Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Fenster, Express Zip Demo

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 17.07.2015, 15:48   #1
Xand
 
Fenster, Express Zip Demo - Icon24

Fenster, Express Zip Demo



Hallo ihr Lieben,
habe einen Lepi mit Windows 7.
seit einiger Zeit kann ich nicht mehr in die Systemsteurung, Computerverwaltung, Programme usw. es geht immer wieder das selbe Fenster auf:
Express Zip Demo.
Es enthält 3 möglichkeiten: kaufen, code eingeben, Demoversion weiter verwenden.
Das letzter tat ich einige mal.
Doch dieses Fenster kommt immer wieder.
Auch ist der Lepi sehr langsam geworden.
Mein Fast Free Antivirus meldet: ich bin geschützt.
Bitte seid so nett, und gebt mir einfache tipps.
Lieben danke im vorhinein.
Xandi

Alt 17.07.2015, 15:53   #2
M-K-D-B
/// TB-Ausbilder
 
Fenster, Express Zip Demo - Standard

Fenster, Express Zip Demo






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!


Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:



Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)






Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________

__________________

Alt 22.07.2015, 05:43   #3
M-K-D-B
/// TB-Ausbilder
 
Fenster, Express Zip Demo - Standard

Fenster, Express Zip Demo



Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!
__________________
__________________

Alt 22.07.2015, 18:01   #4
Xand
 
Fenster, Express Zip Demo - Standard

Fenster, Express Zip Demo



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by Alexandra (administrator) on LIABSLADELE on 22-07-2015 17:36:27
Running from C:\Users\Alexandra\Downloads
Loaded Profiles: UpdatusUser & Alexandra (Available Profiles: UpdatusUser & Alexandra)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Nico Mak Computing) C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
() C:\Program Files (x86)\3DataManager\WTGService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
() C:\Program Files (x86)\3DataManager\3DataManager_Launcher.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
() C:\Program Files (x86)\PHotkey\Atouch64.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
() C:\Program Files (x86)\PHotkey\GPMTray.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officec2rclient.exe
(WebToGo Mobile Internet GmbH) C:\Program Files (x86)\3DataManager\3DataManager.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-30] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-17] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-12] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Winlogon: [Shell] explorer.exe,explorer.exe
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-2422082488-33307941-859794934-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-11-21] (Microsoft Corporation)
HKU\S-1-5-21-2422082488-33307941-859794934-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30879328 2014-12-11] (Skype Technologies S.A.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-10-27] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-10-27] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-09-03]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launcher.lnk [2013-09-26]
ShortcutTarget: Launcher.lnk -> C:\Program Files (x86)\3DataManager\3DataManager_Launcher.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-09] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2422082488-33307941-859794934-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKU\S-1-5-21-2422082488-33307941-859794934-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2422082488-33307941-859794934-1002 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-01-06] (Microsoft Corporation)
BHO: No Name -> {7553EA3C-F8DA-4188-B7BC-956894EA54F5} ->  No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-09] (Avast Software s.r.o.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-06] (Microsoft Corporation)
BHO-x32: No Name -> {7553EA3C-F8DA-4188-B7BC-956894EA54F5} ->  No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-09] (Avast Software s.r.o.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-01-06] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\..\Interfaces\{911A0AC8-7281-402E-B978-1C522B971556}: [NameServer] 213.94.78.16 213.94.78.17
Tcpip\..\Interfaces\{D93110B3-007B-4A4A-8BAC-33DF59D2732D}: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\8yi0niup.default
FF Homepage: https://www.google.at/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-09-15] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\8yi0niup.default\searchplugins\23cb1dac-5674-4d52-91b4-035ade58fc2f.xml [2014-02-12]
FF SearchPlugin: C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\8yi0niup.default\searchplugins\google-images.xml [2015-02-08]
FF SearchPlugin: C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\8yi0niup.default\searchplugins\google-maps.xml [2015-02-08]
FF Extension: CHIP Best Deal - C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\8yi0niup.default\Extensions\ciuvo-extension@chip.de.xpi [2015-03-18]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-07-10]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-05-09]
FF HKU\S-1-5-21-2422082488-33307941-859794934-1002\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-02-17]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-05-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-09]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-09] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-05-09] (Avast Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [805888 2012-11-29] () [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-21] (Microsoft Corporation)
R2 WTGService; C:\Program Files (x86)\3DataManager\WTGService.exe [343024 2012-07-05] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-09] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-09] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-09] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-09] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-27] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-09] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-09] ()
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-09-25] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-09-25] (Windows (R) Win 7 DDK provider)
R3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [229376 2013-09-26] (Huawei Technologies Co., Ltd.)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2012-11-14] (ITE                      )
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-05-09] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-21] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-22 17:36 - 2015-07-22 17:37 - 00016771 _____ C:\Users\Alexandra\Downloads\FRST.txt
2015-07-22 17:36 - 2015-07-22 17:36 - 00000000 ____D C:\FRST
2015-07-22 17:35 - 2015-07-22 17:35 - 02135552 _____ (Farbar) C:\Users\Alexandra\Downloads\FRST64.exe
2015-07-20 12:28 - 2015-07-20 12:28 - 00000795 _____ C:\WINDOWS\setupact.log
2015-07-20 12:28 - 2015-07-20 12:28 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-07-19 15:28 - 2015-07-22 17:33 - 01717647 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-18 14:44 - 2015-07-18 14:44 - 00000000 ___RD C:\Users\Alexandra\Documents\Notes
2015-07-18 14:32 - 2015-07-18 14:32 - 00001526 _____ C:\Users\Alexandra\Desktop\AdwCleaner[R3].txt
2015-07-18 14:28 - 2015-07-18 14:28 - 00030924 _____ C:\Users\Alexandra\Desktop\Log - Malware Protector 2.xml
2015-07-18 14:10 - 2015-07-22 11:30 - 00003116 _____ C:\WINDOWS\System32\Tasks\WinZip Malware Protector_startup
2015-07-18 14:10 - 2015-07-18 14:10 - 04798152 _____ (WinZip International LLC ) C:\Users\Alexandra\Downloads\wzmp_10(1).exe
2015-07-18 14:10 - 2015-07-18 14:10 - 00001201 _____ C:\Users\Public\Desktop\WinZip Malware Protector.lnk
2015-07-18 14:10 - 2015-07-18 14:10 - 00000000 ____D C:\Users\Alexandra\AppData\Roaming\Nico Mak Computing
2015-07-18 14:10 - 2015-07-18 14:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2015-07-18 14:10 - 2015-07-18 14:10 - 00000000 ____D C:\Program Files (x86)\WinZip Malware Protector
2015-07-18 14:10 - 2013-03-15 17:10 - 00020480 _____ C:\WINDOWS\system32\wsusnative64.exe
2015-07-18 13:25 - 2015-07-18 13:25 - 02248704 _____ C:\Users\Alexandra\Downloads\AdwCleaner_4.208(3).exe
2015-07-18 13:17 - 2015-07-18 13:17 - 00030926 _____ C:\Users\Alexandra\Desktop\log -Malware Protector.xml
2015-07-18 13:00 - 2015-07-18 14:10 - 00000000 ____D C:\ProgramData\Nico Mak Computing
2015-07-18 13:00 - 2015-07-18 13:00 - 04798152 _____ (WinZip International LLC ) C:\Users\Alexandra\Downloads\wzmp_10.exe
2015-07-17 17:13 - 2015-07-17 17:13 - 02248704 _____ C:\Users\Alexandra\Downloads\AdwCleaner_4.208(2).exe
2015-07-17 17:12 - 2015-07-17 17:12 - 02248704 _____ C:\Users\Alexandra\Downloads\AdwCleaner_4.208(1).exe
2015-07-17 16:02 - 2015-07-18 14:31 - 00000000 ____D C:\AdwCleaner
2015-07-17 16:01 - 2015-07-17 16:01 - 02248704 _____ C:\Users\Alexandra\Downloads\AdwCleaner_4.208.exe
2015-07-17 15:15 - 2015-07-17 15:15 - 01187744 _____ (Uniblue Systems Limited ) C:\Users\Alexandra\Downloads\pcmechanicpm_7880780_.exe
2015-07-17 15:14 - 2015-07-22 11:34 - 00003958 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{74F4F432-1504-488A-8F0C-3AF8193DA34C}
2015-07-17 15:14 - 2015-07-17 15:14 - 00000000 __SHD C:\Users\Alexandra\AppData\Local\EmieUserList
2015-07-17 15:14 - 2015-07-17 15:14 - 00000000 __SHD C:\Users\Alexandra\AppData\Local\EmieSiteList
2015-07-17 15:14 - 2015-07-17 15:14 - 00000000 __SHD C:\Users\Alexandra\AppData\Local\EmieBrowserModeList
2015-07-17 15:10 - 2015-07-17 15:11 - 01198368 _____ C:\Users\Alexandra\Downloads\Trojan Remover - CHIP-Installer.exe
2015-07-14 18:42 - 2015-07-14 18:49 - 01187008 _____ (Adobe Systems Incorporated) C:\Users\Alexandra\Downloads\flashplayer18_ga_install.exe
2015-07-10 10:44 - 2015-07-14 17:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-25 16:57 - 2015-06-25 16:57 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-06-23 20:14 - 2015-07-11 11:13 - 00000000 ___DC C:\WINDOWS\Panther
2015-06-23 20:14 - 2015-06-23 20:14 - 00000000 __SHD C:\Recovery
2015-06-23 20:13 - 2015-06-23 20:13 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2015-06-23 20:10 - 2015-06-23 20:10 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-06-23 20:10 - 2015-06-23 20:10 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-06-23 20:10 - 2015-06-23 20:10 - 00000000 ____D C:\Program Files\MSBuild
2015-06-23 20:10 - 2015-06-23 20:10 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-06-23 20:10 - 2015-06-23 20:10 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-06-23 20:09 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-06-23 20:09 - 2013-08-03 06:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-06-23 20:09 - 2013-08-03 06:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-06-23 20:09 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-06-23 20:09 - 2013-08-03 06:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-06-23 20:09 - 2013-08-03 06:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-06-23 20:08 - 2015-06-23 20:08 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-06-23 20:08 - 2015-06-23 20:08 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-06-23 20:03 - 2015-06-23 20:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2015-06-23 20:02 - 2015-06-23 20:02 - 00001450 _____ C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-23 20:01 - 2015-06-23 20:01 - 00000020 ___SH C:\Users\Alexandra\ntuser.ini
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Programme
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\ProgramData\Vorlagen
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\ProgramData\Startmenü
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\ProgramData\Dokumente
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Dokumente und Einstellungen
2015-06-23 19:55 - 2015-06-23 19:55 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-06-23 19:44 - 2015-06-23 19:44 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2015-06-23 19:35 - 2015-06-23 19:35 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-06-23 19:30 - 2015-06-23 19:30 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-06-23 19:29 - 2015-06-23 19:45 - 00000000 ____D C:\Users\Alexandra\SkyDrive
2015-06-23 19:28 - 2015-06-23 20:01 - 00000000 ____D C:\Users\Alexandra
2015-06-23 19:28 - 2015-06-23 19:56 - 00036198 _____ C:\WINDOWS\diagwrn.xml
2015-06-23 19:28 - 2015-06-23 19:56 - 00036198 _____ C:\WINDOWS\diagerr.xml
2015-06-23 19:28 - 2015-06-23 19:29 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-23 19:28 - 2015-06-23 19:29 - 00000000 ___RD C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\Vorlagen
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\Startmenü
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\Netzwerkumgebung
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\Lokale Einstellungen
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\Eigene Dateien
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\Druckumgebung
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\Documents\Eigene Musik
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\Documents\Eigene Bilder
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\AppData\Local\Verlauf
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\AppData\Local\Anwendungsdaten
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\Anwendungsdaten
2015-06-23 19:28 - 2014-11-21 12:52 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-23 19:28 - 2014-11-21 12:52 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-06-23 19:28 - 2014-11-21 12:52 - 00000000 ___RD C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-23 19:28 - 2014-11-21 12:52 - 00000000 ___RD C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-06-23 19:28 - 2014-11-21 05:42 - 00000369 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-06-23 19:28 - 2014-11-21 05:42 - 00000369 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-06-23 19:28 - 2014-11-21 05:42 - 00000369 _____ C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-06-23 19:28 - 2014-11-21 05:42 - 00000369 _____ C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-06-23 19:28 - 2013-08-22 17:36 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-23 19:28 - 2013-08-22 17:36 - 00000000 ____D C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-23 19:20 - 2015-06-23 19:20 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-06-23 19:20 - 2015-06-23 19:20 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
2015-06-23 19:19 - 2015-06-23 19:32 - 00000000 ____D C:\Program Files\Intel
2015-06-23 19:19 - 2014-10-01 19:54 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-06-23 19:19 - 2014-10-01 19:54 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-06-23 19:18 - 2015-07-22 11:27 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-23 19:18 - 2015-06-28 19:27 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-06-23 19:18 - 2015-06-28 19:27 - 00000000 ____D C:\WINDOWS\system32\NV
2015-06-23 19:18 - 2015-06-23 19:33 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-23 19:18 - 2015-06-23 19:18 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-06-23 19:18 - 2015-06-23 19:18 - 00000000 ____D C:\Program Files\Realtek
2015-06-23 19:18 - 2013-10-23 10:20 - 06669600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-06-23 19:18 - 2013-10-23 10:20 - 03489568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-06-23 19:18 - 2013-10-23 10:20 - 03426956 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-06-23 19:18 - 2013-10-23 10:20 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-06-23 19:18 - 2013-10-23 10:20 - 01064224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-06-23 19:18 - 2013-10-23 10:20 - 00922912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-06-23 19:18 - 2013-10-23 10:20 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-06-23 19:18 - 2013-10-23 10:20 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-06-23 19:18 - 2013-10-23 10:20 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-06-23 19:17 - 2015-06-23 19:32 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-06-23 19:17 - 2015-06-23 19:32 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-22 17:23 - 2014-01-19 17:21 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-07-22 17:19 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-07-22 11:59 - 2013-09-01 23:23 - 00000000 ____D C:\Users\Alexandra\AppData\Local\Packages
2015-07-22 11:28 - 2014-02-06 17:22 - 00001020 _____ C:\WINDOWS\Tasks\Installer for avg_safeguard.job
2015-07-22 11:27 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-21 17:24 - 2013-09-26 09:20 - 00000000 ____D C:\Users\Alexandra\AppData\Roaming\3DataManager
2015-07-21 14:18 - 2015-05-09 11:35 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-07-20 12:30 - 2014-11-21 05:35 - 01780340 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-20 12:30 - 2014-11-21 04:45 - 00766620 _____ C:\WINDOWS\system32\perfh007.dat
2015-07-20 12:30 - 2014-11-21 04:45 - 00159902 _____ C:\WINDOWS\system32\perfc007.dat
2015-07-18 20:04 - 2013-09-01 23:30 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2422082488-33307941-859794934-1002
2015-07-18 19:33 - 2015-03-10 20:35 - 00000000 ____D C:\Program Files (x86)\NCH Software
2015-07-18 14:00 - 2015-01-26 21:37 - 00000000 ____D C:\ProgramData\Samsung
2015-07-18 14:00 - 2014-01-06 15:05 - 00000000 ____D C:\Users\Alexandra\AppData\Roaming\Samsung
2015-07-18 13:43 - 2015-04-05 21:16 - 00000000 ____D C:\Users\Alexandra\Documents\Benutzerdefinierte Office-Vorlagen
2015-07-18 13:42 - 2014-02-14 19:56 - 00000000 ____D C:\Users\Alexandra\Documents\Einkommenstuererklärung
2015-07-17 17:03 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-07-17 15:15 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\restore
2015-07-14 18:59 - 2014-02-14 17:37 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-14 18:56 - 2014-06-25 12:06 - 00000000 ____D C:\Users\Alexandra\AppData\Local\Adobe
2015-07-14 18:53 - 2014-01-19 17:21 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-07-14 17:35 - 2013-09-03 13:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-27 12:29 - 2015-05-09 11:35 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-06-25 16:58 - 2012-07-26 07:26 - 00000127 _____ C:\WINDOWS\win.ini
2015-06-24 16:45 - 2015-05-20 20:14 - 00000000 ____D C:\WINDOWS\system32\AutoUpdateLicense
2015-06-23 20:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-23 20:13 - 2013-08-22 17:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2015-06-23 20:01 - 2015-06-11 11:40 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-06-23 19:58 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-23 19:56 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Registration
2015-06-23 19:56 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows NT
2015-06-23 19:56 - 2013-08-22 15:36 - 00000000 __RHD C:\Users\Default
2015-06-23 19:49 - 2013-08-22 17:36 - 00000000 __RSD C:\WINDOWS\Media
2015-06-23 19:49 - 2013-08-22 17:36 - 00000000 __RHD C:\Users\Public\Libraries
2015-06-23 19:45 - 2012-11-14 10:31 - 01804472 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-06-23 19:38 - 2013-08-22 16:44 - 00382208 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-23 19:37 - 2015-05-25 10:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-06-23 19:37 - 2015-05-21 08:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-06-23 19:37 - 2015-05-11 10:20 - 00000000 ____D C:\WINDOWS\SysWOW64\vbox
2015-06-23 19:37 - 2015-05-11 10:20 - 00000000 ____D C:\WINDOWS\system32\vbox
2015-06-23 19:37 - 2015-02-18 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
2015-06-23 19:37 - 2015-02-02 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-06-23 19:37 - 2014-04-20 19:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-06-23 19:37 - 2014-02-26 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Switch
2015-06-23 19:37 - 2014-02-17 09:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-06-23 19:37 - 2013-09-26 09:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3DataManager
2015-06-23 19:37 - 2013-09-15 22:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-06-23 19:37 - 2013-09-15 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-06-23 19:37 - 2013-09-03 15:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-06-23 19:37 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-06-23 19:37 - 2013-08-22 15:25 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM
2015-06-23 19:37 - 2012-11-14 10:27 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-06-23 19:37 - 2012-11-14 09:27 - 00000000 ____D C:\WINDOWS\sl
2015-06-23 19:37 - 2012-11-14 09:27 - 00000000 ____D C:\WINDOWS\nl
2015-06-23 19:37 - 2012-11-14 09:27 - 00000000 ____D C:\WINDOWS\it
2015-06-23 19:37 - 2012-11-14 09:27 - 00000000 ____D C:\WINDOWS\da
2015-06-23 19:37 - 2012-11-14 09:26 - 00000000 ____D C:\WINDOWS\hu
2015-06-23 19:37 - 2012-11-14 09:26 - 00000000 ____D C:\WINDOWS\fr
2015-06-23 19:37 - 2012-11-14 09:26 - 00000000 ____D C:\WINDOWS\es
2015-06-23 19:37 - 2012-11-14 09:26 - 00000000 ____D C:\WINDOWS\de
2015-06-23 19:37 - 2012-07-26 11:43 - 00000000 ____D C:\WINDOWS\en-GB
2015-06-23 19:35 - 2012-07-26 07:37 - 00000000 ____D C:\Users\Default.migrated
2015-06-23 19:34 - 2014-11-21 04:45 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2015-06-23 19:34 - 2014-11-21 04:45 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-06-23 19:34 - 2014-11-21 04:45 - 00000000 ____D C:\WINDOWS\system32\WCN
2015-06-23 19:34 - 2013-09-03 15:29 - 00000000 ____D C:\WINDOWS\SysWOW64\spool
2015-06-23 19:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-06-23 19:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-06-23 19:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-06-23 19:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-06-23 19:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\spool
2015-06-23 19:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-06-23 19:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-06-23 19:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\IME
2015-06-23 19:34 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2015-06-23 19:34 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-06-23 19:34 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-06-23 19:34 - 2012-11-14 09:42 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-06-23 19:33 - 2015-01-26 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
2015-06-23 19:33 - 2013-08-22 17:43 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-06-23 19:33 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-06-23 19:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-23 19:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\IME
2015-06-23 19:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Help
2015-06-23 19:33 - 2013-08-22 16:45 - 00000000 ____D C:\WINDOWS\Setup
2015-06-23 19:33 - 2012-11-14 07:04 - 00000000 ____D C:\ProgramData\PRICache
2015-06-23 19:32 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-06-23 19:32 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\System
2015-06-23 19:32 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-06-23 19:30 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-06-22 18:49 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent

==================== Files in the root of some directories =======

2014-07-27 15:57 - 2014-07-27 15:58 - 1122704 _____ () C:\Users\Alexandra\AppData\Roaming\27072014.scr
2012-11-14 10:19 - 2012-11-14 10:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-09-03 15:21 - 2014-01-28 13:40 - 0001458 _____ () C:\ProgramData\hpzinstall.log
2013-11-20 12:34 - 2013-11-20 12:34 - 0000104 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2013-10-03 15:48 - 2013-10-03 15:48 - 0000032 _____ () C:\ProgramData\Temp.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-21 15:14

==================== End of log ============================
         
--- --- ---


Nico Mak Computing
WinZip Malware Protector

Datum der Überprüfung Samstag, 18. Juli 2015
Datenbankversion 2317
Gefundene Elemente insgesamt 94
Überprüfte Objekte: 365935
Abgelaufene Zeit: 00:07:14
Name Gefundene Elemente

Name der Infektion pup.optional
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 1

Gefundener Bereich FileSystem
Details
Dateiname c:\users\alexandra\downloads\kies3setup.exe
MD5 12095843207507927641
Signatur 0
Md5hash: 9dd5bd2ff675d9a92447c28ec3532d55



Name der Infektion malware.trace
Kategorie Generic Malware
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 93

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
17.06.2014 at 18:48:11


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
17.06.2014 at 18:48:54


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
18.06.2014 at 09:14:16


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
18.06.2014 at 09:37:32


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
18.06.2014 at 09:38:06


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
18.06.2014 at 09:38:51


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
18.06.2014 at 09:38:58


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
19.06.2014 at 09:58:29


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
20.06.2014 at 12:06:43


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
21.06.2014 at 12:39:06


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
24.06.2014 at 12:34:51


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
25.06.2014 at 11:45:42


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
26.06.2014 at 14:24:23


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
27.06.2014 at 09:09:29


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
28.06.2014 at 15:59:04


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
28.06.2014 at 20:00:30


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
29.06.2014 at 11:24:06


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
30.06.2014 at 11:51:56


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
01.07.2014 at 10:01:09


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
02.07.2014 at 09:55:44


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
03.07.2014 at 12:49:31


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
05.07.2014 at 13:07:07


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
06.07.2014 at 19:58:52


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
07.07.2014 at 11:09:45


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
07.07.2014 at 17:46:39


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
08.07.2014 at 17:27:27


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
10.07.2014 at 10:25:33


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
16.07.2014 at 09:42:20


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
23.07.2014 at 09:43:04


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
24.07.2014 at 12:04:29


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
25.07.2014 at 13:36:18


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
27.07.2014 at 13:16:57


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
28.07.2014 at 12:09:35


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
29.07.2014 at 12:21:30


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
02.08.2014 at 12:22:42


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
03.08.2014 at 11:51:53


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
04.08.2014 at 16:48:51


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
06.08.2014 at 09:38:04


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
08.08.2014 at 12:48:43


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
11.08.2014 at 11:32:54


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
12.08.2014 at 11:14:54


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
14.08.2014 at 07:21:18


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
15.08.2014 at 10:46:02


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
15.08.2014 at 19:46:22


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
16.08.2014 at 11:22:26


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
21.08.2014 at 10:41:18


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
22.08.2014 at 11:19:18


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
23.08.2014 at 10:28:14


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
24.08.2014 at 11:00:10


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
27.08.2014 at 18:38:28


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
28.08.2014 at 10:31:32


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
29.08.2014 at 11:53:24


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
30.08.2014 at 11:02:38


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
03.09.2014 at 17:43:05


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
04.09.2014 at 10:54:50


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
06.09.2014 at 20:10:53


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
07.09.2014 at 11:26:03


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
18.09.2014 at 18:05:18


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
19.09.2014 at 08:32:29


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
20.09.2014 at 10:25:35


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
21.09.2014 at 13:27:01


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
22.09.2014 at 09:44:13


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
24.09.2014 at 16:57:12


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
25.09.2014 at 09:43:54


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
28.09.2014 at 11:25:46


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
29.09.2014 at 12:13:52


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
02.10.2014 at 09:25:16


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
03.10.2014 at 12:44:21


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
04.10.2014 at 20:16:15


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
05.10.2014 at 11:39:49


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
07.10.2014 at 17:04:22


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
08.10.2014 at 18:12:46


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
12.10.2014 at 11:26:29


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
13.10.2014 at 09:17:35


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
14.10.2014 at 17:14:37


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
16.10.2014 at 12:25:07


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
17.10.2014 at 12:30:41


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
19.10.2014 at 11:49:32


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
21.10.2014 at 16:51:07


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
24.10.2014 at 11:20:47


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
25.10.2014 at 13:13:26


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
27.10.2014 at 10:52:20


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
28.10.2014 at 17:13:25


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
31.10.2014 at 11:37:25


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
02.11.2014 at 12:29:58


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
03.11.2014 at 10:32:39


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
04.11.2014 at 17:10:14


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
05.11.2014 at 17:52:30


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
06.11.2014 at 10:10:26


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
07.11.2014 at 10:38:31


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
07.11.2014 at 21:55:24


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\dc3_fexec
08.11.2014 at 10:02:30


© 2013 WinZip International LLC. All rights reserved.

