038E6051A4C5BCE361DE3 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:14:02.0201 0x0418  srv - ok
13:14:02.0263 0x0418  [ B7FF59408034119476B00A81BB53D5D1, 365D8E719D729D56082F5A6EEB65B31EB5DB5D15A5346D05E7130F41F2F97D46 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:14:02.0357 0x0418  srv2 - ok
13:14:02.0435 0x0418  [ 2ACCC9B12AF02030F531E6CCA6F8B76E, D1BA17C7BFE02347824DEEB1B7362FD251769ECB92B14EB3C600C85AB7E04D1B ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:14:02.0497 0x0418  srvnet - ok
13:14:02.0559 0x0418  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:14:02.0606 0x0418  SSDPSRV - ok
13:14:02.0637 0x0418  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
13:14:02.0637 0x0418  ssmdrv - ok
13:14:02.0669 0x0418  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:14:02.0700 0x0418  SstpSvc - ok
13:14:02.0747 0x0418  [ 7E6DD4B34ACD36AF6C711D2BDE91B040, 737C76749FE53A968E558289613A6ED5A0263F9585A47028343284F64808AC67 ] STacSV          C:\Windows\system32\STacSV.exe
13:14:02.0762 0x0418  STacSV - ok
13:14:02.0793 0x0418  [ 6A2A5E809C2C0178326D92B19EE4AAD3, B2D78857BDB72A2CB63950558CA3D5105F1857056F52BB8E9D888394CC2D06E9 ] STHDA           C:\Windows\system32\drivers\stwrt.sys
13:14:02.0825 0x0418  STHDA - ok
13:14:02.0871 0x0418  [ 7DD08A597BC56051F320DA0BAF69E389, ACC59CF80765248705FFCE65DC9B5D072DC054F08C02FB4D16BA0E84D8BED0A4 ] stisvc          C:\Windows\System32\wiaservc.dll
13:14:02.0903 0x0418  stisvc - ok
13:14:02.0949 0x0418  [ 1D0063597C3666404FCF97698ABEB019, 352A63C97F930499BC598C2A398663377D7CCD4A42770E35635C90EDC4DA530A ] stllssvr        C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
13:14:02.0949 0x0418  stllssvr - ok
13:14:02.0981 0x0418  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:14:02.0996 0x0418  swenum - ok
13:14:03.0012 0x0418  [ B36C7CDB86F7F7A8E884479219766950, F3EA381A84CD6950BF71A56E9ABAD5010F226C5254CB936699A38BA4C85F7367 ] swprv           C:\Windows\System32\swprv.dll
13:14:03.0059 0x0418  swprv - ok
13:14:03.0074 0x0418  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
13:14:03.0090 0x0418  Symc8xx - ok
13:14:03.0105 0x0418  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
13:14:03.0121 0x0418  Sym_hi - ok
13:14:03.0121 0x0418  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
13:14:03.0137 0x0418  Sym_u3 - ok
13:14:03.0168 0x0418  [ 8710A92D0024B03B5FB9540DF1F71F1D, B72A968A7966DC16A1D69A8D53012A4307EEBDC4CB8E1D9C93BFB88D996E490F ] SysMain         C:\Windows\system32\sysmain.dll
13:14:03.0230 0x0418  SysMain - ok
13:14:03.0261 0x0418  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:14:03.0308 0x0418  TabletInputService - ok
13:14:03.0339 0x0418  [ 680916BB09EE0F3A6ACA7C274B0D633F, 008B6EE41FA4D371258F0A656AE96B3E3F487BE5B9E0654B920013B4F1C0DFD8 ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:14:03.0402 0x0418  TapiSrv - ok
13:14:03.0417 0x0418  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
13:14:03.0464 0x0418  TBS - ok
13:14:03.0542 0x0418  [ 782568AB6A43160A159B6215B70BCCE9, 11FDD484743985D2F41098C191926BFE8010D4E432CA20CCEB6219B514F9838A ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:14:03.0605 0x0418  Tcpip - ok
13:14:03.0636 0x0418  [ 782568AB6A43160A159B6215B70BCCE9, 11FDD484743985D2F41098C191926BFE8010D4E432CA20CCEB6219B514F9838A ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
13:14:03.0683 0x0418  Tcpip6 - ok
13:14:03.0792 0x0418  [ D4A2E4A4B011F3A883AF77315A5AE76B, 29E18087236A592638570F76691BC5C64CCA383F43EE22DF122413860E2D882C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:14:03.0854 0x0418  tcpipreg - ok
13:14:03.0901 0x0418  [ 5CA437A08509FB7ECF843480FC1232E2, BBB49250CD4DD6245249689B3659C69447DA55C21BEB33F4508AEE782007E0F7 ] TcUsb           C:\Windows\system32\Drivers\tcusb.sys
13:14:03.0917 0x0418  TcUsb - ok
13:14:03.0932 0x0418  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:14:03.0963 0x0418  TDPIPE - ok
13:14:03.0995 0x0418  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:14:04.0041 0x0418  TDTCP - ok
13:14:04.0073 0x0418  [ D09276B1FAB033CE1D40DCBDF303D10F, 2CB47CB522B4E1C091DE30AF0EB4E21D321C42D2A5BA9647CBD078652680D8FF ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:14:04.0135 0x0418  tdx - ok
13:14:04.0166 0x0418  [ A048056F5E1A96A9BF3071B91741A5AA, CFDE51D106A6CC4A5638BCD458505F5831636D2203F7C949273BDA446AC7C5F3 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:14:04.0197 0x0418  TermDD - ok
13:14:04.0260 0x0418  [ D605031E225AACCBCEB5B76A4F1603A6, 27D78644CADBC11C3AB5E0C10F854FD43BCD43B6E91C1ED1F6D35BC501147701 ] TermService     C:\Windows\System32\termsrv.dll
13:14:04.0353 0x0418  TermService - ok
13:14:04.0385 0x0418  [ 1E3FDB80E40A3CE645F229DFBDFB7694, C58D04CB86E314FC768F2729AC77A7097AFA9C80A35D8AB72690B7005E83D1D6 ] Themes          C:\Windows\system32\shsvcs.dll
13:14:04.0416 0x0418  Themes - ok
13:14:04.0447 0x0418  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
13:14:04.0494 0x0418  THREADORDER - ok
13:14:04.0525 0x0418  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
13:14:04.0587 0x0418  TrkWks - ok
13:14:04.0650 0x0418  [ 16613A1BAD034D4ECF957AF18B7C2FF5, 75499618187ED4385984F608D134BB298A4CCB339F70B31E4A8B2CF3E3558396 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:14:04.0712 0x0418  TrustedInstaller - ok
13:14:04.0743 0x0418  [ DCF0F056A2E4F52287264F5AB29CF206, D9F770BD65AE4320A8C130DEA1D093AA4E37FCA573BBE6A59D6D045452EA711D ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:14:04.0790 0x0418  tssecsrv - ok
13:14:04.0837 0x0418  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
13:14:04.0868 0x0418  tunmp - ok
13:14:04.0915 0x0418  [ 6042505FF6FA9AC1EF7684D0E03B6940, D09CF14A6C0C760238792DDA4ECB6FBB6CA645BB91BD62585EBD050226BDB5A7 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:14:04.0931 0x0418  tunnel - ok
13:14:04.0962 0x0418  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:14:04.0962 0x0418  uagp35 - ok
13:14:04.0993 0x0418  [ 8B5088058FA1D1CD897A2113CCFF6C58, 1616EDB66C3E2DA7B09EA4FE46A3FC7087D6201F2195D76118A93B0B065D1623 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:14:05.0040 0x0418  udfs - ok
13:14:05.0055 0x0418  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:14:05.0087 0x0418  UI0Detect - ok
13:14:05.0102 0x0418  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:14:05.0118 0x0418  uliagpkx - ok
13:14:05.0149 0x0418  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
13:14:05.0165 0x0418  uliahci - ok
13:14:05.0180 0x0418  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
13:14:05.0180 0x0418  UlSata - ok
13:14:05.0211 0x0418  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
13:14:05.0227 0x0418  ulsata2 - ok
13:14:05.0258 0x0418  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:14:05.0289 0x0418  umbus - ok
13:14:05.0305 0x0418  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
13:14:05.0336 0x0418  upnphost - ok
13:14:05.0414 0x0418  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
13:14:05.0445 0x0418  USBAAPL - ok
13:14:05.0508 0x0418  [ A7CD5B4ADEA26765CAB06BDAB7B07B13, 81C45BDEC58B354C9FDF826E08EC7B725B72FE178C04A395AA447AA83300648A ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:14:05.0539 0x0418  usbccgp - ok
13:14:05.0570 0x0418  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:14:05.0601 0x0418  usbcir - ok
13:14:05.0633 0x0418  [ 686D4188AE36254C3008B71FEDACADF3, 61A45C4032C1CDADEDC624444B7815BF66EEAC16D50598C9D808C721E707295D ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:14:05.0664 0x0418  usbehci - ok
13:14:05.0679 0x0418  [ 4E42F665A658F08D153F7FFFE7C83806, 63D566B75AB46FA346CCA4944797068028C0D1F7854CC006642995342A90655E ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:14:05.0711 0x0418  usbhub - ok
13:14:05.0742 0x0418  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys
13:14:05.0773 0x0418  usbohci - ok
13:14:05.0820 0x0418  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:14:05.0851 0x0418  usbprint - ok
