Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 03.06.2015, 20:39   #1
DHL-Kunde
 
Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet - Standard

Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet



Ja, peinlich. Ich weiß. Ich habe aber tatsächlich auf eine DHL-Nachricht gewartet

Nach der Anleitung für Hilfesuchende hier folgende txt und logs:

defogger_disable-log:
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 19:15 on 03/06/2015 (****)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
FRST.txt
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by **** (administrator) on PC on 03-06-2015 18:08:50
Running from C:\Users\****\Desktop
Loaded Profiles: **** (Available Profiles: ****)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Microsoft Corporation) C:\Users\****\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(cv cryptovision GmbH) C:\Program Files (x86)\cv cryptovision\cv act sc interface\RegisterTool.exe
() C:\Program Files (x86)\ScanWizard 5\ScannerFinder.exe
(Dropbox, Inc.) C:\Users\****\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
() C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Elaborate Bytes AG) C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ACD Systems) C:\Program Files (x86)\ACD Systems\ACDSee Video Converter 4.1\acdIDInTouch2.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows7FirewallControl] => C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe [1172480 2011-04-15] (Sphinx Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-13] (Realtek Semiconductor)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1691112 2015-04-06] (Bitdefender)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2903448 2011-06-06] (Adobe Systems Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [TrayServer] => C:\Program Files (x86)\MAGIX\Video_deluxe_MX_Premium_Download-Version\TrayServer_de.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-09-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [BrowserPlugInHelper] => C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe [1966992 2013-09-04] ()
HKU\S-1-5-21-1045896479-1792321579-2181696510-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1045896479-1792321579-2181696510-1001\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-1045896479-1792321579-2181696510-1001\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-02-24] (Bitdefender)
HKU\S-1-5-21-1045896479-1792321579-2181696510-1001\...\MountPoints2: K - K:\AutoRun.exe
HKU\S-1-5-21-1045896479-1792321579-2181696510-1001\...\MountPoints2: {2d3ef6a3-9d61-11e0-956c-00241d1cbdd9} - K:\AutoRun.exe
HKU\S-1-5-21-1045896479-1792321579-2181696510-1001\...\MountPoints2: {2d3ef6ae-9d61-11e0-956c-00241d1cbdd9} - K:\AutoRun.exe
HKU\S-1-5-21-1045896479-1792321579-2181696510-1001\...\MountPoints2: {2d3ef6ba-9d61-11e0-956c-00241d1cbdd9} - K:\AutoRun.exe
HKU\S-1-5-21-1045896479-1792321579-2181696510-1001\...\MountPoints2: {ba49c51a-54c4-11e2-84b8-00241d1cbdd9} - D:\AutoRun.exe
HKU\S-1-5-21-1045896479-1792321579-2181696510-1001\...\MountPoints2: {ba49c52d-54c4-11e2-84b8-00241d1cbdd9} - D:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BdBkpFolder [2015-06-03] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Scanner Finder.lnk [2013-08-06]
ShortcutTarget: Scanner Finder.lnk -> C:\Program Files (x86)\ScanWizard 5\ScannerFinder.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2011-06-21]
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()
Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BdBkpFolder [2015-06-03] ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\****\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\****\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\****\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll [2015-05-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\****\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\****\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\****\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\****\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\****\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\****\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\****\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll [2015-05-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\****\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\****\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\****\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1045896479-1792321579-2181696510-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1045896479-1792321579-2181696510-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-1045896479-1792321579-2181696510-1001 -> {5CBBEB30-1718-4194-96DF-DACB81CF1E00} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ATU2&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=&apn_uid=EB2214DE-6DC3-4F76-A560-FDC3BEE59646&apn_sauid=1B2F9230-9755-4D6D-A6D7-1976B1C44822
SearchScopes: HKU\S-1-5-21-1045896479-1792321579-2181696510-1001 -> {D21A8145-9961-4266-8948-558F113F291D} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-02-24] (Bitdefender)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-21] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-21] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-02-24] (Bitdefender)
BHO-x32: SwissAcademic.Citavi.Picker.IEPicker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO-x32: Wondershare Video Converter Ultimate -> {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} -> C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRIEPlugin.dll [2013-09-04] (Wondershare Software Co., Ltd.)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-21] (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-06-06] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-21] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-06-06] (Adobe Systems Incorporated)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-02-24] (Bitdefender)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-06-06] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-02-24] (Bitdefender)
Toolbar: HKU\S-1-5-21-1045896479-1792321579-2181696510-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ai9ct9e4.default
FF Homepage: hxxp://www.gmx.net/
FF NetworkProxy: "ftp", "212.91.188.166"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "212.91.188.166"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "212.91.188.166"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "212.91.188.166"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-31] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-21] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-31] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-24] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
FF Plugin-x32: LSNPAPI -> C:\Program Files (x86)\nplightshot\3.4.0.55\npLightshot.dll [2012-11-15] (Skillbrains)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-05-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-05-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-05-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-05-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-05-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2013-05-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2013-05-22] (Apple Inc.)
FF Extension: Nimbus Screen Capture - editable screenshots. - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ai9ct9e4.default\Extensions\nimbusscreencaptureff@everhelper.me.xpi [2014-05-07]
FF Extension: Stealthy - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ai9ct9e4.default\Extensions\stealthyextension@gmail.com.xpi [2013-04-08]
FF Extension: Qipu Cashbackmelder open beta - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ai9ct9e4.default\Extensions\toolbar@qipu.de.xpi [2013-01-23]
FF Extension: Soundcloud SUPER +2: Downloader and Recommender - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ai9ct9e4.default\Extensions\{988da70d-b78d-44a1-a9c7-ed11832a9e2e}.xpi [2012-08-06]
FF Extension: Update Scanner - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ai9ct9e4.default\Extensions\{c07d1a49-9894-49ff-a594-38960ede8fb9}.xpi [2012-01-08]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-06-03]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-06-03]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2015-06-03]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-06-03]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2014-12-09]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011-07-26]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2012-04-21]
FF HKLM-x32\...\Firefox\Extensions: [{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt
FF Extension: Wondershare Video Converter Ultimate - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt [2013-11-08]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2014-12-09]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF HKU\S-1-5-21-1045896479-1792321579-2181696510-1001\...\Firefox\Extensions: [{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt

Chrome: 
=======
CHR Profile: C:\Users\****\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-02-19]
CHR Extension: (Google Drive) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-19]
CHR Extension: (YouTube) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-19]
CHR Extension: (Wondershare Video Converter Ultimate) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\chgdeabpmphfhkoemjjglmilajldekbp [2013-11-12]
CHR Extension: (Google Search) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-19]
CHR Extension: (Foxtab Speed Dial) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoecifcadmambfikillppkoafmgachp [2013-02-19]
CHR Extension: (vshare plugin) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj [2014-06-06]
CHR Extension: (Google Wallet) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Gmail) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-19]
CHR HKU\S-1-5-21-1045896479-1792321579-2181696510-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [chgdeabpmphfhkoemjjglmilajldekbp] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRChromePlugin.crx [2013-11-08]
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

Opera: 
=======
OPR Extension: (Translator) - C:\Users\****\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2014-04-25]
OPR Extension: (WOT) - C:\Users\****\AppData\Roaming\Opera Software\Opera Stable\Extensions\eeokceolphhfjdfcibaiiopmekmcbedp [2014-04-25]
OPR Extension: (Nimbus Screen Capture) - C:\Users\****\AppData\Roaming\Opera Software\Opera Stable\Extensions\gjpihpkhgfngnbhhfdehlcmgfahbciip [2014-05-07]
OPR Extension: (Blur: Protect your passwords, payments & privacy) - C:\Users\****\AppData\Roaming\Opera Software\Opera Stable\Extensions\ibeanghkfkghfakebjafimamcpnplmhj [2014-04-25]
OPR Extension: (YouTube Downloader) - C:\Users\****\AppData\Roaming\Opera Software\Opera Stable\Extensions\kclijeogghhkmenkommbnjobhnndpfba [2014-04-25]
OPR Extension: (Gismeteo weather forecast in speed-dial) - C:\Users\****\AppData\Roaming\Opera Software\Opera Stable\Extensions\kibhjejfdbbjhlhmhdcjcnjpiobjgkak [2014-04-25]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-09-28] (Advanced Micro Devices, Inc.) [File not signed]
S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2015-01-21] (Bitdefender)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MSSQL$MYMOVIES; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 MySQL; C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe [7599616 2009-08-18] () [File not signed]
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-08-20] (Sony Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1547936 2015-04-06] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 Windows7FirewallService; C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe [610816 2011-04-15] (Sphinx Software) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138400 2012-08-26] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138400 2012-08-26] (SlySoft, Inc.)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21136 2012-10-31] (AVAST Software)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1306464 2015-02-24] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [262544 2015-02-24] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [677104 2015-02-24] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2015-02-24] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2015-02-24] (BitDefender SRL)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R3 dvdfab; C:\Windows\System32\drivers\dvdfab.sys [79232 2011-08-15] (Fengtao Software Inc.)
S3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [66608 2010-02-12] (Symantec Corporation)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160544 2015-04-06] (BitDefender LLC)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-07-20] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-07-20] (RapidSolution Software AG)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [748648 2010-08-12] (Realtek Semiconductor Corporation                           )
R3 synusb64; C:\Windows\System32\DRIVERS\synusb64.sys [30352 2010-09-17] (Steinberg Media Technologies GmbH)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
U2 V2iMount; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-03 18:08 - 2015-06-03 18:09 - 00033005 _____ () C:\Users\****\Desktop\FRST.txt
2015-06-03 18:08 - 2015-06-03 18:08 - 00000470 _____ () C:\Users\****\Desktop\defogger_disable.log
2015-06-03 18:08 - 2015-06-03 18:08 - 00000000 ____D () C:\FRST
2015-06-03 18:08 - 2015-06-03 18:08 - 00000000 _____ () C:\Users\****\defogger_reenable
2015-06-03 18:03 - 2015-06-03 18:03 - 00380416 _____ () C:\Users\****\Desktop\sq64cte0.exe
2015-06-03 17:59 - 2015-06-03 17:59 - 02108928 _____ (Farbar) C:\Users\****\Desktop\FRST64.exe
2015-06-03 17:59 - 2015-06-03 17:59 - 00050477 _____ () C:\Users\****\Desktop\Defogger.exe
2015-06-03 17:57 - 2015-06-03 17:58 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-03 17:56 - 2015-06-03 17:56 - 00001066 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-06-03 17:56 - 2015-06-03 17:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-06-03 17:55 - 2015-06-03 17:56 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-06-03 17:55 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-03 17:55 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-03 17:37 - 2015-06-03 17:37 - 00000000 ___HD () C:\OneDriveTemp
2015-06-03 14:27 - 2015-06-03 17:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-06-01 07:10 - 2015-06-01 07:10 - 00000000 ____D () C:\Users\****\AppData\Local\GWX
2015-05-27 14:37 - 2015-04-22 22:26 - 19701197 _____ () C:\Users\****\Desktop\LR Plugins vscofilm-00lr-win.zip
2015-05-25 14:54 - 2015-05-25 14:54 - 00904332 _____ () C:\Users\****\Downloads\AdBlock-v2.34.zip
2015-05-24 11:40 - 2015-05-24 11:41 - 06471520 _____ (Tim Kosse) C:\Users\****\Downloads\FileZilla_3.11.0.1_win64-setup.exe
2015-05-12 20:01 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 20:01 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 20:00 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-12 20:00 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-12 20:00 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-12 20:00 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-12 20:00 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-12 20:00 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-12 20:00 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-12 20:00 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-12 20:00 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-12 20:00 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-12 20:00 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-12 20:00 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-12 20:00 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-12 20:00 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-12 20:00 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-12 20:00 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-12 20:00 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-12 20:00 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-12 20:00 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-12 20:00 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-12 20:00 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-12 20:00 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-12 20:00 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-12 20:00 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-12 20:00 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-12 20:00 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-12 20:00 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-12 20:00 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-12 20:00 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-12 20:00 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-12 20:00 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-12 20:00 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-12 20:00 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-12 20:00 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-12 20:00 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-12 20:00 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-12 20:00 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-12 20:00 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-12 20:00 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-12 20:00 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-12 20:00 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-12 20:00 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-12 20:00 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-12 20:00 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-12 20:00 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-12 20:00 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-12 20:00 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-12 20:00 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-12 20:00 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-12 20:00 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-12 20:00 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-12 20:00 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-12 20:00 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-12 20:00 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-12 20:00 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-12 20:00 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-12 20:00 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-12 20:00 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-12 20:00 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-12 20:00 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-12 20:00 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-12 20:00 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-12 20:00 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-12 20:00 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-12 19:55 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-12 19:55 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-12 19:55 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-12 19:55 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-12 19:55 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-12 19:55 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-12 19:55 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-12 19:55 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-12 19:55 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-12 19:55 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-12 19:55 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-12 19:55 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-12 19:55 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-12 19:55 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-12 19:55 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-12 19:55 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-12 19:55 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-12 19:55 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-12 19:55 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-12 19:55 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-12 19:55 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-12 19:55 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-12 19:55 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-12 19:55 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-12 19:55 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-12 19:55 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-12 19:55 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-12 19:55 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-12 19:55 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-12 19:55 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-12 19:55 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-12 19:55 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-12 19:55 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-12 19:55 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-12 19:55 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-12 19:55 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-12 19:55 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-12 19:55 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-12 19:55 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-12 19:55 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-12 19:55 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-12 19:55 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-12 19:55 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-12 19:55 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-12 19:55 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-12 19:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-12 19:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-12 19:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-12 19:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-12 19:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-12 19:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-12 19:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-12 19:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-12 19:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-12 19:55 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-12 19:55 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-12 19:55 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-12 19:55 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-12 19:55 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-12 19:55 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-12 19:55 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-12 19:55 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-12 19:55 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-12 19:55 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-12 19:55 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-12 19:55 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-12 19:55 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-12 19:55 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-12 19:55 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-12 19:55 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-12 19:55 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-12 19:55 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-12 19:55 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-12 19:55 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-12 19:55 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-12 19:55 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-12 19:55 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-12 19:55 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-12 19:55 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-12 19:55 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-12 19:55 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-12 19:55 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-12 19:55 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-12 19:55 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-12 19:55 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-12 19:55 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-12 19:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-12 19:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-12 19:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-12 19:55 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-12 19:55 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-12 19:54 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-12 19:54 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-12 19:54 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-12 19:54 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-12 19:54 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-12 19:54 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-12 19:54 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-12 19:54 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-12 19:54 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-12 19:54 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-12 19:54 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-12 19:54 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-12 19:54 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-12 19:54 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-12 19:54 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-12 19:54 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-12 19:54 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-12 19:54 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-12 19:54 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-12 19:54 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-12 19:54 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-12 19:54 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-12 19:54 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-12 19:54 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-12 19:54 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-12 19:54 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-12 19:54 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-12 19:54 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-12 19:54 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-12 19:54 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-12 19:54 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-12 19:54 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-12 19:54 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-12 19:54 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-12 19:54 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-12 19:54 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-12 19:54 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-12 19:54 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-12 19:54 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-12 19:54 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-12 19:54 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-12 19:54 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-12 19:54 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-12 19:54 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-12 19:54 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-12 19:54 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-12 19:54 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-12 19:54 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-12 19:54 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-12 19:54 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-12 19:54 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-12 19:54 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-12 19:54 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-12 19:54 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-12 19:54 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-12 19:54 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-12 19:54 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-12 19:54 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-12 19:54 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-03 18:08 - 2011-06-14 10:02 - 00000000 ____D () C:\Users\****
2015-06-03 18:01 - 2014-08-18 18:36 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-03 17:55 - 2011-08-16 11:31 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-06-03 17:54 - 2011-07-12 10:59 - 00000000 ____D () C:\Users\****\Documents\Outlook-Dateien
2015-06-03 17:48 - 2013-02-19 08:23 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-03 17:45 - 2011-06-14 09:57 - 02041572 _____ () C:\Windows\WindowsUpdate.log
2015-06-03 17:45 - 2009-07-14 06:45 - 00013776 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-03 17:45 - 2009-07-14 06:45 - 00013776 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-03 17:42 - 2009-07-14 19:58 - 00750318 _____ () C:\Windows\system32\perfh007.dat
2015-06-03 17:42 - 2009-07-14 19:58 - 00168772 _____ () C:\Windows\system32\perfc007.dat
2015-06-03 17:42 - 2009-07-14 07:13 - 01763210 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-06-03 17:37 - 2014-07-31 10:50 - 00000000 ___RD () C:\Users\****\OneDrive
2015-06-03 17:37 - 2013-02-19 08:23 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-03 17:37 - 2013-02-06 09:14 - 11583994 _____ () C:\Windows\PFRO.log
2015-06-03 17:37 - 2013-02-06 09:14 - 00353852 _____ () C:\Windows\setupact.log
2015-06-03 17:37 - 2012-05-07 16:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-03 17:37 - 2011-06-23 19:33 - 00000000 ___RD () C:\Users\****\Dropbox
2015-06-03 17:37 - 2011-06-23 19:31 - 00000000 ____D () C:\Users\****\AppData\Roaming\Dropbox
2015-06-03 17:37 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-06-03 17:28 - 2011-06-15 20:38 - 00000386 _____ () C:\Windows\Tasks\update-sys.job
2015-06-02 20:34 - 2011-06-15 20:38 - 00000386 _____ () C:\Windows\Tasks\update-S-1-5-21-1045896479-1792321579-2181696510-1001.job
2015-06-02 14:43 - 2013-03-04 13:24 - 00000000 ____D () C:\Users\****\Desktop\Webdesign Download
2015-05-31 16:55 - 2011-06-14 11:07 - 00000000 ____D () C:\Users\****\Documents\01 Bewerbung
2015-05-31 15:23 - 2014-08-19 06:52 - 00000000 ____D () C:\Users\****\AppData\Local\Adobe
2015-05-31 15:23 - 2014-08-18 18:36 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-31 15:23 - 2012-04-06 08:31 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-31 15:23 - 2011-06-14 12:02 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-31 15:19 - 2011-06-14 11:08 - 00000000 ____D () C:\Users\****\Documents\10 Sonstige
2015-05-29 12:23 - 2014-02-03 23:48 - 00007603 _____ () C:\Users\****\AppData\Local\Resmon.ResmonCfg
2015-05-29 12:23 - 2011-06-14 11:08 - 00000000 ____D () C:\Users\****\Documents\09 Telekommunikation
2015-05-29 11:53 - 2011-09-26 09:24 - 00000000 ____D () C:\Users\****\AppData\Roaming\FileZilla
2015-05-29 11:43 - 2012-12-11 11:48 - 00000000 ____D () C:\Program Files (x86)\JDownloader 2
2015-05-28 13:52 - 2011-08-19 18:07 - 00000000 ____D () C:\Users\****\AppData\Local\Buhl
2015-05-28 13:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-05-27 12:04 - 2011-10-01 10:32 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-05-26 06:47 - 2014-06-04 19:19 - 00003830 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1398412331
2015-05-26 06:47 - 2011-06-14 10:55 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-05-24 10:17 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-05-24 09:43 - 2013-02-19 08:23 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-24 09:43 - 2013-02-19 08:23 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-22 22:29 - 2015-04-06 19:22 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-22 22:29 - 2015-04-06 19:22 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-22 21:55 - 2014-07-31 10:50 - 00002139 _____ () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-05-13 21:49 - 2009-07-14 06:45 - 05192584 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-13 21:48 - 2013-03-16 12:30 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-13 21:48 - 2013-03-16 12:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-12 20:11 - 2011-06-14 15:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-12 20:11 - 2009-07-14 20:18 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-12 20:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-12 20:09 - 2013-07-21 15:17 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-12 20:04 - 2011-06-14 10:29 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-12 20:01 - 2013-03-16 12:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-09 12:26 - 2011-06-23 19:32 - 00000000 ____D () C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