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v4.208 - Bericht erstellt 18/07/2015 um 14:30:32
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-07-15.1 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Alexandra - LIABSLADELE
# Gestarted von : C:\Users\Alexandra\Downloads\AdwCleaner_4.208(3).exe
# Option : Suchlauf

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Users\Public\Desktop\WinZip Malware Protector.lnk
Datei Gefunden : C:\WINDOWS\System32\wsusnative64.exe
Ordner Gefunden : C:\Program Files (x86)\WinZip Malware Protector
Ordner Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector

***** [ Geplante Tasks ] *****

Task Gefunden : WinZip Malware Protector_startup

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinZip Malware Protector_is1

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v39.0 (x86 de)


*************************

AdwCleaner[R0].txt - [12230 Bytes] - [17/07/2015 16:02:59]
AdwCleaner[R1].txt - [900 Bytes] - [17/07/2015 17:13:44]
AdwCleaner[R2].txt - [1408 Bytes] - [18/07/2015 13:25:25]
AdwCleaner[R3].txt - [1270 Bytes] - [18/07/2015 14:30:32]
AdwCleaner[S0].txt - [9597 Bytes] - [17/07/2015 17:02:02]
AdwCleaner[S1].txt - [1467 Bytes] - [18/07/2015 13:33:16]

########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [1447 Bytes] ##########
         
--- --- ---

[/CODE]

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v4.208 - Bericht erstellt 18/07/2015 um 14:30:32
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-07-15.1 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Alexandra - LIABSLADELE
# Gestarted von : C:\Users\Alexandra\Downloads\AdwCleaner_4.208(3).exe
# Option : Suchlauf

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Users\Public\Desktop\WinZip Malware Protector.lnk
Datei Gefunden : C:\WINDOWS\System32\wsusnative64.exe
Ordner Gefunden : C:\Program Files (x86)\WinZip Malware Protector
Ordner Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector

***** [ Geplante Tasks ] *****

Task Gefunden : WinZip Malware Protector_startup

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinZip Malware Protector_is1

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v39.0 (x86 de)


*************************

AdwCleaner[R0].txt - [12230 Bytes] - [17/07/2015 16:02:59]
AdwCleaner[R1].txt - [900 Bytes] - [17/07/2015 17:13:44]
AdwCleaner[R2].txt - [1408 Bytes] - [18/07/2015 13:25:25]
AdwCleaner[R3].txt - [1270 Bytes] - [18/07/2015 14:30:32]
AdwCleaner[S0].txt - [9597 Bytes] - [17/07/2015 17:02:02]
AdwCleaner[S1].txt - [1467 Bytes] - [18/07/2015 13:33:16]

########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [1447 Bytes] ##########
         
--- --- ---


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by Alexandra (administrator) on LIABSLADELE on 22-07-2015 17:36:27
Running from C:\Users\Alexandra\Downloads
Loaded Profiles: UpdatusUser & Alexandra (Available Profiles: UpdatusUser & Alexandra)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Nico Mak Computing) C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
() C:\Program Files (x86)\3DataManager\WTGService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
() C:\Program Files (x86)\3DataManager\3DataManager_Launcher.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
() C:\Program Files (x86)\PHotkey\Atouch64.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
() C:\Program Files (x86)\PHotkey\GPMTray.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officec2rclient.exe
(WebToGo Mobile Internet GmbH) C:\Program Files (x86)\3DataManager\3DataManager.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-30] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-17] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-12] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Winlogon: [Shell] explorer.exe,explorer.exe
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-2422082488-33307941-859794934-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-11-21] (Microsoft Corporation)
HKU\S-1-5-21-2422082488-33307941-859794934-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30879328 2014-12-11] (Skype Technologies S.A.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-10-27] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-10-27] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-09-03]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launcher.lnk [2013-09-26]
ShortcutTarget: Launcher.lnk -> C:\Program Files (x86)\3DataManager\3DataManager_Launcher.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-09] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2422082488-33307941-859794934-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKU\S-1-5-21-2422082488-33307941-859794934-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2422082488-33307941-859794934-1002 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-01-06] (Microsoft Corporation)
BHO: No Name -> {7553EA3C-F8DA-4188-B7BC-956894EA54F5} ->  No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-09] (Avast Software s.r.o.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-06] (Microsoft Corporation)
BHO-x32: No Name -> {7553EA3C-F8DA-4188-B7BC-956894EA54F5} ->  No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-09] (Avast Software s.r.o.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-01-06] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\..\Interfaces\{911A0AC8-7281-402E-B978-1C522B971556}: [NameServer] 213.94.78.16 213.94.78.17
Tcpip\..\Interfaces\{D93110B3-007B-4A4A-8BAC-33DF59D2732D}: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\8yi0niup.default
FF Homepage: https://www.google.at/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-09-15] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\8yi0niup.default\searchplugins\23cb1dac-5674-4d52-91b4-035ade58fc2f.xml [2014-02-12]
FF SearchPlugin: C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\8yi0niup.default\searchplugins\google-images.xml [2015-02-08]
FF SearchPlugin: C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\8yi0niup.default\searchplugins\google-maps.xml [2015-02-08]
FF Extension: CHIP Best Deal - C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\8yi0niup.default\Extensions\ciuvo-extension@chip.de.xpi [2015-03-18]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-07-10]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-05-09]
FF HKU\S-1-5-21-2422082488-33307941-859794934-1002\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-02-17]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-05-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-09]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-09] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-05-09] (Avast Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [805888 2012-11-29] () [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-21] (Microsoft Corporation)
R2 WTGService; C:\Program Files (x86)\3DataManager\WTGService.exe [343024 2012-07-05] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-09] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-09] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-09] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-09] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-27] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-09] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-09] ()
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-09-25] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-09-25] (Windows (R) Win 7 DDK provider)
R3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [229376 2013-09-26] (Huawei Technologies Co., Ltd.)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2012-11-14] (ITE                      )
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-05-09] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-21] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-22 17:36 - 2015-07-22 17:37 - 00016771 _____ C:\Users\Alexandra\Downloads\FRST.txt
2015-07-22 17:36 - 2015-07-22 17:36 - 00000000 ____D C:\FRST
2015-07-22 17:35 - 2015-07-22 17:35 - 02135552 _____ (Farbar) C:\Users\Alexandra\Downloads\FRST64.exe
2015-07-20 12:28 - 2015-07-20 12:28 - 00000795 _____ C:\WINDOWS\setupact.log
2015-07-20 12:28 - 2015-07-20 12:28 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-07-19 15:28 - 2015-07-22 17:33 - 01717647 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-18 14:44 - 2015-07-18 14:44 - 00000000 ___RD C:\Users\Alexandra\Documents\Notes
2015-07-18 14:32 - 2015-07-18 14:32 - 00001526 _____ C:\Users\Alexandra\Desktop\AdwCleaner[R3].txt
2015-07-18 14:28 - 2015-07-18 14:28 - 00030924 _____ C:\Users\Alexandra\Desktop\Log - Malware Protector 2.xml
2015-07-18 14:10 - 2015-07-22 11:30 - 00003116 _____ C:\WINDOWS\System32\Tasks\WinZip Malware Protector_startup
2015-07-18 14:10 - 2015-07-18 14:10 - 04798152 _____ (WinZip International LLC ) C:\Users\Alexandra\Downloads\wzmp_10(1).exe
2015-07-18 14:10 - 2015-07-18 14:10 - 00001201 _____ C:\Users\Public\Desktop\WinZip Malware Protector.lnk
2015-07-18 14:10 - 2015-07-18 14:10 - 00000000 ____D C:\Users\Alexandra\AppData\Roaming\Nico Mak Computing
2015-07-18 14:10 - 2015-07-18 14:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2015-07-18 14:10 - 2015-07-18 14:10 - 00000000 ____D C:\Program Files (x86)\WinZip Malware Protector
2015-07-18 14:10 - 2013-03-15 17:10 - 00020480 _____ C:\WINDOWS\system32\wsusnative64.exe
2015-07-18 13:25 - 2015-07-18 13:25 - 02248704 _____ C:\Users\Alexandra\Downloads\AdwCleaner_4.208(3).exe
2015-07-18 13:17 - 2015-07-18 13:17 - 00030926 _____ C:\Users\Alexandra\Desktop\log -Malware Protector.xml
2015-07-18 13:00 - 2015-07-18 14:10 - 00000000 ____D C:\ProgramData\Nico Mak Computing
2015-07-18 13:00 - 2015-07-18 13:00 - 04798152 _____ (WinZip International LLC ) C:\Users\Alexandra\Downloads\wzmp_10.exe
2015-07-17 17:13 - 2015-07-17 17:13 - 02248704 _____ C:\Users\Alexandra\Downloads\AdwCleaner_4.208(2).exe
2015-07-17 17:12 - 2015-07-17 17:12 - 02248704 _____ C:\Users\Alexandra\Downloads\AdwCleaner_4.208(1).exe
2015-07-17 16:02 - 2015-07-18 14:31 - 00000000 ____D C:\AdwCleaner
2015-07-17 16:01 - 2015-07-17 16:01 - 02248704 _____ C:\Users\Alexandra\Downloads\AdwCleaner_4.208.exe
2015-07-17 15:15 - 2015-07-17 15:15 - 01187744 _____ (Uniblue Systems Limited ) C:\Users\Alexandra\Downloads\pcmechanicpm_7880780_.exe
2015-07-17 15:14 - 2015-07-22 11:34 - 00003958 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{74F4F432-1504-488A-8F0C-3AF8193DA34C}
2015-07-17 15:14 - 2015-07-17 15:14 - 00000000 __SHD C:\Users\Alexandra\AppData\Local\EmieUserList
2015-07-17 15:14 - 2015-07-17 15:14 - 00000000 __SHD C:\Users\Alexandra\AppData\Local\EmieSiteList
2015-07-17 15:14 - 2015-07-17 15:14 - 00000000 __SHD C:\Users\Alexandra\AppData\Local\EmieBrowserModeList
2015-07-17 15:10 - 2015-07-17 15:11 - 01198368 _____ C:\Users\Alexandra\Downloads\Trojan Remover - CHIP-Installer.exe
2015-07-14 18:42 - 2015-07-14 18:49 - 01187008 _____ (Adobe Systems Incorporated) C:\Users\Alexandra\Downloads\flashplayer18_ga_install.exe
2015-07-10 10:44 - 2015-07-14 17:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-25 16:57 - 2015-06-25 16:57 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-06-23 20:14 - 2015-07-11 11:13 - 00000000 ___DC C:\WINDOWS\Panther
2015-06-23 20:14 - 2015-06-23 20:14 - 00000000 __SHD C:\Recovery
2015-06-23 20:13 - 2015-06-23 20:13 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2015-06-23 20:10 - 2015-06-23 20:10 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-06-23 20:10 - 2015-06-23 20:10 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-06-23 20:10 - 2015-06-23 20:10 - 00000000 ____D C:\Program Files\MSBuild
2015-06-23 20:10 - 2015-06-23 20:10 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-06-23 20:10 - 2015-06-23 20:10 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-06-23 20:09 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-06-23 20:09 - 2013-08-03 06:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-06-23 20:09 - 2013-08-03 06:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-06-23 20:09 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-06-23 20:09 - 2013-08-03 06:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-06-23 20:09 - 2013-08-03 06:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-06-23 20:08 - 2015-06-23 20:08 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-06-23 20:08 - 2015-06-23 20:08 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-06-23 20:03 - 2015-06-23 20:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2015-06-23 20:02 - 2015-06-23 20:02 - 00001450 _____ C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-23 20:01 - 2015-06-23 20:01 - 00000020 ___SH C:\Users\Alexandra\ntuser.ini
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Programme
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\ProgramData\Vorlagen
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\ProgramData\Startmenü
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\ProgramData\Dokumente
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Dokumente und Einstellungen
2015-06-23 19:55 - 2015-06-23 19:55 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-06-23 19:44 - 2015-06-23 19:44 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2015-06-23 19:35 - 2015-06-23 19:35 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-06-23 19:30 - 2015-06-23 19:30 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-06-23 19:29 - 2015-06-23 19:45 - 00000000 ____D C:\Users\Alexandra\SkyDrive
2015-06-23 19:28 - 2015-06-23 20:01 - 00000000 ____D C:\Users\Alexandra
2015-06-23 19:28 - 2015-06-23 19:56 - 00036198 _____ C:\WINDOWS\diagwrn.xml
2015-06-23 19:28 - 2015-06-23 19:56 - 00036198 _____ C:\WINDOWS\diagerr.xml
2015-06-23 19:28 - 2015-06-23 19:29 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-23 19:28 - 2015-06-23 19:29 - 00000000 ___RD C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\Vorlagen
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\Startmenü
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\Netzwerkumgebung
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\Lokale Einstellungen
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\Eigene Dateien
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\Druckumgebung
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\Documents\Eigene Musik
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\Documents\Eigene Bilder
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\AppData\Local\Verlauf
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\AppData\Local\Anwendungsdaten
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\Anwendungsdaten
2015-06-23 19:28 - 2014-11-21 12:52 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-23 19:28 - 2014-11-21 12:52 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-06-23 19:28 - 2014-11-21 12:52 - 00000000 ___RD C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-23 19:28 - 2014-11-21 12:52 - 00000000 ___RD C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-06-23 19:28 - 2014-11-21 05:42 - 00000369 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-06-23 19:28 - 2014-11-21 05:42 - 00000369 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-06-23 19:28 - 2014-11-21 05:42 - 00000369 _____ C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-06-23 19:28 - 2014-11-21 05:42 - 00000369 _____ C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-06-23 19:28 - 2013-08-22 17:36 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-23 19:28 - 2013-08-22 17:36 - 00000000 ____D C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-23 19:20 - 2015-06-23 19:20 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-06-23 19:20 - 2015-06-23 19:20 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
2015-06-23 19:19 - 2015-06-23 19:32 - 00000000 ____D C:\Program Files\Intel
2015-06-23 19:19 - 2014-10-01 19:54 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-06-23 19:19 - 2014-10-01 19:54 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-06-23 19:18 - 2015-07-22 11:27 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-23 19:18 - 2015-06-28 19:27 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-06-23 19:18 - 2015-06-28 19:27 - 00000000 ____D C:\WINDOWS\system32\NV
2015-06-23 19:18 - 2015-06-23 19:33 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-23 19:18 - 2015-06-23 19:18 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-06-23 19:18 - 2015-06-23 19:18 - 00000000 ____D C:\Program Files\Realtek
2015-06-23 19:18 - 2013-10-23 10:20 - 06669600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-06-23 19:18 - 2013-10-23 10:20 - 03489568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-06-23 19:18 - 2013-10-23 10:20 - 03426956 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-06-23 19:18 - 2013-10-23 10:20 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-06-23 19:18 - 2013-10-23 10:20 - 01064224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-06-23 19:18 - 2013-10-23 10:20 - 00922912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-06-23 19:18 - 2013-10-23 10:20 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-06-23 19:18 - 2013-10-23 10:20 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-06-23 19:18 - 2013-10-23 10:20 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-06-23 19:17 - 2015-06-23 19:32 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-06-23 19:17 - 2015-06-23 19:32 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-22 17:23 - 2014-01-19 17:21 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-07-22 17:19 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-07-22 11:59 - 2013-09-01 23:23 - 00000000 ____D C:\Users\Alexandra\AppData\Local\Packages
2015-07-22 11:28 - 2014-02-06 17:22 - 00001020 _____ C:\WINDOWS\Tasks\Installer for avg_safeguard.job
2015-07-22 11:27 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-21 17:24 - 2013-09-26 09:20 - 00000000 ____D C:\Users\Alexandra\AppData\Roaming\3DataManager
2015-07-21 14:18 - 2015-05-09 11:35 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-07-20 12:30 - 2014-11-21 05:35 - 01780340 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-20 12:30 - 2014-11-21 04:45 - 00766620 _____ C:\WINDOWS\system32\perfh007.dat
2015-07-20 12:30 - 2014-11-21 04:45 - 00159902 _____ C:\WINDOWS\system32\perfc007.dat
2015-07-18 20:04 - 2013-09-01 23:30 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2422082488-33307941-859794934-1002
2015-07-18 19:33 - 2015-03-10 20:35 - 00000000 ____D C:\Program Files (x86)\NCH Software
2015-07-18 14:00 - 2015-01-26 21:37 - 00000000 ____D C:\ProgramData\Samsung
2015-07-18 14:00 - 2014-01-06 15:05 - 00000000 ____D C:\Users\Alexandra\AppData\Roaming\Samsung
2015-07-18 13:43 - 2015-04-05 21:16 - 00000000 ____D C:\Users\Alexandra\Documents\Benutzerdefinierte Office-Vorlagen
2015-07-18 13:42 - 2014-02-14 19:56 - 00000000 ____D C:\Users\Alexandra\Documents\Einkommenstuererklärung
2015-07-17 17:03 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-07-17 15:15 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\restore
2015-07-14 18:59 - 2014-02-14 17:37 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-14 18:56 - 2014-06-25 12:06 - 00000000 ____D C:\Users\Alexandra\AppData\Local\Adobe
2015-07-14 18:53 - 2014-01-19 17:21 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-07-14 17:35 - 2013-09-03 13:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-27 12:29 - 2015-05-09 11:35 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-06-25 16:58 - 2012-07-26 07:26 - 00000127 _____ C:\WINDOWS\win.ini
2015-06-24 16:45 - 2015-05-20 20:14 - 00000000 ____D C:\WINDOWS\system32\AutoUpdateLicense
2015-06-23 20:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-23 20:13 - 2013-08-22 17:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2015-06-23 20:01 - 2015-06-11 11:40 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-06-23 19:58 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-23 19:56 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Registration
2015-06-23 19:56 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows NT
2015-06-23 19:56 - 2013-08-22 15:36 - 00000000 __RHD C:\Users\Default
2015-06-23 19:49 - 2013-08-22 17:36 - 00000000 __RSD C:\WINDOWS\Media
2015-06-23 19:49 - 2013-08-22 17:36 - 00000000 __RHD C:\Users\Public\Libraries
2015-06-23 19:45 - 2012-11-14 10:31 - 01804472 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-06-23 19:38 - 2013-08-22 16:44 - 00382208 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-23 19:37 - 2015-05-25 10:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-06-23 19:37 - 2015-05-21 08:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-06-23 19:37 - 2015-05-11 10:20 - 00000000 ____D C:\WINDOWS\SysWOW64\vbox
2015-06-23 19:37 - 2015-05-11 10:20 - 00000000 ____D C:\WINDOWS\system32\vbox
2015-06-23 19:37 - 2015-02-18 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
2015-06-23 19:37 - 2015-02-02 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-06-23 19:37 - 2014-04-20 19:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-06-23 19:37 - 2014-02-26 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Switch
2015-06-23 19:37 - 2014-02-17 09:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-06-23 19:37 - 2013-09-26 09:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3DataManager
2015-06-23 19:37 - 2013-09-15 22:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-06-23 19:37 - 2013-09-15 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-06-23 19:37 - 2013-09-03 15:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-06-23 19:37 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-06-23 19:37 - 2013-08-22 15:25 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM
2015-06-23 19:37 - 2012-11-14 10:27 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-06-23 19:37 - 2012-11-14 09:27 - 00000000 ____D C:\WINDOWS\sl
2015-06-23 19:37 - 2012-11-14 09:27 - 00000000 ____D C:\WINDOWS\nl
2015-06-23 19:37 - 2012-11-14 09:27 - 00000000 ____D C:\WINDOWS\it
2015-06-23 19:37 - 2012-11-14 09:27 - 00000000 ____D C:\WINDOWS\da
2015-06-23 19:37 - 2012-11-14 09:26 - 00000000 ____D C:\WINDOWS\hu
2015-06-23 19:37 - 2012-11-14 09:26 - 00000000 ____D C:\WINDOWS\fr
2015-06-23 19:37 - 2012-11-14 09:26 - 00000000 ____D C:\WINDOWS\es
2015-06-23 19:37 - 2012-11-14 09:26 - 00000000 ____D C:\WINDOWS\de
2015-06-23 19:37 - 2012-07-26 11:43 - 00000000 ____D C:\WINDOWS\en-GB
2015-06-23 19:35 - 2012-07-26 07:37 - 00000000 ____D C:\Users\Default.migrated
2015-06-23 19:34 - 2014-11-21 04:45 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2015-06-23 19:34 - 2014-11-21 04:45 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-06-23 19:34 - 2014-11-21 04:45 - 00000000 ____D C:\WINDOWS\system32\WCN
2015-06-23 19:34 - 2013-09-03 15:29 - 00000000 ____D C:\WINDOWS\SysWOW64\spool
2015-06-23 19:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-06-23 19:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-06-23 19:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-06-23 19:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-06-23 19:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\spool
2015-06-23 19:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-06-23 19:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-06-23 19:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\IME
2015-06-23 19:34 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2015-06-23 19:34 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-06-23 19:34 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-06-23 19:34 - 2012-11-14 09:42 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-06-23 19:33 - 2015-01-26 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
2015-06-23 19:33 - 2013-08-22 17:43 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-06-23 19:33 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-06-23 19:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-23 19:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\IME
2015-06-23 19:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Help
2015-06-23 19:33 - 2013-08-22 16:45 - 00000000 ____D C:\WINDOWS\Setup
2015-06-23 19:33 - 2012-11-14 07:04 - 00000000 ____D C:\ProgramData\PRICache
2015-06-23 19:32 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-06-23 19:32 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\System
2015-06-23 19:32 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-06-23 19:30 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-06-22 18:49 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent

==================== Files in the root of some directories =======

2014-07-27 15:57 - 2014-07-27 15:58 - 1122704 _____ () C:\Users\Alexandra\AppData\Roaming\27072014.scr
2012-11-14 10:19 - 2012-11-14 10:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-09-03 15:21 - 2014-01-28 13:40 - 0001458 _____ () C:\ProgramData\hpzinstall.log
2013-11-20 12:34 - 2013-11-20 12:34 - 0000104 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2013-10-03 15:48 - 2013-10-03 15:48 - 0000032 _____ () C:\ProgramData\Temp.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-21 15:14

