Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows Vista: PC hängt sich ständig auf

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 13.09.2015, 13:16   #1
sacet
 
Windows Vista: PC hängt sich ständig auf - Standard

Windows Vista: PC hängt sich ständig auf



Hallo liebes Trojaner-Board-Team!
Ich bins mal wieder

Habe seit langem mal wieder einen MWB Suchdurchlauf gestartet und musste den kurz vor Ende unterbrechen, da ich los musste. Zu dem Zeitpunkt hatte der schon 4 Objekte gefunden.

Als ich es am nächsten Tag nochmal versuchen wollte, ging garnichts mehr beim Laden des Desktops. Neben dem Maus-Pfeil stand ununterbrochen das Laden-Zeichen und es ging nichts. Seiten liesen sich nicht öffnen. Die CPU-Belastung (glaube ich) lag bei 90% und irgendwann kam ne Fehlermeldung von JAVA, dass eine bestimmte Datei nicht geöffnet/gefunden werden konnte.

Daraufhin machte ich die Systemwiederherstellung, dennoch das gleiche Problem. Herunterfahren/Neustart dauert einfach mal 20 Minuten.

Ich weiss nicht woran das liegt. Wollte Tage davor ein JAVA Update machen, welches aber auch erfolglos blieb mit der Fehlermeldung XAMP (glaube ich )

Bitte um eure Hilfe. Vielen Dank im Voraus!

Alt 13.09.2015, 13:29   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Vista: PC hängt sich ständig auf - Standard

Windows Vista: PC hängt sich ständig auf



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 13.09.2015, 14:30   #3
sacet
 
Windows Vista: PC hängt sich ständig auf - Standard

Windows Vista: PC hängt sich ständig auf



Danke für deine Zeitopferung schrauber!

Konnte gerade noch so filepony öffnen und danach ging nichts mehr.
Mozilla bleibt hängen, kann die Seite nicht schliessen, nur die Maus bewegen.

Gibt es eine andere Möglichkeit?

Gruß
__________________

Alt 14.09.2015, 06:20   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Vista: PC hängt sich ständig auf - Standard

Windows Vista: PC hängt sich ständig auf



Vom anderen Rechner laden. Oder Firefox mal komplett zurücksetzen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 14.09.2015, 17:11   #5
sacet
 
Windows Vista: PC hängt sich ständig auf - Standard

Windows Vista: PC hängt sich ständig auf



Hallo schrauber!

Habe das Programm jetzt von meinem Lapy runtergeladen, auf den USB gezogen und dann am PC, auf dem Desktop gestartet.

Zwei Sachen vorweg:

1) Das Laden des Desktops hat heute wieder extrem lange gedauert. Hab dann irgendwie mit Glück noch den Task-Manager öffnen können und konnte mir die Prozesse ansehen. Dort waren über 100(!) Prozesse offen mit dem Namen "javaws.exe *32". Unter dem Reiter "Arbeitsspeicher" ging es von 1.000 K bis 4 K runter. Beschreibung der Prozesse: Java(TM) Web Start La.... Physikalischer Speicher lag bei 95%.

2) Nach längerer Zeit öffnete sich die Fehlermeldung: "Fehler beim Aufrufen von Java Web Start (SysExec) aufgetreten. C:\Programm Files (x86)\Java\jre1.8.0_60\bin\javaws.exe"
Danach lief der PC einigermaßen flüssiger mit 64%.

So das von mir, im Folgenden die gewünschten Logdateien:

FRST.txt
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:13-09-2015 02
durchgeführt von BozKurT (Administrator) auf BOZKURT-PC (14-09-2015 16:30:20)
Gestartet von C:\Users\BozKurT\Desktop
Geladene Profile: BozKurT (Verfügbare Profile: BozKurT & UpdatusUser)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(CyberLink) C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Threat Expert Ltd.) C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
( ) C:\Windows\System32\dlcdcoms.exe
(Egis Incorporated) C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
() C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\Mcshield.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\MPF\MpfSrv.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\MSK\msksrver.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(NewTech InfoSystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
() C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
() C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
(Egis Incorporated) C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSLoader.exe
(Realtek Semiconductor) C:\Windows\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Threat Expert Ltd.) C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Egis inc.) C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMSNLoader32.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe
(McAfee, Inc.) C:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\MPF\MC\MpfAlert.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [Acer Empowering Technology Monitor] => C:\Program Files\Acer\Empowering Technology\SysMonitor.exe [319488 2008-08-19] ()
HKLM\...\Run: [EmpoweringTechnology] => C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe [323584 2008-08-19] ()
HKLM\...\Run: [eDataSecurity Loader] => C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSloader.exe [561200 2008-07-29] (Egis Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RAVCpl64.exe [6456352 2008-08-19] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1833504 2008-08-19] (Realtek Semiconductor Corp.)
HKLM\...\Run: [ProductReg] => C:\Program Files\Acer\WR_PopUp\ProductReg.exe [6144 2008-10-14] (Acer)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [mcagent_exe] => C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe [645328 2009-01-08] (McAfee, Inc.)
HKLM-x32\...\Run: [PCMMediaSharing] => C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe [204908 2008-05-20] ()
HKLM-x32\...\Run: [BkupTray] => C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [28672 2008-04-25] ()
HKLM-x32\...\Run: [eRecoveryService] => [X]
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [PCTools FGuard] => C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe [247760 2011-04-12] (Threat Expert Ltd.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\...\Run: [ctfmon.exe] => C:\WINDOWS\system32\ctfmon.exe [9728 2006-11-02] (Microsoft Corporation)
HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2009-03-18] (Google Inc.)
HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 11\AudialsNotifier.exe
HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\PSDProtect.dll [2008-07-29] (Egis Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [2008-07-29] (Egis Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2009-06-20]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2009-10-31]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-09-08]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\BozKurT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2013-04-09]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6F21192C-801A-4D88-85E3-3960D83C1647}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700
HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700
HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com
URLSearchHook: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000 - PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} -  Keine Datei
URLSearchHook: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000 - PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
SearchScopes: HKLM -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000 -> DefaultScope {C657300E-A21D-4D23-AD70-7D6194B2FE6F} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=A011DE662&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7GGLL_de
SearchScopes: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000 -> {C657300E-A21D-4D23-AD70-7D6194B2FE6F} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=A011DE662&p={SearchTerms}
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\Program Files (x86)\McAfee\MSK\mskapbho64.dll [2009-01-09] ()
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> c:\Program Files\McAfee\VirusScan\scriptsn.dll [2009-03-25] (McAfee, Inc.)
BHO: ShowBarObj Class -> {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} -> C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\ActiveToolBand.dll [2008-07-29] (Egis)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-22] (Google Inc.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-08-17] (McAfee, Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\Program Files (x86)\McAfee\MSK\mskapbho.dll [2009-01-09] ()
BHO-x32: PC Tools Browser Guard BHO -> {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} -> C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll [2011-04-12] (Threat Expert Ltd.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-08] (Oracle Corporation)
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll [2009-03-25] (McAfee, Inc.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-22] (Google Inc.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-08-17] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-08] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll [2008-07-29] (Egis Incorporated.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-08-17] (McAfee, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-22] (Google Inc.)
Toolbar: HKLM-x32 - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-07-29] (Egis Incorporated.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-08-17] (McAfee, Inc.)
Toolbar: HKLM-x32 - PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll [2011-04-12] (Threat Expert Ltd.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000 -> PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} -  Keine Datei
DPF: HKLM-x32 {5C051655-FCD5-4969-9182-770EA5AA5565} hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab
DPF: HKLM-x32 {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-08-17] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-08-17] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-08-17] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-08-17] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default
FF SearchEngineOrder.1: Sichere Suche
FF Homepage: about:home
FF Keyword.URL: hxxp://de.search.yahoo.com/search?fr=mcafee&type=A111DE662&p=
FF NetworkProxy: "http", "localhost"
FF NetworkProxy: "http_port", 9666
FF NetworkProxy: "socks", "localhost"
FF NetworkProxy: "socks_port", 9050
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "ssl", "localhost"
FF NetworkProxy: "ssl_port", 9666
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2009-04-15] (DivX,Inc.)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll [2009-04-15] (DivX, Inc)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-08] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Program Files (x86)\TVUPlayer\npTVUAx.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-01] (Google Inc.)
FF Plugin-x32: @unity3d.com/UnityPlayer -> C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll [2010-06-12] (Unity Technologies ApS)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\user.js [2015-06-28]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-07-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-07-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-07-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-07-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-07-11] (Apple Inc.)
FF Extension: YouTube Unblocker - C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\Extensions\youtubeunblocker@unblocker.yt [2015-08-04]
FF Extension: UltraSurf Firefox Tool - C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\Extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA} [2009-08-28]
FF Extension: 1-Click Dailymotion Video Downloader - C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\Extensions\DailymotionVideoDownloader@PeterOlayev.com.xpi [2013-08-18]
FF Extension: Browser-Security - C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\Extensions\firefox@browser-security.de.xpi [2015-09-12]
FF Extension: MPEG4Plugin - C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\Extensions\{4901eb44-5cb1-4eb9-b0aa-2357bcce2942}.xpi [2014-12-04]
FF Extension: {7f640839-0d9f-4fa5-91b7-5ae9ea4d8ce5} - C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\Extensions\{7f640839-0d9f-4fa5-91b7-5ae9ea4d8ce5}.xpi [2014-11-30]
FF Extension: Adblock Plus - C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-25]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2009-03-18]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-03-18]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009-10-31]
FF HKLM-x32\...\Firefox\Extensions: [{cb84136f-9c44-433a-9048-c5cd9df1dc16}] - C:\Program Files (x86)\PC Tools Security\BDT\Firefox
FF Extension: Browser Defender Toolbar - C:\Program Files (x86)\PC Tools Security\BDT\Firefox [2011-04-17]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR Profile: C:\Users\BozKurT\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2010-06-12]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2010-06-12]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Acer HomeMedia Connect Service; C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [269448 2008-05-20] (CyberLink) [Datei ist nicht signiert]