13:14:05.0913 0x0418  [ A508C9BD8724980512136B039BBA65E9, B39B72471C468AC997AEC528599EDC98A031F5A7EB91C4F9471402D48D2D4E3E ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
13:14:05.0960 0x0418  usbscan - ok
13:14:06.0007 0x0418  [ 87BA6B83C5D19B69160968D07D6E2982, 9E039DF4BBE53CA22A0ACE486B9867F99FFFE086CCAF6A83BD78770E4631F3F8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:14:06.0069 0x0418  USBSTOR - ok
13:14:06.0116 0x0418  [ 40F95A3D6D50D82F947F1D167C2EC39D, CC58363D5F096DDCB885599FDD82937ECC49F1087CA476B3DEF1AD70598ED238 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
13:14:06.0132 0x0418  usbuhci - ok
13:14:06.0163 0x0418  [ 032A0ACC3909AE7215D524E29D536797, 51E36ED5953C0880BE508837181925A0F677842E8A5BA98099700E6ED691A783 ] UxSms           C:\Windows\System32\uxsms.dll
13:14:06.0225 0x0418  UxSms - ok
13:14:06.0257 0x0418  [ B13BC395B9D6116628F5AF47E0802AC4, 36E023A07E56588A8C26EF95E4F99303659E4783E0D9E8AEF193CA77A7AF91BA ] vds             C:\Windows\System32\vds.exe
13:14:06.0350 0x0418  vds - ok
13:14:06.0397 0x0418  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:14:06.0428 0x0418  vga - ok
13:14:06.0459 0x0418  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:14:06.0475 0x0418  VgaSave - ok
13:14:06.0506 0x0418  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
13:14:06.0522 0x0418  viaagp - ok
13:14:06.0537 0x0418  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
13:14:06.0569 0x0418  ViaC7 - ok
13:14:06.0600 0x0418  [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide          C:\Windows\system32\drivers\viaide.sys
13:14:06.0600 0x0418  viaide - ok
13:14:06.0615 0x0418  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:14:06.0631 0x0418  volmgr - ok
13:14:06.0662 0x0418  [ 98F5FFE6316BD74E9E2C97206C190196, CA9FA0EE5515D26F9406FF95F728E7F2CC29A8B7C97BC69FC2E95BBC60A2D261 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:14:06.0678 0x0418  volmgrx - ok
13:14:06.0693 0x0418  [ D8B4A53DD2769F226B3EB374374987C9, 49314B3E53FBF40A60E272C5B3B79FD1EFABFE1215DA5B030571B4DDF5592896 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:14:06.0709 0x0418  volsnap - ok
13:14:06.0740 0x0418  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:14:06.0756 0x0418  vsmraid - ok
13:14:06.0818 0x0418  [ D5FB73D19C46ADE183F968E13F186B23, D35432BE4FF462FCEA958CF646D5572B6D78058BC2F1F324C9F50A0B14B02259 ] VSS             C:\Windows\system32\vssvc.exe
13:14:06.0881 0x0418  VSS - ok
13:14:06.0959 0x0418  [ C466021D31FF6C0A6069D12299D80C0B, E7CDC85191543CD44AB15C516FAD99A2705FD6EDB4DE29F54A2EEE22A455C100 ] VSTHWBS2        C:\Windows\system32\DRIVERS\VSTBS23.SYS
13:14:07.0005 0x0418  VSTHWBS2 - ok
13:14:07.0068 0x0418  [ EC36F1D542ED4252390D446BF6D4DFD0, DB55D73726E96D3653C37EEBE628D48466D766A9EC1219ED735D5D8FF2822BE2 ] VST_DPV         C:\Windows\system32\DRIVERS\VSTDPV3.SYS
13:14:07.0130 0x0418  VST_DPV - ok
13:14:07.0177 0x0418  [ 1CF9206966A8458CDA9A8B20DF8AB7D3, 405D5FE96DA7ED03D4124EF6C692F80E88E5982B90DF46E353E94FFF576A5570 ] W32Time         C:\Windows\system32\w32time.dll
13:14:07.0239 0x0418  W32Time - ok
13:14:07.0271 0x0418  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
13:14:07.0333 0x0418  WacomPen - ok
13:14:07.0349 0x0418  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
13:14:07.0395 0x0418  Wanarp - ok
13:14:07.0411 0x0418  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:14:07.0427 0x0418  Wanarpv6 - ok
13:14:07.0473 0x0418  [ F3A5C2E1A6533192B070D06ECF6BE796, CBA11D9E60A04A0B82C6934A53EA859513CD476FF047DD3D59727B10CE7DB2DA ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:14:07.0505 0x0418  wcncsvc - ok
13:14:07.0536 0x0418  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:14:07.0567 0x0418  WcsPlugInService - ok
13:14:07.0598 0x0418  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys
13:14:07.0614 0x0418  Wd - ok
13:14:07.0645 0x0418  [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96, 6A6EFFDB538DE1E201058A00F3E056F1256E92EED943FBFBCE28E54BE751E33D ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:14:07.0692 0x0418  Wdf01000 - ok
13:14:07.0707 0x0418  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:14:07.0770 0x0418  WdiServiceHost - ok
13:14:07.0770 0x0418  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:14:07.0817 0x0418  WdiSystemHost - ok
13:14:07.0848 0x0418  [ CF9A5F41789B642DB967021DE06A2713, A541F9D87CBDE2A4E48C5D5363736EF603B2701741D3044232474F179884AD7B ] WebClient       C:\Windows\System32\webclnt.dll
13:14:07.0879 0x0418  WebClient - ok
13:14:07.0941 0x0418  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:14:08.0004 0x0418  Wecsvc - ok
13:14:08.0019 0x0418  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:14:08.0066 0x0418  wercplsupport - ok
13:14:08.0097 0x0418  [ FD1965AAA112C6818A30AB02742D0461, 6779D836934412907390DC85FA2A8C3BB1CC31FD4151830275B773FD13CFFBC2 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:14:08.0129 0x0418  WerSvc - ok
13:14:08.0175 0x0418  [ 5C7BDCF5864DB00323FE2D90FA26A8A2, E948B6BF8985CFF56FBE99AF7AF78CC3123AE5DAC9A5420ADE3C8B52CA702686 ] winachsf        C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
13:14:08.0269 0x0418  winachsf - ok
13:14:08.0331 0x0418  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
13:14:08.0347 0x0418  WinDefend - ok
13:14:08.0363 0x0418  WinHttpAutoProxySvc - ok
13:14:08.0425 0x0418  [ 00B79A7C984678F24CF052E5BEB3A2F5, 4D8E4394C926D2B1C71613D309F2D62A663B0ADB73A036F5E9E7D1AFF605CA2A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:14:08.0487 0x0418  Winmgmt - ok
13:14:08.0581 0x0418  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
13:14:08.0675 0x0418  WinRM - ok
13:14:08.0721 0x0418  [ 275F4346E569DF56CFB95243BD6F6FF0, 9C85246BF99119DBD6E0B5D38F96B8BC00F3C87618D17BC0E0A063A0D9A03440 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:14:08.0799 0x0418  Wlansvc - ok
13:14:08.0799 0x0418  wltrysvc - ok
13:14:08.0815 0x0418  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
13:14:08.0862 0x0418  WmiAcpi - ok
13:14:08.0893 0x0418  [ ABA4CF9F856D9A3A25F4DDD7690A6E9D, 07C1DAF3DA3CDA84FBE4C7576372115FCAAAAFC332F252C03625E53C7F3C6EE5 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:14:08.0955 0x0418  wmiApSrv - ok
13:14:09.0049 0x0418  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
13:14:09.0176 0x0418  WMPNetworkSvc - ok
13:14:09.0207 0x0418  [ 5D94CD167751294962BA238D82DD1BB8, 62C7A31706F1C33A2C1C68006191AEE85A98885D23EC582EF2F88AAF604AC9A7 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:14:09.0269 0x0418  WPCSvc - ok
13:14:09.0316 0x0418  [ 396D406292B0CD26E3504FFE82784702, 5F9015BB515AC13D4DFE8F4B532352CF2C5B61DEFD3D0D61BCD82C781D36E7AF ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:14:09.0394 0x0418  WPDBusEnum - ok
13:14:09.0425 0x0418  [ 0CEC23084B51B8288099EB710224E955, E1AAB1E08E1745313D0A149A645AA878148D2DBE5CCC23C4ECCFC5003945C22B ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
13:14:09.0472 0x0418  WpdUsb - ok
13:14:09.0613 0x0418  [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:14:09.0659 0x0418  WPFFontCache_v0400 - ok
13:14:09.0691 0x0418  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:14:09.0753 0x0418  ws2ifsl - ok
13:14:09.0784 0x0418  [ 683DD16B590372F2C9661D277F35E49C, 29D86389D95256EEF37BA01D403494385015D926E851A39EC7948FF6EF4E8481 ] wscsvc          C:\Windows\System32\wscsvc.dll
13:14:09.0800 0x0418  wscsvc - ok
13:14:09.0815 0x0418  WSearch - ok
13:14:09.0909 0x0418  [ D79538B67FA641E986855DEF651E78FE, 9A5D30CBCE98A31738CC75116333F771BA20E9EB8826752B361A830C2D3D0F44 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:14:10.0096 0x0418  wuauserv - ok
13:14:10.0205 0x0418  [ AC13CB789D93412106B0FB6C7EB2BCB6, 8F5B0BD0CBBAB182A400F8994D4727BC0C978D749B6429A2D41B412AE97428B6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:14:10.0221 0x0418  WUDFRd - ok
13:14:10.0237 0x0418  [ 575A4190D989F64732119E4114045A4F, 373C344B106AFDB1E6125A21DFE28CA6CFC77FA87FE904656A4F209DB2ED69C7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:14:10.0268 0x0418  wudfsvc - ok