==================== End of log ============================
         
--- --- ---

Alt 22.07.2015, 18:03   #5
Xand
 
Fenster, Express Zip Demo - Standard

Fenster, Express Zip Demo



Code:
ATTFilter
17:45:01.0175 0x0608  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
17:45:01.0175 0x0608  UEFI system
17:45:10.0010 0x0608  ============================================================
17:45:10.0010 0x0608  Current date / time: 2015/07/22 17:45:10.0010
17:45:10.0010 0x0608  SystemInfo:
17:45:10.0010 0x0608  
17:45:10.0010 0x0608  OS Version: 6.3.9600 ServicePack: 0.0
17:45:10.0010 0x0608  Product type: Workstation
17:45:10.0010 0x0608  ComputerName: LIABSLADELE
17:45:10.0010 0x0608  UserName: Alexandra
17:45:10.0010 0x0608  Windows directory: C:\WINDOWS
17:45:10.0010 0x0608  System windows directory: C:\WINDOWS
17:45:10.0010 0x0608  Running under WOW64
17:45:10.0010 0x0608  Processor architecture: Intel x64
17:45:10.0010 0x0608  Number of processors: 4
17:45:10.0010 0x0608  Page size: 0x1000
17:45:10.0010 0x0608  Boot type: Normal boot
17:45:10.0011 0x0608  ============================================================
17:45:10.0551 0x0608  KLMD registered as C:\WINDOWS\system32\drivers\54677968.sys
17:45:12.0285 0x0608  System UUID: {5B38D464-B5E2-7B3E-7A6A-44134EE08677}
17:45:12.0772 0x0608  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:45:12.0780 0x0608  ============================================================
17:45:12.0780 0x0608  \Device\Harddisk0\DR0:
17:45:12.0780 0x0608  GPT partitions:
17:45:12.0780 0x0608  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {83AFE40B-EA61-4FF4-9F42-B8B05B6D85E2}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xF9800
17:45:12.0780 0x0608  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {3798CDB7-2557-433D-8CC7-7F8FB9DAFBC3}, Name: EFI system partition, StartLBA 0xFA000, BlocksNum 0x32000
17:45:12.0780 0x0608  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {89414895-50F3-4BB7-B419-5F4269135FB4}, Name: Microsoft reserved partition, StartLBA 0x12C000, BlocksNum 0x40000
17:45:12.0781 0x0608  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {8D7F0CC6-879E-47F6-A767-0ED8FD3B0659}, UniqueGUID: {A8FA594A-3D03-41C3-8AB7-2A366A43391A}, Name: Basic data partition, StartLBA 0x16C000, BlocksNum 0x200000
17:45:12.0781 0x0608  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {E1BD3005-AB8C-4FDA-8755-6A39F660332D}, Name: Basic data partition, StartLBA 0x36C000, BlocksNum 0x6CAB8000
17:45:12.0781 0x0608  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {724199AA-99B8-4FCB-B1A7-A3E1EB08EC18}, Name: , StartLBA 0x6CE24000, BlocksNum 0xE2000
17:45:12.0781 0x0608  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A8E48384-2DAB-46A3-87A3-D5695F9215E4}, Name: Basic data partition, StartLBA 0x6CF06000, BlocksNum 0x77FE000
17:45:12.0781 0x0608  MBR partitions:
17:45:12.0781 0x0608  ============================================================
17:45:12.0802 0x0608  C: <-> \Device\Harddisk0\DR0\Partition5
17:45:12.0858 0x0608  D: <-> \Device\Harddisk0\DR0\Partition7
17:45:12.0858 0x0608  ============================================================
17:45:12.0858 0x0608  Initialize success
17:45:12.0858 0x0608  ============================================================
17:45:49.0018 0x1570  ============================================================
17:45:49.0018 0x1570  Scan started
17:45:49.0018 0x1570  Mode: Manual; 
17:45:49.0018 0x1570  ============================================================
17:45:49.0018 0x1570  KSN ping started
17:45:49.0275 0x1570  KSN ping finished: true
17:45:51.0785 0x1570  ================ Scan system memory ========================
17:45:51.0785 0x1570  System memory - ok
17:45:51.0787 0x1570  ================ Scan services =============================
17:45:52.0026 0x1570  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
17:45:52.0031 0x1570  1394ohci - ok
17:45:52.0116 0x1570  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
17:45:52.0119 0x1570  3ware - ok
17:45:52.0212 0x1570  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
17:45:52.0231 0x1570  ACPI - ok
17:45:52.0252 0x1570  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
17:45:52.0254 0x1570  acpiex - ok
17:45:52.0274 0x1570  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
17:45:52.0275 0x1570  acpipagr - ok
17:45:52.0311 0x1570  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
17:45:52.0312 0x1570  AcpiPmi - ok
17:45:52.0389 0x1570  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
17:45:52.0390 0x1570  acpitime - ok
17:45:52.0492 0x1570  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:45:52.0494 0x1570  AdobeARMservice - ok
17:45:52.0644 0x1570  [ 9B3355B29942AF67F014EA90CE1EA960, FBB155F72984045BCD99CC2059B9EDAABD3A52104C3864A290D8A355991F94D3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:45:52.0650 0x1570  AdobeFlashPlayerUpdateSvc - ok
17:45:52.0709 0x1570  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
17:45:52.0725 0x1570  ADP80XX - ok
17:45:52.0763 0x1570  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
17:45:52.0768 0x1570  AeLookupSvc - ok
17:45:52.0850 0x1570  [ 0D0E5281784C2C526BA43C2ECD374288, BE4B16E08A96A24BEB904A2216A538340FD91A11E0CAB43BF8788C35DAD2D2B5 ] Afc             C:\WINDOWS\syswow64\drivers\Afc.sys
17:45:52.0853 0x1570  Afc - ok
17:45:52.0911 0x1570  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
17:45:52.0926 0x1570  AFD - ok
17:45:52.0949 0x1570  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
17:45:52.0951 0x1570  agp440 - ok
17:45:52.0968 0x1570  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
17:45:52.0970 0x1570  ahcache - ok
17:45:53.0010 0x1570  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\WINDOWS\System32\alg.exe
17:45:53.0012 0x1570  ALG - ok
17:45:53.0040 0x1570  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
17:45:53.0042 0x1570  AmdK8 - ok
17:45:53.0078 0x1570  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
17:45:53.0081 0x1570  AmdPPM - ok
17:45:53.0104 0x1570  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
17:45:53.0106 0x1570  amdsata - ok
17:45:53.0139 0x1570  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
17:45:53.0144 0x1570  amdsbs - ok
17:45:53.0163 0x1570  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
17:45:53.0164 0x1570  amdxata - ok
17:45:53.0257 0x1570  [ 0C3D62CB6B8F2B3CC42369BAC0F58AD5, F0121EACB6060DF1F6C5F79C15D5B483F301EF85B3C79F67806520BE9CEE398E ] AMPPAL          C:\WINDOWS\System32\drivers\AMPPAL.sys
17:45:53.0261 0x1570  AMPPAL - ok
17:45:53.0291 0x1570  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\WINDOWS\system32\drivers\appid.sys
17:45:53.0293 0x1570  AppID - ok
17:45:53.0335 0x1570  [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
17:45:53.0337 0x1570  AppIDSvc - ok
17:45:53.0367 0x1570  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
17:45:53.0371 0x1570  Appinfo - ok
17:45:53.0399 0x1570  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
17:45:53.0411 0x1570  AppReadiness - ok
17:45:53.0477 0x1570  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
17:45:53.0505 0x1570  AppXSvc - ok
17:45:53.0534 0x1570  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
17:45:53.0536 0x1570  arcsas - ok
17:45:53.0578 0x1570  [ B5B4C90E9F52DA8586F1E5461AD90A5D, D1EAA34E6AEB014E942D22F8CB5FB19BF1E2EADE5B5357274C001F44FDC25F05 ] aswHwid         C:\WINDOWS\system32\drivers\aswHwid.sys
17:45:53.0579 0x1570  aswHwid - ok
17:45:53.0591 0x1570  [ 300CB8E510855189CAD0B72FFB5590CB, EB50DC553FA8FD9DE3F60AAFED20702EAFBB1498EBD3220A39CC52A12F694246 ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
17:45:53.0594 0x1570  aswMonFlt - ok
17:45:53.0628 0x1570  [ 6D37D8DB30D086739507C5F6E542656A, 746D9E32E729138EA19062F4E6B6C98B6833504020A296E3E2A9CD92E0FED0B9 ] aswRdr          C:\WINDOWS\system32\drivers\aswRdr2.sys
17:45:53.0631 0x1570  aswRdr - ok
17:45:53.0644 0x1570  [ 07E32DFCA422A2920482D762D01957EC, A6502D26266D708E55EB2883897673AD3087C41D9EA0B41CD6BF6BD923EBDCB8 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
17:45:53.0645 0x1570  aswRvrt - ok
17:45:53.0703 0x1570  [ 3B4AC2DBFC86F7247C1FF1FAF2860530, A54A693D01C02AAE2B78BFE9B3900B5A6DD0C2C37C8FA58B14B5F57107032FF5 ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
17:45:53.0724 0x1570  aswSnx - ok
17:45:53.0763 0x1570  [ A04F190FCD762E7BCC9BFC70563C52DB, 2BF6823F2EADBDA28DF1CCECCAC84D9FF37D3CFB66A7B402575C6B9FCFB45EB3 ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
17:45:53.0773 0x1570  aswSP - ok
17:45:53.0800 0x1570  [ 6E53278ECCFFBC2ACC2A5006745ED4BB, 392170073A8933DB43CD1D64AD087F972F1971BF83BCAFE5B8FA1273C02026CE ] aswStm          C:\WINDOWS\system32\drivers\aswStm.sys
17:45:53.0803 0x1570  aswStm - ok
17:45:53.0827 0x1570  [ 91782404718C6352C26B3242BAC3F0F1, 84B1CDD1EBC83FAEBDCC8F67B13CA405C6CF0C518FC016603889EBE48FC91AB9 ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
17:45:53.0834 0x1570  aswVmm - ok
17:45:53.0871 0x1570  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
17:45:53.0872 0x1570  atapi - ok
17:45:53.0908 0x1570  [ CAC8CD93EF239AA68D92AEB5C17FDA8A, 48CA6135868A2351BBD48F2AC8622A7654B83AFD0661B266B684B19113B7D5D5 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
17:45:53.0915 0x1570  AudioEndpointBuilder - ok
17:45:53.0955 0x1570  [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
17:45:53.0973 0x1570  Audiosrv - ok
17:45:54.0043 0x1570  [ 54236E79A44F909612391C8A2D70D512, B0DF5BCC4F90AF087D0306F8D81F90B2CAE0176813E3AA6A7D5460F7878677CD ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:45:54.0050 0x1570  avast! Antivirus - ok
17:45:54.0213 0x1570  [ 46C430FE178028F7AD151B62EBA3EEC5, C883B7A974A629549470B28532640C1FD2166CC4F95C69E4C4A1596AF5A5A331 ] AvastVBoxSvc    C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
17:45:54.0313 0x1570  AvastVBoxSvc - ok
17:45:54.0349 0x1570  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
17:45:54.0353 0x1570  AxInstSV - ok
17:45:54.0397 0x1570  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
17:45:54.0408 0x1570  b06bdrv - ok
17:45:54.0434 0x1570  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
17:45:54.0435 0x1570  BasicDisplay - ok
17:45:54.0448 0x1570  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
17:45:54.0450 0x1570  BasicRender - ok
17:45:54.0476 0x1570  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
17:45:54.0477 0x1570  bcmfn2 - ok
17:45:54.0500 0x1570  [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
17:45:54.0509 0x1570  BDESVC - ok
17:45:54.0545 0x1570  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
17:45:54.0545 0x1570  Beep - ok
17:45:54.0590 0x1570  [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE             C:\WINDOWS\System32\bfe.dll
17:45:54.0608 0x1570  BFE - ok
17:45:54.0660 0x1570  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\WINDOWS\System32\qmgr.dll
17:45:54.0680 0x1570  BITS - ok
17:45:54.0708 0x1570  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
17:45:54.0711 0x1570  bowser - ok
17:45:54.0744 0x1570  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
17:45:54.0751 0x1570  BrokerInfrastructure - ok
17:45:54.0770 0x1570  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\WINDOWS\System32\browser.dll
17:45:54.0774 0x1570  Browser - ok
17:45:54.0814 0x1570  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
17:45:54.0815 0x1570  BthAvrcpTg - ok
17:45:54.0852 0x1570  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\WINDOWS\system32\DRIVERS\BthEnum.sys
17:45:54.0854 0x1570  BthEnum - ok
17:45:54.0861 0x1570  [ 67343511D80BF3D6D9EEDB5BA8D0B06B, 28436B2E62762686C4FF4FA3F9E7ABB56DA9D6884B6C924ACC544161400593DD ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
17:45:54.0862 0x1570  BthHFEnum - ok
17:45:54.0869 0x1570  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
17:45:54.0870 0x1570  bthhfhid - ok
17:45:54.0893 0x1570  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
17:45:54.0901 0x1570  BthHFSrv - ok
17:45:54.0921 0x1570  [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
17:45:54.0924 0x1570  BTHMODEM - ok
17:45:54.0945 0x1570  [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
17:45:54.0948 0x1570  BthPan - ok
17:45:55.0009 0x1570  [ C37F4930795B771400C63C3C87E7A6C2, 0D0F54184B2DAA45F646E4F69B85C4411E8DFA88EB4763BB0F386055A420F217 ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys
17:45:55.0037 0x1570  BTHPORT - ok
17:45:55.0060 0x1570  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\WINDOWS\system32\bthserv.dll
17:45:55.0063 0x1570  bthserv - ok
17:45:55.0096 0x1570  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
17:45:55.0098 0x1570  BTHUSB - ok
17:45:55.0243 0x1570  [ FECA9F830A5C6BAB9978E6781A26AE2B, CA1681A2F4FA849815B8E823805E078DB9C050CEE86E9E394B2A37B57CC474A6 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
17:45:55.0271 0x1570  c2cautoupdatesvc - ok
17:45:55.0336 0x1570  [ 5B33709F7FE59BB625F113EED86AFC5C, 8D29FE242D55526FDEB2CB4009B5DE19C93972E872BE6328AD3305E360A3D44B ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
17:45:55.0371 0x1570  c2cpnrsvc - ok
17:45:55.0407 0x1570  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
17:45:55.0409 0x1570  cdfs - ok
17:45:55.0427 0x1570  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
17:45:55.0430 0x1570  cdrom - ok
17:45:55.0463 0x1570  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
17:45:55.0468 0x1570  CertPropSvc - ok
17:45:55.0492 0x1570  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
17:45:55.0493 0x1570  circlass - ok
17:45:55.0523 0x1570  [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
17:45:55.0534 0x1570  CLFS - ok
17:45:55.0657 0x1570  [ 7E526C5B4DD233EBCF1EA3EC211E2913, 9DC99F18454001AF5462C773C174E2D6E503316550C7E9D7824E9CBC503FCA3B ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
17:45:55.0705 0x1570  ClickToRunSvc - ok
17:45:55.0754 0x1570  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
17:45:55.0755 0x1570  CmBatt - ok
17:45:55.0786 0x1570  [ 114AAF528D3D87D306F3682E618E8091, A030AC04AF042F8F4BB95A9CE2B442D31432C4EEE60502279F169B0FA2E52AAB ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
17:45:55.0799 0x1570  CNG - ok
17:45:55.0815 0x1570  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
17:45:55.0817 0x1570  CompositeBus - ok
17:45:55.0821 0x1570  COMSysApp - ok
17:45:55.0837 0x1570  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
17:45:55.0838 0x1570  condrv - ok
17:45:55.0928 0x1570  [ D8724B606616B2B75AF54096119580F5, 53E1DEF9F966FDE5898759A33FB62B5062A941E97B235D6F6EF79A5AD1283BDE ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
17:45:55.0935 0x1570  cphs - ok
17:45:55.0985 0x1570  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
17:45:55.0993 0x1570  CryptSvc - ok
17:45:56.0030 0x1570  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
17:45:56.0034 0x1570  dam - ok
17:45:56.0073 0x1570  [ D06E443457FADC6B1AFAF3AA4B6936F6, 109B4D05E156604AFB3D63B380CC063B900AEB12F57A1D235B9F9399EE0909C7 ] dc3d            C:\WINDOWS\System32\drivers\dc3d.sys
17:45:56.0076 0x1570  dc3d - ok
17:45:56.0147 0x1570  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
17:45:56.0169 0x1570  DcomLaunch - ok
17:45:56.0207 0x1570  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
17:45:56.0218 0x1570  defragsvc - ok
17:45:56.0263 0x1570  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
17:45:56.0273 0x1570  DeviceAssociationService - ok
17:45:56.0288 0x1570  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
17:45:56.0295 0x1570  DeviceInstall - ok
17:45:56.0329 0x1570  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
17:45:56.0332 0x1570  Dfsc - ok
17:45:56.0359 0x1570  [ 30710AEFCE721CEEE0F35EB6A01C263C, FB062EC86474D38BBC38E11E2618A9505001C287430B495C482977BBE58017C8 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
17:45:56.0362 0x1570  dg_ssudbus - ok
17:45:56.0383 0x1570  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
17:45:56.0392 0x1570  Dhcp - ok
17:45:56.0413 0x1570  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
17:45:56.0416 0x1570  disk - ok
17:45:56.0428 0x1570  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
17:45:56.0430 0x1570  dmvsc - ok
17:45:56.0457 0x1570  [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
17:45:56.0464 0x1570  Dnscache - ok
17:45:56.0517 0x1570  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
17:45:56.0524 0x1570  dot3svc - ok
17:45:56.0564 0x1570  [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4            C:\WINDOWS\system32\DRIVERS\Dot4.sys
17:45:56.0568 0x1570  dot4 - ok
17:45:56.0580 0x1570  [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print       C:\WINDOWS\System32\drivers\Dot4Prt.sys
17:45:56.0582 0x1570  Dot4Print - ok
17:45:56.0588 0x1570  [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb         C:\WINDOWS\system32\DRIVERS\dot4usb.sys
17:45:56.0590 0x1570  dot4usb - ok
17:45:56.0630 0x1570  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\WINDOWS\system32\dps.dll
17:45:56.0636 0x1570  DPS - ok
17:45:56.0676 0x1570  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
17:45:56.0677 0x1570  drmkaud - ok
17:45:56.0726 0x1570  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
17:45:56.0731 0x1570  DsmSvc - ok
17:45:56.0812 0x1570  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
17:45:56.0845 0x1570  DXGKrnl - ok
17:45:56.0880 0x1570  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
17:45:56.0883 0x1570  Eaphost - ok
17:45:56.0998 0x1570  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
17:45:57.0066 0x1570  ebdrv - ok
17:45:57.0097 0x1570  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\WINDOWS\System32\lsass.exe
17:45:57.0101 0x1570  EFS - ok
17:45:57.0137 0x1570  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
17:45:57.0139 0x1570  EhStorClass - ok
17:45:57.0156 0x1570  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
17:45:57.0159 0x1570  EhStorTcgDrv - ok
17:45:57.0183 0x1570  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
17:45:57.0184 0x1570  ErrDev - ok
17:45:57.0234 0x1570  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\WINDOWS\system32\es.dll
17:45:57.0247 0x1570  EventSystem - ok
17:45:57.0274 0x1570  [ 86F7951BBCEE4A86E79A97306BD14318, 84B52A0392DA53ED71A2C4D483DD93DDF552BF8AC764C7BD47BE0EB58C7C8219 ] ew_hwusbdev     C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys
17:45:57.0277 0x1570  ew_hwusbdev - ok
17:45:57.0304 0x1570  [ 55E0EDA185869F7EA67EA97FD0655B39, D4A51E383102AA48F022EFCA08FAC389336A22C1DF60E17815117EFA60716964 ] ew_usbenumfilter C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys
17:45:57.0305 0x1570  ew_usbenumfilter - ok
17:45:57.0332 0x1570  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
17:45:57.0337 0x1570  exfat - ok
17:45:57.0346 0x1570  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
17:45:57.0350 0x1570  fastfat - ok
17:45:57.0408 0x1570  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\WINDOWS\system32\fxssvc.exe
17:45:57.0422 0x1570  Fax - ok
17:45:57.0443 0x1570  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
17:45:57.0445 0x1570  fdc - ok
17:45:57.0472 0x1570  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
17:45:57.0475 0x1570  fdPHost - ok
17:45:57.0494 0x1570  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
17:45:57.0497 0x1570  FDResPub - ok
17:45:57.0515 0x1570  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
17:45:57.0519 0x1570  fhsvc - ok
17:45:57.0554 0x1570  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
17:45:57.0557 0x1570  FileInfo - ok
17:45:57.0576 0x1570  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
17:45:57.0577 0x1570  Filetrace - ok
17:45:57.0594 0x1570  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
17:45:57.0596 0x1570  flpydisk - ok
17:45:57.0617 0x1570  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
17:45:57.0626 0x1570  FltMgr - ok
17:45:57.0723 0x1570  [ 7269C9013FCFA3C6E70F03E2630DBFC3, AAB282B4444CC17D197974D05063C7C97E5202E604681DD2DC3BCF0AE77D6057 ] FontCache       C:\WINDOWS\system32\FntCache.dll
17:45:57.0754 0x1570  FontCache - ok
17:45:57.0855 0x1570  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:45:57.0857 0x1570  FontCache3.0.0.0 - ok
17:45:57.0873 0x1570  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
17:45:57.0875 0x1570  FsDepends - ok
17:45:57.0888 0x1570  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:45:57.0890 0x1570  Fs_Rec - ok
17:45:57.0937 0x1570  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
17:45:57.0948 0x1570  fvevol - ok
17:45:57.0974 0x1570  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
17:45:57.0975 0x1570  FxPPM - ok
17:45:57.0996 0x1570  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
17:45:57.0998 0x1570  gagp30kx - ok
17:45:58.0035 0x1570  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
17:45:58.0036 0x1570  gencounter - ok
17:45:58.0150 0x1570  [ 9162ECA694162A77679950CF2E27D3C1, 7EADEDE34A8E7458D2DDEE294D0789E9FD1EE822AB627D7E4ECAEDDD5D3EE81D ] GFNEXSrv        C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
17:45:58.0168 0x1570  GFNEXSrv - ok
17:45:58.0210 0x1570  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
17:45:58.0214 0x1570  GPIOClx0101 - ok
17:45:58.0277 0x1570  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
17:45:58.0308 0x1570  gpsvc - ok
17:45:58.0334 0x1570  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
17:45:58.0342 0x1570  HdAudAddService - ok
17:45:58.0357 0x1570  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
17:45:58.0361 0x1570  HDAudBus - ok
17:45:58.0387 0x1570  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
17:45:58.0389 0x1570  HidBatt - ok
17:45:58.0458 0x1570  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
17:45:58.0461 0x1570  HidBth - ok
17:45:58.0494 0x1570  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
17:45:58.0495 0x1570  hidi2c - ok
17:45:58.0500 0x1570  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
17:45:58.0501 0x1570  HidIr - ok
17:45:58.0530 0x1570  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\WINDOWS\system32\hidserv.dll
17:45:58.0533 0x1570  hidserv - ok
17:45:58.0547 0x1570  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
17:45:58.0549 0x1570  HidUsb - ok
17:45:58.0587 0x1570  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
17:45:58.0593 0x1570  hkmsvc - ok
17:45:58.0633 0x1570  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
17:45:58.0640 0x1570  HomeGroupListener - ok
17:45:58.0682 0x1570  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
17:45:58.0694 0x1570  HomeGroupProvider - ok
17:45:58.0793 0x1570  [ 0D0213498683414DDE29B1686A4C08D5, E9B64406C04B6E55CBD17E7C47B023CEA11FEE07B791154129D6F4F29D15AB7F ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:45:58.0800 0x1570  hpqcxs08 - ok
17:45:58.0837 0x1570  [ EE281DD6843F3F697C1AD7933EEB1E9B, 1ECE31C2150B92DDC1DCBBCECFE3E979F2C60B3F106280E3167BEC0269BF7A41 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:45:58.0840 0x1570  hpqddsvc - ok
17:45:58.0863 0x1570  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
17:45:58.0864 0x1570  HpSAMD - ok
17:45:58.0905 0x1570  [ C995EA1C6915D897E06D41AF95B9312C, 65DE6599F1C735BBDCCE4728F7F98167BCA0BF1B8D4218BBF7546B025C9A38BD ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
17:45:58.0925 0x1570  HPSLPSVC - ok
17:45:58.0982 0x1570  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
17:45:59.0000 0x1570  HTTP - ok
17:45:59.0036 0x1570  [ 8F3C72B2B005BB9AF90D645EDDF818B8, 37D861D8848CA75B14F647A3FFF80E132E0DCD4709FE3A6E16EB99A5DCDBF5B4 ] huawei_cdcacm   C:\WINDOWS\system32\DRIVERS\ew_jucdcacm.sys
17:45:59.0038 0x1570  huawei_cdcacm - ok
17:45:59.0054 0x1570  [ DDBB283835010E52E88AAC6995B617D7, 00BDD20B4C8DAEB1FCF545E453A09B473F19A99D1368DF8F63F0FA549766E466 ] huawei_enumerator C:\WINDOWS\System32\drivers\ew_jubusenum.sys
17:45:59.0056 0x1570  huawei_enumerator - ok
17:45:59.0067 0x1570  [ 83D6CD158B6D543BD6C61D5FA6063E93, 01C3402A96EF9EBDE81A26CB2DA4268E594693426A894A4D53F6284220B2C7F5 ] huawei_ext_ctrl C:\WINDOWS\System32\drivers\ew_juextctrl.sys
17:45:59.0068 0x1570  huawei_ext_ctrl - ok
17:45:59.0090 0x1570  [ F0A1A00F44FBAB86A3607A7002620915, 7BC6578A06EE255E4CBC3C937D64EF3F4BEE2DB7700A73F5F59423FA2AE5B56F ] huawei_wwanecm  C:\WINDOWS\system32\DRIVERS\ew_juwwanecm.sys
17:45:59.0094 0x1570  huawei_wwanecm - ok
17:45:59.0117 0x1570  [ 24FA6177FE55C4BC045EC87E39F90688, 14B6EF152CE5293BB549A8FA069BEBC34C8C6B9796A6AA94B0AB6ADBEC3819C1 ] hwdatacard      C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
17:45:59.0122 0x1570  hwdatacard - ok
17:45:59.0151 0x1570  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
17:45:59.0152 0x1570  hwpolicy - ok
17:45:59.0187 0x1570  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
17:45:59.0187 0x1570  hyperkbd - ok
17:45:59.0192 0x1570  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
17:45:59.0193 0x1570  HyperVideo - ok
17:45:59.0217 0x1570  [ D887446F3F6051C60C26F4FD1FC8D43F, A3235C64E9D5378E3409FA7CDD9DB0DD1B3CE6A6EB018F2C40558EB9C427A498 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
17:45:59.0220 0x1570  i8042prt - ok
17:45:59.0247 0x1570  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
17:45:59.0248 0x1570  iaLPSSi_GPIO - ok
17:45:59.0258 0x1570  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
17:45:59.0261 0x1570  iaLPSSi_I2C - ok
17:45:59.0325 0x1570  [ 6C91E425ACE29594BD574DE38AC9B76D, 697784E4C7AF08B1F35662D8AD871E6890CECE22B6E64985B7C1A66C10DA390D ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
17:45:59.0349 0x1570  iaStorA - ok
17:45:59.0397 0x1570  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
17:45:59.0411 0x1570  iaStorAV - ok
17:45:59.0497 0x1570  [ 0AB254994A460550258446950BB58311, BD10811912680DD3B814B7D1303785C996D892C79108110A2257E9BD0C28245C ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:45:59.0499 0x1570  IAStorDataMgrSvc - ok
17:45:59.0522 0x1570  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
17:45:59.0533 0x1570  iaStorV - ok
17:45:59.0538 0x1570  IEEtwCollectorService - ok
17:45:59.0698 0x1570  [ 076023219E918D34585B231029A44571, C2AB0DE0D80D0BC6595C9F9655A890531E7952599714DC03B4ECB46947D833A8 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
17:45:59.0768 0x1570  igfx - ok
17:45:59.0815 0x1570  [ C814D4A0B7B91E936B2DC0828C69ACAB, A19B503CB3C598474C61DA6F1AC087CCF287F7523D2F932B21EF21E7CA1809B1 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
17:45:59.0827 0x1570  igfxCUIService1.0.0.0 - ok
17:45:59.0892 0x1570  [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
17:45:59.0913 0x1570  IKEEXT - ok
17:45:59.0951 0x1570  [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
17:45:59.0953 0x1570  intaud_WaveExtensible - ok
17:46:00.0133 0x1570  [ 900A45658DCB6BAE1003764991BB5FAB, 125D048024946C13643E8D6E719687F31CD0EB10591C5AFA1AE0FD9EB7216816 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
17:46:00.0209 0x1570  IntcAzAudAddService - ok
17:46:00.0324 0x1570  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:46:00.0340 0x1570  Intel(R) Capability Licensing Service Interface - ok
17:46:00.0381 0x1570  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
17:46:00.0383 0x1570  intelide - ok
17:46:00.0418 0x1570  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
17:46:00.0420 0x1570  intelpep - ok
17:46:00.0434 0x1570  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
17:46:00.0437 0x1570  intelppm - ok
17:46:00.0468 0x1570  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:46:00.0470 0x1570  IpFilterDriver - ok
17:46:00.0541 0x1570  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
17:46:00.0566 0x1570  iphlpsvc - ok
17:46:00.0597 0x1570  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
17:46:00.0599 0x1570  IPMIDRV - ok
17:46:00.0607 0x1570  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
17:46:00.0610 0x1570  IPNAT - ok
17:46:00.0637 0x1570  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
17:46:00.0638 0x1570  IRENUM - ok
17:46:00.0672 0x1570  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
17:46:00.0674 0x1570  isapnp - ok
17:46:00.0702 0x1570  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
17:46:00.0708 0x1570  iScsiPrt - ok
17:46:00.0737 0x1570  [ 492F2DF02CD817CE8D544F96097BD77A, 6EF37BD62A49C9F55845A56498A93A26C109BEC2EBCB65A49908BECEC6FC6371 ] IT9135BDA       C:\WINDOWS\System32\Drivers\IT9135BDA.sys
17:46:00.0742 0x1570  IT9135BDA - ok
17:46:00.0771 0x1570  [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
17:46:00.0772 0x1570  iwdbus - ok
17:46:00.0834 0x1570  [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
17:46:00.0838 0x1570  jhi_service - ok
17:46:00.0852 0x1570  [ A1D4D34A56DF1D5122CDB265038A2E72, AE061BA1A65C98AF875FA18878B014B57E33594D4AC4C39B050AA532E2220F83 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
17:46:00.0855 0x1570  kbdclass - ok
17:46:00.0866 0x1570  [ 4A34D7084B862A92F3ABC4969166B3D3, 87B2635873DA4DD06D9E3B8E4313CBDBDC1488E4E340EC2101393EC65823771F ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
17:46:00.0868 0x1570  kbdhid - ok
17:46:00.0878 0x1570  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
17:46:00.0880 0x1570  kdnic - ok
17:46:00.0892 0x1570  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\WINDOWS\system32\lsass.exe
17:46:00.0897 0x1570  KeyIso - ok
17:46:00.0904 0x1570  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
17:46:00.0907 0x1570  KSecDD - ok
17:46:00.0930 0x1570  [ CA3F19E4B0765135B0F3C99384C535B9, 16441986C4E91F272E5876121272366476DB0496117C5AB4FBC82B07A06C0EC0 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
17:46:00.0934 0x1570  KSecPkg - ok
17:46:00.0952 0x1570  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
17:46:00.0954 0x1570  ksthunk - ok
17:46:01.0005 0x1570  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
17:46:01.0016 0x1570  KtmRm - ok
17:46:01.0058 0x1570  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
17:46:01.0068 0x1570  LanmanServer - ok
17:46:01.0099 0x1570  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
17:46:01.0110 0x1570  LanmanWorkstation - ok
17:46:01.0148 0x1570  [ 2B7479EB47731A8ACBA28AF4C4BDA32D, 67AEB98E7B41337FEFD92CC81BFAD25FBB679998B318C110A4873B1AD8927A97 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
17:46:01.0162 0x1570  lfsvc - ok
17:46:01.0186 0x1570  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
17:46:01.0189 0x1570  lltdio - ok
17:46:01.0238 0x1570  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
17:46:01.0246 0x1570  lltdsvc - ok
17:46:01.0272 0x1570  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
17:46:01.0276 0x1570  lmhosts - ok
17:46:01.0313 0x1570  [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:46:01.0319 0x1570  LMS - ok
17:46:01.0351 0x1570  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
17:46:01.0354 0x1570  LSI_SAS - ok
17:46:01.0362 0x1570  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
17:46:01.0365 0x1570  LSI_SAS2 - ok
17:46:01.0383 0x1570  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
17:46:01.0386 0x1570  LSI_SAS3 - ok
17:46:01.0399 0x1570  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
17:46:01.0402 0x1570  LSI_SSS - ok
17:46:01.0440 0x1570  [ 9B231CD3E52DF29EE50086FF676D3D6F, A47449CA6C88FE089A6953D05FA33A55A55E0306335A7A102A4CD75429FF0515 ] LSM             C:\WINDOWS\System32\lsm.dll
17:46:01.0459 0x1570  LSM - ok
17:46:01.0491 0x1570  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
17:46:01.0495 0x1570  luafv - ok
17:46:01.0516 0x1570  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
17:46:01.0518 0x1570  megasas - ok
17:46:01.0568 0x1570  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
17:46:01.0579 0x1570  megasr - ok
17:46:01.0618 0x1570  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
17:46:01.0620 0x1570  MEIx64 - ok
17:46:01.0655 0x1570  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\WINDOWS\system32\mmcss.dll
17:46:01.0660 0x1570  MMCSS - ok
17:46:01.0674 0x1570  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
17:46:01.0676 0x1570  Modem - ok
17:46:01.0693 0x1570  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
17:46:01.0694 0x1570  monitor - ok
17:46:01.0708 0x1570  [ 2A2F8D5284E59815169A88F1FC9CEE28, 58EFBCF3C849FD088CFB7FE287FC7D9DD7E03D4E6AA98F0497C09E4596E42538 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
17:46:01.0710 0x1570  mouclass - ok
17:46:01.0714 0x1570  [ 91223A2AE2955B3E0DA3DB79C3A897A6, 32B59CF1586C2300D60AF8A1D819515033ACC7F7A1F3523FC4AC7725E29B5A90 ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
17:46:01.0716 0x1570  mouhid - ok
17:46:01.0728 0x1570  [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
17:46:01.0731 0x1570  mountmgr - ok
17:46:01.0767 0x1570  [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:46:01.0770 0x1570  MozillaMaintenance - ok
17:46:01.0776 0x1570  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
17:46:01.0778 0x1570  mpsdrv - ok
17:46:01.0840 0x1570  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
17:46:01.0861 0x1570  MpsSvc - ok
17:46:01.0892 0x1570  [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
17:46:01.0896 0x1570  MRxDAV - ok
17:46:01.0925 0x1570  [ 31233271EDE50D1BBB220F78AFA60486, 2122FAB5BD353DF63CF0FE9CEDBD5DFD1F26F2DE04303E1B3FFB03AA02AECED9 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:46:01.0934 0x1570  mrxsmb - ok
17:46:01.0946 0x1570  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
17:46:01.0952 0x1570  mrxsmb10 - ok
17:46:01.0964 0x1570  [ 6276AC2AA203CF47811F6EFBBD214FBF, AE55D87D863A626347B0074F4E962080F1989A94153DAF8475593249F616DA2F ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
17:46:01.0970 0x1570  mrxsmb20 - ok
17:46:02.0013 0x1570  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
17:46:02.0016 0x1570  MsBridge - ok
17:46:02.0063 0x1570  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
17:46:02.0069 0x1570  MSDTC - ok
17:46:02.0094 0x1570  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
17:46:02.0095 0x1570  Msfs - ok
17:46:02.0114 0x1570  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
17:46:02.0116 0x1570  msgpiowin32 - ok
17:46:02.0139 0x1570  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
17:46:02.0141 0x1570  mshidkmdf - ok
17:46:02.0147 0x1570  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
17:46:02.0149 0x1570  mshidumdf - ok
17:46:02.0179 0x1570  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
17:46:02.0181 0x1570  msisadrv - ok
17:46:02.0218 0x1570  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
17:46:02.0224 0x1570  MSiSCSI - ok
17:46:02.0228 0x1570  msiserver - ok
17:46:02.0239 0x1570  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:46:02.0241 0x1570  MSKSSRV - ok
17:46:02.0259 0x1570  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
17:46:02.0261 0x1570  MsLldp - ok
17:46:02.0292 0x1570  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:46:02.0293 0x1570  MSPCLOCK - ok
17:46:02.0316 0x1570  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
17:46:02.0317 0x1570  MSPQM - ok
17:46:02.0346 0x1570  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
17:46:02.0355 0x1570  MsRPC - ok
17:46:02.0369 0x1570  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
17:46:02.0371 0x1570  mssmbios - ok
17:46:02.0384 0x1570  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
17:46:02.0385 0x1570  MSTEE - ok