==================== Files in the root of some directories =======

2011-09-19 18:32 - 2014-12-17 08:52 - 0000132 _____ () C:\Users\****\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-04-06 18:28 - 2014-04-06 18:28 - 0038425 _____ () C:\Users\****\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
2014-04-06 18:24 - 2014-04-06 18:24 - 0038418 _____ () C:\Users\****\AppData\Roaming\Microsoft Excel 97-2003.ADR
2013-12-04 11:14 - 2013-12-04 11:14 - 0001456 _____ () C:\Users\****\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2011-08-19 18:09 - 2013-01-23 12:23 - 0001188 _____ () C:\Users\****\AppData\Local\crc32list11.txt
2012-11-19 17:45 - 2012-11-19 17:45 - 0003584 _____ () C:\Users\****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-05-29 10:31 - 2015-01-11 18:45 - 0000600 _____ () C:\Users\****\AppData\Local\PUTTY.RND
2014-02-03 23:48 - 2015-05-29 12:23 - 0007603 _____ () C:\Users\****\AppData\Local\Resmon.ResmonCfg
2011-06-15 20:38 - 2011-06-15 20:38 - 0000003 _____ () C:\Users\****\AppData\Local\updater.log
2011-08-26 12:34 - 2012-09-18 12:34 - 0001690 _____ () C:\Users\****\AppData\Local\UserProducts.xml
2012-09-11 15:53 - 2014-02-07 16:47 - 0000040 ___SH () C:\ProgramData\.zreglib
2014-12-09 18:18 - 2014-12-09 18:18 - 0579866 _____ () C:\ProgramData\1418141606.bdinstall.bin

Some files in TEMP:
====================
C:\Users\****\AppData\Local\Temp\atcMedia2611432714003.exe
C:\Users\****\AppData\Local\Temp\atcMedia4521421739508.exe
C:\Users\****\AppData\Local\Temp\atcMedia5441432714468.exe
C:\Users\****\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprsdth1.dll
C:\Users\****\AppData\Local\Temp\FileSystemView.dll
C:\Users\****\AppData\Local\Temp\ICReinstall_DownloadManagerSetup.exe
C:\Users\****\AppData\Local\Temp\install_flashplayer12x32au_mssd_awb_aih.exe
C:\Users\****\AppData\Local\Temp\install_flash_player_ax.exe
C:\Users\****\AppData\Local\Temp\jna107985519354627243.dll
C:\Users\****\AppData\Local\Temp\jna1225294909955840274.dll
C:\Users\****\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\****\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\****\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\****\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\****\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\****\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\****\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\****\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\****\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\****\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\****\AppData\Local\Temp\proxy_vole3437379519709339946.dll
C:\Users\****\AppData\Local\Temp\SkypeSetup.exe
C:\Users\****\AppData\Local\Temp\topazfusion2_setup.exe
C:\Users\****\AppData\Local\Temp\vlc-2.0.6-win32.exe
C:\Users\****\AppData\Local\Temp\vlc-2.1.1-win32.exe
C:\Users\****\AppData\Local\Temp\vlc-2.1.2-win64.exe
C:\Users\****\AppData\Local\Temp\vlc-2.1.4-win64.exe
C:\Users\****\AppData\Local\Temp\vlc-2.1.5-win64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-25 15:43

==================== End of log ============================
         
weiter s. 2 Post

Alt 03.06.2015, 20:42   #2
DHL-Kunde
 
Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet - Standard

Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet



Addition.txt
[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
Ran by **** at 2015-06-03 18:09:20
Running from C:\Users\****\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1045896479-1792321579-2181696510-500 - Administrator - Disabled)
**** (S-1-5-21-1045896479-1792321579-2181696510-1001 - Administrator - Enabled) => C:\Users\****
Gast (S-1-5-21-1045896479-1792321579-2181696510-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1045896479-1792321579-2181696510-1016 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ABBYY FineReader OCR Engine für ScanWizard (HKLM-x32\...\{345C90FB-FA10-11D5-9C2A-0080C85A0C2D}) (Version:  - )
ACDSee Video Converter 4.1 (HKLM-x32\...\ACDSee_acdVC) (Version: 4.1.0.166 - ACD Systems International Inc.)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.0 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.1060 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated)
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version:  - )
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 17 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Illustrator CS4 (HKLM-x32\...\Adobe_2a31ae7a5c43ff52d8577782dd34e04) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 4.4 64-bit (HKLM\...\{11A955CD-4398-405A-886D-E464C3618FBF}) (Version: 4.4.1 - Adobe)
Albelli Fotobücher (HKU\S-1-5-21-1045896479-1792321579-2181696510-1001\...\{EE20E438-B675-4421-AB07-928F0EC9FB22}_is1) (Version:  - Albelli)
AMD Catalyst Install Manager (HKLM\...\{E85D1C80-28C4-76B8-5A5A-2C8D8B38D5D9}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.0.8.0 - SlySoft)
Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 2014 v.12.0.5 (HKLM-x32\...\{91B33C97-280F-B76D-E27B-E712D7041B76}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 - Michael Tippach)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.7971 - DsNET Corp)
aTube Catcher Version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version:  - )
Audials (HKLM-x32\...\{BF7B8E4A-9FEC-4A5F-A890-021B8C0DAFCF}) (Version: 9.1.29900.0 - Audials AG)
Bitdefender Internet Security 2015 (HKLM\...\Bitdefender) (Version: 18.19.0.1369 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 3.27 - Piriform)
Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.)
Citavi (HKLM-x32\...\{E12C6653-1FF0-4686-ADB8-589C13AE761F}) (Version: 3.4.0.2 - Swiss Academic Software)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
CrystalDiskInfo 5.6.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.6.2 - Crystal Dew World)
cv act sc/interface - Admin Edition (64-Bit) (HKLM\...\{05A84E0B-67C4-4ACA-8CAD-F62673D4C194}) (Version: 5.1.0 - cv cryptovision GmbH)
Dropbox (HKU\S-1-5-21-1045896479-1792321579-2181696510-1001\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
DVDFab 9.0.7.2 (18/10/2013) (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)
DVDFab Passkey 8.0.3.8 (15/09/2011) (HKLM\...\DVDFab Passkey 8 Retail DMT_is1) (Version:  - )
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version:  - Steinberg Media Technologies GmbH)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FileZilla Client 3.10.1.1 (HKLM-x32\...\FileZilla Client) (Version: 3.10.1.1 - Tim Kosse)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
GEAR driver installer for AMD64 and Intel EM64T (HKLM\...\{50CBBEC7-1010-41C5-8718-A1A6FEDD9C3A}) (Version: 2.003.1 - GEAR Software, Inc.)
Gigabyte Raid Configurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - Gigabyte Technology Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JBridge (HKLM-x32\...\JBridge) (Version:  - JBridge)
JDownloader 2 (HKLM-x32\...\0630-0716-3135-7887) (Version: 2 - AppWork GmbH)
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 4.2.1909 - KYOCERA Document Solutions Inc.)
LAME v3.98.2 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version:  - )
LowRateVoip (HKLM-x32\...\LowRateVoip_is1) (Version: 4.08 build 645 - Finarea S.A. Switzerland)
MAGIX Foto & Grafik Designer 6 SE (HKLM-x32\...\MAGIX_{591B29D8-4A37-4202-9F74-3B43A45EC036}) (Version: 6.1.3.24817 - MAGIX AG)
MAGIX Foto & Grafik Designer 6 SE (Version: 6.1.3.24817 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM-x32\...\{4696FD4A-A0DF-4F84-BC9D-12D73E1D95D3}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM-x32\...\{58503E1E-09E6-400C-A44C-3822D7559794}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Video deluxe MX Premium Download-Version (Designelemente) (HKLM-x32\...\{5993C3B9-6BEA-416A-9053-AD32A421D694}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Download-Version (Filmvorlagen) (HKLM-x32\...\{5F0E5A56-8C2C-4AB1-88F0-8F62C3914B38}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Download-Version (Fotoshow Maker-Stile 1) (HKLM-x32\...\{43925E28-753A-428A-B72B-042798C0F7B8}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Download-Version (Fotoshow Maker-Stile 2) (HKLM-x32\...\{F439ED02-FA76-46C9-BA79-5DCFEC01C4AA}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Download-Version (HKLM-x32\...\MAGIX_MSI_Videodeluxe18_premium) (Version: 11.0.1.4 - MAGIX AG)
MAGIX Video deluxe MX Premium Download-Version (Individuelle Menüvorlagen) (HKLM-x32\...\{9A74D19F-C83B-4C65-9A56-3C17ACC22B82}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Download-Version (Menüvorlagen 1) (HKLM-x32\...\{28586FB4-F99C-44AC-81D2-D742B23D95FA}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Download-Version (Menüvorlagen 2) (HKLM-x32\...\{0D5B1E8D-6EAB-4421-920C-0EC5450B1EF9}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Download-Version (NewBlueFX Light Blends) (HKLM-x32\...\{3D37D8DA-8AB6-4865-AA37-B65A4BE47B03}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Download-Version (Überblendeffekte) (HKLM-x32\...\{58281DAE-6043-4FA1-9F1E-4299D5BA2EA6}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Download-Version (x32 Version: 11.0.1.4 - MAGIX AG) Hidden
MakeMKV v1.8.8 (HKLM-x32\...\MakeMKV) (Version: v1.8.8 - GuinpinSoft inc)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Media Player Codec Pack 4.0.1 (HKLM-x32\...\Media Player - Codec Pack) (Version:  - Media Player Codec Pack)
MediaInfo 0.7.64 (HKLM\...\MediaInfo) (Version: 0.7.64 - MediaArea.net)
MediaPortal (HKLM-x32\...\MediaPortal) (Version: 1.2.1 - Team MediaPortal)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0407-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1045896479-1792321579-2181696510-1001\...\OneDriveSetup.exe) (Version: 17.3.5860.0512 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MixMeister Fusion Demo 7.4.4 (HKLM-x32\...\mmfsetup_is1) (Version:  - MixMeister Technology LLC)
MKVToolNix 6.8.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 6.8.0 - Moritz Bunkus)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MPC-HC 1.7.8 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.8 - MPC-HC Team)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MySQL Server 5.1 (HKLM\...\{561AB451-B967-475C-80E0-3B6679C38B52}) (Version: 5.1.38 - MySQL AB)
NAS Starter Utility (HKLM-x32\...\NAS Starter Utility) (Version:  - ZyXEL)
NEF Codec (HKLM-x32\...\{D6506521-0959-4FA3-875F-E2E28830B0D2}) (Version: 1.00.0000 - Nikon)
NexusFont 2.5 (ver 2.5.8.1582) (HKLM-x32\...\{EFEDD205-43FE-4208-B682-0937E803E19E}_is1) (Version:  - xiles)
nplightshot-3.4.0.55 (HKLM-x32\...\{80B5B3C9-4084-2063-B32A-678A98DE512B}_is1) (Version:  - Skillbrains)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Opera Stable 29.0.1795.60 (HKLM-x32\...\Opera 29.0.1795.60) (Version: 29.0.1795.60 - Opera Software ASA)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Perfect Effects 9 (HKLM-x32\...\Perfect Effects 9 PE) (Version: 9.0.2 - onOne Software)
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Pixlr-o-matic (HKLM-x32\...\Pixlromatic) (Version: 2.1 - UNKNOWN)
Pixlr-o-matic (x32 Version: 2.1 - UNKNOWN) Hidden
PlayMemories Home (HKLM-x32\...\{8EB84CEC-6819-4E51-9E32-C756835637B0}) (Version: 6.3.03.08201 - Sony Corporation)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version:  - )
RUBICon (HKLM-x32\...\{438134D3-0BD4-4C52-8575-5B2B63AD01C2}) (Version: 2.0.25 - RUB)
RUBICon (HKLM-x32\...\{5A1084A3-79B7-480C-9275-D8AA0CCEFA52}) (Version: 2.0.24 - RUB)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.103.0 - SAMSUNG Electronics Co., Ltd.)
ScanWizard 5 (HKLM-x32\...\{B08D262E-D902-11D5-9C28-0080C85A0C2D}) (Version:  - )
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sony RAW Driver (HKLM-x32\...\{166FCF01-AC98-4288-A01C-90BEB808C059}) (Version: 2.0.00.08130 - Sony Corporation)
Steinberg Cubase 5 64bit (HKLM\...\{8A9065DA-0293-41DA-A349-16E1A2605F64}) (Version: 5.5.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALionOne 64bit (HKLM\...\{743C5D75-6BC8-4881-BF7D-E7DF29F155F4}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 1.0.0.005 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 1.0.0.006 - Steinberg Media Technologies GmbH)
Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version:  - )
Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version:  - )
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
TagScanner 5.1.637 (HKLM-x32\...\TagScanner_is1) (Version:  - Sergey Serkov)
Topaz Adjust 4 (64-bit) (HKLM-x32\...\Topaz Adjust 4 (64-bit)) (Version: 4.1.0 - Topaz Labs)
Topaz Adjust 4 (64-bit) (Version: 4.1.0 - Topaz Labs) Hidden
Topaz Adjust 4 (HKLM-x32\...\Topaz Adjust 4) (Version: 4.1.0 - Topaz Labs)
Topaz Adjust 4 (x32 Version: 4.1.0 - Topaz Labs) Hidden
Topaz Clean 3 (64-bit) (HKLM-x32\...\Topaz Clean 3 (64-bit)) (Version: 3.0.2 - Topaz Labs)
Topaz Clean 3 (64-bit) (Version: 3.0.2 - Topaz Labs) Hidden
Topaz Clean 3 (HKLM-x32\...\Topaz Clean 3) (Version: 3.0.2 - Topaz Labs)
Topaz Clean 3 (x32 Version: 3.0.2 - Topaz Labs) Hidden
Topaz DeJpeg 4 (64-bit) (HKLM-x32\...\Topaz DeJpeg 4 (64-bit)) (Version: 4.0.2 - Topaz Labs)
Topaz DeJpeg 4 (64-bit) (Version: 4.0.2 - Topaz Labs) Hidden
Topaz DeJpeg 4 (HKLM-x32\...\Topaz DeJpeg 4) (Version: 4.0.2 - Topaz Labs)
Topaz DeJpeg 4 (x32 Version: 4.0.2 - Topaz Labs) Hidden
Topaz DeNoise 5 (64-bit) (HKLM-x32\...\Topaz DeNoise 5 (64-bit)) (Version: 5.0.1 - Topaz Labs)
Topaz DeNoise 5 (64-bit) (Version: 5.0.1 - Topaz Labs) Hidden
Topaz DeNoise 5 (HKLM-x32\...\Topaz DeNoise 5) (Version: 5.0.1 - Topaz Labs)
Topaz DeNoise 5 (x32 Version: 5.0.1 - Topaz Labs) Hidden
Topaz Detail 2 (64-bit) (HKLM-x32\...\Topaz Detail 2 (64-bit)) (Version: 2.0.5 - Topaz Labs)
Topaz Detail 2 (64-bit) (Version: 2.0.5 - Topaz Labs) Hidden
Topaz Detail 2 (HKLM-x32\...\Topaz Detail 2) (Version: 2.0.5 - Topaz Labs)
Topaz Detail 2 (x32 Version: 2.0.5 - Topaz Labs) Hidden
Topaz Fusion Express 2 (64-bit) (HKLM-x32\...\Topaz Fusion Express 2 (64-bit)) (Version: 2.0.2 - Topaz Labs)
Topaz Fusion Express 2 (64-bit) (Version: 2.0.2 - Topaz Labs) Hidden
Topaz Fusion Express 2 (HKLM-x32\...\Topaz Fusion Express 2) (Version: 2.1.3 - Topaz Labs, LLC)
Topaz Fusion Express 2 (x32 Version: 2.0.2 - Topaz Labs) Hidden
Topaz InFocus (64-bit) (HKLM-x32\...\Topaz InFocus (64-bit)) (Version: 1.0.0 - Topaz Labs)
Topaz InFocus (64-bit) (Version: 1.0.0 - Topaz Labs) Hidden
Topaz InFocus (HKLM-x32\...\Topaz InFocus) (Version: 1.0.0 - Topaz Labs)
Topaz InFocus (x32 Version: 1.0.0 - Topaz Labs) Hidden
Topaz Lens Effects (64-bit) (HKLM-x32\...\Topaz Lens Effects (64-bit)) (Version: 1.0.0 - Topaz Labs)
Topaz Lens Effects (64-bit) (Version: 1.0.0 - Topaz Labs) Hidden
Topaz Lens Effects (HKLM-x32\...\Topaz Lens Effects) (Version: 1.0.0 - Topaz Labs)
Topaz Lens Effects (x32 Version: 1.0.0 - Topaz Labs) Hidden
Topaz ReMask 3 (64-bit) (HKLM-x32\...\Topaz ReMask 3 (64-bit)) (Version: 3.1.0 - Topaz Labs)
Topaz ReMask 3 (64-bit) (Version: 3.1.0 - Topaz Labs) Hidden
Topaz ReMask 3 (HKLM-x32\...\Topaz ReMask 3) (Version: 3.1.0 - Topaz Labs)
Topaz ReMask 3 (x32 Version: 3.1.0 - Topaz Labs) Hidden
Topaz ReMask 4 (HKLM-x32\...\Topaz ReMask 4) (Version: 4.0.0 - Topaz Labs, LLC)
Topaz ReStyle (HKLM-x32\...\Topaz ReStyle) (Version: 1.0.0 - Topaz Labs, LLC)
Topaz Simplify 3 (64-bit) (HKLM-x32\...\Topaz Simplify 3 (64-bit)) (Version: 3.0.2 - Topaz Labs)
Topaz Simplify 3 (64-bit) (Version: 3.0.2 - Topaz Labs) Hidden
Topaz Simplify 3 (HKLM-x32\...\Topaz Simplify 3) (Version: 3.0.2 - Topaz Labs)
Topaz Simplify 3 (x32 Version: 3.0.2 - Topaz Labs) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
Vivaldi (HKU\S-1-5-21-1045896479-1792321579-2181696510-1001\...\Vivaldi) (Version: 1.0.94.2 - Vivaldi)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VobSub v2.23 (Remove Only) (HKLM-x32\...\VobSub) (Version:  - )
Vocabulary Worksheet Factory 4 (HKLM-x32\...\{D63AB926-6972-404A-862E-E70083D1F5E6}) (Version: 4.1.12.2 - Schoolhouse Technologies)
VoipConnect (HKLM-x32\...\VoipConnect_is1) (Version: 4.09 build 668 - Finarea S.A. Switzerland)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile Device Center Driver Update (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows7FirewallControl (x64) 4.1.14.73 (HKLM\...\Windows7FirewallControl_is1) (Version: 4.1.14.73 - Sphinx Software)
WinX HD Video Converter Deluxe 4.0.0 (HKLM-x32\...\WinX HD Video Converter Deluxe_is1) (Version:  - Digiarty Software, Inc.)
WISO Steuer-Sparbuch 2011 (HKLM-x32\...\{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}) (Version: 18.00.6928 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2012 (HKLM-x32\...\{0CC1DAFB-40C8-4903-953D-471E541477C7}) (Version: 19.00.7303 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{239A863D-76E2-41E3-95F0-52F5A53776DA}) (Version: 21.01.8499 - Buhl Data Service GmbH)
Wondershare Video Converter Ultimate(Build 6.6.0.5) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 6.6.0.5 - Wondershare Software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1045896479-1792321579-2181696510-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1045896479-1792321579-2181696510-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\****\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1045896479-1792321579-2181696510-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\****\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1045896479-1792321579-2181696510-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\****\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1045896479-1792321579-2181696510-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\****\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1045896479-1792321579-2181696510-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\****\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1045896479-1792321579-2181696510-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\****\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1045896479-1792321579-2181696510-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\****\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1045896479-1792321579-2181696510-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\****\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1045896479-1792321579-2181696510-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\****\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1045896479-1792321579-2181696510-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\****\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1045896479-1792321579-2181696510-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\****\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1045896479-1792321579-2181696510-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\****\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1045896479-1792321579-2181696510-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\****\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1045896479-1792321579-2181696510-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\****\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1045896479-1792321579-2181696510-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\****\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1045896479-1792321579-2181696510-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\****\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2012-11-17 10:58 - 00003713 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com 
127.0.0.1 practivate.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 192.150.18.108
127.0.0.1 activate.adobe.com:443
127.0.0.1 3dns.adobe.com
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 192.150.18.108
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-4.adobe.com
127.0.0.1 adobe-dns-5.adobe.com
127.0.0.1 ereg.wip3.adobe.com

There are 57 more lines.