13:14:10.0315 0x0418  [ A4822191C7CEA271903C2A4FB6D9809D, 8CC7A83CA38FFFB2019DB048754C886635E5E2C7F6FFDFE205E45CEB7DCE692E ] yukonwlh        C:\Windows\system32\DRIVERS\yk60x86.sys
13:14:10.0361 0x0418  yukonwlh - ok
13:14:10.0393 0x0418  ================ Scan global ===============================
13:14:10.0424 0x0418  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
13:14:10.0502 0x0418  [ F42F8855CB5C22E203C6672B124F17FD, 3A1BBCC916A02CFB5621FD32B336DDACCFBFB4E418B7FA48653DF2FA1CF563A5 ] C:\Windows\system32\winsrv.dll
13:14:10.0533 0x0418  [ F42F8855CB5C22E203C6672B124F17FD, 3A1BBCC916A02CFB5621FD32B336DDACCFBFB4E418B7FA48653DF2FA1CF563A5 ] C:\Windows\system32\winsrv.dll
13:14:10.0580 0x0418  [ 2B336AB6286D6C81FA02CBAB914E3C6C, C5ADF6D5BFC00375BA6D0E5D96F36D36ADFBF66325A48358C6317E387FB220EC ] C:\Windows\system32\services.exe
13:14:10.0580 0x0418  [ Global ] - ok
13:14:10.0580 0x0418  ================ Scan MBR ==================================
13:14:10.0611 0x0418  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
13:14:11.0173 0x0418  \Device\Harddisk0\DR0 - ok
13:14:11.0173 0x0418  ================ Scan VBR ==================================
13:14:11.0204 0x0418  [ 1F45AC9932341582035DCBDC75F02FB3 ] \Device\Harddisk0\DR0\Partition1
13:14:11.0235 0x0418  \Device\Harddisk0\DR0\Partition1 - ok
13:14:11.0251 0x0418  [ 071037DDB9D0A091231F0745FBB19162 ] \Device\Harddisk0\DR0\Partition2
13:14:11.0282 0x0418  \Device\Harddisk0\DR0\Partition2 - ok
13:14:11.0282 0x0418  ================ Scan generic autorun ======================
13:14:11.0344 0x0418  [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
13:14:11.0438 0x0418  Windows Defender - ok
13:14:11.0485 0x0418  [ BA55597B5B444990C0BF2E22DD341C48, 1E6C2FFEB6219BCA76BA20BA852E1AE46DA4962E67A3DDCC64487BD4BB7FA8CD ] C:\Program Files\DellTPad\Apoint.exe
13:14:11.0516 0x0418  Apoint - ok
13:14:11.0531 0x0418  [ 23242FD6C7D4C61807E84FD3A79248C4, 6E53D0815B4552A05A0EC28871E5E9F0D14815FB52FCDD612C96050B7093493C ] C:\Windows\OEM02Mon.exe
13:14:11.0578 0x0418  OEM02Mon.exe - ok
13:14:11.0578 0x0418  NvSvc - ok
13:14:11.0578 0x0418  NvCplDaemon - ok
13:14:11.0578 0x0418  NvMediaCenter - ok
13:14:11.0594 0x0418  NVHotkey - ok
13:14:11.0781 0x0418  [ 2835FEAA282185CD4446164A4F9899C1, E92F248E1975524A5FCAF25368BE1211D9D63767D4F285A4E2339F106894DD9A ] C:\Windows\system32\WLTRAY.exe
13:14:11.0999 0x0418  Broadcom Wireless Manager UI - detected UnsignedFile.Multi.Generic ( 1 )
13:14:14.0651 0x0418  Detect skipped due to KSN trusted
13:14:14.0651 0x0418  Broadcom Wireless Manager UI - ok
13:14:14.0745 0x0418  [ 6163A347F988E9C94C94ACB9818485DD, 0A063CDBECE46E1FB598F2ADFD834A3D022886783598F4350E5C5AE601B3B4F5 ] C:\Program Files\Protector Suite QL\launcher.exe
13:14:14.0761 0x0418  PSQLLauncher - ok
13:14:14.0776 0x0418  [ F371C6DF9A810EF2E6E4FA60ACBB5C33, B168AEEF70F33ACF585260AC3B7E2D201EFB21F989B80738C7E2A59D931ED30D ] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
13:14:14.0792 0x0418  IAAnotif - ok
13:14:14.0870 0x0418  [ 69B16C7B7746BA5C642FC05B3561FC73, 0DECEB6B1B7A2DD1F13133AC7328FF420DAD4610CEE1FA7466E8E0F6BAA39116 ] c:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
13:14:14.0885 0x0418  Adobe Reader Speed Launcher - ok
13:14:14.0948 0x0418  [ 7A326CFD159D0E9411A253FBF8150270, ED81667123C53950F9F7F49227F55DF936AFB68A35A72676165840D3667DB5A4 ] C:\Program Files\Dell\MediaDirect\PCMService.exe
13:14:14.0979 0x0418  PCMService - detected UnsignedFile.Multi.Generic ( 1 )
13:14:18.0286 0x0418  Detect skipped due to KSN trusted
13:14:18.0286 0x0418  PCMService - ok
13:14:18.0364 0x0418  [ 3917664C26B4344768C288BBA6FEFCB6, BD7B60C40A46F8C7F730A05B5E22E3C354A507E3AC9331F19DE2984BA255AB08 ] C:\Program Files\Dell Support Center\bin\sprtcmd.exe
13:14:18.0380 0x0418  dellsupportcenter - ok
13:14:18.0536 0x0418  [ 66177D4C99FD8B578C7C56DE445E4D5D, 003D0254D7C693A72DE84CB76858F8D67D9FD62206F1B56DF7F5D0FA834C3BA7 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
13:14:18.0583 0x0418  avgnt - ok
13:14:18.0676 0x0418  [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
13:14:18.0692 0x0418  APSDaemon - ok
13:14:18.0754 0x0418  [ A9F9D081518AC03A51C1195986076F42, 7549CA4530470D9C8A0078E0002E3650133051AA4A1D2F3B7CF0BCA4C4A65595 ] C:\Program Files\iTunes\iTunesHelper.exe
13:14:18.0770 0x0418  iTunesHelper - ok
13:14:18.0941 0x0418  [ 3D295062806875591B8BC30DC3A8AF61, 7435EBF776C61DB95FB638669DD8C559448B9CAAFF865BE4ADBAF5C0A45C39DB ] C:\Program Files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe
13:14:19.0035 0x0418  Reader Library Launcher - ok
13:14:19.0238 0x0418  [ A3CF6E5E3AF52AEC92551A6D4F011C3D, 97DB1834B05186F9E37B7798F91DD0AC4F1589CCE165A996F79DBE22BC880C2A ] C:\Windows\system32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
13:14:19.0425 0x0418  EKIJ5000StatusMonitor - ok
13:14:19.0503 0x0418  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
13:14:19.0503 0x0418  SunJavaUpdateSched - ok
13:14:19.0565 0x0418  [ 4E95B1FDDC9E51678BFA2A723EAA94EF, B52F87C61486E9E1321048C50982A85A693CC08E2B1584B497CA9D0D2428BBE8 ] C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
13:14:19.0581 0x0418  AgentMonitor - ok
13:14:19.0628 0x0418  [ CB08561AB36857CCF74BF11475C9AEB2, 5F15F6868A719A0A84D3E0FE2BC4E76975C50FA99D642279DDA972269ADFDB8B ] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
13:14:19.0643 0x0418  Avira Systray - ok
13:14:19.0753 0x0418  [ FD278E51A7D6F52D22FCE6C67E037AD6, F0FF20E00AD3EE17A2E46B1B6D099E87330BBE57941F6DB1D8159D70EFD2CFEB ] C:\Program Files\Windows Sidebar\Sidebar.exe
13:14:19.0815 0x0418  Sidebar - ok
13:14:19.0815 0x0418  WindowsWelcomeCenter - ok
13:14:19.0862 0x0418  [ FD278E51A7D6F52D22FCE6C67E037AD6, F0FF20E00AD3EE17A2E46B1B6D099E87330BBE57941F6DB1D8159D70EFD2CFEB ] C:\Program Files\Windows Sidebar\Sidebar.exe
13:14:19.0909 0x0418  Sidebar - ok
13:14:19.0909 0x0418  WindowsWelcomeCenter - ok
13:14:20.0002 0x0418  [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
13:14:20.0002 0x0418  swg - ok
13:14:20.0049 0x0418  [ FD278E51A7D6F52D22FCE6C67E037AD6, F0FF20E00AD3EE17A2E46B1B6D099E87330BBE57941F6DB1D8159D70EFD2CFEB ] C:\Program Files\Windows Sidebar\sidebar.exe
13:14:20.0096 0x0418  Sidebar - ok
13:14:20.0252 0x0418  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\Tanja\AppData\Local\Google\Update\GoogleUpdate.exe
13:14:20.0267 0x0418  Google Update - ok
13:14:20.0345 0x0418  [ 4CD8FAEAE28BC807955245F3950AB299, 3B372FEF66170D4C8ADE9A759E4ED3FBA60F932B06CF3DCAB61499C9198B0414 ] C:\Program Files\MP4 Player\mp4Player.exe
13:14:20.0377 0x0418  MP4 Player - detected UnsignedFile.Multi.Generic ( 1 )
13:14:23.0795 0x0418  Detect skipped due to KSN trusted
13:14:23.0795 0x0418  MP4 Player - ok
13:14:23.0920 0x0418  [ BF08674925F151BD4537B89A493E3E0C, 6A97562E998A2B90649FF7986313AD33823053FF98BBE163AD39AAA5E01FC545 ] C:\Windows\ehome\ehTray.exe
13:14:23.0967 0x0418  ehTray.exe - ok
13:14:23.0998 0x0418  [ 35937EAD711207544E219C2A19A78A7D, EE6E5EAE00F577D7C3FFB8C0D8EE484552A337CEAA27FCB107174A9879FE7362 ] C:\Program Files\Windows Media Player\WMPNSCFG.exe
13:14:24.0045 0x0418  WMPNSCFG - ok
13:14:24.0045 0x0418  Waiting for KSN requests completion. In queue: 16
13:14:25.0045 0x0418  Waiting for KSN requests completion. In queue: 16
13:14:26.0059 0x0418  Waiting for KSN requests completion. In queue: 2
13:14:27.0058 0x0418  Waiting for KSN requests completion. In queue: 2
13:14:28.0167 0x0418  AV detected via SS2: Avira Antivirus, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 15.0.10.414 ), 0x41000 ( enabled : updated )
13:14:28.0183 0x0418  Win FW state via NFP2: enabled
13:14:43.0878 0x0418  ============================================================
13:14:43.0878 0x0418  Scan finished
13:14:43.0878 0x0418  ============================================================
13:14:43.0878 0x0a60  Detected object count: 0
13:14:43.0878 0x0a60  Actual detected object count: 0