17:46:02.0405 0x1570  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
17:46:02.0406 0x1570  MTConfig - ok
17:46:02.0414 0x1570  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
17:46:02.0416 0x1570  Mup - ok
17:46:02.0433 0x1570  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
17:46:02.0436 0x1570  mvumis - ok
17:46:02.0510 0x1570  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\WINDOWS\system32\qagentRT.dll
17:46:02.0523 0x1570  napagent - ok
17:46:02.0570 0x1570  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
17:46:02.0579 0x1570  NativeWifiP - ok
17:46:02.0607 0x1570  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
17:46:02.0613 0x1570  NcaSvc - ok
17:46:02.0627 0x1570  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\WINDOWS\System32\ncbservice.dll
17:46:02.0633 0x1570  NcbService - ok
17:46:02.0654 0x1570  [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
17:46:02.0659 0x1570  NcdAutoSetup - ok
17:46:02.0713 0x1570  [ 21FE65E2E67C4E31EE95CBD1F91C4B24, 6558F2BC10E6B09F7EE5264722FCF572B861EDB60A1433B58A4F4625EC0ABF63 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
17:46:02.0737 0x1570  NDIS - ok
17:46:02.0780 0x1570  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
17:46:02.0782 0x1570  NdisCap - ok
17:46:02.0790 0x1570  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
17:46:02.0793 0x1570  NdisImPlatform - ok
17:46:02.0829 0x1570  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:46:02.0830 0x1570  NdisTapi - ok
17:46:02.0848 0x1570  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:46:02.0850 0x1570  Ndisuio - ok
17:46:02.0865 0x1570  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
17:46:02.0867 0x1570  NdisVirtualBus - ok
17:46:02.0894 0x1570  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:46:02.0899 0x1570  NdisWan - ok
17:46:02.0908 0x1570  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:46:02.0912 0x1570  NdisWanLegacy - ok
17:46:02.0918 0x1570  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
17:46:02.0920 0x1570  NDProxy - ok
17:46:02.0942 0x1570  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
17:46:02.0945 0x1570  Ndu - ok
17:46:02.0969 0x1570  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
17:46:02.0973 0x1570  Net Driver HPZ12 - ok
17:46:02.0992 0x1570  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
17:46:02.0994 0x1570  NetBIOS - ok
17:46:03.0027 0x1570  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
17:46:03.0034 0x1570  NetBT - ok
17:46:03.0055 0x1570  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\WINDOWS\system32\lsass.exe
17:46:03.0060 0x1570  Netlogon - ok
17:46:03.0099 0x1570  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\WINDOWS\System32\netman.dll
17:46:03.0108 0x1570  Netman - ok
17:46:03.0157 0x1570  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
17:46:03.0172 0x1570  netprofm - ok
17:46:03.0219 0x1570  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:46:03.0223 0x1570  NetTcpPortSharing - ok
17:46:03.0259 0x1570  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\WINDOWS\System32\drivers\netvsc63.sys
17:46:03.0262 0x1570  netvsc - ok
17:46:03.0393 0x1570  [ 3483D44E1B24F17E622870801403AD13, EF9C5290777A4E277D47C87A174FF9441BE23CAD2F456D35B808463041F4675C ] NETwNe64        C:\WINDOWS\system32\DRIVERS\NETwew00.sys
17:46:03.0461 0x1570  NETwNe64 - ok
17:46:03.0508 0x1570  [ 3A4DD90CD5BCB607007BFFE8B9A2C761, 529353DB418B8C5B352A8530C465D5DA196B3DF16F22DA36874990BF11B24C9C ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
17:46:03.0518 0x1570  NlaSvc - ok
17:46:03.0532 0x1570  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
17:46:03.0534 0x1570  Npfs - ok
17:46:03.0548 0x1570  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
17:46:03.0550 0x1570  npsvctrig - ok
17:46:03.0571 0x1570  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\WINDOWS\system32\nsisvc.dll
17:46:03.0574 0x1570  nsi - ok
17:46:03.0585 0x1570  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
17:46:03.0587 0x1570  nsiproxy - ok
17:46:03.0671 0x1570  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
17:46:03.0717 0x1570  Ntfs - ok
17:46:03.0737 0x1570  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
17:46:03.0738 0x1570  Null - ok
17:46:04.0131 0x1570  [ E71E299FF15390E585BACF2C18F55078, 7A51D989DA55349B1761839DEAFD593B6E6F88C433B132E7B027467E050FBA67 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
17:46:04.0359 0x1570  nvlddmkm - ok
17:46:04.0395 0x1570  [ FCC3A3F875C8CF258F71BE2F2CAA2355, BD174C47329F0A15D821E51997E4CDAA68FB9BFD72A89A2F2A85A8603625EB18 ] nvpciflt        C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
17:46:04.0396 0x1570  nvpciflt - ok
17:46:04.0438 0x1570  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
17:46:04.0441 0x1570  nvraid - ok
17:46:04.0456 0x1570  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
17:46:04.0460 0x1570  nvstor - ok
17:46:04.0518 0x1570  [ 415695F5A54E91E869EEBFEA261361A6, 1829C15E07D902686171C8A66EB03040A037CAC1E00E24BF598030D9DA795CEC ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
17:46:04.0544 0x1570  nvsvc - ok
17:46:04.0634 0x1570  [ AA130938A27BB80A8B6438EF83232275, 7C5A4863CD22413723C9F7658855E34088A2F89DF740531ED7986F67A30935E0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:46:04.0660 0x1570  nvUpdatusService - ok
17:46:04.0695 0x1570  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
17:46:04.0697 0x1570  nv_agp - ok
17:46:04.0758 0x1570  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:46:04.0762 0x1570  ose - ok
17:46:04.0800 0x1570  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
17:46:04.0810 0x1570  p2pimsvc - ok
17:46:04.0844 0x1570  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
17:46:04.0856 0x1570  p2psvc - ok
17:46:04.0881 0x1570  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
17:46:04.0884 0x1570  Parport - ok
17:46:04.0908 0x1570  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
17:46:04.0910 0x1570  partmgr - ok
17:46:04.0954 0x1570  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
17:46:04.0967 0x1570  PcaSvc - ok
17:46:04.0990 0x1570  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
17:46:04.0995 0x1570  pci - ok
17:46:05.0021 0x1570  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
17:46:05.0023 0x1570  pciide - ok
17:46:05.0066 0x1570  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
17:46:05.0069 0x1570  pcmcia - ok
17:46:05.0074 0x1570  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
17:46:05.0075 0x1570  pcw - ok
17:46:05.0081 0x1570  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
17:46:05.0083 0x1570  pdc - ok
17:46:05.0131 0x1570  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
17:46:05.0144 0x1570  PEAUTH - ok
17:46:05.0175 0x1570  [ EE926C59CBD4DC4DC9FBB85014A2F1A5, 777459BD30A480E03EA5D0BBA431C2CD573403687FAA0B29F172086A0304E230 ] PEGAGFN         C:\Program Files (x86)\PHotkey\PEGAGFN.sys
17:46:05.0176 0x1570  PEGAGFN - ok
17:46:05.0258 0x1570  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
17:46:05.0261 0x1570  PerfHost - ok
17:46:05.0360 0x1570  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\WINDOWS\system32\pla.dll
17:46:05.0396 0x1570  pla - ok
17:46:05.0429 0x1570  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
17:46:05.0436 0x1570  PlugPlay - ok
17:46:05.0474 0x1570  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
17:46:05.0478 0x1570  Pml Driver HPZ12 - ok
17:46:05.0511 0x1570  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
17:46:05.0515 0x1570  PNRPAutoReg - ok
17:46:05.0556 0x1570  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
17:46:05.0567 0x1570  PNRPsvc - ok
17:46:05.0601 0x1570  [ E4799B87675C59AA1F620DE5C6F113BB, 094EE16D4CEC68DB316002994482344A6BFCFDE399131F7FA11BB46C2DCBF218 ] Point64         C:\WINDOWS\System32\drivers\point64.sys
17:46:05.0603 0x1570  Point64 - ok
17:46:05.0650 0x1570  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
17:46:05.0660 0x1570  PolicyAgent - ok
17:46:05.0683 0x1570  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\WINDOWS\system32\umpo.dll
17:46:05.0690 0x1570  Power - ok
17:46:05.0855 0x1570  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
17:46:05.0909 0x1570  PrintNotify - ok
17:46:05.0970 0x1570  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
17:46:05.0972 0x1570  Processor - ok
17:46:06.0008 0x1570  [ DEE538B5AF5D1F67C4F9415DE37A8EE2, A3173FD1D0E6D9AADF8269EF275C34F2A2A20A78C337ED8CC2DDC243356C65BD ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
17:46:06.0017 0x1570  ProfSvc - ok
17:46:06.0051 0x1570  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
17:46:06.0055 0x1570  Psched - ok
17:46:06.0103 0x1570  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\WINDOWS\system32\qwave.dll
17:46:06.0111 0x1570  QWAVE - ok
17:46:06.0124 0x1570  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
17:46:06.0125 0x1570  QWAVEdrv - ok
17:46:06.0147 0x1570  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:46:06.0148 0x1570  RasAcd - ok
17:46:06.0162 0x1570  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
17:46:06.0169 0x1570  RasAuto - ok
17:46:06.0210 0x1570  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\WINDOWS\System32\rasmans.dll
17:46:06.0227 0x1570  RasMan - ok
17:46:06.0249 0x1570  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:46:06.0252 0x1570  RasPppoe - ok
17:46:06.0283 0x1570  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:46:06.0292 0x1570  rdbss - ok
17:46:06.0306 0x1570  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
17:46:06.0307 0x1570  rdpbus - ok
17:46:06.0315 0x1570  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
17:46:06.0320 0x1570  RDPDR - ok
17:46:06.0340 0x1570  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
17:46:06.0341 0x1570  RdpVideoMiniport - ok
17:46:06.0361 0x1570  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
17:46:06.0367 0x1570  rdyboost - ok
17:46:06.0434 0x1570  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
17:46:06.0455 0x1570  ReFS - ok
17:46:06.0509 0x1570  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
17:46:06.0516 0x1570  RemoteAccess - ok
17:46:06.0563 0x1570  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
17:46:06.0570 0x1570  RemoteRegistry - ok
17:46:06.0579 0x1570  [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys
17:46:06.0582 0x1570  RFCOMM - ok
17:46:06.0618 0x1570  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
17:46:06.0624 0x1570  RpcEptMapper - ok
17:46:06.0657 0x1570  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\WINDOWS\system32\locator.exe
17:46:06.0660 0x1570  RpcLocator - ok
17:46:06.0705 0x1570  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
17:46:06.0725 0x1570  RpcSs - ok
17:46:06.0753 0x1570  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
17:46:06.0756 0x1570  rspndr - ok
17:46:06.0789 0x1570  [ 0E32A8922DCFD28EA00AAEC07CB3F331, 27F329C6A66DB01C291E1EDCEB7781A05658520B12FF8ECD1FBD3B86EF78DF30 ] RSUSBSTOR       C:\WINDOWS\System32\Drivers\RtsUStor.sys
17:46:06.0795 0x1570  RSUSBSTOR - ok
17:46:06.0851 0x1570  [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
17:46:06.0866 0x1570  RTL8168 - ok
17:46:06.0898 0x1570  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
17:46:06.0900 0x1570  s3cap - ok
17:46:06.0937 0x1570  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\WINDOWS\system32\lsass.exe
17:46:06.0941 0x1570  SamSs - ok
17:46:06.0990 0x1570  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
17:46:06.0993 0x1570  sbp2port - ok
17:46:07.0045 0x1570  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
17:46:07.0052 0x1570  SCardSvr - ok
17:46:07.0103 0x1570  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
17:46:07.0109 0x1570  ScDeviceEnum - ok
17:46:07.0144 0x1570  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
17:46:07.0146 0x1570  scfilter - ok
17:46:07.0213 0x1570  [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
17:46:07.0241 0x1570  Schedule - ok
17:46:07.0277 0x1570  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
17:46:07.0281 0x1570  SCPolicySvc - ok
17:46:07.0365 0x1570  [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
17:46:07.0370 0x1570  sdbus - ok
17:46:07.0390 0x1570  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
17:46:07.0392 0x1570  sdstor - ok
17:46:07.0417 0x1570  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
17:46:07.0418 0x1570  secdrv - ok
17:46:07.0459 0x1570  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\WINDOWS\system32\seclogon.dll
17:46:07.0464 0x1570  seclogon - ok
17:46:07.0487 0x1570  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\WINDOWS\System32\sens.dll
17:46:07.0493 0x1570  SENS - ok
17:46:07.0558 0x1570  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
17:46:07.0567 0x1570  SensrSvc - ok
17:46:07.0596 0x1570  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
17:46:07.0598 0x1570  SerCx - ok
17:46:07.0646 0x1570  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
17:46:07.0650 0x1570  SerCx2 - ok
17:46:07.0696 0x1570  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
17:46:07.0698 0x1570  Serenum - ok
17:46:07.0787 0x1570  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
17:46:07.0791 0x1570  Serial - ok
17:46:07.0830 0x1570  [ 96B01F117057FB4DAE0FF919ACB55770, D0F58F1CAE4F81D60FCE60BB0065A34B4F897E8105DF17B6DAA334938CD25A56 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
17:46:07.0832 0x1570  sermouse - ok
17:46:07.0896 0x1570  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
17:46:07.0907 0x1570  SessionEnv - ok
17:46:07.0912 0x1570  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
17:46:07.0914 0x1570  sfloppy - ok
17:46:07.0971 0x1570  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
17:46:07.0981 0x1570  SharedAccess - ok
17:46:08.0026 0x1570  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:46:08.0042 0x1570  ShellHWDetection - ok
17:46:08.0078 0x1570  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
17:46:08.0080 0x1570  SiSRaid2 - ok
17:46:08.0104 0x1570  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
17:46:08.0106 0x1570  SiSRaid4 - ok
17:46:08.0198 0x1570  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
17:46:08.0204 0x1570  SkypeUpdate - ok
17:46:08.0242 0x1570  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\WINDOWS\System32\smphost.dll
17:46:08.0246 0x1570  smphost - ok
17:46:08.0287 0x1570  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
17:46:08.0292 0x1570  SNMPTRAP - ok
17:46:08.0323 0x1570  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
17:46:08.0332 0x1570  spaceport - ok
17:46:08.0338 0x1570  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
17:46:08.0340 0x1570  SpbCx - ok
17:46:08.0398 0x1570  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
17:46:08.0417 0x1570  Spooler - ok
17:46:08.0632 0x1570  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
17:46:08.0766 0x1570  sppsvc - ok
17:46:08.0831 0x1570  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
17:46:08.0839 0x1570  srv - ok
17:46:08.0869 0x1570  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
17:46:08.0882 0x1570  srv2 - ok
17:46:08.0897 0x1570  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
17:46:08.0903 0x1570  srvnet - ok
17:46:08.0949 0x1570  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
17:46:08.0957 0x1570  SSDPSRV - ok
17:46:08.0990 0x1570  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
17:46:08.0997 0x1570  SstpSvc - ok
17:46:09.0029 0x1570  [ 91310683D7B6B292B746D60734B59322, 2C56C3E4AA7356FB544B52F80ABDA39A80473390CB2059C69BDCCAD40FE56325 ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
17:46:09.0033 0x1570  ssudmdm - ok
17:46:09.0096 0x1570  [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
17:46:09.0110 0x1570  ss_conn_service - ok
17:46:09.0196 0x1570  [ A9D26626BEADF5A0641BF6B5095EF309, EABC711466FECA20058D7E24CA2593059E1F113B38A2E7574822E48BFBBF4146 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:46:09.0204 0x1570  Stereo Service - ok
17:46:09.0232 0x1570  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
17:46:09.0234 0x1570  stexstor - ok
17:46:09.0313 0x1570  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
17:46:09.0339 0x1570  stisvc - ok
17:46:09.0368 0x1570  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
17:46:09.0371 0x1570  storahci - ok
17:46:09.0406 0x1570  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
17:46:09.0408 0x1570  storflt - ok
17:46:09.0424 0x1570  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
17:46:09.0427 0x1570  stornvme - ok
17:46:09.0462 0x1570  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
17:46:09.0469 0x1570  StorSvc - ok
17:46:09.0499 0x1570  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
17:46:09.0501 0x1570  storvsc - ok
17:46:09.0535 0x1570  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\WINDOWS\system32\svsvc.dll
17:46:09.0539 0x1570  svsvc - ok
17:46:09.0555 0x1570  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
17:46:09.0556 0x1570  swenum - ok
17:46:09.0594 0x1570  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\WINDOWS\System32\swprv.dll
17:46:09.0619 0x1570  swprv - ok
17:46:09.0707 0x1570  [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain         C:\WINDOWS\system32\sysmain.dll
17:46:09.0736 0x1570  SysMain - ok
17:46:09.0777 0x1570  [ 23BECB70654B192A7E378DEE3DBD8D42, 7596174AE7508B62C40A429645198F6A420D0CD5B62A10AB78516113584E7EDB ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
17:46:09.0786 0x1570  SystemEventsBroker - ok
17:46:09.0818 0x1570  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
17:46:09.0826 0x1570  TabletInputService - ok
17:46:09.0850 0x1570  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
17:46:09.0860 0x1570  TapiSrv - ok
17:46:09.0952 0x1570  [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
17:46:09.0997 0x1570  Tcpip - ok
17:46:10.0057 0x1570  [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:46:10.0102 0x1570  TCPIP6 - ok
17:46:10.0136 0x1570  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
17:46:10.0138 0x1570  tcpipreg - ok
17:46:10.0157 0x1570  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
17:46:10.0160 0x1570  tdx - ok
17:46:10.0180 0x1570  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
17:46:10.0182 0x1570  terminpt - ok
17:46:10.0261 0x1570  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\WINDOWS\System32\termsrv.dll
17:46:10.0284 0x1570  TermService - ok
17:46:10.0314 0x1570  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\WINDOWS\system32\themeservice.dll
17:46:10.0319 0x1570  Themes - ok
17:46:10.0353 0x1570  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
17:46:10.0358 0x1570  THREADORDER - ok
17:46:10.0382 0x1570  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
17:46:10.0391 0x1570  TimeBroker - ok
17:46:10.0472 0x1570  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
17:46:10.0483 0x1570  TPM - ok
17:46:10.0518 0x1570  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
17:46:10.0526 0x1570  TrkWks - ok
17:46:10.0586 0x1570  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
17:46:10.0589 0x1570  TrustedInstaller - ok
17:46:10.0613 0x1570  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
17:46:10.0615 0x1570  TsUsbFlt - ok
17:46:10.0620 0x1570  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
17:46:10.0622 0x1570  TsUsbGD - ok
17:46:10.0650 0x1570  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
17:46:10.0654 0x1570  tunnel - ok
17:46:10.0679 0x1570  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
17:46:10.0681 0x1570  uagp35 - ok
17:46:10.0716 0x1570  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
17:46:10.0718 0x1570  UASPStor - ok
17:46:10.0749 0x1570  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
17:46:10.0754 0x1570  UCX01000 - ok
17:46:10.0777 0x1570  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
17:46:10.0783 0x1570  udfs - ok
17:46:10.0799 0x1570  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
17:46:10.0800 0x1570  UEFI - ok
17:46:10.0847 0x1570  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
17:46:10.0852 0x1570  UI0Detect - ok
17:46:10.0868 0x1570  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
17:46:10.0870 0x1570  uliagpkx - ok
17:46:10.0888 0x1570  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
17:46:10.0890 0x1570  umbus - ok
17:46:10.0913 0x1570  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
17:46:10.0914 0x1570  UmPass - ok
17:46:10.0949 0x1570  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
17:46:10.0958 0x1570  UmRdpService - ok
17:46:11.0031 0x1570  [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:46:11.0037 0x1570  UNS - ok
17:46:11.0087 0x1570  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\WINDOWS\System32\upnphost.dll
17:46:11.0106 0x1570  upnphost - ok
17:46:11.0128 0x1570  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
17:46:11.0131 0x1570  usbccgp - ok
17:46:11.0184 0x1570  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
17:46:11.0187 0x1570  usbcir - ok
17:46:11.0218 0x1570  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
17:46:11.0223 0x1570  usbehci - ok
17:46:11.0255 0x1570  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
17:46:11.0264 0x1570  usbhub - ok
17:46:11.0290 0x1570  [ FAA564A13576F9284546BF016D27B551, 1D2CD13DC0B02DD40657EE4F93F4A13C78D2F2EF91685E563D78E217C96DF544 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
17:46:11.0300 0x1570  USBHUB3 - ok
17:46:11.0322 0x1570  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
17:46:11.0324 0x1570  usbohci - ok
17:46:11.0330 0x1570  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
17:46:11.0332 0x1570  usbprint - ok
17:46:11.0355 0x1570  [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:46:11.0357 0x1570  usbscan - ok
17:46:11.0377 0x1570  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
17:46:11.0380 0x1570  USBSTOR - ok
17:46:11.0396 0x1570  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
17:46:11.0398 0x1570  usbuhci - ok
17:46:11.0425 0x1570  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
17:46:11.0429 0x1570  usbvideo - ok
17:46:11.0455 0x1570  [ 1A20F03700D2B2ED775E38D751EF2F63, 76F8BE9F412D4397437E60A7E6231C80EA9B4F5436C9A8FAB967C78604994AE9 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
17:46:11.0462 0x1570  USBXHCI - ok
17:46:11.0475 0x1570  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\WINDOWS\system32\lsass.exe
17:46:11.0479 0x1570  VaultSvc - ok
17:46:11.0566 0x1570  [ EB2461E88E1E9F2243FAA3F167BFB94E, 1A7E51BC964CC42A2839FE6DB20A7E2E695E827B62851B0B25CCDB091A144D24 ] VBoxAswDrv      C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
17:46:11.0573 0x1570  VBoxAswDrv - ok
17:46:11.0593 0x1570  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
17:46:11.0595 0x1570  vdrvroot - ok
17:46:11.0668 0x1570  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\WINDOWS\System32\vds.exe
17:46:11.0700 0x1570  vds - ok
17:46:11.0742 0x1570  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
17:46:11.0746 0x1570  VerifierExt - ok
17:46:11.0863 0x1570  [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
17:46:11.0874 0x1570  vhdmp - ok
17:46:11.0888 0x1570  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
17:46:11.0890 0x1570  viaide - ok
17:46:11.0904 0x1570  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
17:46:11.0908 0x1570  vmbus - ok
17:46:11.0912 0x1570  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
17:46:11.0913 0x1570  VMBusHID - ok
17:46:11.0975 0x1570  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
17:46:11.0988 0x1570  vmicguestinterface - ok
17:46:12.0005 0x1570  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
17:46:12.0017 0x1570  vmicheartbeat - ok
17:46:12.0033 0x1570  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
17:46:12.0046 0x1570  vmickvpexchange - ok
17:46:12.0061 0x1570  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
17:46:12.0074 0x1570  vmicrdv - ok
17:46:12.0090 0x1570  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
17:46:12.0103 0x1570  vmicshutdown - ok
17:46:12.0120 0x1570  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
17:46:12.0134 0x1570  vmictimesync - ok
17:46:12.0149 0x1570  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
17:46:12.0162 0x1570  vmicvss - ok
17:46:12.0187 0x1570  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
17:46:12.0190 0x1570  volmgr - ok
17:46:12.0213 0x1570  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
17:46:12.0221 0x1570  volmgrx - ok
17:46:12.0244 0x1570  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
17:46:12.0250 0x1570  volsnap - ok
17:46:12.0287 0x1570  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
17:46:12.0289 0x1570  vpci - ok
17:46:12.0327 0x1570  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
17:46:12.0331 0x1570  vsmraid - ok
17:46:12.0417 0x1570  [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS             C:\WINDOWS\system32\vssvc.exe
17:46:12.0449 0x1570  VSS - ok
17:46:12.0477 0x1570  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
17:46:12.0485 0x1570  VSTXRAID - ok
17:46:12.0516 0x1570  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
17:46:12.0518 0x1570  vwifibus - ok
17:46:12.0549 0x1570  [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
17:46:12.0551 0x1570  vwififlt - ok
17:46:12.0585 0x1570  [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
17:46:12.0587 0x1570  vwifimp - ok
17:46:12.0626 0x1570  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\WINDOWS\system32\w32time.dll
17:46:12.0642 0x1570  W32Time - ok
17:46:12.0678 0x1570  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
17:46:12.0680 0x1570  WacomPen - ok
17:46:12.0757 0x1570  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
17:46:12.0797 0x1570  wbengine - ok
17:46:12.0831 0x1570  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
17:46:12.0844 0x1570  WbioSrvc - ok
17:46:12.0859 0x1570  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
17:46:12.0869 0x1570  Wcmsvc - ok
17:46:12.0884 0x1570  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
17:46:12.0897 0x1570  wcncsvc - ok
17:46:12.0917 0x1570  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
17:46:12.0923 0x1570  WcsPlugInService - ok
17:46:12.0967 0x1570  [ F5D4FA3E1F4879C361FFF3855259D2C2, 48C60FE4AAB011E2250157506FF0624031BFA346F8F2F8C6DFDF6F3CAA4F3F42 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
17:46:12.0969 0x1570  WdBoot - ok
17:46:13.0016 0x1570  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
17:46:13.0033 0x1570  Wdf01000 - ok
17:46:13.0045 0x1570  [ 019CC610AD95FF47EAD7C08B7A683B96, BB9D42F8ED90ECA2E7B8C906E06A1EA859FAD9BD1B3492BB1E28C0D00004812A ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
17:46:13.0051 0x1570  WdFilter - ok
17:46:13.0067 0x1570  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
17:46:13.0074 0x1570  WdiServiceHost - ok
17:46:13.0079 0x1570  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
17:46:13.0085 0x1570  WdiSystemHost - ok
17:46:13.0093 0x1570  [ 6CC1BB8F6851A262E2E824F0E92D5EEF, 45A88A984179BBA38C1F4434C4D6C2823C1FE6AFBE8CB0F656DAE0092D1D5611 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
17:46:13.0096 0x1570  WdNisDrv - ok
17:46:13.0124 0x1570  WdNisSvc - ok
17:46:13.0158 0x1570  [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient       C:\WINDOWS\System32\webclnt.dll
17:46:13.0166 0x1570  WebClient - ok
17:46:13.0213 0x1570  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
17:46:13.0221 0x1570  Wecsvc - ok
17:46:13.0227 0x1570  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
17:46:13.0232 0x1570  WEPHOSTSVC - ok
17:46:13.0253 0x1570  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
17:46:13.0259 0x1570  wercplsupport - ok
17:46:13.0280 0x1570  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
17:46:13.0286 0x1570  WerSvc - ok
17:46:13.0300 0x1570  [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
17:46:13.0304 0x1570  WFPLWFS - ok
17:46:13.0327 0x1570  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
17:46:13.0332 0x1570  WiaRpc - ok
17:46:13.0369 0x1570  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
17:46:13.0371 0x1570  WIMMount - ok
17:46:13.0374 0x1570  WinDefend - ok
17:46:13.0442 0x1570  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
17:46:13.0463 0x1570  WinHttpAutoProxySvc - ok
17:46:13.0503 0x1570  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
17:46:13.0509 0x1570  Winmgmt - ok
17:46:13.0620 0x1570  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
17:46:13.0675 0x1570  WinRM - ok
17:46:13.0755 0x1570  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\WINDOWS\system32\DRIVERS\WinUsb.sys
17:46:13.0758 0x1570  WinUsb - ok
17:46:13.0837 0x1570  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
17:46:13.0870 0x1570  WlanSvc - ok
17:46:13.0941 0x1570  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
17:46:13.0973 0x1570  wlidsvc - ok
17:46:13.0996 0x1570  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
17:46:13.0998 0x1570  WmiAcpi - ok
17:46:14.0042 0x1570  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
17:46:14.0046 0x1570  wmiApSrv - ok
17:46:14.0067 0x1570  WMPNetworkSvc - ok
17:46:14.0084 0x1570  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
17:46:14.0088 0x1570  Wof - ok
17:46:14.0175 0x1570  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
17:46:14.0209 0x1570  workfolderssvc - ok
17:46:14.0259 0x1570  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
17:46:14.0261 0x1570  wpcfltr - ok
17:46:14.0278 0x1570  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
17:46:14.0283 0x1570  WPCSvc - ok
17:46:14.0305 0x1570  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
17:46:14.0311 0x1570  WPDBusEnum - ok
17:46:14.0334 0x1570  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
17:46:14.0336 0x1570  WpdUpFltr - ok
17:46:14.0356 0x1570  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
17:46:14.0358 0x1570  ws2ifsl - ok
17:46:14.0401 0x1570  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
17:46:14.0409 0x1570  wscsvc - ok
17:46:14.0415 0x1570  WSearch - ok
17:46:14.0546 0x1570  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\WINDOWS\System32\WSService.dll
17:46:14.0613 0x1570  WSService - ok
17:46:14.0672 0x1570  [ 0ECE1883160759330E896B82A9EBB70B, 6D35A50C80F1A5329D2C575B3FD2C3EEF43992CFA48F9EA6F559D16B9A9502C5 ] WTGService      C:\Program Files (x86)\3DataManager\WTGService.exe
17:46:14.0679 0x1570  WTGService - ok
17:46:14.0827 0x1570  [ 1B24547C96E1C656ED9A8E6B6F6FA03B, A15D1180D8A9011F0D5A2C8D801D34974D5AEA367FFFB96BD335448B17A2C142 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
17:46:14.0903 0x1570  wuauserv - ok
17:46:14.0968 0x1570  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
17:46:14.0971 0x1570  WudfPf - ok
17:46:14.0987 0x1570  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
17:46:14.0992 0x1570  WUDFRd - ok
17:46:15.0007 0x1570  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP    C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:46:15.0012 0x1570  WUDFSensorLP - ok
17:46:15.0035 0x1570  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
17:46:15.0042 0x1570  wudfsvc - ok
17:46:15.0052 0x1570  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:46:15.0057 0x1570  WUDFWpdFs - ok
17:46:15.0065 0x1570  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:46:15.0071 0x1570  WUDFWpdMtp - ok
17:46:15.0098 0x1570  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
17:46:15.0113 0x1570  WwanSvc - ok
17:46:15.0132 0x1570  ================ Scan global ===============================
17:46:15.0182 0x1570  [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\WINDOWS\system32\basesrv.dll
17:46:15.0224 0x1570  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
17:46:15.0253 0x1570  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
17:46:15.0289 0x1570  [ 5BF02EBEFEDC706318C96E2E60EDCB91, DC866C5BC3A887CAAA7169AB9BB2992F6F877B3EA04B62B4F95B6BD54943155F ] C:\WINDOWS\system32\services.exe
17:46:15.0300 0x1570  [ Global ] - ok
17:46:15.0301 0x1570  ================ Scan MBR ==================================
17:46:15.0318 0x1570  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
17:46:15.0323 0x1570  \Device\Harddisk0\DR0 - ok
17:46:15.0323 0x1570  ================ Scan VBR ==================================
17:46:15.0336 0x1570  [ 68A5C9AC4E296B05A911F1152EC2A61A ] \Device\Harddisk0\DR0\Partition1
17:46:15.0405 0x1570  \Device\Harddisk0\DR0\Partition1 - ok
17:46:15.0421 0x1570  [ 89DF320A24731CB6CC26510A634B58A0 ] \Device\Harddisk0\DR0\Partition2
17:46:15.0472 0x1570  \Device\Harddisk0\DR0\Partition2 - ok
17:46:15.0488 0x1570  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
17:46:15.0488 0x1570  \Device\Harddisk0\DR0\Partition3 - ok
17:46:15.0506 0x1570  [ C31B0DD79B7177261E5F46D4EC8DEFA4 ] \Device\Harddisk0\DR0\Partition4
17:46:15.0563 0x1570  \Device\Harddisk0\DR0\Partition4 - ok
17:46:15.0582 0x1570  [ FDA2C7E9229C13180D64FA02AEA9AB78 ] \Device\Harddisk0\DR0\Partition5
17:46:15.0619 0x1570  \Device\Harddisk0\DR0\Partition5 - ok
17:46:15.0646 0x1570  [ 42D55D83B50AADD3DB9B451B808D4B8F ] \Device\Harddisk0\DR0\Partition6
17:46:15.0658 0x1570  \Device\Harddisk0\DR0\Partition6 - ok
17:46:15.0674 0x1570  [ C29EF0D385BEA5B50B0B2F8D00493C30 ] \Device\Harddisk0\DR0\Partition7
17:46:15.0687 0x1570  \Device\Harddisk0\DR0\Partition7 - ok
17:46:15.0688 0x1570  ================ Scan generic autorun ======================
17:46:16.0150 0x1570  [ B3B1175C96F8E01EC5D37F6C0B965F6F, F0330B4B1CBF2D5C4570E53CE6DE2BA6DE14A7156C368458A0B4B59BDBF45DD5 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
17:46:16.0514 0x1570  RtHDVCpl - ok
17:46:16.0612 0x1570  [ D0AA4593126F4FCA79173D00DF054454, C18F6780ADFA44C49E6C6C8CEE4C5E25829ADE125C97A56467456B173BE4A7F2 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
17:46:16.0638 0x1570  RtHDVBg_Dolby - ok
17:46:16.0808 0x1570  [ 65C6AA484AD2287D20541C7735989437, 1842787640391F4A4CD9ED0A531298A61F4B2FB09BEC98FEE256313AFB458EDB ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
17:46:16.0961 0x1570  AvastUI.exe - ok
17:46:17.0084 0x1570  [ 3E04F1E482357B1FC8B088197C3D9FF8, 85524ADDC27ADC831EBBD24E079B412CFDC69E5F594BD153319087665A28D546 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
17:46:17.0106 0x1570  Adobe ARM - ok
17:46:17.0170 0x1570  [ 369993D4B8C009393A2F9BCBB7BD2587, DD9FBF8C32BB3A29F7062BABA23B84FB9F7395A4AB3FB7001071154CDE92F7D5 ] C:\Program Files (x86)\Windows Mail\wab.exe
17:46:17.0181 0x1570  WAB Migrate - ok
17:46:17.0226 0x1570  Skype - ok
17:46:17.0228 0x1570  Waiting for KSN requests completion. In queue: 154
17:46:18.0289 0x1570  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )
17:46:18.0306 0x1570  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2218.942 ), 0x41000 ( enabled : updated )
17:46:18.0309 0x1570  FW detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2218.942 ), 0x40010 ( disabled )
17:46:18.0314 0x1570  Win FW state via NFP2: enabled
17:46:18.0584 0x1570  ============================================================
17:46:18.0584 0x1570  Scan finished
17:46:18.0584 0x1570  ============================================================
17:46:18.0596 0x1564  Detected object count: 0
17:46:18.0596 0x1564  Actual detected object count: 0
         