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-04-09] (Adobe Systems) [Datei ist nicht signiert]
R2 Browser Defender Update Service; C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe [337872 2011-04-12] (Threat Expert Ltd.)
R2 BUNAgentSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [16384 2008-03-03] (NewTech Infosystems, Inc.) [Datei ist nicht signiert]
R2 dlcd_device; C:\Windows\system32\dlcdcoms.exe [566768 2007-01-17] ( )
R2 eDataSecurity Service; C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [500784 2008-07-29] (Egis Incorporated)
R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-08-19] () [Datei ist nicht signiert]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [154856 2015-08-17] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe [797864 2009-01-08] (McAfee, Inc.)
R2 McNASvc; c:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe [2482848 2009-01-09] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [696848 2009-04-01] (McAfee, Inc.)
R2 McProxy; c:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe [359952 2009-01-09] (McAfee, Inc.)
R2 McShield; C:\Program Files\McAfee\VirusScan\Mcshield.exe [153920 2009-03-25] (McAfee, Inc.)
R3 McSysmon; C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe [606736 2009-03-24] (McAfee, Inc.)
R2 MpfService; C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe [884360 2009-03-19] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files (x86)\McAfee\MSK\MskSrver.exe [26640 2009-01-09] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4466688 2007-11-08] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 NTIBackupSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [45056 2008-04-25] (NewTech InfoSystems, Inc.) [Datei ist nicht signiert]
R2 NTISchedulerSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072 2008-04-25] () [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [241734 2008-06-13] () [Datei ist nicht signiert]
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-21] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 camdrv42; C:\Windows\System32\DRIVERS\camdrv42.sys [1533952 2007-04-23] ()
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-12-30] () [Datei ist nicht signiert]
U4 Iteidelr; kein ImagePath
S3 ITEIO.SYS; c:\Windows\System32\drivers\ITEIO.sys [13144 2008-02-25] (Windows (R) Codename Longhorn DDK provider) [Datei ist nicht signiert]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [102600 2009-03-25] (McAfee, Inc.)
R1 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [307400 2009-03-25] (McAfee, Inc.)
S3 mferkdk; C:\Windows\System32\drivers\mferkdk.sys [40904 2009-03-25] (McAfee, Inc.)
R3 mfesmfk; C:\Windows\System32\drivers\mfesmfk.sys [49480 2009-03-25] (McAfee, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R1 MPFP; C:\Windows\System32\Drivers\Mpfp.sys [176144 2008-10-23] (McAfee, Inc.)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S3 nmwcdx64; C:\Windows\System32\drivers\ccdcmbx64.sys [18432 2008-05-02] (Nokia)
R0 PCTCore; C:\Windows\System32\drivers\PCTCore64.sys [282440 2011-03-10] (PC Tools)
R0 pctDS; C:\Windows\System32\drivers\pctDS64.sys [452872 2010-06-29] (PC Tools)
R0 pctEFA; C:\Windows\System32\drivers\pctEFA64.sys [816016 2010-07-16] (PC Tools)
R0 PSDFilter; C:\Windows\System32\DRIVERS\psdfilter.sys [22064 2008-07-29] (Egis Incorporated)
R2 PSDNServ; C:\Windows\System32\DRIVERS\PSDNServ.sys [21040 2008-07-29] (Egis Incorporated)
R2 psdvdisk; C:\Windows\System32\DRIVERS\PSDVdisk.sys [60976 2008-07-29] (Egis Incorporated)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerfltx64.sys [8704 2008-05-02] (Windows (R) Codename Longhorn DDK provider)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-14 16:24 - 2015-09-14 16:30 - 00035153 _____ C:\Users\BozKurT\Desktop\FRST.txt
2015-09-14 14:51 - 2015-09-14 14:44 - 02190848 _____ (Farbar) C:\Users\BozKurT\Desktop\FRST64.exe
2015-09-14 10:13 - 2015-07-10 16:31 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-14 10:13 - 2015-07-10 16:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-09-14 09:57 - 2015-08-13 16:36 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-09-14 09:57 - 2015-08-13 16:36 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-09-14 09:54 - 2015-09-02 23:26 - 01875968 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-14 09:54 - 2015-09-02 23:26 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-14 09:54 - 2015-09-02 23:26 - 01402368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-14 09:54 - 2015-09-02 23:26 - 01253376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-13 15:58 - 2015-08-17 19:56 - 17890304 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-13 15:58 - 2015-08-17 19:53 - 02348544 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-13 15:58 - 2015-08-17 19:49 - 10936832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-13 15:58 - 2015-08-17 19:48 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-13 15:58 - 2015-08-17 19:47 - 02158080 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-13 15:58 - 2015-08-17 19:47 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-13 15:58 - 2015-08-17 19:47 - 01387520 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-13 15:58 - 2015-08-17 19:46 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-13 15:58 - 2015-08-17 19:46 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-13 15:58 - 2015-08-17 19:46 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-13 15:58 - 2015-08-17 19:46 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-13 15:58 - 2015-08-17 19:46 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-13 15:58 - 2015-08-17 19:46 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-13 15:58 - 2015-08-17 19:46 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-13 15:58 - 2015-08-17 19:46 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-13 15:58 - 2015-08-17 19:46 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-09-13 15:58 - 2015-08-17 19:46 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-13 15:58 - 2015-08-17 19:46 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-13 15:58 - 2015-08-17 19:46 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-13 15:58 - 2015-08-17 19:46 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-09-13 15:58 - 2015-08-17 19:46 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-09-13 15:58 - 2015-08-17 19:46 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-09-13 15:58 - 2015-08-17 19:18 - 01814016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-13 15:58 - 2015-08-17 19:17 - 12388352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-13 15:58 - 2015-08-17 19:14 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-13 15:58 - 2015-08-17 19:13 - 09751040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-13 15:58 - 2015-08-17 19:12 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-13 15:58 - 2015-08-17 19:12 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-13 15:58 - 2015-08-17 19:11 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-13 15:58 - 2015-08-17 19:11 - 00422400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-13 15:58 - 2015-08-17 19:10 - 01804288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-13 15:58 - 2015-08-17 19:10 - 00718848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-13 15:58 - 2015-08-17 19:10 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-13 15:58 - 2015-08-17 19:10 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-13 15:58 - 2015-08-17 19:10 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-09-13 15:58 - 2015-08-17 19:10 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-13 15:58 - 2015-08-17 19:10 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-13 15:58 - 2015-08-17 19:10 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-09-13 15:58 - 2015-08-17 19:10 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-13 15:58 - 2015-08-17 19:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-09-13 15:58 - 2015-08-17 19:10 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-09-13 15:58 - 2015-08-17 19:10 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-09-13 15:58 - 2015-08-17 19:10 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-09-13 15:58 - 2015-08-17 19:09 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-09-12 20:50 - 2015-09-12 20:50 - 00000000 ____D C:\ProgramData\AVG
2015-09-12 20:47 - 2015-09-13 01:35 - 00000000 ____D C:\Program Files\WajaInternetEn
2015-09-12 20:44 - 2015-09-12 20:45 - 00000000 ____D C:\Users\BozKurT\AppData\Roaming\Browser-Security
2015-09-12 15:56 - 2015-09-12 15:56 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-09-12 15:42 - 2015-09-12 15:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java(218)
2015-09-09 16:49 - 2015-09-09 16:52 - 00000000 ____D C:\Users\BozKurT\Desktop\ImageTransfer_2015-09-09_16-45
2015-09-09 12:34 - 2015-08-05 17:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-09 12:33 - 2015-09-02 23:26 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-09 12:33 - 2015-09-02 23:25 - 00048128 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-09 12:33 - 2015-09-02 22:17 - 02797056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-09 12:33 - 2015-09-02 22:16 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-09 12:33 - 2015-09-02 21:54 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-08 14:07 - 2015-09-08 14:07 - 00000906 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2015-09-08 13:50 - 2015-09-08 13:50 - 00000000 ____D C:\Users\BozKurT\AppData\Roaming\Sun
2015-09-08 13:45 - 2015-09-08 13:45 - 00795720 _____ C:\Users\BozKurT\AppData\Local\dd_VC_MinRed_MSI4B14.txt
2015-09-05 18:42 - 2015-09-05 18:45 - 00000000 ____D C:\Users\BozKurT\Desktop\ImageTransfer_2015-09-05_18-38