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {10191F87-52C9-4427-A6B6-02199D07C509} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {1A1D7586-7F46-4B83-B133-11CCC45BCB6B} - System32\Tasks\{B5796B68-A96E-4C7A-92F4-93952C2F48AE} => c:\program files (x86)\opera\opera.exe [2014-04-25] (Opera Software)
Task: {1F35A607-6D0A-4204-826F-1DBBA97C20B8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-31] (Adobe Systems Incorporated)
Task: {2C89A2EB-63A6-42A0-AF59-CC8B5CBADF16} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {2D629B60-0FD1-4404-A2AB-B25007E1FAA7} - System32\Tasks\update-S-1-5-21-1045896479-1792321579-2181696510-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {32101485-259D-4FF5-BE39-76F11F9FF875} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {46072E3F-F77B-4CD1-99AD-01F6C04BFEE8} - System32\Tasks\{1C07DBC6-A349-4CC2-B9A7-370FD1892749} => pcalua.exe -a C:\Users\****\Desktop\YOUWASHOCK.exe -d C:\Users\****\Desktop
Task: {521435AF-D429-4B3B-85EF-52CE2DA27F05} - System32\Tasks\Opera scheduled Autoupdate 1398412331 => C:\Program Files (x86)\Opera\launcher.exe [2015-05-18] (Opera Software)
Task: {5BCE7989-E780-4BC7-A461-B4A22CFE6198} - System32\Tasks\AdobeAAMUpdater-1.0-PC-**** => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15] (Adobe Systems Incorporated)
Task: {6AD24ED0-8E89-44A0-BB62-0DCC24614819} - System32\Tasks\{06997ACB-28F9-4760-A4F7-138432919417} => pcalua.exe -a C:\Users\****\Downloads\jxpiinstall.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {78E32FBD-7E7A-4D01-A03A-9359535921BD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-19] (Google Inc.)
Task: {7F7305A7-7EB4-48B0-882F-F31E68275F69} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {B54225FA-933B-4F26-9CD9-4E7C8E668098} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-21] (Microsoft Corporation)
Task: {B5D7BF90-15C7-45DD-BFE9-108769A03C2D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {C3AB87AF-0EB5-4034-96E3-70110CC7F5AD} - System32\Tasks\{75F0085E-3F2C-457C-8FF4-7012DE82FC80} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {D69356B5-AD31-4C77-A7D0-9178785E10F6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-19] (Google Inc.)
Task: {D97272B8-517E-46AD-A356-A64627AA689E} - System32\Tasks\{53D25048-6F99-430D-8914-39C1A597ADAE} => c:\program files (x86)\opera\opera.exe [2014-04-25] (Opera Software)
Task: {D9C5E971-9A8C-44CB-B7F4-AB340396D766} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E2B075D4-136F-461D-BA70-A384E0C534D0} - System32\Tasks\{49D24BA8-63CC-46A1-AD05-1E7890C7950E} => pcalua.exe -a C:\Users\****\Desktop\HiJackThis204.exe -d C:\Users\****\Desktop
Task: {E8C12C55-2B5A-489C-9A1F-1E2F03B64646} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {F29F76D8-A784-4E16-A05A-E77C4EECE9AD} - System32\Tasks\{42E8395E-8368-435B-8370-B929E246419C} => pcalua.exe -a C:\Users\****\Desktop\ParagonBackupRecovery11Compact\Setup.exe -d C:\Users\****\Desktop\ParagonBackupRecovery11Compact
Task: {F73255E8-0204-4157-A0E8-95CD31AF3BC1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-01-23] (Piriform Ltd)
Task: {FBC3DBC9-C737-436A-B90B-140C56B28770} - System32\Tasks\{A5FF6190-2812-4373-BD68-D9A08F686B3E} => pcalua.exe -a "C:\Program Files (x86)\Team MediaPortal\MediaPortal TV Server\SetupTv.exe" -d "C:\Program Files (x86)\Team MediaPortal\MediaPortal TV Server"
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-1045896479-1792321579-2181696510-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Loaded Modules (Whitelisted) ==============

2014-12-09 18:18 - 2014-08-27 17:31 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2014-12-09 18:18 - 2013-09-03 15:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2014-12-09 18:18 - 2014-11-19 21:28 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2014-12-09 18:18 - 2012-10-29 15:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
2015-05-06 20:33 - 2015-05-06 20:33 - 00790368 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_005\ashttpbr.mdl
2015-05-06 20:33 - 2015-05-06 20:33 - 00711064 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_005\ashttpdsp.mdl
2015-05-06 20:33 - 2015-05-06 20:33 - 02683520 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_005\ashttpph.mdl
2015-05-06 20:33 - 2015-05-06 20:33 - 01326504 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_005\ashttprbl.mdl
2012-09-28 15:43 - 2012-09-28 15:43 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-12-08 12:10 - 2014-12-08 12:10 - 00102176 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-11-08 17:48 - 2013-08-23 14:36 - 00721263 _____ () C:\Windows\SysWOW64\WSCM64.dll
2013-08-06 14:04 - 2009-06-26 15:25 - 00356352 _____ () C:\Program Files (x86)\ScanWizard 5\ScannerFinder.exe
2009-08-18 21:09 - 2009-08-18 21:09 - 07599616 _____ () C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe
2012-09-28 15:43 - 2012-09-28 15:43 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-08-06 14:04 - 2009-07-22 17:22 - 00249856 _____ () C:\Program Files (x86)\ScanWizard 5\SFRes.dll
2015-06-03 17:37 - 2015-06-03 17:37 - 00043008 _____ () c:\users\****\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprsdth1.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\****\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\****\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\****\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\****\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2011-03-04 12:49 - 2011-03-04 12:49 - 00202752 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2011-06-06 21:55 - 2011-06-06 21:55 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\locale\de_de\acrotray.deu
2012-04-21 11:28 - 2013-01-29 13:06 - 00122880 _____ () C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox\components\CitaviPickerCommunication.dll
2014-12-09 18:18 - 2014-08-27 17:30 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff\components\txmlutil.dll
2014-12-09 18:18 - 2015-02-24 20:24 - 00067808 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff\components\bdwtxff.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-05-31 15:23 - 2015-05-31 15:23 - 16867504 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2014-12-09 18:18 - 2014-08-27 17:30 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\txmlutil.dll
2014-12-09 18:18 - 2013-09-03 15:29 - 00095088 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdmetrics.dll
2011-06-06 21:55 - 2011-06-06 21:55 - 04159392 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\PDFMaker\Common\AdobePDFMakerX.dll
2011-06-06 21:55 - 2011-06-06 21:55 - 01446400 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU
2013-02-14 16:46 - 2013-02-14 16:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\****\Desktop\avg_avct_x64_all_2014_4259a6848_huawei.exe:BDU
AlternateDataStreams: C:\Users\****\Desktop\Defogger.exe:BDU
AlternateDataStreams: C:\Users\****\Desktop\FRST64.exe:BDU
AlternateDataStreams: C:\Users\****\Desktop\putty.exe:BDU
AlternateDataStreams: C:\Users\****\Desktop\sq64cte0.exe:BDU

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1045896479-1792321579-2181696510-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\****\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{57296457-3635-4A27-A3CD-4389D4BB49B9}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{ED2F01F4-DDC3-41ED-A25B-B7E92F040F75}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [TCP Query User{3D54D397-88D9-4267-A70A-1F13D63FF13F}C:\program files\cubase5\cubase5.exe] => (Allow) C:\program files\cubase5\cubase5.exe
FirewallRules: [UDP Query User{5F34B870-9ADB-45DA-875D-24A69B1B2E9E}C:\program files\cubase5\cubase5.exe] => (Allow) C:\program files\cubase5\cubase5.exe
FirewallRules: [TCP Query User{3789C778-053E-493C-B8E7-5BE034A7BF64}C:\program files\cubase5\components\vstbridgeapp.exe] => (Allow) C:\program files\cubase5\components\vstbridgeapp.exe
FirewallRules: [UDP Query User{BFA4DFF3-BD43-4EA3-89ED-763386D8406F}C:\program files\cubase5\components\vstbridgeapp.exe] => (Allow) C:\program files\cubase5\components\vstbridgeapp.exe
FirewallRules: [TCP Query User{FB4EB2FE-FEAE-4072-81C3-8F9FC8BD979A}C:\program files (x86)\opera\opera.exe] => (Allow) C:\program files (x86)\opera\opera.exe
FirewallRules: [UDP Query User{8464594B-0FC9-46A7-BAF8-7474C5982B44}C:\program files (x86)\opera\opera.exe] => (Allow) C:\program files (x86)\opera\opera.exe
FirewallRules: [TCP Query User{9DFD0025-71C9-4E6D-9DAF-7081BFC83D2D}C:\users\****\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\****\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{8B96E82D-FBC8-45ED-9E0D-0C148C2A204A}C:\users\****\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\****\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{D2377979-7B5A-436B-988C-01FB8C6D57B2}C:\windows\syswow64\java.exe] => (Allow) C:\windows\syswow64\java.exe
FirewallRules: [UDP Query User{E63DF22E-994D-4352-9D25-380536B8E2E2}C:\windows\syswow64\java.exe] => (Allow) C:\windows\syswow64\java.exe
FirewallRules: [TCP Query User{448F503A-073F-405A-84CE-5EA47840E7B1}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{D86846BF-F61B-4194-9EF6-2524B6AB96ED}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{402154B9-B5B4-4CB4-8F27-360B2348E438}C:\windows\ehome\ehexthost.exe] => (Allow) C:\windows\ehome\ehexthost.exe
FirewallRules: [UDP Query User{5F17BFF1-8CC7-4149-8EC8-9CB6781F059B}C:\windows\ehome\ehexthost.exe] => (Allow) C:\windows\ehome\ehexthost.exe
FirewallRules: [{F6ABDD7C-299C-45CF-BD84-BCFC2DC3094D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BD98D58C-5CAC-4E65-AA51-BA80AC686730}] => (Allow) LPort=3306
FirewallRules: [{DC09D067-197D-4FC1-A6D8-2C8463ED2632}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{42590F13-E208-4AA1-9F06-3C619808D585}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{CED54131-A342-4FF1-BADC-EAF3004B823E}] => (Allow) C:\Users\****\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{E87BA4E7-8584-421B-8197-FF3F392B0368}] => (Allow) C:\Users\****\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{2359D4AF-67E7-4549-9A0D-3C93AC88A5CF}C:\program files (x86)\lowratevoip\lowratevoip.exe] => (Allow) C:\program files (x86)\lowratevoip\lowratevoip.exe
FirewallRules: [UDP Query User{17AF890E-355E-49E7-A9E3-DC823D2B3DC5}C:\program files (x86)\lowratevoip\lowratevoip.exe] => (Allow) C:\program files (x86)\lowratevoip\lowratevoip.exe
FirewallRules: [TCP Query User{932BE31A-9B09-459C-864C-76D2AFC4C38F}C:\program files (x86)\lowratevoip\lowratevoip.exe] => (Block) C:\program files (x86)\lowratevoip\lowratevoip.exe
FirewallRules: [UDP Query User{06C9D65C-2814-4A84-89FE-C4CBBCE97644}C:\program files (x86)\lowratevoip\lowratevoip.exe] => (Block) C:\program files (x86)\lowratevoip\lowratevoip.exe
FirewallRules: [TCP Query User{7C7B3969-90DB-4F47-9C5E-1F961E7DC7C1}C:\program files (x86)\voip\megavoip\voipconnect.exe] => (Allow) C:\program files (x86)\voip\megavoip\voipconnect.exe
FirewallRules: [UDP Query User{655F8354-15D9-48ED-9D59-35167F12755E}C:\program files (x86)\voip\megavoip\voipconnect.exe] => (Allow) C:\program files (x86)\voip\megavoip\voipconnect.exe
FirewallRules: [TCP Query User{90A45BBD-0028-4D36-99C9-5891856C5AF6}C:\program files (x86)\voip\megavoip\voipconnect.exe] => (Block) C:\program files (x86)\voip\megavoip\voipconnect.exe
FirewallRules: [UDP Query User{2BA52517-272F-47A9-A49E-1CD73CA0E91F}C:\program files (x86)\voip\megavoip\voipconnect.exe] => (Block) C:\program files (x86)\voip\megavoip\voipconnect.exe
FirewallRules: [{E94DA778-428B-40B3-9181-66351B79417A}] => (Allow) LPort=5353
FirewallRules: [{9B2D2F11-D636-4CE2-9FF0-1F67DFC31D9A}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{FE2EC4EB-12D4-4066-BC17-FD70D7F2AA8E}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [TCP Query User{793304B3-1987-4430-8283-F0B9E93483AF}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{A317204F-E988-48BA-A806-A2AC5E9351E8}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{D286B26C-7D2A-4F25-9D04-5B3D8A386C6E}C:\program files (x86)\jdownloader 2\jdownloader 2.exe] => (Allow) C:\program files (x86)\jdownloader 2\jdownloader 2.exe
FirewallRules: [UDP Query User{D79CD8C8-03B1-4E16-9536-C8E5CEF5BB2B}C:\program files (x86)\jdownloader 2\jdownloader 2.exe] => (Allow) C:\program files (x86)\jdownloader 2\jdownloader 2.exe
FirewallRules: [{E4C1CD1F-3A80-40C0-AEAF-0A7EC71FA03D}] => (Allow) C:\Program Files\Zune\Zune.exe
FirewallRules: [{A2C33E66-7DAF-4B19-BD85-CA2DD7A4ECCA}] => (Allow) C:\Program Files\Zune\Zune.exe
FirewallRules: [{60F711B7-C5FF-4353-8471-5316DDDDE27E}] => (Allow) C:\Program Files\Zune\Zune.exe
FirewallRules: [{B8837C02-F549-438F-A766-A9D87E060B8D}] => (Allow) C:\Program Files\Zune\Zune.exe
FirewallRules: [{EF2ED71D-92CF-4237-AC28-0D15A26CC092}] => (Allow) C:\Program Files (x86)\RapidSolution\Audials 9\Audials.exe
FirewallRules: [{DF09486E-766B-4977-9B4B-85D6FAFE2A0A}] => (Allow) LPort=12972
FirewallRules: [{AEEC9C89-0AF9-42D4-9016-C77C0FCF20F8}] => (Allow) LPort=14714
FirewallRules: [{1484F518-01E8-4117-B4D0-C70AB7C0DCE2}] => (Allow) LPort=31931
FirewallRules: [TCP Query User{45E8FDAB-3449-4845-A118-926A141B2087}C:\program files (x86)\jdownloader 2\jdownloader 2.exe] => (Allow) C:\program files (x86)\jdownloader 2\jdownloader 2.exe
FirewallRules: [UDP Query User{43BCCE08-85C1-4F2B-BB9A-CAE347D1A671}C:\program files (x86)\jdownloader 2\jdownloader 2.exe] => (Allow) C:\program files (x86)\jdownloader 2\jdownloader 2.exe
FirewallRules: [{E741A267-32CC-4372-86B7-120CF34B5D16}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{1321B3FB-D900-48FB-A130-B52F992F00D9}C:\program files (x86)\medion\medion nas tool\medion nas tool.exe] => (Allow) C:\program files (x86)\medion\medion nas tool\medion nas tool.exe
FirewallRules: [UDP Query User{21C39AF4-DD19-4D3D-872E-C4207487CA42}C:\program files (x86)\medion\medion nas tool\medion nas tool.exe] => (Allow) C:\program files (x86)\medion\medion nas tool\medion nas tool.exe
FirewallRules: [TCP Query User{F7B6B5CB-3BCA-4E8E-8338-ED67B706A974}C:\program files (x86)\wondershare\video converter ultimate\urlreqservice.exe] => (Allow) C:\program files (x86)\wondershare\video converter ultimate\urlreqservice.exe
FirewallRules: [UDP Query User{7E1E76EB-21EA-422C-9E45-2DFBDD3BD97E}C:\program files (x86)\wondershare\video converter ultimate\urlreqservice.exe] => (Allow) C:\program files (x86)\wondershare\video converter ultimate\urlreqservice.exe
FirewallRules: [TCP Query User{A2E5C038-5698-4F82-9592-41F41D51EC35}C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe] => (Allow) C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe
FirewallRules: [UDP Query User{C12996B1-A9CC-4532-9D96-84DE742348C5}C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe] => (Allow) C:\program files (x86)\zyxel\nas starter utility\nas starter utility.exe
FirewallRules: [{7DB3ADFE-6204-44D8-A2EC-99C057398934}] => (Allow) C:\Users\****\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{6134390F-AF2C-41A5-960D-0FE3948EA7A9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C77390B9-F74B-47C8-AACE-DE99D73B3091}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D3ACF9D2-B3C0-4579-9C31-28362E0B0E83}] => (Allow) C:\Users\****\AppData\Local\Vivaldi\Application\vivaldi.exe
FirewallRules: [{5455D83D-2081-4986-A3F0-C8FA47B5FA3A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/02/2015 09:02:32 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Napster Rienf Repair wird entfernt; Fehler = 0x80070422).

Error: (06/02/2015 09:02:30 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Napster Rienf Repair wird entfernt; Fehler = 0x80070422).

Error: (06/02/2015 09:02:11 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Removed MEDION GoPal Assistant; Fehler = 0x80070422).

Error: (06/02/2015 09:02:09 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Removed MEDION GoPal Assistant; Fehler = 0x80070422).

Error: (06/02/2015 08:52:35 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Removed fotoalbum.de Editor; Fehler = 0x80070422).

Error: (06/02/2015 08:52:34 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Removed fotoalbum.de Editor; Fehler = 0x80070422).

Error: (06/02/2015 06:39:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: spoolsv.exe, Version: 6.1.7601.17777, Zeitstempel: 0x4f35fc1d
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x7c0
Startzeit der fehlerhaften Anwendung: 0xspoolsv.exe0
Pfad der fehlerhaften Anwendung: spoolsv.exe1
Pfad des fehlerhaften Moduls: spoolsv.exe2
Berichtskennung: spoolsv.exe3

Error: (06/01/2015 01:37:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Acrobat.exe, Version 10.1.0.534 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 106c

Startzeit: 01d09c5f4d39b8ab

Endzeit: 4

Anwendungspfad: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe

Berichts-ID: 8fab6736-0852-11e5-b06d-db4f4a6ae324

Error: (05/31/2015 10:42:03 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x80070422).