Alt 23.07.2015, 14:02   #6
M-K-D-B
/// TB-Ausbilder
 
Fenster, Express Zip Demo - Standard

Fenster, Express Zip Demo



Servus,


du weißt, dass "Winzip Malware Protector" selbst Adware ist?

Ahja, wegen deiner PM: Wir löschen grundsätzlich keine Logfiles aus dem Forum, mehr dazu hier.

Alle Schritte (1-4) ausführen, immer alle Funde entfernen lassen und die Logdateien posten:





Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).






Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.
__________________
--> Fenster, Express Zip Demo

Alt 23.07.2015, 18:20   #7
Xand
 
Fenster, Express Zip Demo - Standard

Fenster, Express Zip Demo



Code:
ATTFilter
Nico Mak Computing 
WinZip Malware Protector 
 
Datum der Überprüfung Donnerstag, 23. Juli 2015 
Datenbankversion 2325 
Gefundene Elemente insgesamt 94 
Überprüfte Objekte: 366772 
Abgelaufene Zeit: 00:01:42 
Name Gefundene Elemente 

Name der Infektion pup.optional 
Kategorie Potentially Unwanted Application 
Bedrohungsstufe High 
Durchgeführte Aktion NoActionTaken 
Elemente gefunden 1 
 
Gefundener Bereich FileSystem 
Details 
Dateiname c:\users\alexandra\downloads\kies3setup.exe 
MD5 12095843207507927641 
Signatur 0 
Md5hash:  9dd5bd2ff675d9a92447c28ec3532d55 
 
 

Name der Infektion malware.trace 
Kategorie Generic Malware  
Bedrohungsstufe High 
Durchgeführte Aktion NoActionTaken 
Elemente gefunden 93 
 
Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
  
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 17.06.2014 at 18:48:11 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 17.06.2014 at 18:48:54 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 18.06.2014 at 09:14:16 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 18.06.2014 at 09:37:32 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 18.06.2014 at 09:38:06 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 18.06.2014 at 09:38:51 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 18.06.2014 at 09:38:58 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 19.06.2014 at 09:58:29 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 20.06.2014 at 12:06:43 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 21.06.2014 at 12:39:06 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 24.06.2014 at 12:34:51 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 25.06.2014 at 11:45:42 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 26.06.2014 at 14:24:23 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 27.06.2014 at 09:09:29 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 28.06.2014 at 15:59:04 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 28.06.2014 at 20:00:30 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 29.06.2014 at 11:24:06 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 30.06.2014 at 11:51:56 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 01.07.2014 at 10:01:09 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 02.07.2014 at 09:55:44 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 03.07.2014 at 12:49:31 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 05.07.2014 at 13:07:07 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 06.07.2014 at 19:58:52 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 07.07.2014 at 11:09:45 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 07.07.2014 at 17:46:39 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 08.07.2014 at 17:27:27 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 10.07.2014 at 10:25:33 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 16.07.2014 at 09:42:20 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 23.07.2014 at 09:43:04 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 24.07.2014 at 12:04:29 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 25.07.2014 at 13:36:18 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 27.07.2014 at 13:16:57 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 28.07.2014 at 12:09:35 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 29.07.2014 at 12:21:30 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 02.08.2014 at 12:22:42 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 03.08.2014 at 11:51:53 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 04.08.2014 at 16:48:51 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 06.08.2014 at 09:38:04 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 08.08.2014 at 12:48:43 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 11.08.2014 at 11:32:54 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 12.08.2014 at 11:14:54 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 14.08.2014 at 07:21:18 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 15.08.2014 at 10:46:02 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 15.08.2014 at 19:46:22 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 16.08.2014 at 11:22:26 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 21.08.2014 at 10:41:18 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 22.08.2014 at 11:19:18 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 23.08.2014 at 10:28:14 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 24.08.2014 at 11:00:10 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 27.08.2014 at 18:38:28 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 28.08.2014 at 10:31:32 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 29.08.2014 at 11:53:24 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 30.08.2014 at 11:02:38 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 03.09.2014 at 17:43:05 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 04.09.2014 at 10:54:50 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 06.09.2014 at 20:10:53 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 07.09.2014 at 11:26:03 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 18.09.2014 at 18:05:18 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 19.09.2014 at 08:32:29 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 20.09.2014 at 10:25:35 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 21.09.2014 at 13:27:01 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 22.09.2014 at 09:44:13 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 24.09.2014 at 16:57:12 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 25.09.2014 at 09:43:54 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 28.09.2014 at 11:25:46 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 29.09.2014 at 12:13:52 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 02.10.2014 at 09:25:16 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 03.10.2014 at 12:44:21 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 04.10.2014 at 20:16:15 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 05.10.2014 at 11:39:49 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 07.10.2014 at 17:04:22 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 08.10.2014 at 18:12:46 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 12.10.2014 at 11:26:29 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 13.10.2014 at 09:17:35 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 14.10.2014 at 17:14:37 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 16.10.2014 at 12:25:07 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 17.10.2014 at 12:30:41 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 19.10.2014 at 11:49:32 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 21.10.2014 at 16:51:07 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 24.10.2014 at 11:20:47 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 25.10.2014 at 13:13:26 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 27.10.2014 at 10:52:20 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 28.10.2014 at 17:13:25 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 31.10.2014 at 11:37:25 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 02.11.2014 at 12:29:58 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 03.11.2014 at 10:32:39 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 04.11.2014 at 17:10:14 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 05.11.2014 at 17:52:30 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 06.11.2014 at 10:10:26 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 07.11.2014 at 10:38:31 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 07.11.2014 at 21:55:24 
 

Gefundener Bereich Registry 
Details 
Registrierungsschlüssel hkey_current_user 
 software\dc3_fexec 
 08.11.2014 at 10:02:30 
 
 
© 2013 WinZip International LLC. All rights reserved.
         