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-14 16:30 - 2014-04-24 15:30 - 00000000 ____D C:\FRST
2015-09-14 16:28 - 2006-10-10 02:59 - 01698055 _____ C:\Windows\WindowsUpdate.log
2015-09-14 16:21 - 2010-02-04 20:11 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-14 16:17 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\rescache
2015-09-14 16:08 - 2006-11-02 17:22 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-14 16:08 - 2006-11-02 17:22 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-14 16:01 - 2012-06-30 14:14 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-14 14:50 - 2008-01-21 13:10 - 01758728 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-14 14:50 - 2008-01-21 13:09 - 00746138 _____ C:\Windows\system32\perfh007.dat
2015-09-14 14:50 - 2008-01-21 13:09 - 00177920 _____ C:\Windows\system32\perfc007.dat
2015-09-14 14:13 - 2015-02-16 20:29 - 00003706 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{4D2CA3CA-A550-409B-BBD7-2167104BBC95}
2015-09-14 14:09 - 2010-02-04 20:11 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-14 14:09 - 2008-10-31 21:05 - 01811224 _____ C:\Users\Public\eDSMSNLoader32.log
2015-09-14 14:09 - 2008-10-31 20:50 - 00227671 _____ C:\Windows\system32\Config.MPF
2015-09-14 14:08 - 2009-11-16 20:16 - 00000000 ____D C:\ProgramData\TEMP
2015-09-14 14:08 - 2008-10-31 21:00 - 00000147 _____ C:\Windows\SysWOW64\agent.log
2015-09-14 14:08 - 2008-10-31 20:20 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-14 14:08 - 2006-11-02 17:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-14 14:08 - 2006-10-10 03:06 - 00000000 _____ C:\Windows\system32\LogConfigTemp.xml
2015-09-14 14:07 - 2013-10-11 20:04 - 07408432 _____ C:\Windows\PFRO.log
2015-09-14 10:19 - 2006-11-02 17:42 - 00032510 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-09-14 10:19 - 2006-11-02 17:07 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-14 10:18 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-14 10:14 - 2010-10-24 12:12 - 04078436 _____ C:\Windows\system32\Drivers\Cat.DB
2015-09-14 10:13 - 2008-10-31 20:35 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-14 10:11 - 2013-08-14 23:51 - 00000000 ____D C:\Windows\system32\MRT
2015-09-14 09:38 - 2009-03-18 13:54 - 00000000 ____D C:\Users\BozKurT
2015-09-13 01:34 - 2012-10-27 01:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
2015-09-13 01:34 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\system32\Msdtc
2015-09-13 01:34 - 2006-11-02 14:33 - 75497472 _____ C:\Windows\system32\config\components_previous
2015-09-13 01:34 - 2006-11-02 14:33 - 58458112 _____ C:\Windows\system32\config\system_previous
2015-09-13 01:34 - 2006-11-02 14:33 - 106430464 _____ C:\Windows\system32\config\software_previous
2015-09-13 01:34 - 2006-11-02 14:33 - 00786432 _____ C:\Windows\system32\config\default_previous
2015-09-13 01:34 - 2006-11-02 14:33 - 00262144 _____ C:\Windows\system32\config\security_previous
2015-09-13 01:34 - 2006-11-02 14:33 - 00262144 _____ C:\Windows\system32\config\sam_previous
2015-09-13 01:13 - 2014-10-18 23:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-13 01:13 - 2012-10-27 01:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-09-13 01:13 - 2011-04-17 18:12 - 00000000 ____D C:\Users\BozKurT\AppData\Roaming\Malwarebytes
2015-09-13 01:13 - 2006-11-02 17:07 - 00000000 ____D C:\Windows\ShellNew
2015-09-13 01:13 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\system32\spool
2015-09-13 01:12 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\registration
2015-09-12 15:56 - 2011-04-17 18:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-12 15:43 - 2014-04-27 21:33 - 00000000 ____D C:\ProgramData\Oracle
2015-09-11 15:22 - 2012-03-26 15:58 - 00000000 ____D C:\Users\BozKurT\Desktop\emine
2015-09-09 23:35 - 2009-11-23 12:44 - 00000000 ____D C:\Users\BozKurT\Desktop\Ugur
2015-09-09 19:22 - 2009-03-29 17:03 - 00000000 ____D C:\Users\BozKurT\Desktop\Süleyman
2015-09-09 16:18 - 2006-11-02 17:21 - 03338416 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-08 13:49 - 2014-10-18 23:20 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-09-08 13:48 - 2009-03-19 14:25 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-08 13:45 - 2013-10-09 16:29 - 02160832 _____ C:\Users\BozKurT\AppData\Local\dd_install_vb_xcor_90.txt
2015-09-08 13:44 - 2013-10-09 16:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 9.0
2015-09-08 13:42 - 2013-10-09 16:29 - 00136446 _____ C:\Users\BozKurT\AppData\Local\dd_depcheck_VB_EXP_90.txt
2015-09-08 13:41 - 2011-08-10 16:44 - 00000000 ____D C:\Program Files (x86)\IpodConverter
2015-09-08 13:38 - 2015-05-17 21:24 - 00000000 ____D C:\Users\BozKurT\AppData\Roaming\Skype
2015-09-08 13:38 - 2015-05-17 21:23 - 00000000 ____D C:\ProgramData\Skype
2015-09-01 13:16 - 2010-02-04 20:11 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-01 13:16 - 2010-02-04 20:11 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-26 18:37 - 2006-11-02 14:35 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-08-26 09:49 - 2008-10-31 20:48 - 00000000 ____D C:\Program Files (x86)\McAfee