schrauber · 09.05.2015, 08:26

Dann bitte noch FRST Logs von den andern Rechnern.

tinetine · 09.05.2015, 09:06

Ich hatte zu dem besagten Zeitpunkt nur noch mein Samsung Smartphone und Samsung Tablet in Gebrauch und die habe ich beide auf Werkseinstellunben zurückgesetzt.
Oder kann man bei Android auch solche Scan's laufen lassen ? Die Malwarebytes App hab ich
schon laufen lassen.

Kann ich denn jetzt davon ausgehen das ich "sauber" bin??

Gruß Tanja

schrauber · 10.05.2015, 06:04

Gibt es auch allgemein keine weiteren WIndows PC? Die Zeitangabe in der Mail muss nicht passen.

tinetine · 10.05.2015, 10:31

...hier die Logfile des anderen Windows PC...

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2015
Ran by Johannes (administrator) on JOHANNES-PC on 10-05-2015 11:14:14
Running from C:\Users\Johannes\Desktop
Loaded Profiles: Johannes (Available profiles: Johannes)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(iAnywhere Solutions, Inc.) C:\Program Files (x86)\Sybase\SQL Anywhere 9\win32\dbsrv9.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Windows\AsScrPro.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(syncables, LLC) C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Panasonic Corporation) C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
(Boingo Wireless, Inc.) C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Java\jre1.6.0_02\bin\jusched.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(asus) C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Nemetschek Allplan Systems GmbH) C:\Program Files\Nemetschek\Allplan\Prg\NemDownloadHandler.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [ASUS WebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1754448 2010-03-16] ()
HKLM\...\Run: [Setwallpaper] => c:\programdata\SetWallpaper.cmd
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [Boingo Wi-Fi] => C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk [2429 2010-09-02] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-04-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [6806144 2010-06-25] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-05-03] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1597440 2010-07-02] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Java\jre1.6.0_02\bin\jusched.exe [132496 2007-07-12] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [339312 2010-09-15] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-03-20] (Geek Software GmbH)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [726320 2015-04-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2004360 2015-04-23] (APN)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3414560 2014-05-19] (Fitbit, Inc.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2854038138-1591333852-1234178731-1001\...\Run: [Syncables] => C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [370480 2010-04-05] (syncables, LLC)
HKU\S-1-5-21-2854038138-1591333852-1234178731-1001\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3414560 2014-05-19] (Fitbit, Inc.)
HKU\S-1-5-21-2854038138-1591333852-1234178731-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-01] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk [2010-09-02]
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012-12-27]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 9.0 LE.lnk [2013-06-28]
ShortcutTarget: PHOTOfunSTUDIO 9.0 LE.lnk -> C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk [2010-09-02]
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll [2009-11-26] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll [2009-11-26] (eCareme Technologies, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2854038138-1591333852-1234178731-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://search.babylon.com/?AF=119998&babsrc=HP_ss&mntrId=dade937d00000000000020cf304afc14
HKU\S-1-5-21-2854038138-1591333852-1234178731-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
URLSearchHook: HKU\S-1-5-21-2854038138-1591333852-1234178731-1001 - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKU\S-1-5-21-2854038138-1591333852-1234178731-1001 -> DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&AF=119998&babsrc=SP_ss&mntrId=dade937d00000000000020cf304afc14
SearchScopes: HKU\S-1-5-21-2854038138-1591333852-1234178731-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2854038138-1591333852-1234178731-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&AF=119998&babsrc=SP_ss&mntrId=dade937d00000000000020cf304afc14
SearchScopes: HKU\S-1-5-21-2854038138-1591333852-1234178731-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = 
SearchScopes: HKU\S-1-5-21-2854038138-1591333852-1234178731-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Complitly -> {0FB6A909-6086-458F-BD92-1F8EE10042A0} -> C:\Users\Johannes\AppData\Roaming\Complitly\64\Complitly64.dll [2012-02-21] (SimplyGen)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll [2015-04-23] (APN LLC.)
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-09-02] (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2010-09-02] (Google Inc.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Complitly -> {0FB6A909-6086-458F-BD92-1F8EE10042A0} -> C:\Users\Johannes\AppData\Roaming\Complitly\Complitly.dll [2012-02-21] (SimplyGen)
BHO-x32: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll [2011-08-14] (Babylon BHO)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll [2015-04-23] (APN LLC.)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO-x32: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.6.0_02\bin\ssv.dll [2007-07-12] (Sun Microsystems, Inc.)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-09-02] (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2010-09-02] (Google Inc.)
BHO-x32: Google Dictionary Compression sdch -> {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -> C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2010-09-02] (Google Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-09-02] (Google Inc.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll [2015-04-23] (APN LLC.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-09-02] (Google Inc.)
Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll [2011-08-14] (Babylon Ltd.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll [2015-04-23] (APN LLC.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-2854038138-1591333852-1234178731-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\bq5i5rhy.default
FF DefaultSearchEngine: Ask Web Search
FF SearchEngineOrder.1: Ask Search
FF SelectedSearchEngine: Ask Web Search
FF Homepage: hxxp://home.tb.ask.com/index.jhtml?ptb=629323AE-FEC8-486A-9BF9-B572E4C1FBAB&n=780ce521&p2=^AYY^xdm070^S11124^de&si=flvrunner
FF Keyword.URL: hxxp://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=629323AE-FEC8-486A-9BF9-B572E4C1FBAB&n=780ce521&ind=2014111009&p2=^AYY^xdm070^S11124^de&si=flvrunner&searchfor=
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-04] (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2010-08-03] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-09] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\bq5i5rhy.default\user.js [2012-02-23]
FF SearchPlugin: C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\bq5i5rhy.default\searchplugins\ask-search.xml [2013-08-09]
FF SearchPlugin: C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\bq5i5rhy.default\searchplugins\ask-web-search.xml [2014-11-10]
FF SearchPlugin: C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\bq5i5rhy.default\searchplugins\avira-safesearch.xml [2015-03-11]
FF Extension: Allin1Convert - C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\bq5i5rhy.default\Extensions\8hffxtbr@Allin1Convert_8h.com [2014-12-22]
FF Extension: Avira Browser Safety - C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\bq5i5rhy.default\Extensions\abs@avira.com [2015-05-01]
FF Extension: Babylon - C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\bq5i5rhy.default\Extensions\ffxtlbr@babylon.com [2012-02-23]
FF Extension: Avira SafeSearch - C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\bq5i5rhy.default\Extensions\safesearch@avira.com [2015-05-01]
FF Extension: Complitly - Speed up your search with your personal search suggestions tool - C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\bq5i5rhy.default\Extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516} [2012-02-23]
FF Extension: DealPly - C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\bq5i5rhy.default\Extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} [2012-02-23]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\bq5i5rhy.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2013-07-26]
FF HKU\S-1-5-21-2854038138-1591333852-1234178731-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT
CHR StartupUrls: Default -> "hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT"
CHR Profile: C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh [2015-05-10]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-05-10]
CHR Extension: (Complitly plugin for chrome) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda [2014-06-23]
CHR Extension: (Avira Browser Safety) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-05-10]
CHR Extension: (Google Wallet) - C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-23]
CHR HKLM\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2015-04-28]
CHR HKU\S-1-5-21-2854038138-1591333852-1234178731-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2015-04-28]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dlfienamagdnkekbbbocojppncdambda] - C:\Program Files (x86)\Complitly\chrome\ComplitlyChrome.crx [2012-02-23]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [815920 2015-04-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-04-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1004280 2015-04-09] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [178568 2015-04-23] (APN LLC.)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [1436192 2014-05-19] (Fitbit, Inc.)
R2 Lexware_Datenbank_Plus; C:\Program Files (x86)\Sybase\SQL Anywhere 9\win32\dbsrv9.exe [83248 2010-11-05] (iAnywhere Solutions, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-29] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-11] (Avira Operations GmbH & Co. KG)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [28416 2008-05-20] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-20] ()
R1 vmm; C:\Windows\system32\Treiber\vmm.sys [294248 2012-10-05] (Microsoft Corporation)
S2 hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [X]
U3 tmlwf; No ImagePath
U3 tmwfp; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-10 11:14 - 2015-05-10 11:16 - 00026776 _____ () C:\Users\Johannes\Desktop\FRST.txt
2015-05-10 11:14 - 2015-05-10 11:14 - 00000000 ____D () C:\FRST
2015-05-10 11:13 - 2015-05-10 11:12 - 02102784 _____ (Farbar) C:\Users\Johannes\Desktop\FRST64.exe
2015-05-10 11:11 - 2015-05-10 11:12 - 02102784 _____ (Farbar) C:\Users\Johannes\Downloads\FRST64.exe