Schritt 1 kann nicht ohne kauf von Malware Protektor ausgeführt werden.

Das programm löscht nichts.

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 23.07.2015
Suchlaufzeit: 17:32
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.07.23.04
Rootkit-Datenbank: v2015.07.22.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Alexandra

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 393127
Abgelaufene Zeit: 14 Min., 11 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 8
PUP.Optional.DNSErrorHelper.A, HKLM\SOFTWARE\CLASSES\Helper.TemplateObject, In Quarantäne, [5ad64d9851396bcbc14bb2d37989af51], 
PUP.Optional.DNSErrorHelper.A, HKLM\SOFTWARE\CLASSES\Helper.TemplateObject.1, In Quarantäne, [042c02e356348bab69a37c09946e2ad6], 
PUP.Optional.DNSErrorHelper.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Helper.TemplateObject, In Quarantäne, [042c02e356348bab69a37c09946e2ad6], 
PUP.Optional.DNSErrorHelper.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Helper.TemplateObject.1, In Quarantäne, [042c02e356348bab69a37c09946e2ad6], 
PUP.Optional.DNSErrorHelper.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Helper.TemplateObject, In Quarantäne, [042c02e356348bab69a37c09946e2ad6], 
PUP.Optional.DNSErrorHelper.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Helper.TemplateObject.1, In Quarantäne, [042c02e356348bab69a37c09946e2ad6], 
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\${dtUserElevationPolicyID}, In Quarantäne, [9c943da876145ed818774a385da7b54b], 
Malware.Trace, HKU\S-1-5-21-2422082488-33307941-859794934-1002\SOFTWARE\DC3_FEXEC, In Quarantäne, [b87809dcdeacff372c4f6192c340df21], 

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 3
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
PUP.Optional.OptimizerPro.A, C:\Users\Alexandra\Documents\Optimizer Pro, In Quarantäne, [042ca243e4a652e4b49ee8af39cb768a], 
PUP.Optional.DataMngr.A, C:\ProgramData\Datamngr, In Quarantäne, [32fe0bdaf5954beb53b49564e919df21], 

Dateien: 91
Trojan.Dropper.SFXAI, C:\Users\Alexandra\AppData\Roaming\27072014.scr, In Quarantäne, [68c81cc90585c472aed162c6dd24ac54], 
Misused.Legit.AI, C:\Users\Alexandra\265oyte47\.com, In Quarantäne, [cf6155903b4f57dfaf94939bc53c55ab], 
Misused.Legit.AI, C:\Users\Alexandra\8fdhc8i6\OWryTUenk.exe, In Quarantäne, [e9472fb66228c274c52f6dc8837e39c7], 
PUP.Optional.DownloadSponsor, C:\Users\Alexandra\Downloads\find-it.exe, In Quarantäne, [0b25b82d8bff4fe7e9b1b43cd82cc63a], 
PUP.Optional.Conduit.A, C:\Users\Alexandra\Downloads\Kies3Setup.exe, In Quarantäne, [70c0479e2664fd39c1e756bbe120c739], 
PUP.Optional.InstallCore.A, C:\Users\Alexandra\Downloads\MediaPlayerSetup.exe, In Quarantäne, [e14fd510cac065d17075e15219e7c23e], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-06-17-3.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-06-18-4.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-06-19-5.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-06-20-6.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-06-21-7.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-06-22-1.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-06-23-2.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-06-24-3.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-06-25-4.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-06-26-5.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-06-27-6.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-06-28-7.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-06-29-1.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-06-30-2.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-01-3.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-03-5.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-04-6.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-05-7.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-06-1.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-07-2.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-08-3.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-09-4.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-10-5.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-11-6.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-13-1.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-14-2.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-15-3.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-16-4.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-21-2.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-22-3.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-23-4.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-24-5.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-26-7.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-27-1.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-28-2.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-29-3.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-30-4.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-31-5.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-08-01-6.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-08-02-7.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-08-03-1.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-08-08-6.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-08-09-7.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-08-10-1.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-08-12-3.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-08-14-5.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-08-15-6.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-08-23-7.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-04-5.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-07-1.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-08-2.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-09-3.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-10-4.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-11-5.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-12-6.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-13-7.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-14-1.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-15-2.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-16-3.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-17-4.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-20-7.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-24-4.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-28-1.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-02-4.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-25-6.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-05-6.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-10-03-6.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-10-07-3.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-10-08-4.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-10-09-5.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-10-10-6.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-10-13-2.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-10-17-6.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-10-18-7.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-10-21-3.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-10-22-4.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-10-23-5.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-10-25-7.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-10-27-2.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-10-28-3.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-11-02-1.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-11-04-3.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-11-05-4.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-11-08-7.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
PUP.Optional.OptimizerPro.A, C:\Users\Alexandra\Documents\Optimizer Pro\CookiesException.txt, In Quarantäne, [042ca243e4a652e4b49ee8af39cb768a], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 23.07.2015
Suchlaufzeit: 17:32
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.07.23.04
Rootkit-Datenbank: v2015.07.22.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Alexandra

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 393127
Abgelaufene Zeit: 14 Min., 11 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 8
PUP.Optional.DNSErrorHelper.A, HKLM\SOFTWARE\CLASSES\Helper.TemplateObject, In Quarantäne, [5ad64d9851396bcbc14bb2d37989af51], 
PUP.Optional.DNSErrorHelper.A, HKLM\SOFTWARE\CLASSES\Helper.TemplateObject.1, In Quarantäne, [042c02e356348bab69a37c09946e2ad6], 
PUP.Optional.DNSErrorHelper.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Helper.TemplateObject, In Quarantäne, [042c02e356348bab69a37c09946e2ad6], 
PUP.Optional.DNSErrorHelper.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Helper.TemplateObject.1, In Quarantäne, [042c02e356348bab69a37c09946e2ad6], 
PUP.Optional.DNSErrorHelper.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Helper.TemplateObject, In Quarantäne, [042c02e356348bab69a37c09946e2ad6], 
PUP.Optional.DNSErrorHelper.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Helper.TemplateObject.1, In Quarantäne, [042c02e356348bab69a37c09946e2ad6], 
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\${dtUserElevationPolicyID}, In Quarantäne, [9c943da876145ed818774a385da7b54b], 
Malware.Trace, HKU\S-1-5-21-2422082488-33307941-859794934-1002\SOFTWARE\DC3_FEXEC, In Quarantäne, [b87809dcdeacff372c4f6192c340df21], 

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 3
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
PUP.Optional.OptimizerPro.A, C:\Users\Alexandra\Documents\Optimizer Pro, In Quarantäne, [042ca243e4a652e4b49ee8af39cb768a], 
PUP.Optional.DataMngr.A, C:\ProgramData\Datamngr, In Quarantäne, [32fe0bdaf5954beb53b49564e919df21], 

Dateien: 91
Trojan.Dropper.SFXAI, C:\Users\Alexandra\AppData\Roaming\27072014.scr, In Quarantäne, [68c81cc90585c472aed162c6dd24ac54], 
Misused.Legit.AI, C:\Users\Alexandra\265oyte47\.com, In Quarantäne, [cf6155903b4f57dfaf94939bc53c55ab], 
Misused.Legit.AI, C:\Users\Alexandra\8fdhc8i6\OWryTUenk.exe, In Quarantäne, [e9472fb66228c274c52f6dc8837e39c7], 
PUP.Optional.DownloadSponsor, C:\Users\Alexandra\Downloads\find-it.exe, In Quarantäne, [0b25b82d8bff4fe7e9b1b43cd82cc63a], 
PUP.Optional.Conduit.A, C:\Users\Alexandra\Downloads\Kies3Setup.exe, In Quarantäne, [70c0479e2664fd39c1e756bbe120c739], 
PUP.Optional.InstallCore.A, C:\Users\Alexandra\Downloads\MediaPlayerSetup.exe, In Quarantäne, [e14fd510cac065d17075e15219e7c23e], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-06-17-3.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-06-18-4.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-06-19-5.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-06-20-6.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-06-21-7.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-06-22-1.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-06-23-2.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-06-24-3.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-06-25-4.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-06-26-5.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-06-27-6.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-06-28-7.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-06-29-1.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-06-30-2.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-01-3.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-03-5.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-04-6.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-05-7.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-06-1.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-07-2.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-08-3.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-09-4.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-10-5.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-11-6.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-13-1.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-14-2.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-15-3.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-16-4.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-21-2.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-22-3.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-23-4.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-24-5.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-26-7.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-27-1.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-28-2.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-29-3.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-30-4.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-31-5.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-08-01-6.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-08-02-7.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-08-03-1.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-08-08-6.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-08-09-7.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-08-10-1.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-08-12-3.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-08-14-5.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-08-15-6.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-08-23-7.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-04-5.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-07-1.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-08-2.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-09-3.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-10-4.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-11-5.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-12-6.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-13-7.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-14-1.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-15-2.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-16-3.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-17-4.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-20-7.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-24-4.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-28-1.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-02-4.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-07-25-6.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-09-05-6.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-10-03-6.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-10-07-3.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-10-08-4.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-10-09-5.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-10-10-6.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-10-13-2.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-10-17-6.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-10-18-7.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-10-21-3.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-10-22-4.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-10-23-5.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-10-25-7.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-10-27-2.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-10-28-3.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-11-02-1.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-11-04-3.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-11-05-4.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
Stolen.Data, C:\Users\Alexandra\AppData\Roaming\dclogs\2014-11-08-7.dc, In Quarantäne, [ea46f6ef4b3f75c1914f77aa1be98d73], 
PUP.Optional.OptimizerPro.A, C:\Users\Alexandra\Documents\Optimizer Pro\CookiesException.txt, In Quarantäne, [042ca243e4a652e4b49ee8af39cb768a], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
JRT Logfile:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.1 (07.16.2015:1)
OS: Windows 8.1 x64
Ran by Alexandra on 23.07.2015 at 18:09:14,86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\WINDOWS\system32\tasks\WinZip Malware Protector_startup



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7553EA3C-F8DA-4188-B7BC-956894EA54F5}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Clients\StartMenuInternet\Torch
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7553EA3C-F8DA-4188-B7BC-956894EA54F5}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{7553EA3C-F8DA-4188-B7BC-956894EA54F5}



~~~ Files

Successfully deleted: [File] C:\Users\Public\Desktop\winzip malware protector.lnk