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-03-06 01:06 - 2014-03-06 01:06 - 0001181 _____ () C:\Users\BozKurT\AppData\Roaming\trace_FilterInstaller.1.txt
2014-03-06 01:06 - 2014-03-06 01:14 - 0000919 _____ () C:\Users\BozKurT\AppData\Roaming\trace_FilterInstaller.txt
2014-03-06 01:06 - 2014-03-06 01:14 - 0000000 _____ () C:\Users\BozKurT\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2011-01-12 21:56 - 2015-08-01 12:46 - 0001356 _____ () C:\Users\BozKurT\AppData\Local\d3d9caps.dat
2011-07-03 10:15 - 2012-07-21 23:02 - 0000732 _____ () C:\Users\BozKurT\AppData\Local\d3d9caps64.dat
2009-03-19 14:28 - 2015-07-17 01:35 - 0223232 _____ () C:\Users\BozKurT\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-07-02 11:22 - 2009-07-02 11:22 - 0036172 _____ () C:\Users\BozKurT\AppData\Local\dd_depcheck_NETFX_EXP_35.txt
2013-10-09 16:29 - 2015-09-08 13:42 - 0136446 _____ () C:\Users\BozKurT\AppData\Local\dd_depcheck_VB_EXP_90.txt
2009-07-02 11:22 - 2009-07-02 11:22 - 0000002 _____ () C:\Users\BozKurT\AppData\Local\dd_dotnetfx35error_lp.txt
2009-07-02 11:22 - 2009-07-02 11:23 - 0203664 _____ () C:\Users\BozKurT\AppData\Local\dd_dotnetfx35install_lp.txt
2013-10-09 16:29 - 2013-10-09 16:29 - 0000002 _____ () C:\Users\BozKurT\AppData\Local\dd_error_vb_xcor_90.txt
2013-10-09 16:32 - 2013-10-09 16:32 - 1176452 _____ () C:\Users\BozKurT\AppData\Local\dd_ExpRemoteDbg_x64_MSI741A.txt
2013-10-09 16:29 - 2015-09-08 13:45 - 2160832 _____ () C:\Users\BozKurT\AppData\Local\dd_install_vb_xcor_90.txt
2009-07-02 11:22 - 2009-07-02 11:22 - 0811646 _____ () C:\Users\BozKurT\AppData\Local\dd_NET_Framework35_LangPack_MSI6767.txt
2013-10-09 16:37 - 2013-10-09 16:37 - 0341986 _____ () C:\Users\BozKurT\AppData\Local\dd_SQLCEToolsForVS2007_MSI77B0.txt
2013-10-09 16:37 - 2013-10-09 16:37 - 0383494 _____ () C:\Users\BozKurT\AppData\Local\dd_SSCERuntime_MSI77A0.txt
2010-10-24 12:12 - 2010-10-24 12:12 - 0422964 _____ () C:\Users\BozKurT\AppData\Local\dd_vcredistMSI3F4F.txt
2011-04-17 14:03 - 2011-04-17 14:03 - 0438398 _____ () C:\Users\BozKurT\AppData\Local\dd_vcredistMSI7D1E.txt
2010-10-24 12:12 - 2010-10-24 12:12 - 0013782 _____ () C:\Users\BozKurT\AppData\Local\dd_vcredistUI3F4F.txt
2010-10-24 12:12 - 2010-10-24 12:12 - 0012938 _____ () C:\Users\BozKurT\AppData\Local\dd_vcredistUI3F50.txt
2011-04-17 14:03 - 2011-04-17 14:03 - 0012646 _____ () C:\Users\BozKurT\AppData\Local\dd_vcredistUI7D1E.txt
2011-04-17 14:03 - 2011-04-17 14:03 - 0011786 _____ () C:\Users\BozKurT\AppData\Local\dd_vcredistUI7D1F.txt
2015-09-08 13:45 - 2015-09-08 13:45 - 0795720 _____ () C:\Users\BozKurT\AppData\Local\dd_VC_MinRed_MSI4B14.txt
2013-10-09 16:32 - 2013-10-09 16:32 - 0853224 _____ () C:\Users\BozKurT\AppData\Local\dd_VC_MinRed_MSI7400.txt
2013-10-09 16:32 - 2013-10-09 16:32 - 0255488 _____ () C:\Users\BozKurT\AppData\Local\dd_WinSDK_ExpTools_x64_MSI743E.txt
2013-10-09 16:32 - 2013-10-09 16:32 - 0204582 _____ () C:\Users\BozKurT\AppData\Local\dd_WinSDK_Win32ExpTools_x64_MSI7455.txt
2009-07-02 11:22 - 2015-09-08 13:45 - 1782730 _____ () C:\Users\BozKurT\AppData\Local\uxeventlog.txt
2015-09-08 13:42 - 2015-09-08 13:45 - 8302854 _____ () C:\Users\BozKurT\AppData\Local\VSMsiLog48F9.txt
2013-10-09 16:33 - 2013-10-09 16:37 - 11430914 _____ () C:\Users\BozKurT\AppData\Local\VSMsiLog7469.txt
2009-04-02 23:42 - 2009-04-02 23:42 - 0000011 _____ () C:\ProgramData\.tv5
2009-10-31 18:57 - 2012-05-01 21:39 - 0001723 _____ () C:\ProgramData\hpzinstall.log