2015-05-06 22:54 - 2015-05-06 22:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-01 11:18 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-01 11:18 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-01 11:18 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-01 11:18 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-01 11:18 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-01 11:18 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-01 11:18 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-01 11:18 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-01 11:18 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-01 11:18 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-01 11:18 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-01 11:18 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-01 11:18 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-01 11:18 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-01 11:18 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-01 11:18 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-01 11:18 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-01 11:18 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-01 11:18 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-01 11:18 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-01 11:18 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-01 11:18 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-01 11:18 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-01 11:18 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-01 11:18 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-01 11:18 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-01 11:18 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-01 11:18 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-01 11:18 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-01 11:18 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-01 11:18 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-01 11:18 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-01 11:18 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-01 11:18 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-01 11:18 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-01 11:18 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-01 11:18 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-01 11:18 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-01 11:18 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-01 11:18 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-01 11:18 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-01 11:18 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-01 11:18 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-01 11:18 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-01 11:18 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-01 11:18 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-01 11:18 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-01 11:18 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-01 11:18 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-01 11:18 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-01 11:18 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-01 11:18 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-01 11:18 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-01 11:18 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-01 11:18 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-01 11:18 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-01 11:18 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-01 11:18 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-25 23:14 - 2015-05-01 10:53 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-25 23:14 - 2015-04-25 23:14 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-25 22:46 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-25 22:46 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-25 22:46 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-25 22:46 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-25 22:46 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-25 22:46 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-25 22:46 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-25 22:46 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-25 22:46 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-25 22:46 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-25 22:46 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-25 22:46 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-25 22:46 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-25 22:46 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-25 22:46 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-25 22:46 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-25 22:44 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-25 22:44 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-25 22:44 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-25 22:44 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-25 22:44 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-25 22:44 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-25 22:44 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-25 22:44 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-25 22:43 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-25 22:43 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-25 22:42 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-25 22:42 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-25 22:42 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-25 22:42 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-25 22:41 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-25 22:41 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-25 22:41 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-25 22:41 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-25 22:41 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-25 22:41 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-25 22:41 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-25 22:41 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-25 22:41 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-25 22:41 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-25 22:41 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-25 22:41 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-25 22:41 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-25 22:41 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-25 22:41 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-25 22:41 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-25 22:41 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-25 22:41 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-25 22:41 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-25 22:41 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-25 22:41 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-25 22:41 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-25 22:41 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-25 22:41 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-25 22:41 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-25 22:41 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-25 22:41 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-25 22:41 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-25 22:41 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-25 22:41 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-25 22:41 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-25 22:41 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-25 22:41 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-25 22:41 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-25 22:41 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-25 22:41 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-25 22:41 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-25 22:41 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-25 22:41 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-25 22:41 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-25 22:41 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-25 22:41 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-25 22:41 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-25 22:41 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-25 22:41 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-25 22:41 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-25 22:41 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-25 22:41 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-25 22:41 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-25 22:41 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-25 22:41 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-25 22:41 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-25 22:41 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-25 22:41 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-25 22:41 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-25 22:41 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-25 22:41 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-25 22:40 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-25 22:40 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-25 22:40 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-25 22:40 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-25 22:31 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-20 21:33 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-20 21:33 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-20 21:33 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-10 11:02 - 2009-07-14 06:45 - 00018832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-10 11:02 - 2009-07-14 06:45 - 00018832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-10 10:57 - 2013-11-14 20:03 - 00000642 _____ () C:\Windows\Tasks\WebContent AutoUpdate 2013.job
2015-05-10 10:43 - 2010-09-02 10:48 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-10 10:40 - 2010-09-02 10:27 - 01544727 _____ () C:\Windows\WindowsUpdate.log
2015-05-10 10:26 - 2012-05-03 21:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-10 10:21 - 2010-09-02 10:48 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-10 10:21 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-10 10:20 - 2009-07-14 06:51 - 00125845 _____ () C:\Windows\setupact.log
2015-05-01 20:47 - 2009-08-04 11:51 - 00701836 _____ () C:\Windows\system32\perfh007.dat
2015-05-01 20:47 - 2009-08-04 11:51 - 00150726 _____ () C:\Windows\system32\perfc007.dat
2015-05-01 20:47 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-01 20:37 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-05-01 11:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-05-01 11:28 - 2013-07-02 18:28 - 00000000 ____D () C:\Users\Johannes\Desktop\Gesamt
2015-04-25 23:14 - 2014-12-22 00:21 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-25 23:14 - 2014-06-23 21:43 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-25 23:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-25 22:38 - 2011-10-14 21:20 - 01600464 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-20 20:47 - 2013-08-09 20:28 - 00000000 ____D () C:\Users\Johannes\AppData\Roaming\Avira
2015-04-20 20:47 - 2010-09-02 11:12 - 00001319 _____ () C:\Windows\system32\ServiceFilter.ini