~~~ Folders

Successfully deleted: [Folder] C:\Program Files (x86)\myfree codec
Successfully deleted: [Folder] C:\ProgramData\nico mak computing
Successfully deleted: [Folder] C:\Users\Alexandra\AppData\Roaming\nico mak computing



~~~ FireFox

Emptied folder: C:\Users\Alexandra\AppData\Roaming\mozilla\firefox\profiles\8yi0niup.default\minidumps [9 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.07.2015 at 18:13:28,98
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
--- --- ---

FRST Additions Logfile:
[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:20-07-2015
Ran by Alexandra at 2015-07-23 16:53:44
Running from C:\Users\Alexandra\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2422082488-33307941-859794934-500 - Administrator - Disabled)
Alexandra (S-1-5-21-2422082488-33307941-859794934-1002 - Administrator - Enabled) => C:\Users\Alexandra
Gast (S-1-5-21-2422082488-33307941-859794934-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-2422082488-33307941-859794934-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DataManager (HKLM-x32\...\3DataManager) (Version: 3.5 - 3DataManager)
4500_G510gm_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
4500G510gm (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.05 - Piriform)
CHIP Best Deal (HKLM-x32\...\{7553EA3C-F8DA-4188-B7BC-956894EA54F5}) (Version: 1.4.21 - Ciuvo GmbH)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 4500 G510g-m 14.0 Rel. 6 (HKLM\...\{C55BF64E-60E1-494C-B1EB-97A008141A55}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
IT9130 Driver v12.2.3.1 (HKLM-x32\...\IT9130 DriverInstaller_12.2.3.1) (Version:  - )
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Mediathek (HKLM-x32\...\{EFFED0C0-5299-422E-AFE6-8B8066D18A2A}) (Version: 1.4.0 - Medion)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
Mozilla Thunderbird 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
MyFreeCodec (HKU\S-1-5-21-2422082488-33307941-859794934-1002\...\MyFreeCodec) (Version:  - )
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0081 - Pegatron Corporation)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6722 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smart Switch v1.4.7 (HKLM-x32\...\Smart Switch) (Version: v1.4.7 - GIGABYTE TECHNOLOGY CO.,LTD.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinZip Malware Protector (HKLM-x32\...\WinZip Malware Protector_is1) (Version: 2.1.1000.14260 - WinZip International LLC)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2422082488-33307941-859794934-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points =========================

17-07-2015 15:15:16 Uniblue PC Mechanic installation

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {026E154A-52C6-4815-92D4-6072D677E1C0} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {0438F22F-32A1-4FF4-AA2C-1FD6D396A466} - System32\Tasks\WinZip Malware Protector_startup => C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe [2015-03-13] (Nico Mak Computing)
Task: {08BE7C4C-4FE2-4BBD-8C0A-AF0F145F0F45} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {39D0F636-137E-48E1-A754-84AB3DD7A79B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {5DE4DF0D-A73B-42B4-92FB-230BA846D24E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {6C101D18-DAA6-4799-8928-978661752FB2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14] (Adobe Systems Incorporated)
Task: {8703140F-CB23-400D-B984-9D0DB88C0ADB} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {951DCF2F-0A04-40A5-8B36-6152848BB900} - System32\Tasks\chipSWU => Cscript.exe "C:\Program Files (x86)\chip\Internet Explorer\swu.vbs"
Task: {A8894C2C-511B-4DF0-A580-3CF0D6057CFD} - System32\Tasks\Installer for avg_safeguard => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\thirdpartyinstaller.exe <==== ATTENTION
Task: {ACA00654-4D80-465B-B5B9-0E62712D5865} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {CCCB1A73-B348-48A3-98EA-0DAB644BAA6B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {DA08D4DF-9078-40B6-910F-4DF57D471E2F} - System32\Tasks\{67AA193C-B398-40E7-B3AF-48489F8A5BCE} => pcalua.exe -a "C:\Program Files (x86)\3DataManager\Uninstaller.exe"
Task: {DC136A3D-DDEF-4AD7-B72A-C9B70D663120} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-25] (Avast Software s.r.o.)
Task: {ED3D0FFD-C9B7-4CF2-B8DF-A5C9544514B2} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {F8EB148D-41AD-4A29-A282-5350C47E51AF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-06-11] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Installer for avg_safeguard.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\thirdpartyinstaller.exe C:\Users\ALEXAN~1\AppData\Local\Temp\Uniblue\Offers\AVG_Safeguard.exe --stat-prefix sp --installer-type web --offer-name avg_safeguard --params /PASSWORD=TB38GF9P66 /DISTRIBUTIONSOURCE=ub011 /FINISHURL=http:/toolbar.avg.com <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2013-10-27 09:03 - 2013-10-27 09:03 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-06-23 19:18 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-11-29 15:32 - 2012-11-29 15:53 - 00805888 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2014-04-20 19:08 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-09-26 09:18 - 2012-07-05 06:03 - 00343024 ____N () C:\Program Files (x86)\3DataManager\WTGService.exe
2012-11-29 15:32 - 2012-11-27 17:18 - 02215424 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
2013-09-26 09:18 - 2012-07-10 15:38 - 00506864 ____N () C:\Program Files (x86)\3DataManager\3DataManager_Launcher.exe
2012-11-29 15:32 - 2010-01-12 19:36 - 00117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2012-11-29 15:32 - 2010-01-12 19:36 - 00121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2012-11-29 15:32 - 2010-12-17 16:04 - 00449032 _____ () C:\Program Files (x86)\PHotkey\ATouch64.exe
2012-11-29 15:32 - 2012-10-23 20:07 - 03471872 _____ () C:\Program Files (x86)\PHotkey\POSD.exe
2012-11-29 15:32 - 2012-08-08 20:10 - 07536128 _____ () C:\Program Files (x86)\PHotkey\GPMTray.exe
2015-05-09 11:35 - 2015-05-09 11:35 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-09 11:34 - 2015-05-09 11:34 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-21 14:17 - 2015-07-21 14:17 - 02957312 _____ () C:\Program Files\AVAST Software\Avast\defs\15072100\algo.dll
2015-07-23 12:56 - 2015-07-23 12:56 - 02957312 _____ () C:\Program Files\AVAST Software\Avast\defs\15072300\algo.dll
2013-10-27 09:03 - 2013-10-27 09:03 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-07-18 14:10 - 2013-02-28 16:53 - 00886272 _____ () C:\Program Files (x86)\WinZip Malware Protector\System.Data.SQLite.dll
2015-07-18 14:10 - 2015-03-13 14:34 - 01717936 _____ () C:\Program Files (x86)\WinZip Malware Protector\aspsys.dll
2015-07-18 14:10 - 2013-02-28 16:53 - 00168448 _____ () C:\Program Files (x86)\WinZip Malware Protector\UNRAR.DLL
2012-11-29 15:32 - 2009-12-18 17:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
2012-11-29 15:32 - 2009-12-18 17:41 - 00129544 _____ () C:\Program Files (x86)\PHotkey\GFNEX.dll
2015-05-09 11:35 - 2015-05-09 11:35 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-07-02 17:11 - 2015-07-02 17:11 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\f95a84be655dce46534e2570f3b8bef6\PSIClient.ni.dll
2012-11-14 10:20 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-09-26 09:18 - 2012-07-13 14:19 - 00073728 ____N () C:\Program Files (x86)\3DataManager\WtgDriverInstall.dll
2013-09-26 09:18 - 2012-07-13 14:21 - 00745472 ____N () C:\Program Files (x86)\3DataManager\WtgCore.dll
2013-09-26 09:18 - 2012-07-13 14:20 - 00110592 ____N () C:\Program Files (x86)\3DataManager\WtgDatabase.dll
2013-09-26 09:18 - 2012-07-13 14:20 - 00208896 ____N () C:\Program Files (x86)\3DataManager\WtgDetection.dll
2013-09-26 09:18 - 2012-07-13 14:20 - 00086016 ____N () C:\Program Files (x86)\3DataManager\WtgDialup.dll
2013-09-26 09:18 - 2012-07-13 14:20 - 00098304 ____N () C:\Program Files (x86)\3DataManager\WtgPorts.dll
2013-09-26 09:18 - 2012-07-13 14:19 - 00098304 ____N () C:\Program Files (x86)\3DataManager\WtgUtil.dll
2013-09-26 09:18 - 2012-07-13 14:20 - 00139264 ____N () C:\Program Files (x86)\3DataManager\WtgBluetooth.dll
2013-09-26 09:18 - 2012-07-13 14:19 - 00012288 ____N () C:\Program Files (x86)\3DataManager\WTGDebugs.dll
2013-09-26 09:18 - 2011-11-10 09:48 - 01105920 ____N () C:\Program Files (x86)\3DataManager\NDISAPI.dll
2013-09-26 09:19 - 2011-06-09 10:44 - 00602112 ____N () C:\Program Files (x86)\3DataManager\WTGXMLUtil.dll
2013-09-26 09:18 - 2012-07-13 14:20 - 00274432 ____N () C:\Program Files (x86)\3DataManager\WTGSMSPCClient.Dll
2013-09-26 09:18 - 2012-07-13 14:21 - 00012800 ____N () C:\Program Files (x86)\3DataManager\WTGDriverInstallX.Dll
2013-09-26 09:18 - 2012-06-12 10:02 - 00249856 ____N () C:\Program Files (x86)\3DataManager\WtgMobileBroadband7.dll
2015-04-04 14:55 - 2015-06-08 21:23 - 00153712 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-04-04 14:55 - 2015-06-08 21:23 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2422082488-33307941-859794934-1001\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-2422082488-33307941-859794934-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme2\img8.jpg
DNS Servers: 213.94.78.16 - 213.94.78.17
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SaferSurf Tray"
HKLM\...\StartupApproved\Run32: => "BingDesktop"
HKU\S-1-5-21-2422082488-33307941-859794934-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2422082488-33307941-859794934-1002\...\StartupApproved\Run: => "iMesh"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{43B91403-4632-40CE-B2E0-4B153C50B59A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{EC5FA963-0DDE-4CF8-8848-0334902805B4}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [UDP Query User{70784348-A80B-434C-818A-ACB9E460DD93}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{83893365-AAFB-4F4E-8893-D33E9367C725}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{937F8D4B-DA1F-4B32-A386-CB433FB07ABB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F873DA5C-D77D-4729-99A3-8A9B353B9CD5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{87086A43-1DEE-46F3-8D71-B57884A97A61}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{D4A39ACA-F147-4674-ADD8-40E3625667C9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{928AE05C-65F3-474B-9850-F92563006BDE}] => (Allow) C:\Users\Alexandra\AppData\Local\Torch\Application\torch.exe
FirewallRules: [{EE45D7EA-FEFC-4F45-AE39-B21EA50040D1}] => (Allow) C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe
FirewallRules: [{525A74F7-2291-458D-84F6-AC7F612072A8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C841C1C6-3D67-4199-94EA-C2AFFA1C59E5}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{C337F121-6331-44E4-B154-F923E1C4DFC1}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{F96C6669-290F-4370-B3E8-26FFBFDAEF7D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{4D5BF7EF-EEF6-4910-8DFD-FB1E1307BBC4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{A483BAE6-6F91-4FD6-9EF3-14A69F5D08FB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{CBE20616-B267-4F02-8B71-827F85C5C957}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{0E36A7E9-1D0A-4D55-BFD4-C21EEDE1FD62}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{1AFE496F-2A21-46D5-A3C2-01FD001E8665}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{715171B6-D864-4B74-9749-85BF3052A34A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{8FA09228-E7B1-42FF-8F29-31D2D8744AEF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{DF5773C0-A2F2-4C0A-A01E-7F27CA58377E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{1B8A3DD5-FA4B-42EC-A0D8-0BFA9398A0EA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{C8CDF691-BAC5-4A27-B9BB-6BF5DA16FF35}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{F15C6FBF-FBD7-49DF-9A26-E9EB431E69E8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{6FE39E42-A9DE-41A6-9C11-67C8545F7445}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{560CFA07-1F50-4FC3-B7B5-8D342EF9C556}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{0A8DFF77-6F90-428B-94F1-0AD6CB03E64E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{939E0F63-0DCD-417A-B271-8A32740EE73C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{51B1AE16-8E82-48D9-A12B-458A23A66B46}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{2FCFAA31-5F2E-4EE9-97F6-10EDF33A2D2E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{DD411DF8-5638-4E1B-955B-A143E18D1E75}] => (Allow) LPort=1900
FirewallRules: [{E5927AC1-9F11-402F-8D8D-15DC242D4743}] => (Allow) LPort=2869
FirewallRules: [{C18D1F24-3C12-467C-BC95-1FF7786E3A43}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{69CEFCF5-250A-4CD8-89A3-FC635E843F0D}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{F86EB3E8-CEAA-41E1-9FB1-B1986FD52190}] => (Allow) C:\Windows\SysWOW64\muzapp.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/23/2015 11:45:31 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/22/2015 05:44:42 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/22/2015 12:12:41 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/21/2015 06:46:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: thunderbird.exe, Version: 38.0.1.5637, Zeitstempel: 0x5575e6c2
Name des fehlerhaften Moduls: xul.dll, Version: 38.0.1.5637, Zeitstempel: 0x5575e79d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0008749b
ID des fehlerhaften Prozesses: 0xe44
Startzeit der fehlerhaften Anwendung: 0xthunderbird.exe0
Pfad der fehlerhaften Anwendung: thunderbird.exe1
Pfad des fehlerhaften Moduls: thunderbird.exe2
Berichtskennung: thunderbird.exe3
Vollständiger Name des fehlerhaften Pakets: thunderbird.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: thunderbird.exe5

Error: (07/21/2015 02:59:50 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/20/2015 12:36:00 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/19/2015 03:29:43 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/18/2015 07:22:38 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/18/2015 12:58:05 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/17/2015 05:02:02 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
	Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)


System errors:
=============
Error: (07/23/2015 04:43:56 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT-AUTORITÄT)
Description: Für den Miniport "HUAWEI Mobile Connect - Network Adapter, {911A0AC8-7281-402E-B978-1C522B971556}" ist das Ereignis "74" aufgetreten.

Error: (07/23/2015 11:20:59 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT-AUTORITÄT)
Description: Für den Miniport "HUAWEI Mobile Connect - Network Adapter, {911A0AC8-7281-402E-B978-1C522B971556}" ist das Ereignis "74" aufgetreten.

Error: (07/22/2015 06:17:00 PM) (Source: DCOM) (EventID: 10010) (User: Liabsladele)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/22/2015 06:16:30 PM) (Source: DCOM) (EventID: 10010) (User: Liabsladele)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/22/2015 05:19:44 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT-AUTORITÄT)
Description: Für den Miniport "HUAWEI Mobile Connect - Network Adapter, {911A0AC8-7281-402E-B978-1C522B971556}" ist das Ereignis "74" aufgetreten.

Error: (07/22/2015 11:34:49 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet.

Error: (07/22/2015 11:32:20 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Intel(R) Rapid Storage Technology" wurde nicht richtig gestartet.

Error: (07/22/2015 11:29:40 AM) (Source: DCOM) (EventID: 10010) (User: Liabsladele)
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}

Error: (07/22/2015 11:29:10 AM) (Source: DCOM) (EventID: 10010) (User: Liabsladele)
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}

Error: (07/22/2015 11:27:42 AM) (Source: BTHUSB) (EventID: 30) (User: )
Description: Der lokale Adapter bietet keine Unterstützung für einen wichtigen Controllerstatus für energiearme Geräte. Die mindestens erforderliche unterstützte Statusmaske ist "0x1f7fffff", vorhanden ist jedoch "0x1f3fffff". Die Funktionalität für energiearme Geräte wird deaktiviert.


Microsoft Office:
=========================
Error: (07/23/2015 11:45:31 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/22/2015 05:44:42 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/22/2015 12:12:41 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/21/2015 06:46:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: thunderbird.exe38.0.1.56375575e6c2xul.dll38.0.1.56375575e79dc00000050008749be4401d0c3c966f13de8C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exeC:\Program Files (x86)\Mozilla Thunderbird\xul.dllfe33257e-2fc7-11e5-800d-6036dd23ec53

Error: (07/21/2015 02:59:50 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/20/2015 12:36:00 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/19/2015 03:29:43 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/18/2015 07:22:38 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/18/2015 12:58:05 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/17/2015 05:02:02 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: 
Details:
	Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 24%
Total physical RAM: 8070.57 MB
Available physical RAM: 6132.48 MB
Total Virtual: 9350.57 MB
Available Virtual: 7187.09 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:869.36 GB) (Free:806.15 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:40.8 GB) NTFS
Drive e: (3DataManager) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 462A80D0)

Partition: GPT Partition Type.

==================== End of log ============================
         
--- --- ---

--- --- ---

Code:
ATTFilter
Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:20-07-2015
Ran by Alexandra at 2015-07-23 16:53:44
Running from C:\Users\Alexandra\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2422082488-33307941-859794934-500 - Administrator - Disabled)
Alexandra (S-1-5-21-2422082488-33307941-859794934-1002 - Administrator - Enabled) => C:\Users\Alexandra
Gast (S-1-5-21-2422082488-33307941-859794934-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-2422082488-33307941-859794934-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DataManager (HKLM-x32\...\3DataManager) (Version: 3.5 - 3DataManager)
4500_G510gm_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
4500G510gm (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.05 - Piriform)
CHIP Best Deal (HKLM-x32\...\{7553EA3C-F8DA-4188-B7BC-956894EA54F5}) (Version: 1.4.21 - Ciuvo GmbH)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 4500 G510g-m 14.0 Rel. 6 (HKLM\...\{C55BF64E-60E1-494C-B1EB-97A008141A55}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
IT9130 Driver v12.2.3.1 (HKLM-x32\...\IT9130 DriverInstaller_12.2.3.1) (Version:  - )
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Mediathek (HKLM-x32\...\{EFFED0C0-5299-422E-AFE6-8B8066D18A2A}) (Version: 1.4.0 - Medion)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
Mozilla Thunderbird 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
MyFreeCodec (HKU\S-1-5-21-2422082488-33307941-859794934-1002\...\MyFreeCodec) (Version:  - )
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0081 - Pegatron Corporation)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6722 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smart Switch v1.4.7 (HKLM-x32\...\Smart Switch) (Version: v1.4.7 - GIGABYTE TECHNOLOGY CO.,LTD.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinZip Malware Protector (HKLM-x32\...\WinZip Malware Protector_is1) (Version: 2.1.1000.14260 - WinZip International LLC)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2422082488-33307941-859794934-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points =========================

17-07-2015 15:15:16 Uniblue PC Mechanic installation

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {026E154A-52C6-4815-92D4-6072D677E1C0} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {0438F22F-32A1-4FF4-AA2C-1FD6D396A466} - System32\Tasks\WinZip Malware Protector_startup => C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe [2015-03-13] (Nico Mak Computing)
Task: {08BE7C4C-4FE2-4BBD-8C0A-AF0F145F0F45} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {39D0F636-137E-48E1-A754-84AB3DD7A79B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {5DE4DF0D-A73B-42B4-92FB-230BA846D24E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {6C101D18-DAA6-4799-8928-978661752FB2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14] (Adobe Systems Incorporated)
Task: {8703140F-CB23-400D-B984-9D0DB88C0ADB} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {951DCF2F-0A04-40A5-8B36-6152848BB900} - System32\Tasks\chipSWU => Cscript.exe "C:\Program Files (x86)\chip\Internet Explorer\swu.vbs"
Task: {A8894C2C-511B-4DF0-A580-3CF0D6057CFD} - System32\Tasks\Installer for avg_safeguard => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\thirdpartyinstaller.exe <==== ATTENTION
Task: {ACA00654-4D80-465B-B5B9-0E62712D5865} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {CCCB1A73-B348-48A3-98EA-0DAB644BAA6B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {DA08D4DF-9078-40B6-910F-4DF57D471E2F} - System32\Tasks\{67AA193C-B398-40E7-B3AF-48489F8A5BCE} => pcalua.exe -a "C:\Program Files (x86)\3DataManager\Uninstaller.exe"
Task: {DC136A3D-DDEF-4AD7-B72A-C9B70D663120} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-25] (Avast Software s.r.o.)
Task: {ED3D0FFD-C9B7-4CF2-B8DF-A5C9544514B2} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {F8EB148D-41AD-4A29-A282-5350C47E51AF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-06-11] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Installer for avg_safeguard.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\thirdpartyinstaller.exe C:\Users\ALEXAN~1\AppData\Local\Temp\Uniblue\Offers\AVG_Safeguard.exe --stat-prefix sp --installer-type web --offer-name avg_safeguard --params /PASSWORD=TB38GF9P66 /DISTRIBUTIONSOURCE=ub011 /FINISHURL=http:/toolbar.avg.com <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2013-10-27 09:03 - 2013-10-27 09:03 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-06-23 19:18 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-11-29 15:32 - 2012-11-29 15:53 - 00805888 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2014-04-20 19:08 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-09-26 09:18 - 2012-07-05 06:03 - 00343024 ____N () C:\Program Files (x86)\3DataManager\WTGService.exe
2012-11-29 15:32 - 2012-11-27 17:18 - 02215424 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
2013-09-26 09:18 - 2012-07-10 15:38 - 00506864 ____N () C:\Program Files (x86)\3DataManager\3DataManager_Launcher.exe
2012-11-29 15:32 - 2010-01-12 19:36 - 00117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2012-11-29 15:32 - 2010-01-12 19:36 - 00121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2012-11-29 15:32 - 2010-12-17 16:04 - 00449032 _____ () C:\Program Files (x86)\PHotkey\ATouch64.exe
2012-11-29 15:32 - 2012-10-23 20:07 - 03471872 _____ () C:\Program Files (x86)\PHotkey\POSD.exe
2012-11-29 15:32 - 2012-08-08 20:10 - 07536128 _____ () C:\Program Files (x86)\PHotkey\GPMTray.exe
2015-05-09 11:35 - 2015-05-09 11:35 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-09 11:34 - 2015-05-09 11:34 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-21 14:17 - 2015-07-21 14:17 - 02957312 _____ () C:\Program Files\AVAST Software\Avast\defs\15072100\algo.dll
2015-07-23 12:56 - 2015-07-23 12:56 - 02957312 _____ () C:\Program Files\AVAST Software\Avast\defs\15072300\algo.dll
2013-10-27 09:03 - 2013-10-27 09:03 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-07-18 14:10 - 2013-02-28 16:53 - 00886272 _____ () C:\Program Files (x86)\WinZip Malware Protector\System.Data.SQLite.dll
2015-07-18 14:10 - 2015-03-13 14:34 - 01717936 _____ () C:\Program Files (x86)\WinZip Malware Protector\aspsys.dll
2015-07-18 14:10 - 2013-02-28 16:53 - 00168448 _____ () C:\Program Files (x86)\WinZip Malware Protector\UNRAR.DLL
2012-11-29 15:32 - 2009-12-18 17:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
2012-11-29 15:32 - 2009-12-18 17:41 - 00129544 _____ () C:\Program Files (x86)\PHotkey\GFNEX.dll
2015-05-09 11:35 - 2015-05-09 11:35 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-07-02 17:11 - 2015-07-02 17:11 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\f95a84be655dce46534e2570f3b8bef6\PSIClient.ni.dll
2012-11-14 10:20 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-09-26 09:18 - 2012-07-13 14:19 - 00073728 ____N () C:\Program Files (x86)\3DataManager\WtgDriverInstall.dll
2013-09-26 09:18 - 2012-07-13 14:21 - 00745472 ____N () C:\Program Files (x86)\3DataManager\WtgCore.dll
2013-09-26 09:18 - 2012-07-13 14:20 - 00110592 ____N () C:\Program Files (x86)\3DataManager\WtgDatabase.dll
2013-09-26 09:18 - 2012-07-13 14:20 - 00208896 ____N () C:\Program Files (x86)\3DataManager\WtgDetection.dll
2013-09-26 09:18 - 2012-07-13 14:20 - 00086016 ____N () C:\Program Files (x86)\3DataManager\WtgDialup.dll
2013-09-26 09:18 - 2012-07-13 14:20 - 00098304 ____N () C:\Program Files (x86)\3DataManager\WtgPorts.dll
2013-09-26 09:18 - 2012-07-13 14:19 - 00098304 ____N () C:\Program Files (x86)\3DataManager\WtgUtil.dll
2013-09-26 09:18 - 2012-07-13 14:20 - 00139264 ____N () C:\Program Files (x86)\3DataManager\WtgBluetooth.dll
2013-09-26 09:18 - 2012-07-13 14:19 - 00012288 ____N () C:\Program Files (x86)\3DataManager\WTGDebugs.dll
2013-09-26 09:18 - 2011-11-10 09:48 - 01105920 ____N () C:\Program Files (x86)\3DataManager\NDISAPI.dll
2013-09-26 09:19 - 2011-06-09 10:44 - 00602112 ____N () C:\Program Files (x86)\3DataManager\WTGXMLUtil.dll
2013-09-26 09:18 - 2012-07-13 14:20 - 00274432 ____N () C:\Program Files (x86)\3DataManager\WTGSMSPCClient.Dll
2013-09-26 09:18 - 2012-07-13 14:21 - 00012800 ____N () C:\Program Files (x86)\3DataManager\WTGDriverInstallX.Dll
2013-09-26 09:18 - 2012-06-12 10:02 - 00249856 ____N () C:\Program Files (x86)\3DataManager\WtgMobileBroadband7.dll
2015-04-04 14:55 - 2015-06-08 21:23 - 00153712 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-04-04 14:55 - 2015-06-08 21:23 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2422082488-33307941-859794934-1001\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-2422082488-33307941-859794934-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme2\img8.jpg
DNS Servers: 213.94.78.16 - 213.94.78.17
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SaferSurf Tray"
HKLM\...\StartupApproved\Run32: => "BingDesktop"
HKU\S-1-5-21-2422082488-33307941-859794934-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2422082488-33307941-859794934-1002\...\StartupApproved\Run: => "iMesh"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{43B91403-4632-40CE-B2E0-4B153C50B59A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{EC5FA963-0DDE-4CF8-8848-0334902805B4}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [UDP Query User{70784348-A80B-434C-818A-ACB9E460DD93}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{83893365-AAFB-4F4E-8893-D33E9367C725}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{937F8D4B-DA1F-4B32-A386-CB433FB07ABB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F873DA5C-D77D-4729-99A3-8A9B353B9CD5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{87086A43-1DEE-46F3-8D71-B57884A97A61}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{D4A39ACA-F147-4674-ADD8-40E3625667C9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{928AE05C-65F3-474B-9850-F92563006BDE}] => (Allow) C:\Users\Alexandra\AppData\Local\Torch\Application\torch.exe
FirewallRules: [{EE45D7EA-FEFC-4F45-AE39-B21EA50040D1}] => (Allow) C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe
FirewallRules: [{525A74F7-2291-458D-84F6-AC7F612072A8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C841C1C6-3D67-4199-94EA-C2AFFA1C59E5}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{C337F121-6331-44E4-B154-F923E1C4DFC1}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{F96C6669-290F-4370-B3E8-26FFBFDAEF7D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{4D5BF7EF-EEF6-4910-8DFD-FB1E1307BBC4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{A483BAE6-6F91-4FD6-9EF3-14A69F5D08FB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{CBE20616-B267-4F02-8B71-827F85C5C957}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{0E36A7E9-1D0A-4D55-BFD4-C21EEDE1FD62}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{1AFE496F-2A21-46D5-A3C2-01FD001E8665}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{715171B6-D864-4B74-9749-85BF3052A34A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{8FA09228-E7B1-42FF-8F29-31D2D8744AEF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{DF5773C0-A2F2-4C0A-A01E-7F27CA58377E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{1B8A3DD5-FA4B-42EC-A0D8-0BFA9398A0EA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{C8CDF691-BAC5-4A27-B9BB-6BF5DA16FF35}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{F15C6FBF-FBD7-49DF-9A26-E9EB431E69E8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{6FE39E42-A9DE-41A6-9C11-67C8545F7445}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{560CFA07-1F50-4FC3-B7B5-8D342EF9C556}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{0A8DFF77-6F90-428B-94F1-0AD6CB03E64E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{939E0F63-0DCD-417A-B271-8A32740EE73C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{51B1AE16-8E82-48D9-A12B-458A23A66B46}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{2FCFAA31-5F2E-4EE9-97F6-10EDF33A2D2E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{DD411DF8-5638-4E1B-955B-A143E18D1E75}] => (Allow) LPort=1900
FirewallRules: [{E5927AC1-9F11-402F-8D8D-15DC242D4743}] => (Allow) LPort=2869
FirewallRules: [{C18D1F24-3C12-467C-BC95-1FF7786E3A43}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{69CEFCF5-250A-4CD8-89A3-FC635E843F0D}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{F86EB3E8-CEAA-41E1-9FB1-B1986FD52190}] => (Allow) C:\Windows\SysWOW64\muzapp.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/23/2015 11:45:31 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/22/2015 05:44:42 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/22/2015 12:12:41 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/21/2015 06:46:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: thunderbird.exe, Version: 38.0.1.5637, Zeitstempel: 0x5575e6c2
Name des fehlerhaften Moduls: xul.dll, Version: 38.0.1.5637, Zeitstempel: 0x5575e79d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0008749b
ID des fehlerhaften Prozesses: 0xe44
Startzeit der fehlerhaften Anwendung: 0xthunderbird.exe0
Pfad der fehlerhaften Anwendung: thunderbird.exe1
Pfad des fehlerhaften Moduls: thunderbird.exe2
Berichtskennung: thunderbird.exe3
Vollständiger Name des fehlerhaften Pakets: thunderbird.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: thunderbird.exe5

Error: (07/21/2015 02:59:50 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/20/2015 12:36:00 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/19/2015 03:29:43 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/18/2015 07:22:38 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/18/2015 12:58:05 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/17/2015 05:02:02 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
	Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)


System errors:
=============
Error: (07/23/2015 04:43:56 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT-AUTORITÄT)
Description: Für den Miniport "HUAWEI Mobile Connect - Network Adapter, {911A0AC8-7281-402E-B978-1C522B971556}" ist das Ereignis "74" aufgetreten.

Error: (07/23/2015 11:20:59 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT-AUTORITÄT)
Description: Für den Miniport "HUAWEI Mobile Connect - Network Adapter, {911A0AC8-7281-402E-B978-1C522B971556}" ist das Ereignis "74" aufgetreten.

Error: (07/22/2015 06:17:00 PM) (Source: DCOM) (EventID: 10010) (User: Liabsladele)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/22/2015 06:16:30 PM) (Source: DCOM) (EventID: 10010) (User: Liabsladele)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/22/2015 05:19:44 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT-AUTORITÄT)
Description: Für den Miniport "HUAWEI Mobile Connect - Network Adapter, {911A0AC8-7281-402E-B978-1C522B971556}" ist das Ereignis "74" aufgetreten.

Error: (07/22/2015 11:34:49 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet.

Error: (07/22/2015 11:32:20 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Intel(R) Rapid Storage Technology" wurde nicht richtig gestartet.

Error: (07/22/2015 11:29:40 AM) (Source: DCOM) (EventID: 10010) (User: Liabsladele)
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}

Error: (07/22/2015 11:29:10 AM) (Source: DCOM) (EventID: 10010) (User: Liabsladele)