Einige Dateien in TEMP:
====================
C:\Users\BozKurT\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcvauh8.dll
C:\Users\BozKurT\AppData\Local\Temp\ICReinstall_COMPUTER_BILD-Download-Manager_fuer_Setup-SopCast-3.8.3-2013-6-26.exe
C:\Users\BozKurT\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\BozKurT\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\BozKurT\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\BozKurT\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\BozKurT\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\BozKurT\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\BozKurT\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\BozKurT\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-14 14:13

==================== Ende von FRST.txt ============================
         
Addition.txt:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:13-09-2015 02
durchgeführt von BozKurT (2015-09-14 16:31:00)
Gestartet von C:\Users\BozKurT\Desktop
Windows Vista (TM) Home Premium Service Pack 2 (X64) (2006-10-10 01:01:29)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3668395413-3215351660-3596499305-500 - Administrator - Disabled)
BozKurT (S-1-5-21-3668395413-3215351660-3596499305-1000 - Administrator - Enabled) => C:\Users\BozKurT
Gast (S-1-5-21-3668395413-3215351660-3596499305-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-3668395413-3215351660-3596499305-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: McAfee VirusScan (Enabled - Out of date) {86355677-4064-3EA7-ABB3-1B136EB04637}
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Personal Firewall (Enabled) {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
AAC Decoder (HKLM-x32\...\{AEF9DC35ADDF4825B049ACBFD1C6EB37}) (Version: 7.1.0 - DivX, Inc.)
Acer Arcade Live Main Page (HKLM-x32\...\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}) (Version: 1.1.1819 - Acer Inc.)
Acer DV Magician (HKLM-x32\...\{F6EFFB76-4A07-11DA-9D78-000129760D75}) (Version: 1.5.1730 - Acer Inc.)
Acer DVDivine (HKLM-x32\...\{B145EC69-66F5-11D8-9D75-000129760D75}) (Version: 3.2.1730 - Acer Inc.)
Acer eDataSecurity Management (HKLM-x32\...\{A5633652-3795-4829-BB0B-644F0279E279}) (Version: 3.0.3065 - Egis Inc.)
Acer Empowering Technology (HKLM-x32\...\{8F1B6239-FEA0-450A-A950-B05276CE177C}) (Version: 3.0.3010 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 3.0.3014 - Acer Incorporated)
Acer eSettings Management (HKLM-x32\...\{13D85C14-2B85-419F-AC41-C7F21E68B25D}) (Version: 3.0.3007 - Acer Incorporated)
Acer GameZone Console DTV 2.0.1.1 (HKLM-x32\...\Acer GameZone Console_is1) (Version:  - Oberon Media, Inc.)
Acer HomeMedia (HKLM-x32\...\{AA4BF92B-2AAF-11DA-9D78-000129760D75}) (Version: 1.5.0530 - Acer Inc.)
Acer HomeMedia Connect (HKLM-x32\...\{132888AE-EF67-41C5-BCA2-7D5D2488AB63}) (Version: 1.4.5330 - Acer Inc.)
Acer HomeMedia Trial Creator (HKLM-x32\...\{B580C409-E16F-44FF-904D-3AE94E113BE0}) (Version: 1.5.0530 - Acer Inc.)
Acer Product Registration (HKLM-x32\...\{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}) (Version: 3.0.0.8 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}) (Version: 4.01.0718 - Acer Incorporated)
Acer SlideShow DVD (HKLM-x32\...\{41581EF5-45A7-11DA-9D78-000129760D75}) (Version: 1.5.1730 - Acer Inc.)
Acer VideoMagician (HKLM-x32\...\{F79A208D-D929-11D9-9D77-000129760D75}) (Version: 1.4.2203 - Acer Inc.)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader X (10.1.15) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
Agatha Christie Death on the Nile (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}) (Version:  - Oberon Media)
Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version:  - Oberon Media)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
Azada (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}) (Version:  - Oberon Media)
Benutzerhandbuch EPSON BX535WD Series (HKLM-x32\...\EPSON BX535WD Series Useg) (Version:  - )
Big Kahuna Reef (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}) (Version:  - Oberon Media)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bricks of Egypt (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}) (Version:  - Oberon Media)
Browser Defender 3.0 (HKLM-x32\...\Browser Defender_is1) (Version: 3.0.0.311 - Threat Expert Ltd.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
C4600 (x32 Version: 130.0.425.000 - Hewlett-Packard) Hidden
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version:  - Oberon Media)
Chicken Invaders 3 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}) (Version:  - Oberon Media)
Chuzzle (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}) (Version:  - Oberon Media)
Counter-Strike(TM) (HKLM-x32\...\{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}) (Version: 1.0.0.0 - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
Diner Dash Flo on the Go (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}) (Version:  - Oberon Media)
DivX Codec (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.8.5 - DivX, Inc.)
DivX Converter (HKLM-x32\...\{13F3917B56CD4C25848BDC69916971BB}) (Version: 7.0.0 - DivX, Inc.)
DivX Converter (HKLM-x32\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.0.0 - DivX, Inc.)
DivX Player (HKLM-x32\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 7.1.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM-x32\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX Version Checker (HKLM-x32\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.0.0.19 - DivX, Inc.)
DivX Web Player (HKLM-x32\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.4.3 - DivX,Inc.)
Download Navigator (HKLM-x32\...\{E728441A-7820-4B1C-87C9-DE7BE37B2953}) (Version: 1.1.0 - SEIKO EPSON CORPORATION)
Dropbox (HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\...\Dropbox) (Version: 2.8.4 - Dropbox, Inc.)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.3.000201 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.3.000201 - esobi Inc.) Hidden
Free YouTube to MP3 Converter version 3.12.41.623 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.41.623 - DVDVideoSoft Ltd.)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
H.264 Decoder (HKLM-x32\...\{A96E97134CA649888820BCDE5E300BBD}) (Version: 1.0.0 - DivX, Inc.)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart C4600 All-In-One Driver Software 13.0 Rel .5 (HKLM\...\{44C81D1A-0520-49BB-B510-98B8DD414EA1}) (Version: 13.0 - HP)
HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
hpPrintProjects (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Jewel Quest Solitaire (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}) (Version:  - Oberon Media)
Kick N Rush (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}) (Version:  - Oberon Media)
LAME v3.98.2 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version:  - )
LightScribe  1.4.142.1 (x32 Version: 1.4.142.1 - hxxp://www.lightscribe.com) Hidden
Mahjong Escape Ancient China (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}) (Version:  - Oberon Media)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
McAfee SecurityCenter (HKLM-x32\...\MSC) (Version:  - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.276 - McAfee, Inc.)
Messenger Plus! Live (HKLM-x32\...\Messenger Plus! Live) (Version: 4.90.0.392 - Yuna Software)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 Design Tools DEU (HKLM-x32\...\{E32260E7-0B10-43C7-9B77-AB9F4184676D}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 DEU (HKLM-x32\...\{159098AF-4EB8-4C10-B0C6-24CDA32B45F9}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7C39E0D1-E138-42B1-B083-213EC2CF7692}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{1FBEA8BA-D40B-48BC-85BC-EE2D5575F27C}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU) (Version:  - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework (HKLM\...\{53C900F7-0CB1-3EDE-B9F3-76EDE6F0C253}) (Version: 3.5.21022 - Microsoft)
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32 (HKLM\...\{11EB1163-5761-4BC6-8F48-98DCF6A46BBF}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}) (Version: 08.05.0822 - Microsoft Corporation)
MKV Splitter (HKLM-x32\...\{AAC389499AEF40428987B3D30CFC76C9}) (Version: 1.0.0 - DivX, Inc.)
Mozilla Firefox 36.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\...\MyFreeCodec) (Version:  - )
Mystery Case Files - Huntsville (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}) (Version:  - Oberon Media)
Mystery Solitaire - Secret Island (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}) (Version:  - Oberon Media)
Netzwerkhandbuch EPSON BX535WD Series (HKLM-x32\...\EPSON BX535WD Series Netg) (Version:  - )
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 6.80.5.1 - )
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.606 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.606 - NewTech Infosystems) Hidden
NTI JewelCase Maker Hot Fix (HKLM-x32\...\InstallShield_{DDA223A7-627F-4173-9CA4-A9C531BCBB62}) (Version: 5.5.0.5202 - NewTech Infosystems)
NTI JewelCase Maker Hot Fix (x32 Version: 5.5.0.5202 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.2.6329 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.2.6329 - NewTech Infosystems) Hidden
NTI Photo Maker Hot Fix (HKLM-x32\...\InstallShield_{B9B02A9E-8074-4C3F-AAE5-311528F34FED}) (Version: 2.0.0.16 - NewTech Infosystems)
NTI Photo Maker Hot Fix (x32 Version: 2.0.0.16 - NewTech Infosystems) Hidden
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA PhysX v8.04.25 (HKLM-x32\...\{74224F8D-4A17-4816-9EDB-7BB854DE532C}) (Version: 8.04.25 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
PE585QAEncoder-64 (HKLM\...\{D8B2C435-8737-431E-8784-24CD13B0B821}) (Version: 6.00.1918 - YUAN)
Play65 (HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\...\Play65) (Version: Dec_14_2009_14_19_04 - LogicEmpire)
PS_AIO_05_C4600_Software_Min (x32 Version: 130.0.425.000 - Hewlett-Packard) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5688 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Secunia PSI (3.0.0.7011) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.7011 - Secunia)
Segoe UI (x32 Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spelling Dictionaries Support For Adobe Reader 8 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-800000000003}) (Version: 8.0.0 - Adobe Systems)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Steam(TM) (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
Turbo Pizza (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}) (Version:  - Oberon Media)
Unity Web Player (HKLM-x32\...\UnityWebPlayer) (Version: 2.5.1f5_24931 - Unity Technologies ApS)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM-x32\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.5000.00 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.762 (x32 Version: 1.0.0 - DivX, Inc) Hidden
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live OneCare safety scanner (HKLM-x32\...\Windows Live OneCare safety scanner) (Version:  - Microsoft Corporation)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version:  - )
Zuma Deluxe (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}) (Version:  - Oberon Media)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2006-11-02 14:34 - 2012-11-23 08:45 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1       localhost