==================== Files in the root of some directories =======

2007-06-12 18:34 - 2007-06-12 18:34 - 0035822 _____ () C:\Program Files (x86)\Common Files\ASPG_icon.ico
2008-05-22 17:35 - 2008-05-22 17:35 - 0051962 _____ () C:\Program Files (x86)\Common Files\banner.jpg
2009-04-08 19:31 - 2009-04-08 19:31 - 0106496 _____ () C:\Program Files (x86)\Common Files\CPInstallAction.dll
2008-08-12 06:45 - 2008-08-12 06:45 - 0155648 _____ (ASUS) C:\Program Files (x86)\Common Files\MSIactionall.dll
2011-12-19 21:10 - 2011-12-19 22:28 - 0000462 _____ () C:\Users\Johannes\AppData\Roaming\Rim.Desktop.Exception.log
2011-12-19 21:08 - 2011-12-19 21:08 - 0000807 _____ () C:\Users\Johannes\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2012-01-06 20:56 - 2012-01-06 20:56 - 0007900 _____ () C:\Users\Johannes\AppData\Roaming\unins000.dat
2012-01-06 20:56 - 2012-01-06 20:55 - 0693765 _____ () C:\Users\Johannes\AppData\Roaming\unins000.exe
2012-03-31 19:24 - 2012-04-17 19:22 - 0003584 _____ () C:\Users\Johannes\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-09-02 10:49 - 2009-12-24 14:38 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2010-09-02 10:45 - 2010-09-02 10:46 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-09-02 10:45 - 2010-09-02 10:45 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Some content of TEMP:
====================
C:\Users\Johannes\AppData\Local\Temp\AskSLib.dll
C:\Users\Johannes\AppData\Local\Temp\atl80.dll
C:\Users\Johannes\AppData\Local\Temp\avgnt.exe
C:\Users\Johannes\AppData\Local\Temp\mfc80.dll
C:\Users\Johannes\AppData\Local\Temp\mfc80u.dll
C:\Users\Johannes\AppData\Local\Temp\mfcm80.dll
C:\Users\Johannes\AppData\Local\Temp\mfcm80u.dll
C:\Users\Johannes\AppData\Local\Temp\msvcm80.dll
C:\Users\Johannes\AppData\Local\Temp\msvcp80.dll
C:\Users\Johannes\AppData\Local\Temp\msvcr80.dll
C:\Users\Johannes\AppData\Local\Temp\msxml6-KB927977-enu-amd64.exe
C:\Users\Johannes\AppData\Local\Temp\msxml6-KB927977-enu-x86.exe
C:\Users\Johannes\AppData\Local\Temp\pdf24-creator-update.exe
C:\Users\Johannes\AppData\Local\Temp\TmDbg32.dll
C:\Users\Johannes\AppData\Local\Temp\TmDbg64.dll
C:\Users\Johannes\AppData\Local\Temp\_is6D04.exe
C:\Users\Johannes\AppData\Local\Temp\{7C34666F-27BB-406E-8448-5671B365CF98}-21.0.1180.89_21.0.1180.83_chrome_updater.exe
C:\Users\Johannes\AppData\Local\Temp\{A5F39355-9861-4F8C-843B-C3EB10922BD9}-34.0.1847.131_chrome_installer.exe
C:\Users\Johannes\AppData\Local\Temp\{DAD5807B-985E-4F29-96F7-8BFE4883AC1D}-37.0.2062.124_chrome_installer.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-01-26 21:14

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-05-2015
Ran by Johannes at 2015-05-10 11:17:48
Running from C:\Users\Johannes\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2854038138-1591333852-1234178731-500 - Administrator - Disabled)
Gast (S-1-5-21-2854038138-1591333852-1234178731-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2854038138-1591333852-1234178731-1002 - Limited - Enabled)
Johannes (S-1-5-21-2854038138-1591333852-1234178731-1001 - Administrator - Enabled) => C:\Users\Johannes