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}

Error: (07/22/2015 11:27:42 AM) (Source: BTHUSB) (EventID: 30) (User: )
Description: Der lokale Adapter bietet keine Unterstützung für einen wichtigen Controllerstatus für energiearme Geräte. Die mindestens erforderliche unterstützte Statusmaske ist "0x1f7fffff", vorhanden ist jedoch "0x1f3fffff". Die Funktionalität für energiearme Geräte wird deaktiviert.


Microsoft Office:
=========================
Error: (07/23/2015 11:45:31 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/22/2015 05:44:42 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/22/2015 12:12:41 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/21/2015 06:46:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: thunderbird.exe38.0.1.56375575e6c2xul.dll38.0.1.56375575e79dc00000050008749be4401d0c3c966f13de8C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exeC:\Program Files (x86)\Mozilla Thunderbird\xul.dllfe33257e-2fc7-11e5-800d-6036dd23ec53

Error: (07/21/2015 02:59:50 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/20/2015 12:36:00 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/19/2015 03:29:43 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/18/2015 07:22:38 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/18/2015 12:58:05 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/17/2015 05:02:02 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: 
Details:
	Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 24%
Total physical RAM: 8070.57 MB
Available physical RAM: 6132.48 MB
Total Virtual: 9350.57 MB
Available Virtual: 7187.09 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:869.36 GB) (Free:806.15 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:40.8 GB) NTFS
Drive e: (3DataManager) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 462A80D0)

Partition: GPT Partition Type.

==================== End of log ============================
         
--- --- ---

Alt 23.07.2015, 18:25   #8
Xand
 
Fenster, Express Zip Demo - Standard

Fenster, Express Zip Demo



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by Alexandra (administrator) on LIABSLADELE on 23-07-2015 16:52:44
Running from C:\Users\Alexandra\Downloads
Loaded Profiles: UpdatusUser & Alexandra (Available Profiles: UpdatusUser & Alexandra)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Nico Mak Computing) C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
() C:\Program Files (x86)\3DataManager\WTGService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
() C:\Program Files (x86)\3DataManager\3DataManager_Launcher.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
() C:\Program Files (x86)\PHotkey\Atouch64.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
() C:\Program Files (x86)\PHotkey\GPMTray.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officec2rclient.exe
(WebToGo Mobile Internet GmbH) C:\Program Files (x86)\3DataManager\3DataManager.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-30] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-17] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-12] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Winlogon: [Shell] explorer.exe,explorer.exe
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-2422082488-33307941-859794934-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-11-21] (Microsoft Corporation)
HKU\S-1-5-21-2422082488-33307941-859794934-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30879328 2014-12-11] (Skype Technologies S.A.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-10-27] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-10-27] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-09-03]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launcher.lnk [2013-09-26]
ShortcutTarget: Launcher.lnk -> C:\Program Files (x86)\3DataManager\3DataManager_Launcher.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-09] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2422082488-33307941-859794934-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKU\S-1-5-21-2422082488-33307941-859794934-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2422082488-33307941-859794934-1002 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-01-06] (Microsoft Corporation)
BHO: No Name -> {7553EA3C-F8DA-4188-B7BC-956894EA54F5} ->  No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-09] (Avast Software s.r.o.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-06] (Microsoft Corporation)
BHO-x32: No Name -> {7553EA3C-F8DA-4188-B7BC-956894EA54F5} ->  No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-09] (Avast Software s.r.o.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-01-06] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\..\Interfaces\{911A0AC8-7281-402E-B978-1C522B971556}: [NameServer] 213.94.78.16 213.94.78.17
Tcpip\..\Interfaces\{D93110B3-007B-4A4A-8BAC-33DF59D2732D}: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\8yi0niup.default
FF Homepage: https://www.google.at/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-09-15] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\8yi0niup.default\searchplugins\23cb1dac-5674-4d52-91b4-035ade58fc2f.xml [2014-02-12]
FF SearchPlugin: C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\8yi0niup.default\searchplugins\google-images.xml [2015-02-08]
FF SearchPlugin: C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\8yi0niup.default\searchplugins\google-maps.xml [2015-02-08]
FF Extension: CHIP Best Deal - C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\8yi0niup.default\Extensions\ciuvo-extension@chip.de.xpi [2015-03-18]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-07-10]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-05-09]
FF HKU\S-1-5-21-2422082488-33307941-859794934-1002\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-02-17]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-05-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-09]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-09] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-05-09] (Avast Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [805888 2012-11-29] () [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-21] (Microsoft Corporation)
R2 WTGService; C:\Program Files (x86)\3DataManager\WTGService.exe [343024 2012-07-05] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-09] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-09] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-09] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-09] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-27] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-09] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-09] ()
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-09-25] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-09-25] (Windows (R) Win 7 DDK provider)
R3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [229376 2013-09-26] (Huawei Technologies Co., Ltd.)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2012-11-14] (ITE                      )
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-05-09] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-21] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-23 16:52 - 2015-07-23 16:53 - 00016697 _____ C:\Users\Alexandra\Downloads\FRST.txt
2015-07-22 17:43 - 2015-07-22 17:43 - 01198368 _____ C:\Users\Alexandra\Downloads\TDSSKiller - CHIP-Installer.exe
2015-07-22 17:37 - 2015-07-22 17:38 - 00033336 _____ C:\Users\Alexandra\Downloads\Addition.txt
2015-07-22 17:36 - 2015-07-23 16:52 - 00000000 ____D C:\FRST
2015-07-22 17:36 - 2015-07-22 17:38 - 00041543 _____ C:\Users\Alexandra\Desktop\FRST.txt
2015-07-22 17:35 - 2015-07-22 17:35 - 02135552 _____ (Farbar) C:\Users\Alexandra\Downloads\FRST64.exe
2015-07-20 12:28 - 2015-07-20 12:28 - 00000795 _____ C:\WINDOWS\setupact.log
2015-07-20 12:28 - 2015-07-20 12:28 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-07-19 15:28 - 2015-07-23 16:45 - 01528958 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-18 14:44 - 2015-07-18 14:44 - 00000000 ___RD C:\Users\Alexandra\Documents\Notes
2015-07-18 14:32 - 2015-07-18 14:32 - 00001526 _____ C:\Users\Alexandra\Desktop\AdwCleaner[R3].txt
2015-07-18 14:28 - 2015-07-18 14:28 - 00030924 _____ C:\Users\Alexandra\Desktop\Log - Malware Protector 2.xml
2015-07-18 14:10 - 2015-07-22 11:30 - 00003116 _____ C:\WINDOWS\System32\Tasks\WinZip Malware Protector_startup
2015-07-18 14:10 - 2015-07-18 14:10 - 04798152 _____ (WinZip International LLC ) C:\Users\Alexandra\Downloads\wzmp_10(1).exe
2015-07-18 14:10 - 2015-07-18 14:10 - 00001201 _____ C:\Users\Public\Desktop\WinZip Malware Protector.lnk
2015-07-18 14:10 - 2015-07-18 14:10 - 00000000 ____D C:\Users\Alexandra\AppData\Roaming\Nico Mak Computing
2015-07-18 14:10 - 2015-07-18 14:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2015-07-18 14:10 - 2015-07-18 14:10 - 00000000 ____D C:\Program Files (x86)\WinZip Malware Protector
2015-07-18 14:10 - 2013-03-15 17:10 - 00020480 _____ C:\WINDOWS\system32\wsusnative64.exe
2015-07-18 13:25 - 2015-07-18 13:25 - 02248704 _____ C:\Users\Alexandra\Downloads\AdwCleaner_4.208(3).exe
2015-07-18 13:17 - 2015-07-18 13:17 - 00030926 _____ C:\Users\Alexandra\Desktop\log -Malware Protector.xml
2015-07-18 13:00 - 2015-07-18 14:10 - 00000000 ____D C:\ProgramData\Nico Mak Computing
2015-07-18 13:00 - 2015-07-18 13:00 - 04798152 _____ (WinZip International LLC ) C:\Users\Alexandra\Downloads\wzmp_10.exe
2015-07-17 17:13 - 2015-07-17 17:13 - 02248704 _____ C:\Users\Alexandra\Downloads\AdwCleaner_4.208(2).exe
2015-07-17 17:12 - 2015-07-17 17:12 - 02248704 _____ C:\Users\Alexandra\Downloads\AdwCleaner_4.208(1).exe
2015-07-17 16:02 - 2015-07-18 14:31 - 00000000 ____D C:\AdwCleaner
2015-07-17 16:01 - 2015-07-17 16:01 - 02248704 _____ C:\Users\Alexandra\Downloads\AdwCleaner_4.208.exe
2015-07-17 15:15 - 2015-07-17 15:15 - 01187744 _____ (Uniblue Systems Limited ) C:\Users\Alexandra\Downloads\pcmechanicpm_7880780_.exe
2015-07-17 15:14 - 2015-07-23 11:24 - 00003958 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{74F4F432-1504-488A-8F0C-3AF8193DA34C}
2015-07-17 15:14 - 2015-07-17 15:14 - 00000000 __SHD C:\Users\Alexandra\AppData\Local\EmieUserList
2015-07-17 15:14 - 2015-07-17 15:14 - 00000000 __SHD C:\Users\Alexandra\AppData\Local\EmieSiteList
2015-07-17 15:14 - 2015-07-17 15:14 - 00000000 __SHD C:\Users\Alexandra\AppData\Local\EmieBrowserModeList
2015-07-17 15:10 - 2015-07-17 15:11 - 01198368 _____ C:\Users\Alexandra\Downloads\Trojan Remover - CHIP-Installer.exe
2015-07-14 18:42 - 2015-07-14 18:49 - 01187008 _____ (Adobe Systems Incorporated) C:\Users\Alexandra\Downloads\flashplayer18_ga_install.exe
2015-07-10 10:44 - 2015-07-14 17:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-25 16:57 - 2015-06-25 16:57 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-06-23 20:14 - 2015-07-11 11:13 - 00000000 ___DC C:\WINDOWS\Panther
2015-06-23 20:14 - 2015-06-23 20:14 - 00000000 __SHD C:\Recovery
2015-06-23 20:13 - 2015-06-23 20:13 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2015-06-23 20:10 - 2015-06-23 20:10 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-06-23 20:10 - 2015-06-23 20:10 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-06-23 20:10 - 2015-06-23 20:10 - 00000000 ____D C:\Program Files\MSBuild
2015-06-23 20:10 - 2015-06-23 20:10 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-06-23 20:10 - 2015-06-23 20:10 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-06-23 20:09 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-06-23 20:09 - 2013-08-03 06:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-06-23 20:09 - 2013-08-03 06:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-06-23 20:09 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-06-23 20:09 - 2013-08-03 06:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-06-23 20:09 - 2013-08-03 06:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-06-23 20:08 - 2015-06-23 20:08 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-06-23 20:08 - 2015-06-23 20:08 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-06-23 20:03 - 2015-06-23 20:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2015-06-23 20:02 - 2015-06-23 20:02 - 00001450 _____ C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-23 20:01 - 2015-06-23 20:01 - 00000020 ___SH C:\Users\Alexandra\ntuser.ini
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Programme
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\ProgramData\Vorlagen
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\ProgramData\Startmenü
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\ProgramData\Dokumente
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2015-06-23 19:56 - 2015-06-23 19:56 - 00000000 _SHDL C:\Dokumente und Einstellungen
2015-06-23 19:55 - 2015-06-23 19:55 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-06-23 19:44 - 2015-06-23 19:44 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2015-06-23 19:35 - 2015-06-23 19:35 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-06-23 19:30 - 2015-06-23 19:30 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-06-23 19:29 - 2015-06-23 19:45 - 00000000 ____D C:\Users\Alexandra\SkyDrive
2015-06-23 19:28 - 2015-06-23 20:01 - 00000000 ____D C:\Users\Alexandra
2015-06-23 19:28 - 2015-06-23 19:56 - 00036198 _____ C:\WINDOWS\diagwrn.xml
2015-06-23 19:28 - 2015-06-23 19:56 - 00036198 _____ C:\WINDOWS\diagerr.xml
2015-06-23 19:28 - 2015-06-23 19:29 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-23 19:28 - 2015-06-23 19:29 - 00000000 ___RD C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\Vorlagen
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\Startmenü
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\Netzwerkumgebung
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\Lokale Einstellungen
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\Eigene Dateien
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\Druckumgebung
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\Documents\Eigene Musik
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\Documents\Eigene Bilder
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\AppData\Local\Verlauf
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\AppData\Local\Anwendungsdaten
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 _SHDL C:\Users\Alexandra\Anwendungsdaten
2015-06-23 19:28 - 2014-11-21 12:52 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-23 19:28 - 2014-11-21 12:52 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-06-23 19:28 - 2014-11-21 12:52 - 00000000 ___RD C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-23 19:28 - 2014-11-21 12:52 - 00000000 ___RD C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-06-23 19:28 - 2014-11-21 05:42 - 00000369 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-06-23 19:28 - 2014-11-21 05:42 - 00000369 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-06-23 19:28 - 2014-11-21 05:42 - 00000369 _____ C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-06-23 19:28 - 2014-11-21 05:42 - 00000369 _____ C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-06-23 19:28 - 2013-08-22 17:36 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-23 19:28 - 2013-08-22 17:36 - 00000000 ____D C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-23 19:20 - 2015-06-23 19:20 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-06-23 19:20 - 2015-06-23 19:20 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
2015-06-23 19:19 - 2015-06-23 19:32 - 00000000 ____D C:\Program Files\Intel
2015-06-23 19:19 - 2014-10-01 19:54 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-06-23 19:19 - 2014-10-01 19:54 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-06-23 19:18 - 2015-07-22 11:27 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-23 19:18 - 2015-06-28 19:27 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-06-23 19:18 - 2015-06-28 19:27 - 00000000 ____D C:\WINDOWS\system32\NV
2015-06-23 19:18 - 2015-06-23 19:33 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-23 19:18 - 2015-06-23 19:18 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-06-23 19:18 - 2015-06-23 19:18 - 00000000 ____D C:\Program Files\Realtek
2015-06-23 19:18 - 2013-10-23 10:20 - 06669600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-06-23 19:18 - 2013-10-23 10:20 - 03489568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-06-23 19:18 - 2013-10-23 10:20 - 03426956 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-06-23 19:18 - 2013-10-23 10:20 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-06-23 19:18 - 2013-10-23 10:20 - 01064224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-06-23 19:18 - 2013-10-23 10:20 - 00922912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-06-23 19:18 - 2013-10-23 10:20 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-06-23 19:18 - 2013-10-23 10:20 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-06-23 19:18 - 2013-10-23 10:20 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-06-23 19:17 - 2015-06-23 19:32 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-06-23 19:17 - 2015-06-23 19:32 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-23 16:45 - 2013-09-26 09:20 - 00000000 ____D C:\Users\Alexandra\AppData\Roaming\3DataManager
2015-07-23 16:44 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-07-23 12:23 - 2014-01-19 17:21 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-07-22 11:59 - 2013-09-01 23:23 - 00000000 ____D C:\Users\Alexandra\AppData\Local\Packages
2015-07-22 11:28 - 2014-02-06 17:22 - 00001020 _____ C:\WINDOWS\Tasks\Installer for avg_safeguard.job
2015-07-22 11:27 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-21 14:18 - 2015-05-09 11:35 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-07-20 12:30 - 2014-11-21 05:35 - 01780340 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-20 12:30 - 2014-11-21 04:45 - 00766620 _____ C:\WINDOWS\system32\perfh007.dat
2015-07-20 12:30 - 2014-11-21 04:45 - 00159902 _____ C:\WINDOWS\system32\perfc007.dat
2015-07-18 20:04 - 2013-09-01 23:30 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2422082488-33307941-859794934-1002
2015-07-18 19:33 - 2015-03-10 20:35 - 00000000 ____D C:\Program Files (x86)\NCH Software
2015-07-18 14:00 - 2015-01-26 21:37 - 00000000 ____D C:\ProgramData\Samsung
2015-07-18 14:00 - 2014-01-06 15:05 - 00000000 ____D C:\Users\Alexandra\AppData\Roaming\Samsung
2015-07-18 13:43 - 2015-04-05 21:16 - 00000000 ____D C:\Users\Alexandra\Documents\Benutzerdefinierte Office-Vorlagen
2015-07-18 13:42 - 2014-02-14 19:56 - 00000000 ____D C:\Users\Alexandra\Documents\Einkommenstuererklärung
2015-07-17 17:03 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-07-17 15:15 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\restore
2015-07-14 18:59 - 2014-02-14 17:37 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-14 18:56 - 2014-06-25 12:06 - 00000000 ____D C:\Users\Alexandra\AppData\Local\Adobe
2015-07-14 18:53 - 2014-01-19 17:21 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-07-14 17:35 - 2013-09-03 13:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-27 12:29 - 2015-05-09 11:35 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-06-25 16:58 - 2012-07-26 07:26 - 00000127 _____ C:\WINDOWS\win.ini
2015-06-24 16:45 - 2015-05-20 20:14 - 00000000 ____D C:\WINDOWS\system32\AutoUpdateLicense
2015-06-23 20:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-23 20:13 - 2013-08-22 17:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2015-06-23 20:01 - 2015-06-11 11:40 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-06-23 19:58 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-23 19:56 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Registration
2015-06-23 19:56 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows NT
2015-06-23 19:56 - 2013-08-22 15:36 - 00000000 __RHD C:\Users\Default
2015-06-23 19:49 - 2013-08-22 17:36 - 00000000 __RSD C:\WINDOWS\Media
2015-06-23 19:49 - 2013-08-22 17:36 - 00000000 __RHD C:\Users\Public\Libraries
2015-06-23 19:45 - 2012-11-14 10:31 - 01804472 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-06-23 19:38 - 2013-08-22 16:44 - 00382208 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-23 19:37 - 2015-05-25 10:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-06-23 19:37 - 2015-05-21 08:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-06-23 19:37 - 2015-05-11 10:20 - 00000000 ____D C:\WINDOWS\SysWOW64\vbox
2015-06-23 19:37 - 2015-05-11 10:20 - 00000000 ____D C:\WINDOWS\system32\vbox
2015-06-23 19:37 - 2015-02-18 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
2015-06-23 19:37 - 2015-02-02 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-06-23 19:37 - 2014-04-20 19:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-06-23 19:37 - 2014-02-26 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Switch
2015-06-23 19:37 - 2014-02-17 09:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-06-23 19:37 - 2013-09-26 09:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3DataManager
2015-06-23 19:37 - 2013-09-15 22:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-06-23 19:37 - 2013-09-15 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-06-23 19:37 - 2013-09-03 15:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-06-23 19:37 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-06-23 19:37 - 2013-08-22 15:25 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM
2015-06-23 19:37 - 2012-11-14 10:27 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-06-23 19:37 - 2012-11-14 09:27 - 00000000 ____D C:\WINDOWS\sl
2015-06-23 19:37 - 2012-11-14 09:27 - 00000000 ____D C:\WINDOWS\nl
2015-06-23 19:37 - 2012-11-14 09:27 - 00000000 ____D C:\WINDOWS\it
2015-06-23 19:37 - 2012-11-14 09:27 - 00000000 ____D C:\WINDOWS\da
2015-06-23 19:37 - 2012-11-14 09:26 - 00000000 ____D C:\WINDOWS\hu
2015-06-23 19:37 - 2012-11-14 09:26 - 00000000 ____D C:\WINDOWS\fr
2015-06-23 19:37 - 2012-11-14 09:26 - 00000000 ____D C:\WINDOWS\es
2015-06-23 19:37 - 2012-11-14 09:26 - 00000000 ____D C:\WINDOWS\de
2015-06-23 19:37 - 2012-07-26 11:43 - 00000000 ____D C:\WINDOWS\en-GB
2015-06-23 19:35 - 2012-07-26 07:37 - 00000000 ____D C:\Users\Default.migrated
2015-06-23 19:34 - 2014-11-21 04:45 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2015-06-23 19:34 - 2014-11-21 04:45 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-06-23 19:34 - 2014-11-21 04:45 - 00000000 ____D C:\WINDOWS\system32\WCN
2015-06-23 19:34 - 2013-09-03 15:29 - 00000000 ____D C:\WINDOWS\SysWOW64\spool
2015-06-23 19:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-06-23 19:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-06-23 19:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-06-23 19:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-06-23 19:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\spool
2015-06-23 19:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-06-23 19:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-06-23 19:34 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\IME
2015-06-23 19:34 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2015-06-23 19:34 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-06-23 19:34 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-06-23 19:34 - 2012-11-14 09:42 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-06-23 19:33 - 2015-01-26 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
2015-06-23 19:33 - 2013-08-22 17:43 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-06-23 19:33 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-06-23 19:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-23 19:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\IME
2015-06-23 19:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Help
2015-06-23 19:33 - 2013-08-22 16:45 - 00000000 ____D C:\WINDOWS\Setup
2015-06-23 19:33 - 2012-11-14 07:04 - 00000000 ____D C:\ProgramData\PRICache
2015-06-23 19:32 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-06-23 19:32 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\System
2015-06-23 19:32 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-06-23 19:30 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\Recovery

==================== Files in the root of some directories =======

2014-07-27 15:57 - 2014-07-27 15:58 - 1122704 _____ () C:\Users\Alexandra\AppData\Roaming\27072014.scr
2012-11-14 10:19 - 2012-11-14 10:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-09-03 15:21 - 2014-01-28 13:40 - 0001458 _____ () C:\ProgramData\hpzinstall.log
2013-11-20 12:34 - 2013-11-20 12:34 - 0000104 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2013-10-03 15:48 - 2013-10-03 15:48 - 0000032 _____ () C:\ProgramData\Temp.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-22 18:16

==================== End of log ============================
         
--- --- ---


Code:
ATTFilter
Lieber Matthias,
danke für deine Hilfe als auch für deine Geduld.
Xandi
         

Alt 23.07.2015, 21:07   #9
M-K-D-B
/// TB-Ausbilder
 
Fenster, Express Zip Demo - Standard

Fenster, Express Zip Demo



Servus,



Was redest du eigentlich die ganze Zeit von "Malware Protector"? Könntest du endlich mal von diesem Mist die Finger lassen und stattdessen AdwCleaner wie beschrieben ausführen?



Wann kapierst du endlich, dass "Malware Protector" die Schadsoftware ist?



Ich warte immer noch auf die Logdatei von AdwCleaner, bei dem alle Funde entfernt wurden...
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 24.07.2015, 18:54   #10
Xand
 
Fenster, Express Zip Demo - Standard

Fenster, Express Zip Demo



AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v4.208 - Bericht erstellt 24/07/2015 um 18:30:33
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-07-15.1 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Alexandra - LIABSLADELE
# Gestarted von : C:\Users\Alexandra\Downloads\adwcleaner_4.208(4).exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
Ordner Gelöscht : C:\Program Files (x86)\WinZip Malware Protector
Datei Gelöscht : C:\WINDOWS\System32\wsusnative64.exe

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinZip Malware Protector_is1

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v39.0 (x86 de)


*************************

AdwCleaner[R0].txt - [12230 Bytes] - [17/07/2015 16:02:59]
AdwCleaner[R1].txt - [900 Bytes] - [17/07/2015 17:13:44]
AdwCleaner[R2].txt - [1408 Bytes] - [18/07/2015 13:25:25]
AdwCleaner[R3].txt - [1526 Bytes] - [18/07/2015 14:30:32]
AdwCleaner[R4].txt - [1550 Bytes] - [24/07/2015 18:28:20]
AdwCleaner[S0].txt - [9597 Bytes] - [17/07/2015 17:02:02]
AdwCleaner[S1].txt - [1467 Bytes] - [18/07/2015 13:33:16]
AdwCleaner[S2].txt - [1424 Bytes] - [24/07/2015 18:30:33]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1483  Bytes] ##########
         
--- --- ---

[/CODE]

Hallo Mathias,
ups, jetzt habe ich es verstanden.

Darf ich dich fragen, obe du eine Seite kennst mit welcher man ein IP Adresse genauer lokalisieren kann?

Oder ob es möglich ist einem PC den Zugang zu meinen zu verweigern?

Lg Xandi

Alt 25.07.2015, 11:36   #11
M-K-D-B
/// TB-Ausbilder
 
Fenster, Express Zip Demo - Standard

Fenster, Express Zip Demo



Servus,


mit genauer lokalisieren meinst du da sowas wie utrace ???
Dort kannst du IP-Adressen eingeben.
Klar kannst du den Zugang zu deinem Rechner verweigern, indem du einfach nicht ins Internet gehst...
Grundsätzlich benötigen viele Programme und das Betriebssystem Zugang zum Internet, dabei werden die verschwiedensten Daten mit den Daten auf den Servern der Hersteller abgeglichen (z. B. für Softwareupdates).



Hast du immer noch Probleme mit Express Zip?
Kannst du wieder auf die Systemsteuerung zugreifen?





Schritt 1
  • Starte FRST erneut. Kopiere den Inhalt der folgenden Code-Box oben in die Zeile:
    Code:
    ATTFilter
    WinZip Malware Protector;Express zip; ExpressZip;
             
  • Drücke auf Search Registry.
  • FRST beginnt mit dem Suchlauf. Dies kann einige Zeit dauern.
  • Am Ende erstellt FRST eine Textdatei Search.txt.
  • Poste mir deren Inhalt mit deiner nächsten Antwort.





Schritt 2
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.







Bitte poste mit deiner nächsten Antwort
  • die drei neuen Logdateien von FRST.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 25.07.2015, 18:25   #12
Xand
 
Fenster, Express Zip Demo - Standard

Fenster, Express Zip Demo



Hallo Matthias,

danke, für deine Antwort.
Ich kann wieder in die Systemsteuerung und der Rechner ist insgesamt wieder schneller.

Wie es scheint, war deine Mühe nicht umsonst.

Weisst du, es gibt da jemanden, der mich übers Netz stalkt. In dem er auf meine Angebote im Willhaben, Anfragen schickt, und sich so über mich lustig macht.

Da die seite (utrace - IP-Adressen und Domainnamen lokalisieren) und andere keine genauere lokalisation zulassen (denn ich weiss wo er wohnt) kann ich nie sagen, wer mir schreibt.

Willhaben meint, sie wollten keinen PC blockieren.

Somit bin ich dem ausgeliefert, denn ich habe sehr viele Produkte auf Willhaben.

Oder hast du einen Lösungsvorschlag?

Lg Xandi

Alt 26.07.2015, 09:28   #13
M-K-D-B
/// TB-Ausbilder
 
Fenster, Express Zip Demo - Standard

Fenster, Express Zip Demo



Servus,



Zitat:
Zitat von Xand Beitrag anzeigen
Weisst du, es gibt da jemanden, der mich übers Netz stalkt. In dem er auf meine Angebote im Willhaben, Anfragen schickt, und sich so über mich lustig macht.

Willhaben meint, sie wollten keinen PC blockieren.
Somit bin ich dem ausgeliefert, denn ich habe sehr viele Produkte auf Willhaben.

Oder hast du einen Lösungsvorschlag?
Wenn es sich wirklich um einen Stalker handelt, helfen dir vielleicht diese Links weiter:
Link1
Link2

Grundsätzlich würde ich in so einem Fall mich langsam aber stetig von Willhaben zurückziehen.



Ich würde mich freuen, wenn du die von mir genannten Schritte noch ausführst, damit wir sicher sein können, dass dein Rechner komplett sauber ist.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 26.07.2015, 17:34   #14
Xand
 
Fenster, Express Zip Demo - Standard

Fenster, Express Zip Demo



Hallo Matthias,
windows rät mir ab, diese exe zu installieren, versuchte es von verschiedene seiten.
Was kann da sein?
Lg Xandi

Alt 27.07.2015, 13:56   #15
M-K-D-B
/// TB-Ausbilder
 
Fenster, Express Zip Demo - Standard

Fenster, Express Zip Demo



Zitat:
Zitat von Xand Beitrag anzeigen
windows rät mir ab, diese exe zu installieren, versuchte es von verschiedene seiten.
Ich habe keine Ahnung, wovon du sprichst, führe bitte diese Schritte aus und poste die Logdateien...

Schon wieder ein wenig verpeilt?
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Antwort

Themen zu Fenster, Express Zip Demo
antivirus, immer wieder, malware.trace, misused.legit.ai, möglichkeiten, nicht mehr, programme, pup.optional.conduit.a, pup.optional.datamangr.a, pup.optional.datamngr.a, pup.optional.dnserrorhelper.a, pup.optional.downloadsponsor, pup.optional.installcore.a, pup.optional.optimizerpro.a, sehr langsam, stolen.data, systemsteurung, trojan.dropper.sfxai



Ähnliche Themen: Fenster, Express Zip Demo


  1. Tablet > Ständig das Wort DEMO auf dem Display
    Alles rund um Mac OSX & Linux - 03.03.2015 (8)
  2. Battlefield 2 Bad Company Demo???
    Alles rund um Windows - 23.01.2011 (0)
  3. Demo zu Twitter-Sicherheitslücke verbreitet sich rasant [2.Update]
    Nachrichten - 21.09.2010 (0)
  4. Demo zu Twitter-Sicherheitslücke verbreitet sich rasant
    Nachrichten - 21.09.2010 (0)
  5. Antispyware Soft Demo
    Plagegeister aller Art und deren Bekämpfung - 27.05.2010 (4)
  6. Antispyware Soft Demo VIRUS!
    Plagegeister aller Art und deren Bekämpfung - 08.05.2010 (2)
  7. Antispyware soft demo eingefangen Virus
    Plagegeister aller Art und deren Bekämpfung - 06.05.2010 (1)
  8. Antivir Soft Demo entfernen
    Plagegeister aller Art und deren Bekämpfung - 02.02.2010 (1)
  9. Demo / Test - Rootkit
    Plagegeister aller Art und deren Bekämpfung - 26.09.2009 (8)
  10. Demo runtergeladen - Malware-verseucht? plus Google-Problem
    Plagegeister aller Art und deren Bekämpfung - 31.08.2009 (7)
  11. Machiavelli: Demo-Rootkit für Mac OS X
    Nachrichten - 31.07.2009 (0)
  12. Gibt es ein MS EXCEL Demo Version?
    Alles rund um Windows - 03.06.2008 (2)
  13. Forum Demo gehackt ? oder blöder Spass ?
    Diskussionsforum - 25.02.2008 (5)
  14. Anti AV v1.2 Demo antivirus Undetecter
    Plagegeister aller Art und deren Bekämpfung - 16.08.2007 (4)

Zum Thema Fenster, Express Zip Demo - Hallo ihr Lieben, habe einen Lepi mit Windows 7. seit einiger Zeit kann ich nicht mehr in die Systemsteurung, Computerverwaltung, Programme usw. es geht immer wieder das selbe Fenster auf: - Fenster, Express Zip Demo...
Archiv
Du betrachtest: Fenster, Express Zip Demo auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.