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2C3F88A1-FA66-455A-945C-4F213B5232C4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {35E96C26-28BD-402C-BD11-1517540CEFF7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {7E23F0A2-2C53-4753-99D4-8AF461D5EA14} - \PC Performer_UPDATES -> Keine Datei <==== ACHTUNG
Task: {80B1B6EA-15C5-467B-A789-7E2E830A200F} - System32\Tasks\McQcTask => c:\Program Files (x86)\McAfee\MQC\QcConsol.exe [2009-01-09] (McAfee, Inc.)
Task: {919A84AC-4AB6-43A7-985A-BF54C631B58A} - \PC Performer -> Keine Datei <==== ACHTUNG
Task: {9B33395B-CCC5-4BCA-A538-C263FC2E681C} - \PC Performer_DEFAULT -> Keine Datei <==== ACHTUNG
Task: {B725400F-939A-4B81-AF32-266BE8AFD51E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B8F50931-D299-4EAA-BCD1-2BE71D64061A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {DB0B00F0-43CB-4481-96E8-AA4A3A5BE3AA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {EBB267F3-E181-4446-AA28-A75589961DA0} - System32\Tasks\McDefragTask => c:\Program Files (x86)\McAfee\MQC\QcConsol.exe [2009-01-09] (McAfee, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\McDefragTask.job => c:\PROGRA~2\mcafee\mqc\QcConsol.exe C:\Windows\system32\defrag.exe
Task: C:\Windows\Tasks\McQcTask.job => c:\PROGRA~2\mcafee\mqc\QcConsol.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-10-04 18:37 - 2010-06-17 21:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2008-10-31 20:31 - 2008-08-19 15:27 - 00024576 _____ () C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
2008-10-31 20:31 - 2008-10-31 20:31 - 00032768 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.Controller\3.0.3010.0__14bcaafdb44b5951\Framework.Model.Controller.dll
2008-10-31 20:31 - 2008-10-31 20:31 - 00009216 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3010.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll
2008-10-31 20:31 - 2008-10-31 20:31 - 00061440 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3010.0__3036420f80dd6947\Framework.Library.dll
2008-10-31 20:31 - 2008-10-31 20:31 - 00015360 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3010.0__672b450de5a7e94a\Framework.Host.dll
2008-10-31 20:31 - 2008-10-31 20:31 - 00006144 _____ () C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3010.0__9ecdf03bb2054f94\Framework.PluginInterface.dll
2008-10-31 20:31 - 2008-10-31 20:31 - 00036864 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3010.0__4df5dcab8860d239\Framework.Utility.dll
2008-10-31 20:31 - 2008-08-19 15:27 - 00585216 _____ () C:\Windows\system32\INT15_64.dll
2006-10-10 03:08 - 2008-05-26 14:40 - 00016384 _____ () C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.ServicePlugin.dll
2006-10-10 03:08 - 2008-05-26 14:37 - 00016384 _____ () C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.Logger.dll
2006-10-10 03:08 - 2008-05-26 14:39 - 00143360 _____ () C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.Model.Computer.dll
2006-10-10 03:08 - 2008-05-26 14:37 - 00036864 _____ () C:\Program Files\Acer\Empowering Technology\Service\eSettings.Model.ComputerInterface.dll
2008-04-25 22:36 - 2008-04-25 22:36 - 00131072 _____ () C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
2008-10-31 20:55 - 2008-06-13 06:17 - 00241734 _____ () C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
2008-10-31 20:31 - 2008-08-19 15:28 - 00319488 _____ () C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
2007-12-13 04:08 - 2007-12-13 04:08 - 01401856 _____ () C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\LIBEAY32.dll
2008-07-29 18:53 - 2008-07-29 18:53 - 00382000 _____ () C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\ShowErrMsg.dll
2008-04-25 22:36 - 2008-04-25 22:36 - 00028672 _____ () C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
2008-10-31 20:57 - 2008-05-20 18:50 - 00098304 _____ () C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLSchRecordMonitor.dll
2008-10-31 20:57 - 2008-05-20 18:50 - 00260096 _____ () C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\sqlite3.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-04-17 14:06 - 2011-04-12 10:44 - 00767952 _____ () C:\Windows\BDTSupport.dll
2007-06-24 20:09 - 2007-06-24 20:09 - 01024000 _____ () C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\ACE.dll
2007-06-24 20:09 - 2007-06-24 20:09 - 00098304 _____ () C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML.dll
2007-06-24 20:09 - 2007-06-24 20:09 - 00061440 _____ () C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML_Parser.dll
2008-04-28 10:49 - 2008-04-28 10:49 - 00003072 _____ () C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll
2009-03-20 20:14 - 2008-06-20 01:41 - 00062464 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:430C6D84
AlternateDataStreams: C:\ProgramData\TEMP:4F636E25
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{48EE1BF2-DF85-4744-8D58-80D14E9F1D58}] => (Allow) C:\Program Files (x86)\Acer Arcade Live\Acer Arcade Live Main Page\Acer Arcade Live.exe
FirewallRules: [{76A38D04-BCE3-455F-8CF9-B812FF0A2037}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MNA\McNaSvc.exe
FirewallRules: [{E4AA1109-23EF-46A7-A23C-10A6CCF4DA8F}] => (Allow) C:\Program Files (x86)\Acer Arcade Live\Acer DV Magician\Acer DV Magician.exe
FirewallRules: [{B59FAFDC-11B2-4F93-99BA-AA1FC1BFD2A7}] => (Allow) C:\Program Files (x86)\Acer Arcade Live\Acer SlideShow DVD\Acer SlideShow DVD.exe
FirewallRules: [{B32263AA-EBEB-4CC4-9FD8-09608FD31B0F}] => (Allow) C:\Program Files (x86)\Acer Arcade Live\Acer VideoMagician\Acer VideoMagician.exe
FirewallRules: [{604799C7-A6CC-4925-9534-183E1CEEAAE0}] => (Allow) C:\Program Files (x86)\Acer Arcade Live\Acer DVDivine\Acer DVDivine.exe
FirewallRules: [{1A70900D-51D6-4CC4-943D-835296B580DE}] => (Allow) C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia\Acer HomeMedia.exe
FirewallRules: [{17747848-77A9-49A4-97DC-F4D4FFE8C7B8}] => (Allow) C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Acer HomeMedia Connect.exe
FirewallRules: [{B147995B-6C59-4E86-B409-C1EDFF994073}] => (Allow) C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.EXE
FirewallRules: [{669BAC8A-063B-42C4-AA3F-043DFBDBEDE9}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{23D852BF-1B67-478B-9A83-669F4F2E1BB1}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{456738B4-3BB4-4908-B2BB-61D7B15A2D86}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
FirewallRules: [{5090FD8D-754A-4310-A93E-6E3406DB76D3}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
FirewallRules: [{E06FBCE3-3A84-4651-B3D6-11086927268B}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{F49B581F-F7B0-462E-8533-690A3052A735}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{D1A81DA6-A6F6-4BE1-BAF7-59C4EC24D296}] => (Allow) C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Trial Creator\Acer HomeMedia Trial Creator.exe
FirewallRules: [{20C572AD-2A77-423A-BCE8-D65AA0621399}] => (Allow) C:\Windows\System32\dlcdcoms.exe
FirewallRules: [{C1B0AB57-3966-447E-AFA5-ED1F95DF4DFD}] => (Allow) C:\Windows\System32\dlcdcoms.exe
FirewallRules: [{5D0A555F-9FFA-48FA-B115-D5441A34D13F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{6E8A63C4-29E0-45DA-85A9-C8D90E2F37F8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{803EED67-006E-41D2-9690-47025AF8EF0D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{7AFF19B5-35DE-492A-858A-054D63CF83C0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{8C916A98-DF73-4374-97DF-D51C0694F474}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{D4D460F0-37A7-49AC-ADFC-33458236B3D9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{553F2116-FE0A-4E3D-B9EB-7EF2ABF84454}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{22AEAC19-7B25-4215-9DA6-4E5CB341A274}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{194BF7ED-026C-4250-9A3C-EAD39F1E9AE0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{89D8EF40-7C4B-43FD-96E9-28D2F3AA746F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{9C241572-98AF-49D1-BEE5-4656F0128492}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{5E0473DD-4B16-411D-9C8D-48CD1D1D1B3D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{7D609A58-E572-4751-B564-7886C5437416}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{5A453006-3E0E-4BD2-A8F6-74C62E7260EA}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{18D05AC2-2FFA-4893-87BB-11B6327EE1A3}] => (Allow) C:\Program Files (x86)\Valve\Steam\Steam.exe
FirewallRules: [{6C4518BE-72C3-48CE-BF12-71D4BCCA4D31}] => (Allow) C:\Program Files (x86)\Valve\Steam\Steam.exe
FirewallRules: [{9A052F3E-AF77-497C-A908-FEAF9EA66F65}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{C4E14446-3138-4F84-AAF1-47A3A762AE2D}] => (Allow) svchost.exe
FirewallRules: [{241060AB-F757-49C2-8FD1-7DB6E59A05B1}] => (Allow) LPort=80
FirewallRules: [{15CA6830-7DD9-4D99-9876-1CCBDBC16477}] => (Allow) LPort=80
FirewallRules: [{D09741AF-00F4-417C-B45B-36F61CD9E343}] => (Allow) LPort=80
FirewallRules: [{8C173849-05FD-4F8E-BD8E-02CEAF9EA945}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{14015AE9-338D-4532-BAA9-5A8E066381EE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3D4FBDEB-8A99-4FBC-AF3E-E12AB24F2763}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9A22B3A4-A801-4BE1-A2BA-98DCB057C5EC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C77D5E72-55FD-417C-A3C5-734919B4D6F2}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{4A101931-4909-4598-B020-66C7735B8C61}] => (Allow) LPort=2869
FirewallRules: [{A9688549-46C8-4869-9B7A-F8BB9A277EF3}] => (Allow) LPort=1900
FirewallRules: [{D062D1E6-CDAE-4430-A026-959767A65B8E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{0CF6F320-7642-41BF-A9AC-2639579B8582}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{830A4AE7-045B-4FDB-B4AB-DAAD4C703D6C}] => (Allow) C:\Program Files (x86)\Valve\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{BC721572-4FCE-46D9-A2D3-66BDD21DE6D6}] => (Allow) C:\Program Files (x86)\Valve\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{1056CD79-71DE-4231-BAEC-2AF35C98C34A}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Audio Recorder\Apowersoft Free Audio Recorder.exe
FirewallRules: [{335CD16A-6FB3-4A57-B4E0-744EC20C39AB}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Audio Recorder\Apowersoft Free Audio Recorder.exe
FirewallRules: [{AD91BFDE-2C9A-421E-8468-0D0A35D54112}] => (Allow) C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D0824923-4E77-45D3-AE9A-ED3B97F812A5}] => (Allow) C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{BFEC8C73-E190-432B-B364-42F63F818ABE}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{7AD930C9-163C-4A52-B55C-C3E999359EAE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\firefox.exe
FirewallRules: [{4957DEC8-5456-4478-BE43-BD092AEB6570}] => (Allow) C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\firefox.exe
FirewallRules: [{24E565E9-EC28-4BBB-944E-B74FB8BB7CDA}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{E2C9DF3D-6E01-4A2D-92AC-23A995B96B08}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{0F42EE40-0F0A-4131-9B5F-D1C91FB3ED1C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{80C9164B-5743-4127-8CE5-B3633D1C7BAB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\FlashFXP\FlashFXP.exe] => Enabled:FlashFXP v3
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\FlashFXP\FlashFXP.exe] => Enabled:FlashFXP v3