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version:  - Oberon Media)
AMD USB Filter Driver (HKLM-x32\...\{987B04C4-B5AC-4AD6-A7E9-8D681085B850}) (Version: 1.0.15.94 - Advanced Micro Devices, Inc.)
ArcSoft Print Creations - Album Page (HKLM-x32\...\{E6B4117F-AC59-4B13-9274-EB136E8897EE}) (Version:  - ArcSoft)
ArcSoft Print Creations - Photo Book (HKLM-x32\...\{56589DFE-0C29-4DFE-8E42-887B771ECD23}) (Version:  - ArcSoft)
ArcSoft Print Creations (HKLM-x32\...\{85F1B81D-72C5-4357-81F9-B0A1D71DF59B}) (Version: 3.0.255.407 - ArcSoft)
ArcSoft TotalMedia HDCam (HKLM-x32\...\{7A1DE746-F5D0-4A21-943B-39A3F243C32A}) (Version:  - ArcSoft)
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.10 - ASUS)
ASUS AP Bank (HKLM-x32\...\ASUS AP Bank_is1) (Version: 1.0.0.0 - ASUSTEK)
ASUS CopyProtect (HKLM-x32\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0015 - ASUS)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0021 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.37 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0008 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.20 - asus)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 2.0.46.1429 - eCareme Technologies, Inc.)
ATI Catalyst Install Manager (HKLM\...\{401D3422-5349-F819-D294-01CA297CB9E0}) (Version: 3.0.769.0 - ATI Technologies, Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0005 - ASUS)
Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.9.504 - Avira Operations GmbH & Co. KG)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 15.0.8.656 - Avira)
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C1C01}) (Version: 12.28.1.1270 - APN, LLC)
Babylon toolbar on IE (HKLM-x32\...\BabylonToolbar) (Version:  - ) <==== ATTENTION
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
BlackBerry Desktop Software 6.0 (HKLM-x32\...\BlackBerry_Desktop) (Version: 6.0.0.40 - Research in Motion Ltd.)
BlackBerry Desktop Software 6.0 (x32 Version: 6.0.0.40 - Research in Motion Ltd.) Hidden
Boingo Wi-Fi (HKLM-x32\...\{B653A2EC-D816-4498-A4FD-651047AB9DC9}) (Version: 1.7.0048 - Boingo Wireless, Inc.)
ccc-core-static (x32 Version: 2010.0406.2133.36843 - ATI) Hidden
CD goes MP3 7 Platinum (HKLM-x32\...\{FF6E1E83-CD7F-49E9-AE8C-D9804372D1FC}_is1) (Version: CD goes MP3 7 - FRANZIS GmbH)
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version:  - Oberon Media)
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
Complitly (HKLM-x32\...\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1) (Version:  - Complitly) <==== ATTENTION
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.8 - ASUS)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
Dream Day Wedding Married in Manhattan (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115233673}) (Version:  - Oberon Media)
ESS Energie Indikator (HKLM-x32\...\{6E83470B-5EE2-407D-ABFC-CC87E070ED8C}) (Version: 20.13.0 - Nemetschek Allplan GmbH)
ETDWare PS/2-x64 7.0.5.11_WHQL (HKLM\...\Elantech) (Version: 7.0.5.11 - ELAN Microelectronics Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.6 - ASUS)
Fitbit Connect (HKLM-x32\...\{5BD4A02D-B528-4916-A846-176B31A5D84F}) (Version: 1.0.3.5511 - Fitbit Inc.)
FoxTab PDF Creator (HKU\S-1-5-21-2854038138-1591333852-1234178731-1001\...\FoxTab PDF Creator) (Version:  - ) <==== ATTENTION
Game Park Console (HKLM-x32\...\{C9991C9B-0783-452E-8954-AB93E2AB3B80}_is1) (Version: 6.2.0.2 - Oberon Media, Inc.)
General Runtime Files for Allplan 2013-1 Release (x32 Version: 1.7.0.0 - Nemetschek Allplan Systems GmbH) Hidden
General Runtime Files for Allplan 2013-1 Release x64 (Version: 1.4.0.0 - Nemetschek Allplan Systems GmbH) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version:  - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hardlock Device Driver (HKLM-x32\...\Hardlock Device Driver) (Version:  - )
Jagen 2011 (HKLM-x32\...\{45A583AC-22D5-44F1-B093-FF0429D764E9}) (Version: 1.00.0000 - Valusoft)
Java(TM) 6 Update 2 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160020}) (Version: 1.6.0.20 - Sun Microsystems, Inc.)
JMicron Ethernet Adapter NDIS Driver (HKLM-x32\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.17.1 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.33.2 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
K_Series_ScreenSaver_EN (HKLM-x32\...\K_Series_ScreenSaver_EN) (Version:  - )
Lexware Admintools Plus (HKLM-x32\...\{C1C50448-C067-454A-80B2-334ECAC8F414}) (Version: 11.00.00.0066 - Haufe-Lexware GmbH & Co.KG)
Lexware Datenbank plus 2011 (HKLM-x32\...\{DAF15921-FA90-4427-82A2-1852A9BAC99A}) (Version: 11.00.00.0074 - Haufe-Lexware GmbH & Co.KG)
Lexware Info Service (HKLM-x32\...\{15B2BC56-D179-4450-84B9-7A8D7F4CE1B9}) (Version: 2.70.00.0081 - Haufe-Lexware GmbH & Co.KG)
Lexware reisekosten plus 2011 (HKLM-x32\...\{37BC8FCE-15B1-456E-A62C-EEB175B71340}) (Version: 11.22.00.0124 - Haufe-Lexware GmbH & Co.KG)
Lexware reisekosten plus 2011 (x32 Version: 11.22.00.0124 - ) Hidden
LoiLoScope Herunterladen (HKLM-x32\...\{C2A254F4-AC74-482F-8F09-DB2843AC2AAE}_is1) (Version: 2.0 - LoiLo inc)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft ReportViewer 2010 SP1 Redistributable (KB2549864) (HKLM-x32\...\{1282C0BC-3B22-33D4-B72E-62922415DDCA}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Virtual PC 2007 SP1 (HKLM\...\{AD483998-2E9A-4405-83FF-6E503AF49CBB}) (Version: 6.0.192.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nemetschek Allplan 2003 (HKLM-x32\...\Allplan 2003) (Version:  - )
Nemetschek Allplan 2013 (HKLM-x32\...\{FA47FBFD-2F6C-439A-B88C-2FFD6F4AE291}) (Version: 2013.0 - Nemetschek Allplan Systems GmbH)
Nemetschek SoftLock 2006 (HKLM-x32\...\{7262D0C8-41CC-4F75-8383-A6C7C61D7FC6}) (Version: 1.26.55 - )
PDF24 Creator 5.4.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PHOTOfunSTUDIO 9.0 LE (HKLM-x32\...\{79CC3A5A-E238-4BBF-BB00-FB4BE894399A}) (Version: 9.00.017 - Panasonic Corporation)
Piggly FREE (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-1173957}) (Version:  - Oberon Media)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6110 - Realtek Semiconductor Corp.)
Smileyville FREE (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117396510}) (Version:  - Oberon Media)
SRS Premium Sound Control Panel (HKLM\...\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}) (Version: 1.8.5900 - SRS Labs, Inc.)
syncables desktop SE (HKLM-x32\...\{BBED4F90-7AE5-40BF-AFB7-1B495692F4AB}) (Version: 5.5.615.9518 - syncables)
Update_DealPly (HKU\S-1-5-21-2854038138-1591333852-1234178731-1001\...\DealPly) (Version:  - ) <==== ATTENTION
USB2.0 UVC VGA WebCam (HKLM\...\USB2.0 UVC VGA WebCam) (Version: 5.8.54000.207 - Sonix)
Virtual COM Port Driver (HKLM-x32\...\InstallShield_{9853299F-7AD8-4560-9896-60650BD8ACBF}) (Version: 1.3.1 - STMicroelectronics)
Virtual COM Port Driver (x32 Version: 1.3.1 - STMicroelectronics) Hidden
Windows Live Anmelde-Assistent (HKLM-x32\...\{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{8C1E2925-14F8-45AA-B999-1E2A74BF5607}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.30.3 - ASUS)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.17 - ASUS)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

10-05-2015 10:37:35 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0335E3A0-30D1-4E92-AF25-05FDD900D8BB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-04] (Google Inc.)
Task: {0566CF99-D65F-40B5-B370-A7579D1AA7D4} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-05-28] (ATK)
Task: {1A457A96-52AD-45C7-B4A9-A3B5D6550C98} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {1D44BACC-2A2D-4BD1-B1F3-9F88BA0C5E10} - System32\Tasks\{8F92431D-C353-4127-8768-6C81CC0F0230} => E:\SETUP.EXE
Task: {24077297-655D-4AC7-97FA-C089AC9D09B5} - System32\Tasks\AutoUpdate Allplan 2013 => C:\Program Files\Nemetschek\Allplan\prg\NemDownloadHandler.exe [2013-03-01] (Nemetschek Allplan Systems GmbH)
Task: {34C3716F-79AD-452F-B33B-9478AC55DD08} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {37712AA6-C979-4601-BC0B-9D00D8EE21C5} - System32\Tasks\{0CF02331-4B88-4F24-B31A-50B8A5899688} => E:\SETUP.EXE
Task: {37803C32-C989-4972-BCA2-5147645129B4} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {3850CD4E-4780-439B-B36B-CE3490FCAFE6} - System32\Tasks\WebContent AutoUpdate 2013 => C:\Program Files\Nemetschek\Allplan\prg\NemDownloadHandler.exe [2013-03-01] (Nemetschek Allplan Systems GmbH)
Task: {44644C23-8FA3-404F-B0C1-E578C967B9D2} - System32\Tasks\DealPly => C:\Users\Johannes\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe [2013-01-31] () <==== ATTENTION
Task: {57D62415-5781-40B9-8B5F-778C24D619E0} - System32\Tasks\{A53E159D-881D-4710-BF74-83C7DC1C2F3E} => E:\SETUP.EXE
Task: {61F62117-9788-4013-9A72-2F5D86611235} - \DealPlyUpdate No Task File <==== ATTENTION
Task: {8015A60F-B9B2-4F6D-A9E1-B29E5C87373C} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {826E9FED-5BB0-4DAE-BAF9-8E8D4E31790A} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe [2010-06-09] (asus)
Task: {8567B3A0-3E2E-4982-8A73-7E1331EAE983} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-04] (Google Inc.)
Task: {8C9B3041-B3B6-4DDB-9F9C-30F7E0F06FD3} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {93003FB0-6D59-48D5-8D26-0BDFDBD6ECFD} - System32\Tasks\{E5A2EFDC-3CE9-4CB8-A378-FB1EECF6D10C} => pcalua.exe -a "C:\Users\Johannes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1SYYMZTX\avira_antivir_personal_de[1].exe" -d C:\Users\Johannes\Desktop
Task: {A0E9148F-0BDF-4432-ABFA-E7A062CC2740} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {B553B084-0414-4CA0-BCCA-378B166A4B87} - System32\Tasks\ASPG => C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe [2009-06-29] (ASUS)
Task: {BBEFA21F-A0DA-4A29-9BE1-42CB3D792216} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-07-31] (ASUS)
Task: {D4123991-4A90-4631-85B0-C334ACD235B1} - System32\Tasks\{4547AEC2-DDD4-4DB1-96F9-9A02DC1DD671} => E:\SETUP.EXE
Task: {F7717B98-8BFA-4CBD-BCE5-A2B33849D867} - System32\Tasks\{943DF6FB-F8BD-4865-A0D7-755385A55224} => E:\SETUP.EXE
Task: C:\Windows\Tasks\AutoUpdate Allplan 2013.job => C:\Program Files\Nemetschek\Allplan\prg\NemDownloadHandler.exe7/f C:\Daten\Nemetschek\Allplan\Std\AllplanUpdate.inf
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\WebContent AutoUpdate 2013.job => C:\Program Files\Nemetschek\Allplan\prg\NemDownloadHandler.exe…/f C:\Daten\Nemetschek\Allplan\Std\AllplanUpdate.inf /one http:/autoupdate.allplan.com/Updates/Allplan/MyPlan/2013/WebContent.upd