Error: (05/31/2015 10:38:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: spoolsv.exe, Version: 6.1.7601.17777, Zeitstempel: 0x4f35fc1d
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x7c4
Startzeit der fehlerhaften Anwendung: 0xspoolsv.exe0
Pfad der fehlerhaften Anwendung: spoolsv.exe1
Pfad des fehlerhaften Moduls: spoolsv.exe2
Berichtskennung: spoolsv.exe3


System errors:
=============
Error: (06/03/2015 05:37:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (06/03/2015 05:37:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (06/03/2015 05:37:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (06/03/2015 05:37:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (06/03/2015 05:37:52 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (06/03/2015 05:37:52 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (06/03/2015 05:37:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (06/03/2015 05:37:41 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (06/03/2015 05:37:41 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (06/03/2015 05:37:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "PNRP-Computernamenveröffentlichungs-Dienst" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535


Microsoft Office:
=========================
Error: (06/02/2015 09:02:32 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\msiexec.exe /VNapster Rienf Repair wird entfernt0x80070422

Error: (06/02/2015 09:02:30 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\msiexec.exe /VNapster Rienf Repair wird entfernt0x80070422

Error: (06/02/2015 09:02:11 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\msiexec.exe /VRemoved MEDION GoPal Assistant0x80070422

Error: (06/02/2015 09:02:09 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\msiexec.exe /VRemoved MEDION GoPal Assistant0x80070422

Error: (06/02/2015 08:52:35 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\msiexec.exe /VRemoved fotoalbum.de Editor0x80070422

Error: (06/02/2015 08:52:34 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\msiexec.exe /VRemoved fotoalbum.de Editor0x80070422

Error: (06/02/2015 06:39:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: spoolsv.exe6.1.7601.177774f35fc1dunknown0.0.0.000000000c000000500000000000000007c001d09ceb34752502C:\Windows\System32\spoolsv.exeunknown631f75dd-08e1-11e5-abf5-a4a7c0a63223

Error: (06/01/2015 01:37:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Acrobat.exe10.1.0.534106c01d09c5f4d39b8ab4C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe8fab6736-0852-11e5-b06d-db4f4a6ae324

Error: (05/31/2015 10:42:03 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationGeplanter Prüfpunkt0x80070422

Error: (05/31/2015 10:38:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: spoolsv.exe6.1.7601.177774f35fc1dunknown0.0.0.000000000c000000500000000000000007c401d09b744d47e19aC:\Windows\System32\spoolsv.exeunknown74f32e51-0770-11e5-9f2e-acd017aba424


CodeIntegrity Errors:
===================================
  Date: 2012-12-10 11:49:49.179
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\athrx.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-12-10 11:49:48.992
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\athrx.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-01-08 10:44:11.746
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00101_003\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-01-08 09:11:58.391
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00101_003\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-01-08 08:56:09.155
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00101_003\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-01-08 08:33:45.296
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00101_003\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-01-06 19:49:33.465
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00101_003\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-01-06 18:30:00.593
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00101_003\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-01-06 17:55:41.177
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00101_003\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-01-06 16:44:45.156
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00101_003\avcuf64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: AMD Phenom(tm) II X4 810 Processor
Percentage of memory in use: 27%
Total physical RAM: 12285.49 MB
Available physical RAM: 8885.18 MB
Total Pagefile: 24569.19 MB
Available Pagefile: 20902.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:238.38 GB) (Free:24.7 GB) NTFS
Drive d: (464600) (Fixed) (Total:74.53 GB) (Free:57.63 GB) NTFS
Drive f: (Datensicherungen) (Fixed) (Total:931.51 GB) (Free:518.58 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 74.5 GB) (Disk ID: F5F623ED)
Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2A52F2AE)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 238.5 GB) (Disk ID: 00046872)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)

==================== End of log ============================
         
--- --- ---
__________________


Alt 03.06.2015, 20:42   #3
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet - Standard

Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet





Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.


Schritt 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
__________________

Alt 03.06.2015, 20:47   #4
DHL-Kunde
 
Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet - Standard

Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet



Die Gmer.txt ist viel zu lang für den Code-Tag (>980.000 Zeichen). Muss ich die in 8 verschiedenen Posts hier posten oder gibt es dafür eine andere Lösung?
Vielen Dank.


Edit: Hallo Danke Jürgen, danke für die super schnelle Meldung.

Ich werde morgen mit TDSSKiller weiter machen!

Alt 03.06.2015, 20:47   #5
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet - Standard

Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet



Zitat:
Zitat von DHL-Kunde Beitrag anzeigen
oder gibt es dafür eine andere Lösung?
Vielen Dank.
Ja, lass das GMER-Log einfach weg.

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 04.06.2015, 05:19   #6
DHL-Kunde
 
Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet - Standard

Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet



Guten Morgen.

Hier ist der Report von TDSSKiller
- Er hat nur eine Meldung hinsichtlich meiner Firewall ausgegeben.

Code:
ATTFilter
06:13:17.0295 0x18b4  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
06:13:24.0134 0x18b4  ============================================================
06:13:24.0134 0x18b4  Current date / time: 2015/06/04 06:13:24.0134
06:13:24.0135 0x18b4  SystemInfo:
06:13:24.0135 0x18b4  
06:13:24.0135 0x18b4  OS Version: 6.1.7601 ServicePack: 1.0
06:13:24.0135 0x18b4  Product type: Workstation
06:13:24.0135 0x18b4  ComputerName: PC
06:13:24.0135 0x18b4  UserName: ****
06:13:24.0135 0x18b4  Windows directory: C:\Windows
06:13:24.0135 0x18b4  System windows directory: C:\Windows
06:13:24.0135 0x18b4  Running under WOW64
06:13:24.0135 0x18b4  Processor architecture: Intel x64
06:13:24.0135 0x18b4  Number of processors: 4
06:13:24.0135 0x18b4  Page size: 0x1000
06:13:24.0135 0x18b4  Boot type: Normal boot
06:13:24.0135 0x18b4  ============================================================
06:13:24.0310 0x18b4  KLMD registered as C:\Windows\system32\drivers\77143115.sys
06:13:24.0389 0x18b4  System UUID: {1FB18294-451C-6639-4BA1-68B34F71A0D1}
06:13:24.0756 0x18b4  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:13:24.0756 0x18b4  Drive \Device\Harddisk2\DR2 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x8134, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
06:13:24.0756 0x18b4  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 ( 74.53 Gb ), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:13:24.0789 0x18b4  ============================================================
06:13:24.0789 0x18b4  \Device\Harddisk1\DR1:
06:13:24.0789 0x18b4  MBR partitions:
06:13:24.0789 0x18b4  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
06:13:24.0789 0x18b4  \Device\Harddisk2\DR2:
06:13:24.0790 0x18b4  MBR partitions:
06:13:24.0790 0x18b4  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
06:13:24.0790 0x18b4  \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1DCC0800
06:13:24.0790 0x18b4  \Device\Harddisk0\DR0:
06:13:24.0790 0x18b4  MBR partitions:
06:13:24.0790 0x18b4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950E482
06:13:24.0790 0x18b4  ============================================================
06:13:24.0791 0x18b4  C: <-> \Device\Harddisk2\DR2\Partition2
06:13:24.0792 0x18b4  D: <-> \Device\Harddisk0\DR0\Partition1
06:13:24.0793 0x18b4  F: <-> \Device\Harddisk1\DR1\Partition1
06:13:24.0794 0x18b4  ============================================================
06:13:24.0794 0x18b4  Initialize success
06:13:24.0794 0x18b4  ============================================================
06:14:25.0249 0x1088  ============================================================
06:14:25.0249 0x1088  Scan started
06:14:25.0249 0x1088  Mode: Manual; SigCheck; TDLFS; 
06:14:25.0249 0x1088  ============================================================
06:14:25.0249 0x1088  KSN ping started
06:14:27.0685 0x1088  KSN ping finished: true
06:14:28.0377 0x1088  ================ Scan system memory ========================
06:14:28.0378 0x1088  System memory - ok
06:14:28.0378 0x1088  ================ Scan services =============================
06:14:28.0413 0x1088  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
06:14:28.0469 0x1088  1394ohci - ok
06:14:28.0486 0x1088  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
06:14:28.0507 0x1088  ACPI - ok
06:14:28.0512 0x1088  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
06:14:28.0538 0x1088  AcpiPmi - ok
06:14:28.0561 0x1088  [ 00CC35F515079F5F94FABC3AC5C7D363, 7CE8B1715009602059DEDD6CBCA9C18EF079EDA344E7809813D6C0A395622B82 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
06:14:28.0600 0x1088  AdobeFlashPlayerUpdateSvc - ok
06:14:28.0617 0x1088  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
06:14:28.0645 0x1088  adp94xx - ok
06:14:28.0658 0x1088  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
06:14:28.0693 0x1088  adpahci - ok
06:14:28.0702 0x1088  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
06:14:28.0721 0x1088  adpu320 - ok
06:14:28.0729 0x1088  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
06:14:28.0744 0x1088  AeLookupSvc - ok
06:14:28.0760 0x1088  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
06:14:28.0788 0x1088  AFD - ok
06:14:28.0794 0x1088  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
06:14:28.0810 0x1088  agp440 - ok
06:14:28.0816 0x1088  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
06:14:28.0838 0x1088  ALG - ok
06:14:28.0843 0x1088  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
06:14:28.0857 0x1088  aliide - ok
06:14:28.0867 0x1088  [ 20C8A3E435A47F0408A1EA674AFA6194, 568EBB4EE65E6945024F4D67B541BD0170E35C32E7ED4D0AD59D33D933E430D5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
06:14:28.0902 0x1088  AMD External Events Utility - ok
06:14:28.0907 0x1088  AMD FUEL Service - ok
06:14:28.0911 0x1088  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
06:14:28.0925 0x1088  amdide - ok
06:14:28.0930 0x1088  [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
06:14:29.0008 0x1088  amdiox64 - ok
06:14:29.0013 0x1088  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
06:14:29.0033 0x1088  AmdK8 - ok
06:14:29.0305 0x1088  [ 0B45C18B0F3EE996D25BAA4E74884B83, 9E9CE2E02A4E4BF8A87870EF23F8B7D6762785EE9959A64DF45E67B30DE3B63C ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
06:14:29.0638 0x1088  amdkmdag - ok
06:14:29.0667 0x1088  [ 0E57258E5CC4CC7A9A9A877AFDF0CEC6, 2C3DCB347CD6DAF6F2C8A2531D5165F776855F05D1675A36B9D78BC2C8E0B324 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
06:14:29.0691 0x1088  amdkmdap - ok
06:14:29.0697 0x1088  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
06:14:29.0711 0x1088  AmdPPM - ok
06:14:29.0717 0x1088  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
06:14:29.0735 0x1088  amdsata - ok
06:14:29.0744 0x1088  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
06:14:29.0764 0x1088  amdsbs - ok
06:14:29.0769 0x1088  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
06:14:29.0781 0x1088  amdxata - ok
06:14:29.0789 0x1088  [ B5C0F65D6657C6ADD9ED75EC7583390B, 8EE69F05714A861A0439E1E1BA167A3B71E50E1BFFD20F1239F0FF2F20FA7BF4 ] AnyDVD          C:\Windows\system32\Drivers\AnyDVD.sys
06:14:29.0807 0x1088  AnyDVD - ok
06:14:29.0812 0x1088  [ 5A528A540B1AEE8B1C77ED65094E8CDF, 6E3DE68E630B81425056AB58E64721DD41F56491DD2D281CBB86AA7EF9CAD0E0 ] AODDriver4.01   C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
06:14:29.0824 0x1088  AODDriver4.01 - ok
06:14:29.0828 0x1088  [ 5A528A540B1AEE8B1C77ED65094E8CDF, 6E3DE68E630B81425056AB58E64721DD41F56491DD2D281CBB86AA7EF9CAD0E0 ] AODDriver4.2    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
06:14:29.0839 0x1088  AODDriver4.2 - ok
06:14:29.0845 0x1088  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
06:14:29.0864 0x1088  AppID - ok
06:14:29.0868 0x1088  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
06:14:29.0883 0x1088  AppIDSvc - ok
06:14:29.0889 0x1088  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
06:14:29.0905 0x1088  Appinfo - ok
06:14:29.0911 0x1088  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
06:14:29.0928 0x1088  arc - ok
06:14:29.0935 0x1088  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
06:14:29.0953 0x1088  arcsas - ok
06:14:29.0959 0x1088  [ 0AA7A996792FB0287B33A57A8093AE44, 41894F055F3CDA05794FC46E1F2C59979D1DAF7602F44E4ADF6347E199B8137C ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
06:14:29.0980 0x1088  asmthub3 - ok
06:14:29.0994 0x1088  [ 125DC3ABF5BFCCFE82AD17D078E0B9EC, FEFF8C37CD688F39C8E341F8BF7A712AA8C0F431B064E07C3EA66A96250D855B ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
06:14:30.0022 0x1088  asmtxhci - ok
06:14:30.0036 0x1088  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
06:14:30.0053 0x1088  aspnet_state - ok
06:14:30.0057 0x1088  [ 6B91E6D483AADB3FC4E13E2355200611, 246423703AEA346B99B5F81F1846F0C34DF1178859DD59BCA6393A7CDD8D48AC ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
06:14:30.0072 0x1088  aswKbd - ok
06:14:30.0076 0x1088  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
06:14:30.0109 0x1088  AsyncMac - ok
06:14:30.0113 0x1088  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
06:14:30.0126 0x1088  atapi - ok
06:14:30.0168 0x1088  [ 0ACC06FCF46F64ED4F11E57EE461C1F4, F2AB7198C7F7D36AB1D6D03C1FEFD929ED402002AC835B909FC14938BC0EE24B ] athr            C:\Windows\system32\DRIVERS\athrx.sys
06:14:30.0230 0x1088  athr - ok
06:14:30.0243 0x1088  [ DBB487D09F56C674430AC454FD8BCAB9, CF6413DD5D4876CE1F65E40115994423804AA5EA5CBDEB433DB751B445C17BB8 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
06:14:30.0264 0x1088  AtiHDAudioService - ok
06:14:30.0539 0x1088  [ 0B45C18B0F3EE996D25BAA4E74884B83, 9E9CE2E02A4E4BF8A87870EF23F8B7D6762785EE9959A64DF45E67B30DE3B63C ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
06:14:30.0816 0x1088  atikmdag - ok
06:14:30.0854 0x1088  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
06:14:30.0886 0x1088  AudioEndpointBuilder - ok
06:14:30.0906 0x1088  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
06:14:30.0934 0x1088  AudioSrv - ok
06:14:30.0971 0x1088  [ 1517FBA8213F75ECCD9311DE493DD8C9, B5296BE2501F19B525BBC774465CB03E06BD5DE17DAED058CC74B0121D569EEF ] avc3            C:\Windows\system32\DRIVERS\avc3.sys
06:14:31.0023 0x1088  avc3 - ok
06:14:31.0036 0x1088  [ 075AE98458B00E98F3104D777C062032, 3447D7E2439B8EE89047E3C43973490F47129C416A983B72F86EF67EB349F794 ] avchv           C:\Windows\system32\DRIVERS\avchv.sys
06:14:31.0057 0x1088  avchv - ok
06:14:31.0079 0x1088  [ D1A0A4A314FCE6478F2E8C05D8DABC5B, 2EF0DE520081AB82B53733209EB1791D99ADA5E0F9E94B0EAC56E4609CB67D72 ] avckf           C:\Windows\system32\DRIVERS\avckf.sys
06:14:31.0108 0x1088  avckf - ok
06:14:31.0115 0x1088  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
06:14:31.0146 0x1088  AxInstSV - ok
06:14:31.0162 0x1088  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
06:14:31.0190 0x1088  b06bdrv - ok
06:14:31.0202 0x1088  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
06:14:31.0225 0x1088  b57nd60a - ok
06:14:31.0236 0x1088  [ 1E20AEB58EB2D2DF3D43E255771079D7, EE2EA1B03550ADFCE940FA1BBD818A3BFA8DCB00CDA1D654E10F701A0C10E23C ] BdDesktopParental C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe
06:14:31.0250 0x1088  BdDesktopParental - ok
06:14:31.0256 0x1088  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
06:14:31.0275 0x1088  BDESVC - ok
06:14:31.0281 0x1088  [ 9A9A632AA25D4B33BFA9D3202DEA0E87, 438FFDD092197BAFE86609D545E9218103F1BE25A49BF30C62E546BE3360C2CA ] BdfNdisf        c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
06:14:31.0297 0x1088  BdfNdisf - ok
06:14:31.0303 0x1088  [ EC80614A72BC7039D2B22E3DD6C15895, 932260AB126523428B884034162E3619E1B7FA13720F830783B592AAE825AC86 ] bdfwfpf         C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
06:14:31.0320 0x1088  bdfwfpf - ok
06:14:31.0326 0x1088  [ C0247341C1BCD7FF2742821D0AD7AFBC, EC2B246F3233302DB540394AC0F11F294CA16FB9E44110126CC9807BAC20EA35 ] bdfwfpf_pc      C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys
06:14:31.0345 0x1088  bdfwfpf_pc - ok
06:14:31.0351 0x1088  [ 397307349A31F530718DAE781825A8EB, 65F6B1E7556A5B3D63BDD80E0E1D4BCB0A2CB804622DB7C511EBC4B5CFDA5A10 ] BDSandBox       C:\Windows\system32\drivers\bdsandbox.sys
06:14:31.0367 0x1088  BDSandBox - ok
06:14:31.0371 0x1088  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
06:14:31.0407 0x1088  Beep - ok
06:14:31.0429 0x1088  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
06:14:31.0464 0x1088  BFE - ok
06:14:31.0490 0x1088  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
06:14:31.0574 0x1088  BITS - ok
06:14:31.0579 0x1088  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
06:14:31.0595 0x1088  blbdrive - ok
06:14:31.0601 0x1088  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
06:14:31.0616 0x1088  bowser - ok
06:14:31.0620 0x1088  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
06:14:31.0645 0x1088  BrFiltLo - ok
06:14:31.0649 0x1088  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
06:14:31.0665 0x1088  BrFiltUp - ok
06:14:31.0672 0x1088  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
06:14:31.0690 0x1088  Browser - ok
06:14:31.0701 0x1088  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
06:14:31.0727 0x1088  Brserid - ok
06:14:31.0732 0x1088  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
06:14:31.0750 0x1088  BrSerWdm - ok
06:14:31.0754 0x1088  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
06:14:31.0771 0x1088  BrUsbMdm - ok
06:14:31.0775 0x1088  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
06:14:31.0789 0x1088  BrUsbSer - ok
06:14:31.0795 0x1088  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
06:14:31.0813 0x1088  BTHMODEM - ok
06:14:31.0821 0x1088  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
06:14:31.0856 0x1088  bthserv - ok
06:14:31.0896 0x1088  [ FECA9F830A5C6BAB9978E6781A26AE2B, CA1681A2F4FA849815B8E823805E078DB9C050CEE86E9E394B2A37B57CC474A6 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
06:14:31.0958 0x1088  c2cautoupdatesvc - ok
06:14:32.0007 0x1088  [ 5B33709F7FE59BB625F113EED86AFC5C, 8D29FE242D55526FDEB2CB4009B5DE19C93972E872BE6328AD3305E360A3D44B ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
06:14:32.0075 0x1088  c2cpnrsvc - ok
06:14:32.0083 0x1088  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
06:14:32.0119 0x1088  cdfs - ok
06:14:32.0127 0x1088  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
06:14:32.0146 0x1088  cdrom - ok
06:14:32.0152 0x1088  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
06:14:32.0184 0x1088  CertPropSvc - ok
06:14:32.0189 0x1088  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
06:14:32.0208 0x1088  circlass - ok
06:14:32.0221 0x1088  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
06:14:32.0244 0x1088  CLFS - ok
06:14:32.0251 0x1088  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
06:14:32.0282 0x1088  clr_optimization_v2.0.50727_32 - ok
06:14:32.0288 0x1088  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
06:14:32.0306 0x1088  clr_optimization_v2.0.50727_64 - ok
06:14:32.0316 0x1088  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
06:14:32.0341 0x1088  clr_optimization_v4.0.30319_32 - ok
06:14:32.0347 0x1088  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
06:14:32.0365 0x1088  clr_optimization_v4.0.30319_64 - ok
06:14:32.0370 0x1088  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
06:14:32.0385 0x1088  CmBatt - ok
06:14:32.0389 0x1088  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
06:14:32.0404 0x1088  cmdide - ok
06:14:32.0420 0x1088  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
06:14:32.0454 0x1088  CNG - ok
06:14:32.0459 0x1088  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
06:14:32.0474 0x1088  Compbatt - ok
06:14:32.0479 0x1088  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
06:14:32.0497 0x1088  CompositeBus - ok
06:14:32.0500 0x1088  COMSysApp - ok
06:14:32.0505 0x1088  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
06:14:32.0521 0x1088  crcdisk - ok
06:14:32.0531 0x1088  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
06:14:32.0553 0x1088  CryptSvc - ok
06:14:32.0557 0x1088  [ 44BDDEB03C84A1C993C992FFB5700357, 29080E9A434BB2A932783B0B5104BC9E3C514A0FFB387123B75F4F4045E353BC ] CVirtA          C:\Windows\system32\DRIVERS\CVirtA64.sys
06:14:32.0570 0x1088  CVirtA - ok
06:14:32.0612 0x1088  [ 98C413E1A2FB6E5A4C101C25B3D0B275, 86C02211285F1807A6B276F07C56DE1A54BD5947E513884D8D971A22F4362849 ] CVPND           C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
06:14:32.0671 0x1088  CVPND - ok
06:14:32.0685 0x1088  [ 79AF0E203D089AF442A3F70ED00A37FB, BF28BF9AEE23A3052D5ADA6C1B4C255C5F09DED69BB88D2CA3C011D2C3CFA8C1 ] CVPNDRVA        C:\Windows\system32\Drivers\CVPNDRVA.sys
06:14:32.0703 0x1088  CVPNDRVA - ok
06:14:32.0708 0x1088  [ 7AF9DAC504FBD047CBC3E64AE52C92BF, CA8F9564733DED4C3895CF7150BB254995D66889E6BE08D6654E4F897E4FF7A4 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
06:14:32.0725 0x1088  dc3d - ok
06:14:32.0743 0x1088  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
06:14:32.0787 0x1088  DcomLaunch - ok
06:14:32.0799 0x1088  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
06:14:32.0839 0x1088  defragsvc - ok
06:14:32.0845 0x1088  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
06:14:32.0878 0x1088  DfsC - ok
06:14:32.0890 0x1088  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
06:14:32.0912 0x1088  Dhcp - ok
06:14:32.0950 0x1088  [ EA8A3E8C674B03CB4AFA1D344DBD7BC1, 564D9370AE4D12973647997684B9637B2A5A7480F66B87018F789CE4E43C8191 ] DiagTrack       C:\Windows\system32\diagtrack.dll
06:14:33.0000 0x1088  DiagTrack - ok
06:14:33.0006 0x1088  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
06:14:33.0040 0x1088  discache - ok
06:14:33.0045 0x1088  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
06:14:33.0059 0x1088  Disk - ok
06:14:33.0067 0x1088  [ 05CB5910B3CA6019FC3CCA815EE06FFB, 8FA532ED500BB1F08E8034A6125BDD53B74D5E6AB0A83A6185B07AAFCD90AA82 ] DNE             C:\Windows\system32\DRIVERS\dne64x.sys
06:14:33.0081 0x1088  DNE - ok
06:14:33.0089 0x1088  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
06:14:33.0107 0x1088  Dnscache - ok
06:14:33.0117 0x1088  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
06:14:33.0158 0x1088  dot3svc - ok
06:14:33.0166 0x1088  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
06:14:33.0201 0x1088  DPS - ok
06:14:33.0205 0x1088  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
06:14:33.0219 0x1088  drmkaud - ok
06:14:33.0225 0x1088  [ EEE504899A0CC781F09CF003CA897771, 90D9500489FD12E3E6299B5BFC9A7E14E7D2A4744EC1A1158E8236D204F0DC27 ] dvdfab          C:\Windows\system32\drivers\dvdfab.sys
06:14:33.0240 0x1088  dvdfab - ok
06:14:33.0270 0x1088  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
06:14:33.0307 0x1088  DXGKrnl - ok
06:14:33.0314 0x1088  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
06:14:33.0350 0x1088  EapHost - ok
06:14:33.0436 0x1088  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
06:14:33.0547 0x1088  ebdrv - ok
06:14:33.0557 0x1088  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] EFS             C:\Windows\System32\lsass.exe
06:14:33.0572 0x1088  EFS - ok
06:14:33.0594 0x1088  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
06:14:33.0634 0x1088  ehRecvr - ok
06:14:33.0641 0x1088  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
06:14:33.0663 0x1088  ehSched - ok
06:14:33.0667 0x1088  [ A05FC7ECA0966EBB70E4D17B855A853B, 16A0C8138A3BBD8BE2658261131F9777940CFB1431018A10710E5C1A88AB70EA ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
06:14:33.0682 0x1088  ElbyCDIO - ok
06:14:33.0700 0x1088  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
06:14:33.0730 0x1088  elxstor - ok
06:14:33.0735 0x1088  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
06:14:33.0750 0x1088  ErrDev - ok
06:14:33.0768 0x1088  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
06:14:33.0811 0x1088  EventSystem - ok
06:14:33.0814 0x1088  ewusbnet - ok
06:14:33.0818 0x1088  ew_hwusbdev - ok
06:14:33.0828 0x1088  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
06:14:33.0867 0x1088  exfat - ok
06:14:33.0871 0x1088  Fabs - ok
06:14:33.0880 0x1088  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
06:14:33.0920 0x1088  fastfat - ok
06:14:33.0942 0x1088  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
06:14:33.0976 0x1088  Fax - ok
06:14:33.0981 0x1088  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
06:14:33.0996 0x1088  fdc - ok
06:14:34.0000 0x1088  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
06:14:34.0034 0x1088  fdPHost - ok
06:14:34.0039 0x1088  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
06:14:34.0072 0x1088  FDResPub - ok
06:14:34.0077 0x1088  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
06:14:34.0091 0x1088  FileInfo - ok
06:14:34.0095 0x1088  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
06:14:34.0131 0x1088  Filetrace - ok
06:14:34.0200 0x1088  [ 5BD96D8C5411ACE71A7EAACAF0EF2903, 2AF58E6060C7DEC44B4CA30E14E164473CD4089AE475DAFFC61DFE56990C1147 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
06:14:34.0296 0x1088  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic ( 1 )
06:14:36.0797 0x1088  Detect skipped due to KSN trusted
06:14:36.0798 0x1088  FirebirdServerMAGIXInstance - ok
06:14:36.0819 0x1088  [ 1F63900E2EB00101B9ACA2B7A870704E, 5AFE1FC852937FECE6B33147BD0110436FE97F33BFDA3F69B1F5EDAD6FFC09C6 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
06:14:36.0886 0x1088  FLEXnet Licensing Service - ok
06:14:36.0891 0x1088  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
06:14:36.0907 0x1088  flpydisk - ok
06:14:36.0918 0x1088  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
06:14:36.0938 0x1088  FltMgr - ok
06:14:36.0972 0x1088  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
06:14:37.0020 0x1088  FontCache - ok
06:14:37.0027 0x1088  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
06:14:37.0048 0x1088  FontCache3.0.0.0 - ok
06:14:37.0053 0x1088  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
06:14:37.0069 0x1088  FsDepends - ok
06:14:37.0074 0x1088  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
06:14:37.0086 0x1088  Fs_Rec - ok
06:14:37.0096 0x1088  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
06:14:37.0116 0x1088  fvevol - ok
06:14:37.0121 0x1088  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
06:14:37.0138 0x1088  gagp30kx - ok
06:14:37.0142 0x1088  [ 4412705F7FD88AACB1DAD2ED321C3328, 39596A40A4AE07FFAC34D4B52570E8F2F9436044C0215F6817167FBEFABDBCF9 ] gdrv            C:\Windows\gdrv.sys
06:14:37.0156 0x1088  gdrv - ok
06:14:37.0160 0x1088  [ E403AACF8C7BB11375122D2464560311, 0427B8FFD999D256EA1A5135F218692959A7577CB32354D3087CF0FB4F0577DF ] GEARAspiWDM     C:\Windows\system32\Drivers\GEARAspiWDM.sys
06:14:37.0171 0x1088  GEARAspiWDM - ok
06:14:37.0176 0x1088  [ 9BA50351AF95C9DF28C8BCD382427D11, A0725F1A630705AAE344714FC528FD13342F570C80423738D76A9429F56134D0 ] GenericMount    C:\Windows\system32\DRIVERS\GenericMount.sys
06:14:37.0191 0x1088  GenericMount - ok
06:14:37.0217 0x1088  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
06:14:37.0269 0x1088  gpsvc - ok
06:14:37.0278 0x1088  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
06:14:37.0303 0x1088  gupdate - ok
06:14:37.0308 0x1088  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
06:14:37.0332 0x1088  gupdatem - ok
06:14:37.0340 0x1088  [ 4250E0978FBC9B3C0D115CD26C5BA9F4, 5674E267D9053BDF185A73C689CB125EE70AE14C7F2D0E37718379F425EBDC01 ] gzflt           C:\Windows\system32\DRIVERS\gzflt.sys
06:14:37.0356 0x1088  gzflt - ok
06:14:37.0361 0x1088  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
06:14:37.0378 0x1088  hcw85cir - ok
06:14:37.0391 0x1088  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
06:14:37.0421 0x1088  HdAudAddService - ok
06:14:37.0428 0x1088  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
06:14:37.0445 0x1088  HDAudBus - ok
06:14:37.0449 0x1088  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
06:14:37.0465 0x1088  HidBatt - ok
06:14:37.0471 0x1088  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
06:14:37.0490 0x1088  HidBth - ok
06:14:37.0495 0x1088  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
06:14:37.0513 0x1088  HidIr - ok
06:14:37.0518 0x1088  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
06:14:37.0552 0x1088  hidserv - ok
06:14:37.0556 0x1088  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
06:14:37.0572 0x1088  HidUsb - ok
06:14:37.0577 0x1088  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
06:14:37.0614 0x1088  hkmsvc - ok
06:14:37.0624 0x1088  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
06:14:37.0644 0x1088  HomeGroupListener - ok
06:14:37.0652 0x1088  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
06:14:37.0671 0x1088  HomeGroupProvider - ok
06:14:37.0677 0x1088  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
06:14:37.0694 0x1088  HpSAMD - ok
06:14:37.0717 0x1088  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
06:14:37.0752 0x1088  HTTP - ok
06:14:37.0756 0x1088  huawei_enumerator - ok
06:14:37.0762 0x1088  hwdatacard - ok
06:14:37.0767 0x1088  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
06:14:37.0779 0x1088  hwpolicy - ok
06:14:37.0787 0x1088  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
06:14:37.0804 0x1088  i8042prt - ok
06:14:37.0818 0x1088  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
06:14:37.0845 0x1088  iaStorV - ok
06:14:37.0851 0x1088  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
06:14:37.0876 0x1088  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
06:14:40.0377 0x1088  Detect skipped due to KSN trusted
06:14:40.0377 0x1088  IDriverT - ok
06:14:40.0406 0x1088  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
06:14:40.0448 0x1088  idsvc - ok
06:14:40.0452 0x1088  IEEtwCollectorService - ok
06:14:40.0458 0x1088  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
06:14:40.0473 0x1088  iirsp - ok
06:14:40.0500 0x1088  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
06:14:40.0539 0x1088  IKEEXT - ok
06:14:40.0660 0x1088  [ 150AC23F21DBDBF8488408BA944B0D65, 77A3A0FB5208AA061224CFACC4D136A260132CC4BA01D105AE1532B749968708 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
06:14:40.0784 0x1088  IntcAzAudAddService - ok
06:14:40.0796 0x1088  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
06:14:40.0811 0x1088  intelide - ok
06:14:40.0816 0x1088  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
06:14:40.0833 0x1088  intelppm - ok
06:14:40.0839 0x1088  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
06:14:40.0874 0x1088  IPBusEnum - ok
06:14:40.0880 0x1088  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
06:14:40.0915 0x1088  IpFilterDriver - ok
06:14:40.0933 0x1088  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
06:14:40.0963 0x1088  iphlpsvc - ok
06:14:40.0969 0x1088  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
06:14:40.0987 0x1088  IPMIDRV - ok
06:14:40.0994 0x1088  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
06:14:41.0031 0x1088  IPNAT - ok
06:14:41.0035 0x1088  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
06:14:41.0061 0x1088  IRENUM - ok
06:14:41.0065 0x1088  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
06:14:41.0080 0x1088  isapnp - ok
06:14:41.0091 0x1088  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
06:14:41.0114 0x1088  iScsiPrt - ok
06:14:41.0120 0x1088  [ DB85FE8D6CBAA2047CB4DA1B2C193D76, 9F9A6B4446ED0EC2EDFD2F1554E83EB381A7CC16CD0D0159B043402B630CAF01 ] JRAID           C:\Windows\system32\DRIVERS\jraid.sys
06:14:41.0139 0x1088  JRAID - ok
06:14:41.0144 0x1088  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
06:14:41.0159 0x1088  kbdclass - ok
06:14:41.0164 0x1088  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
06:14:41.0179 0x1088  kbdhid - ok
06:14:41.0183 0x1088  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] KeyIso          C:\Windows\system32\lsass.exe
06:14:41.0196 0x1088  KeyIso - ok
06:14:41.0202 0x1088  [ F7DFAE6040AC910B7C64EE208A34157D, AEF1100F12391692D9DB78519D843A90C97E199A80DDC4D43E3AF1919A9E8E56 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
06:14:41.0217 0x1088  KSecDD - ok
06:14:41.0224 0x1088  [ 8FE94F2EF9BF444E93E35D87E210D02F, 78E8F6FD7C1EA3556194947707BE6893538A9E25A550C22045866C5B30251D14 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
06:14:41.0241 0x1088  KSecPkg - ok
06:14:41.0245 0x1088  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
06:14:41.0279 0x1088  ksthunk - ok
06:14:41.0292 0x1088  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
06:14:41.0338 0x1088  KtmRm - ok
06:14:41.0348 0x1088  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
06:14:41.0386 0x1088  LanmanServer - ok
06:14:41.0393 0x1088  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
06:14:41.0429 0x1088  LanmanWorkstation - ok
06:14:41.0436 0x1088  [ E536A1D8502D0CA79B928CAB9EAEB807, B23B461FB1488DC9557946A1C08D1F1B9731F44D80DBC8270A94E21B3742CB06 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
06:14:41.0453 0x1088  LHidFilt - ok
06:14:41.0458 0x1088  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
06:14:41.0491 0x1088  lltdio - ok
06:14:41.0502 0x1088  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
06:14:41.0546 0x1088  lltdsvc - ok
06:14:41.0550 0x1088  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
06:14:41.0584 0x1088  lmhosts - ok
06:14:41.0589 0x1088  [ 2E6D0110DACC769AE478ADE6C2572E37, 7135B25486EED41E17E25333E5CED03555F1D473640259E69570115B3BAF92C9 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
06:14:41.0606 0x1088  LMouFilt - ok
06:14:41.0614 0x1088  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
06:14:41.0631 0x1088  LSI_FC - ok
06:14:41.0638 0x1088  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
06:14:41.0655 0x1088  LSI_SAS - ok
06:14:41.0661 0x1088  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
06:14:41.0677 0x1088  LSI_SAS2 - ok
06:14:41.0683 0x1088  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
06:14:41.0701 0x1088  LSI_SCSI - ok
06:14:41.0708 0x1088  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
06:14:41.0742 0x1088  luafv - ok
06:14:41.0756 0x1088  [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
06:14:41.0779 0x1088  LVRS64 - ok
06:14:41.0784 0x1088  [ 1E9E32AEC3E1EB1B31B8169F33168B56, 39114585E1FDBBA31E1F781C6A627281907183F94626EB347B08D1F78992ED2A ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
06:14:41.0796 0x1088  MBAMProtector - ok
06:14:41.0827 0x1088  [ 2B983F067AEE3F9EB4DF5E97F45D21D1, 0B9ED0E91FF01A5445927650113E320C3C0EA16F1401AA55A509DDBF704DF22F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
06:14:41.0898 0x1088  MBAMService - ok
06:14:41.0905 0x1088  [ F49FB3C88E263AE9A246593B0BB29294, FB53D6FA4A98B98334DCFF81E40712265256D31A9E9FF36022887BABD50F39EB ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
06:14:41.0921 0x1088  MBAMWebAccessControl - ok
06:14:41.0927 0x1088  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
06:14:41.0945 0x1088  Mcx2Svc - ok
06:14:41.0949 0x1088  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
06:14:41.0966 0x1088  megasas - ok
06:14:41.0978 0x1088  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
06:14:42.0001 0x1088  MegaSR - ok
06:14:42.0006 0x1088  Microsoft SharePoint Workspace Audit Service - ok
06:14:42.0011 0x1088  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
06:14:42.0046 0x1088  MMCSS - ok
06:14:42.0050 0x1088  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
06:14:42.0086 0x1088  Modem - ok
06:14:42.0090 0x1088  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
06:14:42.0105 0x1088  monitor - ok
06:14:42.0110 0x1088  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
06:14:42.0125 0x1088  mouclass - ok
06:14:42.0130 0x1088  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
06:14:42.0145 0x1088  mouhid - ok
06:14:42.0151 0x1088  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
06:14:42.0165 0x1088  mountmgr - ok
06:14:42.0173 0x1088  [ 9FC679D10A7377BB04ECC3D0E2E26B53, 24ACD4EC1618A052C29E4463138B28F62C8B78D442DB82F4925E64FC5849A096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
06:14:42.0198 0x1088  MozillaMaintenance - ok
06:14:42.0206 0x1088  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
06:14:42.0225 0x1088  mpio - ok
06:14:42.0231 0x1088  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
06:14:42.0264 0x1088  mpsdrv - ok
06:14:42.0289 0x1088  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
06:14:42.0345 0x1088  MpsSvc - ok
06:14:42.0354 0x1088  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
06:14:42.0374 0x1088  MRxDAV - ok
06:14:42.0382 0x1088  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
06:14:42.0402 0x1088  mrxsmb - ok
06:14:42.0413 0x1088  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
06:14:42.0433 0x1088  mrxsmb10 - ok
06:14:42.0440 0x1088  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
06:14:42.0455 0x1088  mrxsmb20 - ok
06:14:42.0460 0x1088  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
06:14:42.0475 0x1088  msahci - ok
06:14:42.0483 0x1088  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
06:14:42.0502 0x1088  msdsm - ok
06:14:42.0509 0x1088  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
06:14:42.0529 0x1088  MSDTC - ok
06:14:42.0536 0x1088  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
06:14:42.0569 0x1088  Msfs - ok
06:14:42.0573 0x1088  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
06:14:42.0606 0x1088  mshidkmdf - ok
06:14:42.0610 0x1088  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
06:14:42.0622 0x1088  msisadrv - ok
06:14:42.0630 0x1088  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
06:14:42.0669 0x1088  MSiSCSI - ok
06:14:42.0672 0x1088  msiserver - ok
06:14:42.0676 0x1088  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
06:14:42.0710 0x1088  MSKSSRV - ok
06:14:42.0714 0x1088  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
06:14:42.0747 0x1088  MSPCLOCK - ok
06:14:42.0751 0x1088  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
06:14:42.0785 0x1088  MSPQM - ok
06:14:42.0798 0x1088  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
06:14:42.0820 0x1088  MsRPC - ok
06:14:42.0826 0x1088  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
06:14:42.0839 0x1088  mssmbios - ok
06:14:42.0843 0x1088  MSSQL$MYMOVIES - ok