==================== Loaded Modules (whitelisted) ==============

2010-03-16 03:48 - 2010-03-16 03:48 - 00148816 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\EcaremeDLL.dll
2010-09-02 10:49 - 2010-09-02 10:49 - 00030032 _____ () C:\Windows\assembly\GAC_MSIL\SqliteShared\1.0.3726.20828__0d0f4b69e50e559b\SqliteShared.dll
2010-09-02 10:49 - 2010-09-02 10:49 - 00931840 _____ () C:\Windows\assembly\GAC_64\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
2010-09-02 11:12 - 2007-11-30 20:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2010-01-11 19:27 - 2010-01-11 19:27 - 00017920 _____ () C:\Program Files\P4G\DevMng.dll
2010-05-06 03:22 - 2010-05-06 03:22 - 00108544 _____ () C:\Program Files\P4G\OvrClk.dll
2008-10-01 08:02 - 2008-10-01 08:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-03-16 03:48 - 2010-03-16 03:48 - 01754448 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
2010-07-02 22:36 - 2010-07-02 22:36 - 01597440 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2010-09-02 11:01 - 2010-09-02 11:01 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2009-11-02 23:20 - 2009-11-02 23:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 23:23 - 2009-11-02 23:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2010-02-24 00:14 - 2010-02-24 00:14 - 00041472 _____ () C:\Program Files (x86)\ASUS\ControlDeck\HelpFunc.dll
2010-02-24 00:14 - 2010-02-24 00:14 - 00071680 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll
2010-02-24 00:11 - 2010-02-24 00:11 - 00076288 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll
2010-02-24 00:12 - 2010-02-24 00:12 - 00186880 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll
2010-02-24 00:14 - 2010-02-24 00:14 - 00050688 _____ () C:\Program Files (x86)\ASUS\ControlDeck\P4GControl.dll
2010-07-01 20:21 - 2010-07-01 20:21 - 00204800 _____ () C:\Program Files (x86)\asus\VirtualCamera\virtualCamera.ax
2015-01-29 20:43 - 2015-01-25 08:08 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libglesv2.dll
2015-01-29 20:43 - 2015-01-25 08:08 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libegl.dll
2015-01-29 20:43 - 2015-01-25 08:08 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2854038138-1591333852-1234178731-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{C6C583E7-174D-4E65-BCBD-D48DAFEF0327}] => (Allow) LPort=5353
FirewallRules: [{0EF57BC4-872A-40E2-B42C-60032BCBC2DD}] => (Allow) LPort=8182
FirewallRules: [{496C20E8-0B98-489A-853E-B8D5AD423D9A}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{ED13A752-74CC-4D9C-8649-287573A61DE7}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{946FD524-FF5C-4311-9CAF-5487E6C055B7}] => (Allow) svchost.exe
FirewallRules: [{E4FB925C-259D-434E-8298-A9A3D57634A5}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{5E6AB925-2DA4-4E29-A3DC-5D68F4E13E9D}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{C15E9AE7-F9D5-416B-A9F2-6855AC0CA892}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{D2FC9723-A160-4ABD-BA6B-DDDB201AA842}] => (Allow) LPort=4481
FirewallRules: [{9EB7AC14-FF10-4ED4-894A-3CD79FF12503}] => (Allow) LPort=4481
FirewallRules: [{B6730DE9-9355-4479-9681-5AA34047511A}] => (Allow) LPort=4482
FirewallRules: [{31CCCF70-9FC0-4EB8-AD62-E94B047D4463}] => (Allow) LPort=4482
FirewallRules: [{FE793828-EDF3-4FCA-B80E-05D23DF5BDDB}] => (Allow) C:\Program Files (x86)\Sybase\SQL Anywhere 9\win32\dbsrv9.exe
FirewallRules: [{0D5270A4-7EA9-4A0D-A1FD-B9D5B43FFE2D}] => (Allow) C:\Program Files (x86)\Sybase\SQL Anywhere 9\win32\dbsrv9.exe
FirewallRules: [TCP Query User{500053A1-D9A1-4ABA-B428-F34ECB472F0C}C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe] => (Block) C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
FirewallRules: [UDP Query User{BD00EFE4-7380-489E-9A6D-4DD96760ABCB}C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe] => (Block) C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
FirewallRules: [{02D08552-6E36-4412-9B5F-2F563C3D9B26}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E4DCE84C-064F-44D8-9F5D-ACD7FCB75F37}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4AFF9113-7B60-47C3-9B43-2C079D7AC2E4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{E8E7A73D-E345-4EEC-A7BC-FDCD3C5AC505}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{2050D00E-E3C7-473B-B356-86954F7D8EC1}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/10/2015 10:30:14 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Stream product id=0x0066): Streaming Failed

Error: (05/10/2015 10:27:09 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Too many failures while downloading ranges: 2

Error: (05/06/2015 10:46:17 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Stream product id=0x0066): Streaming Failed

Error: (05/06/2015 10:43:01 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Too many failures while downloading ranges: 2

Error: (05/03/2015 09:13:47 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Stream product id=0x0066): Streaming Failed

Error: (05/03/2015 09:13:47 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Too many failures while downloading ranges: 2

Error: (05/01/2015 08:44:08 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Stream product id=0x0066): Streaming Failed

Error: (05/01/2015 08:41:12 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Too many failures while downloading ranges: 2

Error: (05/01/2015 11:34:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/01/2015 11:01:24 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Stream product id=0x0066): Streaming Failed


System errors:
=============
Error: (05/10/2015 10:29:38 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (05/10/2015 10:23:53 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (05/10/2015 10:21:52 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (05/10/2015 10:21:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "hardlock" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (05/06/2015 10:42:04 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (05/06/2015 10:34:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (05/06/2015 10:33:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "hardlock" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (05/03/2015 09:13:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Update" wurde mit folgendem Fehler beendet: 
%%-2147467243

Error: (05/03/2015 09:13:49 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (05/03/2015 09:13:37 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}


Microsoft Office Sessions:
=========================
Error: (05/10/2015 10:30:14 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Stream product id=0x0066): Streaming Failed

Error: (05/10/2015 10:27:09 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Too many failures while downloading ranges: 2

Error: (05/06/2015 10:46:17 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Stream product id=0x0066): Streaming Failed

Error: (05/06/2015 10:43:01 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Too many failures while downloading ranges: 2

Error: (05/03/2015 09:13:47 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Stream product id=0x0066): Streaming Failed

Error: (05/03/2015 09:13:47 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Too many failures while downloading ranges: 2

Error: (05/01/2015 08:44:08 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Stream product id=0x0066): Streaming Failed

Error: (05/01/2015 08:41:12 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Too many failures while downloading ranges: 2

Error: (05/01/2015 11:34:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files (x86)\STMicroelectronics\Software\Virtual COM Port Driver\dpinst_ia64.exe

Error: (05/01/2015 11:01:24 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Stream product id=0x0066): Streaming Failed


==================== Memory info =========================== 

Processor: AMD Phenom(tm) II P920 Quad-Core Processor
Percentage of memory in use: 43%
Total physical RAM: 4093.82 MB
Available physical RAM: 2313.17 MB
Total Pagefile: 8185.82 MB
Available Pagefile: 5787.35 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:116.44 GB) (Free:1.08 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:329.79 GB) (Free:329.69 GB) NTFS
Drive e: (26 Apr 2015) (CDROM) (Total:0.51 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E0C5913D)
Partition 1: (Not Active) - (Size=19.5 GB) - (Type=1C)
Partition 2: (Active) - (Size=116.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=329.8 GB) - (Type=OF Extended)

==================== End Of Log ============================

schrauber · 11.05.2015, 05:54

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

Babylon toolbar on IE

Complitly

FoxTab PDF Creator

Update_DealPly
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

09.05.2015, 08:26	#7
schrauber /// the machine /// TB-Ausbilder	Zeus Trojaner eingefangen lt. email vom Abuse-Team der Telekom! Dann bitte noch FRST Logs von den andern Rechnern. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

10.05.2015, 06:04	#9
schrauber /// the machine /// TB-Ausbilder	Zeus Trojaner eingefangen lt. email vom Abuse-Team der Telekom! Gibt es auch allgemein keine weiteren WIndows PC? Die Zeitangabe in der Mail muss nicht passen. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Zeus Trojaner eingefangen lt. email vom Abuse-Team der Telekom!

Plagegeister aller Art und deren Bekämpfung: Zeus Trojaner eingefangen lt. email vom Abuse-Team der Telekom!