06:14:42.0848 0x1088  [ 1D89EB4E2A99CABD4E81225F4F4C4B25, B9C4D956E3F74CB463A1A14287F4B550381FBB3E4B2DF9418E041E02A159E31E ] MSSQLServerADHelper C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
06:14:42.0874 0x1088  MSSQLServerADHelper - ok
06:14:42.0878 0x1088  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
06:14:42.0911 0x1088  MSTEE - ok
06:14:42.0915 0x1088  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
06:14:42.0930 0x1088  MTConfig - ok
06:14:42.0935 0x1088  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
06:14:42.0949 0x1088  Mup - ok
06:14:42.0953 0x1088  MySQL - ok
06:14:42.0969 0x1088  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
06:14:43.0014 0x1088  napagent - ok
06:14:43.0026 0x1088  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
06:14:43.0050 0x1088  NativeWifiP - ok
06:14:43.0079 0x1088  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
06:14:43.0122 0x1088  NDIS - ok
06:14:43.0128 0x1088  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
06:14:43.0162 0x1088  NdisCap - ok
06:14:43.0166 0x1088  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
06:14:43.0200 0x1088  NdisTapi - ok
06:14:43.0205 0x1088  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
06:14:43.0236 0x1088  Ndisuio - ok
06:14:43.0244 0x1088  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
06:14:43.0282 0x1088  NdisWan - ok
06:14:43.0288 0x1088  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
06:14:43.0322 0x1088  NDProxy - ok
06:14:43.0327 0x1088  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
06:14:43.0359 0x1088  NetBIOS - ok
06:14:43.0369 0x1088  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
06:14:43.0410 0x1088  NetBT - ok
06:14:43.0414 0x1088  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] Netlogon        C:\Windows\system32\lsass.exe
06:14:43.0427 0x1088  Netlogon - ok
06:14:43.0440 0x1088  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
06:14:43.0482 0x1088  Netman - ok
06:14:43.0489 0x1088  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:14:43.0510 0x1088  NetMsmqActivator - ok
06:14:43.0516 0x1088  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:14:43.0538 0x1088  NetPipeActivator - ok
06:14:43.0553 0x1088  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
06:14:43.0598 0x1088  netprofm - ok
06:14:43.0624 0x1088  [ 618C55B392238B9467F9113E13525C49, 304A77EF3E1E7A1738E5A4F6A911B4DF736CEF4867C6F07CA71E227048E90370 ] netr28ux        C:\Windows\system32\DRIVERS\netr28ux.sys
06:14:43.0668 0x1088  netr28ux - ok
06:14:43.0675 0x1088  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:14:43.0696 0x1088  NetTcpActivator - ok
06:14:43.0702 0x1088  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:14:43.0723 0x1088  NetTcpPortSharing - ok
06:14:43.0728 0x1088  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
06:14:43.0744 0x1088  nfrd960 - ok
06:14:43.0923 0x1088  [ 374F2BB3A4E77C17EA6A696A76F3033A, BF70183E6EAE29559E8E3F1E1F00AF949C62E941301F88116DF29610488B0F0C ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
06:14:44.0105 0x1088  NIHardwareService - ok
06:14:44.0128 0x1088  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
06:14:44.0149 0x1088  NlaSvc - ok
06:14:44.0154 0x1088  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
06:14:44.0186 0x1088  Npfs - ok
06:14:44.0190 0x1088  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
06:14:44.0224 0x1088  nsi - ok
06:14:44.0228 0x1088  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
06:14:44.0260 0x1088  nsiproxy - ok
06:14:44.0307 0x1088  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
06:14:44.0368 0x1088  Ntfs - ok
06:14:44.0374 0x1088  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
06:14:44.0408 0x1088  Null - ok
06:14:44.0415 0x1088  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
06:14:44.0436 0x1088  nvraid - ok
06:14:44.0444 0x1088  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
06:14:44.0464 0x1088  nvstor - ok
06:14:44.0470 0x1088  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
06:14:44.0489 0x1088  nv_agp - ok
06:14:44.0495 0x1088  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
06:14:44.0512 0x1088  ohci1394 - ok
06:14:44.0520 0x1088  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
06:14:44.0543 0x1088  ose - ok
06:14:44.0667 0x1088  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
06:14:44.0822 0x1088  osppsvc - ok
06:14:44.0844 0x1088  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
06:14:44.0867 0x1088  p2pimsvc - ok
06:14:44.0882 0x1088  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
06:14:44.0909 0x1088  p2psvc - ok
06:14:44.0916 0x1088  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
06:14:44.0933 0x1088  Parport - ok
06:14:44.0938 0x1088  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
06:14:44.0952 0x1088  partmgr - ok
06:14:44.0960 0x1088  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
06:14:44.0979 0x1088  PcaSvc - ok
06:14:44.0988 0x1088  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
06:14:45.0004 0x1088  pci - ok
06:14:45.0008 0x1088  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
06:14:45.0021 0x1088  pciide - ok
06:14:45.0030 0x1088  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
06:14:45.0052 0x1088  pcmcia - ok
06:14:45.0057 0x1088  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
06:14:45.0071 0x1088  pcw - ok
06:14:45.0091 0x1088  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
06:14:45.0121 0x1088  PEAUTH - ok
06:14:45.0139 0x1088  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
06:14:45.0161 0x1088  PerfHost - ok
06:14:45.0204 0x1088  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
06:14:45.0280 0x1088  pla - ok
06:14:45.0296 0x1088  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
06:14:45.0323 0x1088  PlugPlay - ok
06:14:45.0341 0x1088  [ 734D9EB27B76B2BA9F5030405345C707, 2D53EC7845073C6CDE7050FD1619B63F34DAFBC624DD1E829D9A30688D971838 ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
06:14:45.0371 0x1088  PMBDeviceInfoProvider - ok
06:14:45.0376 0x1088  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
06:14:45.0391 0x1088  PNRPAutoReg - ok
06:14:45.0404 0x1088  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
06:14:45.0424 0x1088  PNRPsvc - ok
06:14:45.0441 0x1088  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
06:14:45.0485 0x1088  PolicyAgent - ok
06:14:45.0495 0x1088  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
06:14:45.0532 0x1088  Power - ok
06:14:45.0539 0x1088  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
06:14:45.0575 0x1088  PptpMiniport - ok
06:14:45.0580 0x1088  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
06:14:45.0597 0x1088  Processor - ok
06:14:45.0606 0x1088  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
06:14:45.0626 0x1088  ProfSvc - ok
06:14:45.0630 0x1088  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] ProtectedStorage C:\Windows\system32\lsass.exe
06:14:45.0643 0x1088  ProtectedStorage - ok
06:14:45.0650 0x1088  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
06:14:45.0684 0x1088  Psched - ok
06:14:45.0725 0x1088  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
06:14:45.0785 0x1088  ql2300 - ok
06:14:45.0794 0x1088  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
06:14:45.0813 0x1088  ql40xx - ok
06:14:45.0822 0x1088  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
06:14:45.0848 0x1088  QWAVE - ok
06:14:45.0853 0x1088  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
06:14:45.0872 0x1088  QWAVEdrv - ok
06:14:45.0882 0x1088  [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
06:14:45.0900 0x1088  RapiMgr - ok
06:14:45.0904 0x1088  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
06:14:45.0938 0x1088  RasAcd - ok
06:14:45.0943 0x1088  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
06:14:45.0978 0x1088  RasAgileVpn - ok
06:14:45.0984 0x1088  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
06:14:46.0022 0x1088  RasAuto - ok
06:14:46.0029 0x1088  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
06:14:46.0066 0x1088  Rasl2tp - ok
06:14:46.0078 0x1088  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
06:14:46.0122 0x1088  RasMan - ok
06:14:46.0128 0x1088  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
06:14:46.0165 0x1088  RasPppoe - ok
06:14:46.0170 0x1088  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
06:14:46.0207 0x1088  RasSstp - ok
06:14:46.0219 0x1088  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
06:14:46.0258 0x1088  rdbss - ok
06:14:46.0262 0x1088  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
06:14:46.0280 0x1088  rdpbus - ok
06:14:46.0283 0x1088  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
06:14:46.0314 0x1088  RDPCDD - ok
06:14:46.0320 0x1088  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
06:14:46.0352 0x1088  RDPENCDD - ok
06:14:46.0357 0x1088  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
06:14:46.0389 0x1088  RDPREFMP - ok
06:14:46.0397 0x1088  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
06:14:46.0414 0x1088  RdpVideoMiniport - ok
06:14:46.0423 0x1088  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
06:14:46.0445 0x1088  RDPWD - ok
06:14:46.0454 0x1088  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
06:14:46.0472 0x1088  rdyboost - ok
06:14:46.0478 0x1088  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
06:14:46.0515 0x1088  RemoteAccess - ok
06:14:46.0523 0x1088  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
06:14:46.0563 0x1088  RemoteRegistry - ok
06:14:46.0568 0x1088  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
06:14:46.0605 0x1088  RpcEptMapper - ok
06:14:46.0609 0x1088  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
06:14:46.0625 0x1088  RpcLocator - ok
06:14:46.0642 0x1088  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
06:14:46.0685 0x1088  RpcSs - ok
06:14:46.0690 0x1088  [ 2ABD2B3BA2EF0C3BA82284C2A5E28675, 2CDE31DEB899BAC801A9E4EFE15582B80D9B35921C4B92CB2E1E6BEFB7E3EB9C ] RRNetCap        C:\Windows\system32\DRIVERS\rrnetcap.sys
06:14:46.0704 0x1088  RRNetCap - ok
06:14:46.0708 0x1088  [ 2ABD2B3BA2EF0C3BA82284C2A5E28675, 2CDE31DEB899BAC801A9E4EFE15582B80D9B35921C4B92CB2E1E6BEFB7E3EB9C ] RRNetCapMP      C:\Windows\system32\DRIVERS\rrnetcap.sys
06:14:46.0719 0x1088  RRNetCapMP - ok
06:14:46.0725 0x1088  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
06:14:46.0758 0x1088  rspndr - ok
06:14:46.0766 0x1088  [ 67C7695D3B18682ADDF8419EDA4BBFB8, 268F890BEEFF1092FC1A6D51D92B00920D4CF149350622EE033AB1AC1854C471 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
06:14:46.0784 0x1088  RTHDMIAzAudService - ok
06:14:46.0792 0x1088  [ ABCB5A38A0D85BDF69B7877E1AD1EED5, 44DF1A92E8FA53677A04C46088B0AD49F1F6A090820BE550A514C4FBFD91444D ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
06:14:46.0825 0x1088  RTL8167 - ok
06:14:46.0848 0x1088  [ A4F7F9BB5576BF1D3A57F785C5DBEDB7, 5CE149DB0E418EBE63414E6353C26428B6853C4E5624DBE70057492BE075707C ] RTL8192cu       C:\Windows\system32\DRIVERS\RTL8192cu.sys
06:14:46.0884 0x1088  RTL8192cu - ok
06:14:46.0891 0x1088  [ 4F55BC63DCA859A6DEDC1106E0062135, C9AA97130DBEEE4D47BE2DAB3A8B8E7F0484DA0FCD3701C664B2F76F7671ACCF ] S3XXx64         C:\Windows\system32\DRIVERS\S3XXx64.sys
06:14:46.0906 0x1088  S3XXx64 - ok
06:14:46.0911 0x1088  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] SamSs           C:\Windows\system32\lsass.exe
06:14:46.0924 0x1088  SamSs - ok
06:14:46.0930 0x1088  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
06:14:46.0948 0x1088  sbp2port - ok
06:14:46.0956 0x1088  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
06:14:46.0994 0x1088  SCardSvr - ok
06:14:46.0998 0x1088  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
06:14:47.0032 0x1088  scfilter - ok
06:14:47.0063 0x1088  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
06:14:47.0128 0x1088  Schedule - ok
06:14:47.0136 0x1088  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
06:14:47.0169 0x1088  SCPolicySvc - ok
06:14:47.0177 0x1088  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
06:14:47.0198 0x1088  SDRSVC - ok
06:14:47.0202 0x1088  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
06:14:47.0235 0x1088  secdrv - ok
06:14:47.0239 0x1088  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
06:14:47.0274 0x1088  seclogon - ok
06:14:47.0279 0x1088  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
06:14:47.0313 0x1088  SENS - ok
06:14:47.0318 0x1088  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
06:14:47.0335 0x1088  SensrSvc - ok
06:14:47.0339 0x1088  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
06:14:47.0354 0x1088  Serenum - ok
06:14:47.0360 0x1088  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
06:14:47.0377 0x1088  Serial - ok
06:14:47.0382 0x1088  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
06:14:47.0400 0x1088  sermouse - ok
06:14:47.0412 0x1088  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
06:14:47.0448 0x1088  SessionEnv - ok
06:14:47.0452 0x1088  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
06:14:47.0468 0x1088  sffdisk - ok
06:14:47.0471 0x1088  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
06:14:47.0486 0x1088  sffp_mmc - ok
06:14:47.0490 0x1088  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
06:14:47.0508 0x1088  sffp_sd - ok
06:14:47.0513 0x1088  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
06:14:47.0528 0x1088  sfloppy - ok
06:14:47.0541 0x1088  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
06:14:47.0586 0x1088  SharedAccess - ok
06:14:47.0599 0x1088  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
06:14:47.0641 0x1088  ShellHWDetection - ok
06:14:47.0646 0x1088  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
06:14:47.0663 0x1088  SiSRaid2 - ok
06:14:47.0668 0x1088  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
06:14:47.0689 0x1088  SiSRaid4 - ok
06:14:47.0701 0x1088  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
06:14:47.0735 0x1088  SkypeUpdate - ok
06:14:47.0742 0x1088  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
06:14:47.0778 0x1088  Smb - ok
06:14:47.0785 0x1088  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
06:14:47.0802 0x1088  SNMPTRAP - ok
06:14:47.0806 0x1088  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
06:14:47.0819 0x1088  spldr - ok
06:14:47.0837 0x1088  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
06:14:47.0865 0x1088  Spooler - ok
06:14:47.0956 0x1088  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
06:14:48.0088 0x1088  sppsvc - ok
06:14:48.0098 0x1088  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
06:14:48.0135 0x1088  sppuinotify - ok
06:14:48.0145 0x1088  [ 86EBD8B1F23E743AAD21F4D5B4D40985, 8FA4DFDAE15712266B878C364FEFDB63CB30A3DCC25F83CDFE8C8AB3AE864BE6 ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
06:14:48.0166 0x1088  SQLBrowser - ok
06:14:48.0173 0x1088  [ 3C432A96363097870995E2A3C8B66ABD, AA0AE0935FC5317FE93D7D3C3B9A6B2E026915D07704AF3E36F14FEA8595F4A6 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
06:14:48.0187 0x1088  SQLWriter - ok
06:14:48.0203 0x1088  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
06:14:48.0229 0x1088  srv - ok
06:14:48.0244 0x1088  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
06:14:48.0267 0x1088  srv2 - ok
06:14:48.0275 0x1088  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
06:14:48.0291 0x1088  srvnet - ok
06:14:48.0300 0x1088  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
06:14:48.0338 0x1088  SSDPSRV - ok
06:14:48.0344 0x1088  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
06:14:48.0381 0x1088  SstpSvc - ok
06:14:48.0385 0x1088  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
06:14:48.0404 0x1088  stexstor - ok
06:14:48.0422 0x1088  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
06:14:48.0456 0x1088  stisvc - ok
06:14:48.0461 0x1088  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
06:14:48.0476 0x1088  swenum - ok
06:14:48.0493 0x1088  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
06:14:48.0525 0x1088  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
06:14:51.0026 0x1088  Detect skipped due to KSN trusted
06:14:51.0026 0x1088  SwitchBoard - ok
06:14:51.0043 0x1088  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
06:14:51.0094 0x1088  swprv - ok
06:14:51.0099 0x1088  [ BCB6AA197267D3506BE2535342FC40E0, 562154EEFEB433680C19CE07A1D0E1058977A25367775061544F2A66439F4400 ] synusb64        C:\Windows\system32\DRIVERS\synusb64.sys
06:14:51.0111 0x1088  synusb64 - ok
06:14:51.0158 0x1088  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
06:14:51.0227 0x1088  SysMain - ok
06:14:51.0235 0x1088  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
06:14:51.0258 0x1088  TabletInputService - ok
06:14:51.0263 0x1088  [ 4EF44915E522F3ECD1A3FF540AA64126, 3B7ABB4B263F5DC7E12BEBD0512A13877236E0C020B7FE618EE84FAB3E3BF991 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
06:14:51.0276 0x1088  tap0901 - ok
06:14:51.0288 0x1088  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
06:14:51.0331 0x1088  TapiSrv - ok
06:14:51.0336 0x1088  [ 4430E9B4C60AAB672D16E801BAD0555E, 9D9208FD66CF23BE03484C3C335E927D6914A405FED6A8D5B2878BA4F59203DE ] tbhsd           C:\Windows\system32\drivers\tbhsd.sys
06:14:51.0350 0x1088  tbhsd - ok
06:14:51.0355 0x1088  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
06:14:51.0389 0x1088  TBS - ok
06:14:51.0440 0x1088  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
06:14:51.0507 0x1088  Tcpip - ok
06:14:51.0562 0x1088  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
06:14:51.0619 0x1088  TCPIP6 - ok
06:14:51.0628 0x1088  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
06:14:51.0641 0x1088  tcpipreg - ok
06:14:51.0647 0x1088  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
06:14:51.0663 0x1088  TDPIPE - ok
06:14:51.0667 0x1088  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
06:14:51.0681 0x1088  TDTCP - ok
06:14:51.0687 0x1088  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
06:14:51.0706 0x1088  tdx - ok
06:14:51.0712 0x1088  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
06:14:51.0728 0x1088  TermDD - ok
06:14:51.0749 0x1088  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
06:14:51.0787 0x1088  TermService - ok
06:14:51.0792 0x1088  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
06:14:51.0811 0x1088  Themes - ok
06:14:51.0816 0x1088  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
06:14:51.0850 0x1088  THREADORDER - ok
06:14:51.0856 0x1088  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
06:14:51.0892 0x1088  TrkWks - ok
06:14:51.0908 0x1088  [ 3E75A47D2DEFD2683DCA409572FBE8B2, 33964B1A05E045D3B878CDFD9F52A9086B4FA54D6D4D1DC38062D2874CACD4A0 ] trufos          C:\Windows\system32\DRIVERS\trufos.sys
06:14:51.0932 0x1088  trufos - ok
06:14:51.0943 0x1088  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
06:14:51.0978 0x1088  TrustedInstaller - ok
06:14:51.0984 0x1088  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
06:14:52.0000 0x1088  tssecsrv - ok
06:14:52.0005 0x1088  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
06:14:52.0022 0x1088  TsUsbFlt - ok
06:14:52.0028 0x1088  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
06:14:52.0062 0x1088  tunnel - ok
06:14:52.0068 0x1088  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
06:14:52.0084 0x1088  uagp35 - ok
06:14:52.0096 0x1088  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
06:14:52.0140 0x1088  udfs - ok
06:14:52.0148 0x1088  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
06:14:52.0166 0x1088  UI0Detect - ok
06:14:52.0171 0x1088  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
06:14:52.0188 0x1088  uliagpkx - ok
06:14:52.0192 0x1088  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
06:14:52.0209 0x1088  umbus - ok
06:14:52.0213 0x1088  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
06:14:52.0228 0x1088  UmPass - ok
06:14:52.0236 0x1088  [ C1C2C9231EBD263DB9C4F34DBB080B32, 25A046D8CC6674A47F3338E84661BF502D21C571C50643D9EF20D334CC27538C ] UPDATESRV       C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
06:14:52.0250 0x1088  UPDATESRV - ok
06:14:52.0262 0x1088  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
06:14:52.0305 0x1088  upnphost - ok
06:14:52.0311 0x1088  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
06:14:52.0329 0x1088  usbaudio - ok
06:14:52.0336 0x1088  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
06:14:52.0354 0x1088  usbccgp - ok
06:14:52.0360 0x1088  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
06:14:52.0378 0x1088  usbcir - ok
06:14:52.0383 0x1088  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
06:14:52.0401 0x1088  usbehci - ok
06:14:52.0435 0x1088  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
06:14:52.0459 0x1088  usbhub - ok
06:14:52.0464 0x1088  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
06:14:52.0478 0x1088  usbohci - ok
06:14:52.0482 0x1088  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
06:14:52.0499 0x1088  usbprint - ok
06:14:52.0504 0x1088  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
06:14:52.0520 0x1088  usbscan - ok
06:14:52.0526 0x1088  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
06:14:52.0544 0x1088  USBSTOR - ok
06:14:52.0548 0x1088  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
06:14:52.0562 0x1088  usbuhci - ok
06:14:52.0571 0x1088  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
06:14:52.0590 0x1088  usbvideo - ok
06:14:52.0595 0x1088  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
06:14:52.0629 0x1088  UxSms - ok
06:14:52.0634 0x1088  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] VaultSvc        C:\Windows\system32\lsass.exe
06:14:52.0647 0x1088  VaultSvc - ok
06:14:52.0652 0x1088  [ FD911873C0BB6945FA38C16E9A2B58F9, EF8C833321449A6E8B671890F2EBC82ABC276B890D274AADDB626D763EE98964 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
06:14:52.0666 0x1088  VClone - ok
06:14:52.0670 0x1088  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
06:14:52.0684 0x1088  vdrvroot - ok
06:14:52.0701 0x1088  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
06:14:52.0750 0x1088  vds - ok
06:14:52.0755 0x1088  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
06:14:52.0772 0x1088  vga - ok
06:14:52.0776 0x1088  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
06:14:52.0811 0x1088  VgaSave - ok
06:14:52.0820 0x1088  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
06:14:52.0841 0x1088  vhdmp - ok
06:14:52.0845 0x1088  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
06:14:52.0860 0x1088  viaide - ok
06:14:52.0865 0x1088  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
06:14:52.0879 0x1088  volmgr - ok
06:14:52.0892 0x1088  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
06:14:52.0914 0x1088  volmgrx - ok
06:14:52.0926 0x1088  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
06:14:52.0946 0x1088  volsnap - ok
06:14:52.0954 0x1088  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
06:14:52.0973 0x1088  vsmraid - ok
06:14:53.0017 0x1088  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
06:14:53.0098 0x1088  VSS - ok
06:14:53.0142 0x1088  [ 964C356C9AEEEE88B8B9B71D94042874, BE2BCA4923B5A246D40935D50827D0C233520BF2548B9DD98DE0310CFEC47EF1 ] VSSERV          C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
06:14:53.0201 0x1088  VSSERV - ok
06:14:53.0207 0x1088  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
06:14:53.0225 0x1088  vwifibus - ok
06:14:53.0230 0x1088  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
06:14:53.0250 0x1088  vwififlt - ok
06:14:53.0263 0x1088  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
06:14:53.0309 0x1088  W32Time - ok
06:14:53.0316 0x1088  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
06:14:53.0331 0x1088  WacomPen - ok
06:14:53.0337 0x1088  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
06:14:53.0372 0x1088  WANARP - ok
06:14:53.0376 0x1088  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
06:14:53.0411 0x1088  Wanarpv6 - ok
06:14:53.0447 0x1088  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
06:14:53.0495 0x1088  WatAdminSvc - ok
06:14:53.0539 0x1088  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
06:14:53.0600 0x1088  wbengine - ok
06:14:53.0611 0x1088  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
06:14:53.0636 0x1088  WbioSrvc - ok
06:14:53.0654 0x1088  [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
06:14:53.0677 0x1088  WcesComm - ok
06:14:53.0692 0x1088  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
06:14:53.0723 0x1088  wcncsvc - ok
06:14:53.0728 0x1088  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
06:14:53.0746 0x1088  WcsPlugInService - ok
06:14:53.0750 0x1088  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
06:14:53.0766 0x1088  Wd - ok
06:14:53.0790 0x1088  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
06:14:53.0827 0x1088  Wdf01000 - ok
06:14:53.0834 0x1088  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
06:14:53.0851 0x1088  WdiServiceHost - ok
06:14:53.0856 0x1088  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
06:14:53.0872 0x1088  WdiSystemHost - ok
06:14:53.0882 0x1088  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
06:14:53.0906 0x1088  WebClient - ok
06:14:53.0916 0x1088  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
06:14:53.0958 0x1088  Wecsvc - ok
06:14:53.0964 0x1088  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
06:14:53.0999 0x1088  wercplsupport - ok
06:14:54.0004 0x1088  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
06:14:54.0042 0x1088  WerSvc - ok
06:14:54.0046 0x1088  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
06:14:54.0079 0x1088  WfpLwf - ok
06:14:54.0083 0x1088  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
06:14:54.0098 0x1088  WIMMount - ok
06:14:54.0101 0x1088  WinDefend - ok
06:14:54.0125 0x1088  [ 0E77040FCFCCBD7B12A16A11ECD3E66F, A31842893211A12AA2B6983B7F1AC2A2AD9155ED23A5A53C5216FEAFE2A8253D ] Windows7FirewallService C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe
06:14:54.0146 0x1088  Windows7FirewallService - detected UnsignedFile.Multi.Generic ( 1 )
06:14:56.0650 0x1088  Detect skipped due to KSN trusted
06:14:56.0650 0x1088  Windows7FirewallService - ok
06:14:56.0652 0x1088  WinHttpAutoProxySvc - ok
06:14:56.0665 0x1088  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
06:14:56.0704 0x1088  Winmgmt - ok
06:14:56.0758 0x1088  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
06:14:56.0834 0x1088  WinRM - ok
06:14:56.0845 0x1088  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
06:14:56.0862 0x1088  WinUSB - ok
06:14:56.0889 0x1088  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
06:14:56.0933 0x1088  Wlansvc - ok
06:14:56.0938 0x1088  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
06:14:56.0951 0x1088  WmiAcpi - ok
06:14:56.0962 0x1088  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
06:14:56.0983 0x1088  wmiApSrv - ok
06:14:56.0986 0x1088  WMPNetworkSvc - ok
06:14:56.0991 0x1088  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
06:14:57.0009 0x1088  WPCSvc - ok
06:14:57.0015 0x1088  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
06:14:57.0034 0x1088  WPDBusEnum - ok
06:14:57.0039 0x1088  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
06:14:57.0073 0x1088  ws2ifsl - ok
06:14:57.0079 0x1088  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
06:14:57.0099 0x1088  wscsvc - ok
06:14:57.0102 0x1088  WSearch - ok
06:14:57.0171 0x1088  [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv        C:\Windows\system32\wuaueng.dll
06:14:57.0259 0x1088  wuauserv - ok
06:14:57.0269 0x1088  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
06:14:57.0285 0x1088  WudfPf - ok
06:14:57.0294 0x1088  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
06:14:57.0310 0x1088  WUDFRd - ok
06:14:57.0316 0x1088  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
06:14:57.0333 0x1088  wudfsvc - ok
06:14:57.0342 0x1088  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
06:14:57.0363 0x1088  WwanSvc - ok
06:14:57.0375 0x1088  ================ Scan global ===============================
06:14:57.0379 0x1088  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
06:14:57.0390 0x1088  [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll
06:14:57.0408 0x1088  [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll
06:14:57.0416 0x1088  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
06:14:57.0431 0x1088  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
06:14:57.0439 0x1088  [ Global ] - ok
06:14:57.0439 0x1088  ================ Scan MBR ==================================
06:14:57.0441 0x1088  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
06:14:57.0480 0x1088  \Device\Harddisk1\DR1 - ok
06:14:57.0483 0x1088  [ 0792F22BCC85CFD3B28324561FFFCABB ] \Device\Harddisk2\DR2
06:14:57.0581 0x1088  \Device\Harddisk2\DR2 - ok
06:14:57.0583 0x1088  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
06:14:58.0180 0x1088  \Device\Harddisk0\DR0 - ok
06:14:58.0180 0x1088  ================ Scan VBR ==================================
06:14:58.0182 0x1088  [ 64DD7A6D791D7A0BD682E1E048730583 ] \Device\Harddisk1\DR1\Partition1
06:14:58.0242 0x1088  \Device\Harddisk1\DR1\Partition1 - ok
06:14:58.0244 0x1088  [ 8AE36606D825F4ABF7F0A773C6591DD7 ] \Device\Harddisk2\DR2\Partition1
06:14:58.0245 0x1088  \Device\Harddisk2\DR2\Partition1 - ok
06:14:58.0248 0x1088  [ 228473E18B20230730566F8DEAAEF8B7 ] \Device\Harddisk2\DR2\Partition2
06:14:58.0249 0x1088  \Device\Harddisk2\DR2\Partition2 - ok
06:14:58.0251 0x1088  [ EAD5CE963D717DBB5F881B0CBF77B031 ] \Device\Harddisk0\DR0\Partition1
06:14:58.0253 0x1088  \Device\Harddisk0\DR0\Partition1 - ok
06:14:58.0253 0x1088  ================ Scan generic autorun ======================
06:14:58.0285 0x1088  [ ED2FB8BEB3411D9340D4EEB27BC6EB52, 7D6644AC97ED445FD79863B7C5F90D0DDF5FAD116DF35F3C40DE26195D2F22BB ] C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe
06:14:58.0319 0x1088  Windows7FirewallControl - detected UnsignedFile.Multi.Generic ( 1 )
06:15:00.0888 0x1088  Windows7FirewallControl ( UnsignedFile.Multi.Generic ) - warning
06:15:00.0888 0x1088  Force sending object to P2P due to detect: C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe
06:15:03.0366 0x1088  Object send P2P result: true
06:15:05.0768 0x1088  [ 393F021E2A9FA19AC94BA4482E32FC6C, 8DC7A061643099B8A1915ADB59D89912A117883D4194BCC05F653E19DFD321A9 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
06:15:05.0805 0x1088  AdobeAAMUpdater-1.0 - ok
06:15:05.0826 0x1088  [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\Windows\WindowsMobile\wmdc.exe
06:15:05.0853 0x1088  Windows Mobile Device Center - ok
06:15:06.0178 0x1088  [ D007799BCE71206A5783DD510D4BC36A, 393AB1CC0EADE8E2F8D424088539D2C810B9814EF547F1CD3292B9EAB655683F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
06:15:06.0492 0x1088  RtHDVCpl - ok
06:15:06.0555 0x1088  [ 51C494FEE2AB2EAEF3EE7D9329098950, 9EF665FA7627462755D0B1BA5296AA89C972242784A05806AA0AEABC8E08BD4D ] C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
06:15:06.0609 0x1088  Bdagent - ok
06:15:06.0617 0x1088  [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
06:15:06.0637 0x1088  BCSSync - ok
06:15:06.0653 0x1088  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
06:15:06.0684 0x1088  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
06:15:06.0684 0x1088  Detect skipped due to KSN trusted
06:15:06.0684 0x1088  SwitchBoard - ok
06:15:06.0698 0x1088  [ D5B783DACE1BBDD382A63C894BAB8E1E, 20BA7479B3BE8AC7771AA91DB9C4F3B46DADDFF9C48627A5C7C460546DD20AF3 ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
06:15:06.0731 0x1088  AdobeCS5ServiceManager - ok
06:15:06.0764 0x1088  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
06:15:06.0828 0x1088  Sidebar - ok
06:15:06.0834 0x1088  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
06:15:06.0856 0x1088  mctadmin - ok
06:15:06.0888 0x1088  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
06:15:06.0931 0x1088  Sidebar - ok
06:15:06.0938 0x1088  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
06:15:06.0957 0x1088  mctadmin - ok
06:15:06.0960 0x1088  GoogleDriveSync - ok
06:15:06.0984 0x1088  [ 53A6B1ED8BE0F7208FB72EF2580F71EC, 18799E69603DC0F67D56FA7A748FECFEDFD1CFFB8A12DC2B7E75035724B09303 ] C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
06:15:07.0015 0x1088  Bitdefender-Geldbörse-Agent - ok
06:15:07.0017 0x1088  Waiting for KSN requests completion. In queue: 11
06:15:08.0017 0x1088  Waiting for KSN requests completion. In queue: 11
06:15:09.0017 0x1088  Waiting for KSN requests completion. In queue: 11
06:15:10.0027 0x1088  AV detected via SS2: Bitdefender Antivirus, C:\Program Files\Bitdefender\Bitdefender 2015\wscfix.exe ( 18.18.0.1254 ), 0x41000 ( enabled : updated )
06:15:10.0029 0x1088  FW detected via SS2: Bitdefender Firewall, C:\Program Files\Bitdefender\Bitdefender 2015\wscfix.exe ( 18.18.0.1254 ), 0x41010 ( enabled )
06:15:12.0418 0x1088  ============================================================
06:15:12.0418 0x1088  Scan finished
06:15:12.0418 0x1088  ============================================================
06:15:12.0426 0x0870  Detected object count: 1
06:15:12.0426 0x0870  Actual detected object count: 1
06:15:51.0080 0x0870  Windows7FirewallControl ( UnsignedFile.Multi.Generic ) - skipped by user
06:15:51.0080 0x0870  Windows7FirewallControl ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 04.06.2015, 06:44   #7
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet - Standard

Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet



Hi,
Bitdefender Echtzeitschutz deaktivieren:

Schritt 1
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 04.06.2015, 07:47   #8
DHL-Kunde
 
Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet - Standard

Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet



Hallo deeprybka,

der die combofix_log.txt
Code:
ATTFilter
ComboFix 15-05-31.01 - **** 04.06.2015   8:04.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.12285.9684 [GMT 2:00]
ausgeführt von:: c:\users\****\Desktop\ComboFix.exe
AV: Bitdefender Antivirus *Disabled/Updated* {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
FW: Bitdefender Firewall *Enabled* {A23392FD-84B9-F933-2C71-81E751F6EF46}
SP: Bitdefender Spyware-Schutz *Disabled/Updated* {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1418141606.bdinstall.bin
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
c:\users\****\AppData\Local\assembly\tmp
c:\users\****\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpp2kisz.dll
c:\windows\msdownld.tmp
c:\windows\SysWow64\installer.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-05-04 bis 2015-06-04  ))))))))))))))))))))))))))))))
.
.
2015-06-04 06:15 . 2015-06-04 06:15	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-06-03 16:08 . 2015-06-03 16:09	--------	d-----w-	C:\FRST
2015-06-03 15:57 . 2015-06-03 17:19	136408	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-06-03 15:55 . 2015-06-03 15:56	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2015-06-03 15:55 . 2015-04-14 07:37	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-06-03 15:55 . 2015-04-14 07:37	107736	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-06-01 05:10 . 2015-06-01 05:10	--------	d-----w-	c:\users\****\AppData\Local\GWX
2015-05-12 18:01 . 2015-05-01 13:17	124112	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 18:01 . 2015-05-01 13:16	102608	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 17:55 . 2015-04-13 03:28	328704	----a-w-	c:\windows\system32\services.exe
2015-05-12 17:54 . 2015-04-27 19:18	60416	----a-w-	c:\windows\system32\msobjs.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-31 13:23 . 2012-04-06 06:31	778416	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-05-31 13:23 . 2011-06-14 10:02	142512	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-05-12 18:04 . 2011-06-14 08:29	140425016	----a-w-	c:\windows\system32\MRT.exe
2015-04-27 19:04 . 2015-05-12 17:55	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-04-14 07:37 . 2011-08-16 09:31	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-04-14 01:38 . 2015-04-14 01:38	1217192	----a-w-	c:\windows\SysWow64\FM20.DLL
2015-04-06 16:59 . 2015-04-06 16:59	160544	----a-w-	c:\windows\system32\drivers\gzflt.sys
2015-03-25 03:24 . 2015-04-14 18:47	98304	----a-w-	c:\windows\system32\wudriver.dll
2015-03-25 03:24 . 2015-04-14 18:47	37376	----a-w-	c:\windows\system32\wups2.dll
2015-03-25 03:24 . 2015-04-14 18:47	35328	----a-w-	c:\windows\system32\wups.dll
2015-03-25 03:24 . 2015-04-14 18:47	3298816	----a-w-	c:\windows\system32\wucltux.dll
2015-03-25 03:24 . 2015-04-14 18:47	2553856	----a-w-	c:\windows\system32\wuaueng.dll
2015-03-25 03:24 . 2015-04-14 18:47	191488	----a-w-	c:\windows\system32\wuwebv.dll
2015-03-25 03:24 . 2015-04-14 18:47	696320	----a-w-	c:\windows\system32\wuapi.dll
2015-03-25 03:24 . 2015-04-14 18:47	60416	----a-w-	c:\windows\system32\WinSetupUI.dll
2015-03-25 03:23 . 2015-04-14 18:47	12288	----a-w-	c:\windows\system32\wu.upgrade.ps.dll
2015-03-25 03:23 . 2015-04-14 18:47	36864	----a-w-	c:\windows\system32\wuapp.exe
2015-03-25 03:23 . 2015-04-14 18:47	135168	----a-w-	c:\windows\system32\wuauclt.exe
2015-03-25 03:00 . 2015-04-14 18:47	92672	----a-w-	c:\windows\SysWow64\wudriver.dll
2015-03-25 03:00 . 2015-04-14 18:47	566784	----a-w-	c:\windows\SysWow64\wuapi.dll
2015-03-25 03:00 . 2015-04-14 18:47	29696	----a-w-	c:\windows\SysWow64\wups.dll
2015-03-25 03:00 . 2015-04-14 18:47	173056	----a-w-	c:\windows\SysWow64\wuwebv.dll
2015-03-25 03:00 . 2015-04-14 18:47	33792	----a-w-	c:\windows\SysWow64\wuapp.exe
2015-03-23 03:25 . 2015-04-14 18:47	726528	----a-w-	c:\windows\system32\generaltel.dll
2015-03-23 03:25 . 2015-04-14 18:47	769536	----a-w-	c:\windows\system32\invagent.dll
2015-03-23 03:24 . 2015-04-14 18:47	419840	----a-w-	c:\windows\system32\devinv.dll
2015-03-23 03:24 . 2015-04-14 18:47	957952	----a-w-	c:\windows\system32\appraiser.dll
2015-03-23 03:24 . 2015-04-14 18:47	30720	----a-w-	c:\windows\system32\acmigration.dll
2015-03-23 03:24 . 2015-04-14 18:47	192000	----a-w-	c:\windows\system32\aepic.dll
2015-03-23 03:24 . 2015-04-14 18:47	227328	----a-w-	c:\windows\system32\aepdu.dll
2015-03-23 03:17 . 2015-04-14 18:47	1111552	----a-w-	c:\windows\system32\aeinv.dll
2015-03-10 03:25 . 2015-04-14 18:47	1882624	----a-w-	c:\windows\system32\msxml3.dll
2015-03-10 03:21 . 2015-04-14 18:47	2048	----a-w-	c:\windows\system32\msxml3r.dll
2015-03-10 03:08 . 2015-04-14 18:47	1237504	----a-w-	c:\windows\SysWow64\msxml3.dll
2015-03-10 03:05 . 2015-04-14 18:47	2048	----a-w-	c:\windows\SysWow64\msxml3r.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2015-05-22 19:55	1605832	----a-w-	c:\users\****\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2015-05-22 19:55	1605832	----a-w-	c:\users\****\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2015-05-22 19:55	1605832	----a-w-	c:\users\****\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12	152544	----a-w-	c:\users\****\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12	152544	----a-w-	c:\users\****\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12	152544	----a-w-	c:\users\****\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Bitdefender-Geldbörse-Agent"="c:\program files\Bitdefender\Bitdefender 2015\bdwtxag.exe" [2015-02-24 790880]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2011-06-06 36760]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2011-06-06 2903448]
"VirtualCloneDrive"="c:\program files (x86)\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"TrayServer"="c:\program files (x86)\MAGIX\Video_deluxe_MX_Premium_Download-Version\TrayServer_de.exe" [2008-08-07 90112]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-28 642728]
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"BrowserPlugInHelper"="c:\program files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe" [2013-09-04 1966992]
.
c:\users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\****\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-5-5 43374104]
.
c:\users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BdBkpFolder\
Dropbox.lnk - c:\users\****\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-5-5 43374104]
OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Scanner Finder.lnk - c:\program files (x86)\ScanWizard 5\ScannerFinder.exe [2013-8-6 356352]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\BdBkpFolder\
cv act sc interface RegisterTool.lnk - c:\program files (x86)\cv cryptovision\cv act sc interface\RegisterTool.exe [2012-8-14 8224256]
WISO Mein Steuer-Sparbuch heute.lnk - c:\program files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe [2014-4-23 1430320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x]
R3 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\Bitdefender\Bitdefender 2015\bdparentalservice.exe;c:\program files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [x]
R3 bdfwfpf_pc;bdfwfpf_pc;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [x]
R3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys;c:\windows\SYSNATIVE\drivers\bdsandbox.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 GenericMount;Generic Mount Driver;c:\windows\system32\DRIVERS\GenericMount.sys;c:\windows\SYSNATIVE\DRIVERS\GenericMount.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RRNetCap;RRNetCap Service;c:\windows\system32\DRIVERS\rrnetcap.sys;c:\windows\SYSNATIVE\DRIVERS\rrnetcap.sys [x]
R3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192cu.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192cu.sys [x]
R3 S3XXx64;SCR3xx USB SmartCardReader64;c:\windows\system32\DRIVERS\S3XXx64.sys;c:\windows\SYSNATIVE\DRIVERS\S3XXx64.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x]
S0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
S1 aswKbd;aswKbd; [x]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [x]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 MSSQL$MYMOVIES;SQL Server (MYMOVIES);c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe;c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [x]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [x]
S2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2015\updatesrv.exe;c:\program files\Bitdefender\Bitdefender 2015\updatesrv.exe [x]
S2 Windows7FirewallService;Windows7FirewallService;c:\program files\Windows7FirewallControl\Windows7FirewallService.exe;c:\program files\Windows7FirewallControl\Windows7FirewallService.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys;c:\windows\SYSNATIVE\DRIVERS\avchv.sys [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 dvdfab;dvdfab;c:\windows\system32\drivers\dvdfab.sys;c:\windows\SYSNATIVE\drivers\dvdfab.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RRNetCapMP;RRNetCapMP;c:\windows\system32\DRIVERS\rrnetcap.sys;c:\windows\SYSNATIVE\DRIVERS\rrnetcap.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 synusb64;eLicenser;c:\windows\system32\DRIVERS\synusb64.sys;c:\windows\SYSNATIVE\DRIVERS\synusb64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-05-26 04:45	986440	----a-w-	c:\program files (x86)\Google\Chrome\Application\43.0.2357.81\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-06-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 13:23]
.
2015-06-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-19 06:23]
.
2015-06-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-19 06:23]
.
2015-06-02 c:\windows\Tasks\update-S-1-5-21-1045896479-1792321579-2181696510-1001.job
- c:\program files (x86)\Skillbrains\Updater\Updater.exe [2011-06-15 16:44]
.
2015-06-03 c:\windows\Tasks\update-sys.job
- c:\program files (x86)\Skillbrains\Updater\Updater.exe [2011-06-15 16:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2015-05-22 19:55	1645256	----a-w-	c:\users\****\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2015-05-22 19:55	1645256	----a-w-	c:\users\****\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2015-05-22 19:55	1645256	----a-w-	c:\users\****\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12	185824	----a-w-	c:\users\****\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12	185824	----a-w-	c:\users\****\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12	185824	----a-w-	c:\users\****\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12	185824	----a-w-	c:\users\****\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows7FirewallControl"="c:\program files\Windows7FirewallControl\Windows7FirewallControl.exe" [2011-04-15 1172480]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-13 13374568]
"Bdagent"="c:\program files\Bitdefender\Bitdefender 2015\bdagent.exe" [2015-04-06 1691112]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Citavi Picker... - file://c:\programdata\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: An vorhandene PDF-Datei anfügen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\****\AppData\Roaming\Mozilla\Firefox\Profiles\ai9ct9e4.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.gmx.net/
FF - prefs.js: network.proxy.ftp - 212.91.188.166
FF - prefs.js: network.proxy.ftp_port - 3128
FF - prefs.js: network.proxy.http - 212.91.188.166
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.socks - 212.91.188.166
FF - prefs.js: network.proxy.socks_port - 3128
FF - prefs.js: network.proxy.ssl - 212.91.188.166
FF - prefs.js: network.proxy.ssl_port - 3128
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: !HIDDEN! 2013-11-08 16:48; {8D150B8F-EFE8-45a3-A4A3-053020F48FAC}; c:\program files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-GoogleDriveSync - c:\program files (x86)\Google\Drive\googledrivesync.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Perfect Effects 9 PE - c:\windows\sysnative\wscript.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Cisco Systems\VPN Client\cvpnd.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\users\****\AppData\Local\Microsoft\OneDrive\OneDrive.exe
c:\users\****\AppData\Roaming\Dropbox\bin\Dropbox.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-06-04  08:32:01 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-06-04 06:31
.
Vor Suchlauf: 15 Verzeichnis(se), 28.485.763.072 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 51.103.199.232 Bytes frei
.
- - End Of File - - 4F60A019BD5060FF58345AFE429339C5
72B8CE41AF0DE751C946802B3ED844B4
         

Alt 04.06.2015, 15:24   #9
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet - Standard

Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet



Hi,

Schritt 1

  • Download und Anleitung
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
  • Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
  • Gehe zurück zum Armaturenbrett und klicke auf "Jetzt scannen".
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben und poste mir das Log.

Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 04.06.2015, 18:26   #10
DHL-Kunde
 
Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet - Standard

Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet



Hier schon mal die Malwarebytes Logdatei
Code:
ATTFilter
<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2015/06/04 18:54:41 +0200</date>
<logfile>mbam-log-2015-06-04 (18-54-40).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.01.6.1022</version>
<malware-database>v2015.06.04.04</malware-database>
<rootkit-database>v2015.06.02.01</rootkit-database>
<license>free</license>
<file-protection>disabled</file-protection>
<web-protection>disabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<osversion>Windows 7 Service Pack 1</osversion>
<arch>x64</arch>
<username>****</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>417766</objects>
<time>830</time>
<processes>0</processes>
<modules>0</modules>
<keys>9</keys>
<values>2</values>
<datas>0</datas>
<folders>5</folders>
<files>3</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>enabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}</path><vendor>PUP.Optional.BarLchr.A</vendor><action>success</action><hash>c3f19c1aeb9f85b115d329381ce725db</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}</path><vendor>PUP.Optional.VShareRedir</vendor><action>success</action><hash>9f152f876c1e43f3c705eb906e955fa1</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\facemoods.facemoodsHlpr</path><vendor>PUP.Optional.FaceMoods.A</vendor><action>success</action><hash>b7fd23934b3f91a51cde67000bf89769</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\facemoods.facemoodsHlpr.1</path><vendor>PUP.Optional.FaceMoods.A</vendor><action>success</action><hash>a50f05b1197170c60af03f280df657a9</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\facemoods.facemoodsHlpr</path><vendor>PUP.Optional.FaceMoods.A</vendor><action>success</action><hash>a50f05b1197170c60af03f280df657a9</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\facemoods.facemoodsHlpr.1</path><vendor>PUP.Optional.FaceMoods.A</vendor><action>success</action><hash>a50f05b1197170c60af03f280df657a9</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\WOW6432NODE\facemoods.facemoodsHlpr</path><vendor>PUP.Optional.FaceMoods.A</vendor><action>success</action><hash>a50f05b1197170c60af03f280df657a9</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\WOW6432NODE\facemoods.facemoodsHlpr.1</path><vendor>PUP.Optional.FaceMoods.A</vendor><action>success</action><hash>a50f05b1197170c60af03f280df657a9</hash></key>
<key><path>HKU\S-1-5-21-1045896479-1792321579-2181696510-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{5CBBEB30-1718-4194-96DF-DACB81CF1E00}</path><vendor>PUP.Optional.Ask.A</vendor><action>success</action><hash>179dcee8e3a776c0b9639be838cdd42c</hash></key>
<value><path>HKU\S-1-5-21-1045896479-1792321579-2181696510-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{5CBBEB30-1718-4194-96DF-DACB81CF1E00}</path><valuename>URL</valuename><vendor>PUP.Optional.Ask.A</vendor><action>success</action><valuedata>hxxp://websearch.ask.com/redirect?client=ie&amp;tb=ATU2&amp;o=&amp;src=kw&amp;q={searchTerms}&amp;locale=&amp;apn_ptnrs=&amp;apn_dtid=&amp;apn_uid=EB2214DE-6DC3-4F76-A560-FDC3BEE59646&amp;apn_sauid=1B2F9230-9755-4D6D-A6D7-1976B1C44822</valuedata><hash>179dcee8e3a776c0b9639be838cdd42c</hash></value>
<value><path>HKU\S-1-5-21-1045896479-1792321579-2181696510-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{5CBBEB30-1718-4194-96DF-DACB81CF1E00}</path><valuename>SuggestionsURL_JSON</valuename><vendor>PUP.Optional.Ask.A</vendor><action>success</action><valuedata>hxxp://ss.websearch.ask.com/query?qsrc=2922&amp;li=ff&amp;sstype=prefix&amp;q={searchTerms}</valuedata><hash>773d298d8406fb3bb46893f045c0966a</hash></value>
<folder><path>C:\Users\****\AppData\LocalLow\facemoods.com</path><vendor>PUP.Optional.FaceMoods.A</vendor><action>success</action><hash>aa0a3d7992f895a16422893059aa629e</hash></folder>
<folder><path>C:\Users\****\AppData\LocalLow\facemoods.com\facemoods</path><vendor>PUP.Optional.FaceMoods.A</vendor><action>success</action><hash>aa0a3d7992f895a16422893059aa629e</hash></folder>
<folder><path>C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj</path><vendor>PUP.Optional.vShare.A</vendor><action>success</action><hash>9e164b6b7812b581ac9a03d329da4cb4</hash></folder>
<folder><path>C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0</path><vendor>PUP.Optional.vShare.A</vendor><action>success</action><hash>9e164b6b7812b581ac9a03d329da4cb4</hash></folder>
<folder><path>C:\ProgramData\APN\APN-Stub</path><vendor>PUP.Optional.APNToolBar.Gen</vendor><action>success</action><hash>476de9cda0ea0531fd8c7c694fb47b85</hash></folder>
<file><path>C:\Users\****\Desktop\webbrowserpassview\WebBrowserPassView.exe</path><vendor>PUP.PassView</vendor><action>success</action><hash>763ea90d3654c86e7f0237687d831ee2</hash></file>
<file><path>C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll</path><vendor>PUP.Optional.vShare.A</vendor><action>success</action><hash>9e164b6b7812b581ac9a03d329da4cb4</hash></file>
<file><path>C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\manifest.json</path><vendor>PUP.Optional.vShare.A</vendor><action>success</action><hash>9e164b6b7812b581ac9a03d329da4cb4</hash></file>
</items>
</mbam-log>
         
Ich habe leider zu schnell geklickt und die Bedrohungen gleich vom Malwarbytes beheben lassen (ich meine die Option "in Quarantäne verschieben" nicht gesehen zu haben).
Danach hat das Programm den PC neu gestartet und ich habe mit die neueste (aktuellste) Log-Datei aus C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \Logs besorgt.

Ich lasse Malwar3bytes gerade nochmal durchlaufen.

Geändert von DHL-Kunde (04.06.2015 um 18:26 Uhr) Grund: typo

Alt 04.06.2015, 18:31   #11
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet - Standard

Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet



Die Logs findest Du so:

Malwarebytes Anti-Malware Logfile finden - Anleitungen

Bitte als txt posten.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 04.06.2015, 18:34   #12
DHL-Kunde
 
Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet - Standard

Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet



stark. ich stelle mich ja mal wieder sehr schlau an ....
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 04.06.2015
Suchlauf-Zeit: 18:54:41
Logdatei: malwarebytes.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.06.04.04
Rootkit Datenbank: v2015.06.02.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: ****

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 417766
Verstrichene Zeit: 13 Min, 50 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 9
PUP.Optional.BarLchr.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}, In Quarantäne, [c3f19c1aeb9f85b115d329381ce725db], 
PUP.Optional.VShareRedir, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}, In Quarantäne, [9f152f876c1e43f3c705eb906e955fa1], 
PUP.Optional.FaceMoods.A, HKLM\SOFTWARE\CLASSES\facemoods.facemoodsHlpr, In Quarantäne, [b7fd23934b3f91a51cde67000bf89769], 
PUP.Optional.FaceMoods.A, HKLM\SOFTWARE\CLASSES\facemoods.facemoodsHlpr.1, In Quarantäne, [a50f05b1197170c60af03f280df657a9], 
PUP.Optional.FaceMoods.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\facemoods.facemoodsHlpr, In Quarantäne, [a50f05b1197170c60af03f280df657a9], 
PUP.Optional.FaceMoods.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\facemoods.facemoodsHlpr.1, In Quarantäne, [a50f05b1197170c60af03f280df657a9], 
PUP.Optional.FaceMoods.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\facemoods.facemoodsHlpr, In Quarantäne, [a50f05b1197170c60af03f280df657a9], 
PUP.Optional.FaceMoods.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\facemoods.facemoodsHlpr.1, In Quarantäne, [a50f05b1197170c60af03f280df657a9], 
PUP.Optional.Ask.A, HKU\S-1-5-21-1045896479-1792321579-2181696510-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{5CBBEB30-1718-4194-96DF-DACB81CF1E00}, In Quarantäne, [179dcee8e3a776c0b9639be838cdd42c], 

Registrierungswerte: 2
PUP.Optional.Ask.A, HKU\S-1-5-21-1045896479-1792321579-2181696510-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{5CBBEB30-1718-4194-96DF-DACB81CF1E00}|URL, hxxp://websearch.ask.com/redirect?client=ie&tb=ATU2&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=&apn_uid=EB2214DE-6DC3-4F76-A560-FDC3BEE59646&apn_sauid=1B2F9230-9755-4D6D-A6D7-1976B1C44822, In Quarantäne, [179dcee8e3a776c0b9639be838cdd42c]
PUP.Optional.Ask.A, HKU\S-1-5-21-1045896479-1792321579-2181696510-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{5CBBEB30-1718-4194-96DF-DACB81CF1E00}|SuggestionsURL_JSON, hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms}, In Quarantäne, [773d298d8406fb3bb46893f045c0966a]

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 5
PUP.Optional.FaceMoods.A, C:\Users\****\AppData\LocalLow\facemoods.com, In Quarantäne, [aa0a3d7992f895a16422893059aa629e], 
PUP.Optional.FaceMoods.A, C:\Users\****\AppData\LocalLow\facemoods.com\facemoods, In Quarantäne, [aa0a3d7992f895a16422893059aa629e], 
PUP.Optional.vShare.A, C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj, In Quarantäne, [9e164b6b7812b581ac9a03d329da4cb4], 
PUP.Optional.vShare.A, C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0, In Quarantäne, [9e164b6b7812b581ac9a03d329da4cb4], 
PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, In Quarantäne, [476de9cda0ea0531fd8c7c694fb47b85], 

Dateien: 3
PUP.PassView, C:\Users\****\Desktop\webbrowserpassview\WebBrowserPassView.exe, In Quarantäne, [763ea90d3654c86e7f0237687d831ee2], 
PUP.Optional.vShare.A, C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll, In Quarantäne, [9e164b6b7812b581ac9a03d329da4cb4], 
PUP.Optional.vShare.A, C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\manifest.json, In Quarantäne, [9e164b6b7812b581ac9a03d329da4cb4], 

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
         

Alt 04.06.2015, 18:40   #13
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet - Standard

Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet



Zitat:
Zitat von DHL-Kunde Beitrag anzeigen
stark.
Was meinst Du?
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 04.06.2015, 19:42   #14
DHL-Kunde
 
Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet - Standard

Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet



Zitat:
Zitat von deeprybka Beitrag anzeigen
Was meinst Du?
meine Inkompetenz

jetzt läuft gerade der ESET-Scanner. Log folgt.

Alt 04.06.2015, 20:13   #15
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet - Standard

Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet



Alles klar. Antworte Dir dann morgen.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Antwort

Themen zu Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet
adobe, browser, converter, defender, dhl email zip geöffnet, downloader, excel, firefox, flash player, format, ftp, helper, home, homepage, mozilla, onedrive, realtek, registry, scan, secur, server, software, super, svchost.exe, symantec, system, usb, windows, zip datei heruntergeladen



Ähnliche Themen: Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet


  1. DHL Trojaner - zib heruntergeladen und geöffnet - Datei ist verschwunden
    Log-Analyse und Auswertung - 30.04.2015 (13)
  2. Email Anhang zip-Datei mit iPhone geöffnet
    Plagegeister aller Art und deren Bekämpfung - 24.01.2015 (5)
  3. Fake E-Mail mit anhang erhalten. Dummerweise (.zip) datei heruntergeladen aber nicht geöffnet.
    Plagegeister aller Art und deren Bekämpfung - 08.08.2014 (16)
  4. Trojaner in Email als zip heruntergeladen, enthaltene Datei aber nicht ausgeführt - Infektion?
    Plagegeister aller Art und deren Bekämpfung - 05.07.2014 (3)
  5. A1 Rechnung Email RTF Datei Anhang mit Word geöffnet
    Log-Analyse und Auswertung - 20.06.2014 (23)
  6. A1 Email RTF Datei Anhang mit Word geöffnet
    Plagegeister aller Art und deren Bekämpfung - 15.06.2014 (7)
  7. Trojaner in Email als zip heruntergeladen, enthaltene Datei aber nicht ausgeführt - Infektion?
    Plagegeister aller Art und deren Bekämpfung - 06.06.2014 (4)
  8. email zip datei geöffnet
    Plagegeister aller Art und deren Bekämpfung - 14.05.2014 (9)
  9. Dummerweise ebenfalls Anwalt Email bekommen und die zip datei geöffnet
    Plagegeister aller Art und deren Bekämpfung - 21.01.2014 (29)
  10. Anwalt Email bekommen und die zip datei dummerweise geöffnet
    Plagegeister aller Art und deren Bekämpfung - 12.01.2014 (10)
  11. Mahnung mit Zip- Datei heruntergeladen und geöffnet
    Log-Analyse und Auswertung - 30.08.2013 (13)
  12. Mahnung mit Zip- Datei heruntergeladen und geöffnet
    Mülltonne - 25.08.2013 (2)
  13. Mahnung Zip Datei heruntergeladen und geöffnet
    Plagegeister aller Art und deren Bekämpfung - 24.08.2013 (7)
  14. Mahnung Zip Datei heruntergeladen und geöffnet - möglicher Befall
    Plagegeister aller Art und deren Bekämpfung - 23.08.2013 (11)
  15. Groupon-EMail mit Trojaner-zip-Datei geöffnet
    Log-Analyse und Auswertung - 08.04.2013 (8)
  16. Gefälschte Groupon Email mit Zip Datei geöffnet
    Plagegeister aller Art und deren Bekämpfung - 13.03.2013 (13)
  17. Email-Anhang (.zip Datei) geöffnet; Gefälschte Email über Mahngebühren
    Log-Analyse und Auswertung - 25.02.2013 (19)

Zum Thema Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet - Ja, peinlich. Ich weiß. Ich habe aber tatsächlich auf eine DHL-Nachricht gewartet Nach der Anleitung für Hilfesuchende hier folgende txt und logs: defogger_disable-log: Code: Alles auswählen Aufklappen ATTFilter defogger_disable by - Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet...
Archiv
Du betrachtest: Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.