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/14/2015 02:37:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Framework.Launcher.exe, Version 3.0.3010.0 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 10f0
Anfangszeit: 01d0eee6295f40b3
Zeitpunkt der Beendigung: 203

Error: (09/14/2015 02:09:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/14/2015 02:09:10 PM) (Source: .NET Runtime Optimization Service) (EventID: 1107) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "System.DirectoryServices.Protocols, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.

Error: (09/14/2015 10:16:30 AM) (Source: MsiInstaller) (EventID: 1002) (User: NT-AUTORITÄT)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\5DBE8E079C8785242BA00589CC0A000F".

Error: (09/14/2015 10:11:05 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll8

Error: (09/14/2015 10:11:05 AM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll8

Error: (09/14/2015 09:48:53 AM) (Source: MsiInstaller) (EventID: 1002) (User: NT-AUTORITÄT)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\5DBE8E079C8785242BA00589CC0A000F".

Error: (09/14/2015 09:24:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/13/2015 11:44:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/13/2015 11:44:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung PCMMediaSharing.exe, Version 0.0.0.0, Zeitstempel 0x4663e046, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.19454, Zeitstempel 0x55ae6da5, Ausnahmecode 0xc0000005, Fehleroffset 0x0002a9f3,
Prozess-ID 0x9e4, Anwendungsstartzeit PCMMediaSharing.exe0.


Systemfehler:
=============
Error: (09/14/2015 03:11:53 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: ScRegSetValueExWFailureCommand%%5

Error: (09/14/2015 02:47:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: HP CUE DeviceDiscovery Service1

Error: (09/14/2015 02:47:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: hpqcxs081

Error: (09/14/2015 02:26:00 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AD3EDBCA-0901-415B-82E9-C16D3B65E38C}

Error: (09/14/2015 02:19:30 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: ScRegSetValueExWStart%%5

Error: (09/14/2015 02:10:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: NVIDIA Update Service Daemon%%1069

Error: (09/14/2015 02:10:57 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330

Error: (09/14/2015 02:09:14 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: ScRegSetValueExWStart%%5

Error: (09/14/2015 02:08:50 PM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
Description: Vom Echtzeitschutz-Feature von %%860 wurde ein Fehler festgestellt

	Feature: %%886

	Fehlercode: 0x80070005

	Fehlerbeschreibung: Zugriff verweigert 

	Grund: %%892

Error: (09/14/2015 10:18:25 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 1.205.2284.0

	Aktualisierungsquelle: %NT-AUTORITÄT59

	Aktualisierungsphase: 4.8.0204.00

	Quellpfad: 4.8.0204.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608


Microsoft Office:
=========================
Error: (05/22/2012 03:38:21 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5744 seconds with 3240 seconds of active time.  This session ended with a crash.

Error: (12/14/2010 04:32:05 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 90 seconds with 60 seconds of active time.  This session ended with a crash.


CodeIntegrity:
===================================
  Date: 2015-09-12 16:24:31.873
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-09-12 16:24:31.327
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-09-12 16:24:30.781
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-09-12 16:24:30.219
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-09-12 16:24:29.657
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-09-12 16:24:29.096
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-09-12 15:59:48.543
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-09-12 15:59:47.997
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-09-12 15:59:47.435
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-09-12 15:59:46.873
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz
Prozentuale Nutzung des RAM: 50%
Installierter physikalischer RAM: 4094.32 MB
Verfügbarer physikalischer RAM: 2020.95 MB
Summe virtueller Speicher: 14453.5 MB
Verfügbarer virtueller Speicher: 11541.7 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:456.4 GB) (Free:306.65 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (DATA) (Fixed) (Total:457.11 GB) (Free:87.39 GB) NTFS
Drive e: () (Fixed) (Total:29.21 GB) (Free:23.91 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8AB9C97D)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=456.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=457.1 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 29.2 GB) (Disk ID: 22899CA5)
Partition 1: (Not Active) - (Size=29.2 GB) - (Type=0C)

==================== Ende von Addition.txt ============================
         
DANKE!


Alt 15.09.2015, 16:31   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Vista: PC hängt sich ständig auf - Standard

Windows Vista: PC hängt sich ständig auf



hi,


Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
--> Windows Vista: PC hängt sich ständig auf

Alt 16.09.2015, 10:15   #7
sacet
 
Windows Vista: PC hängt sich ständig auf - Standard

Windows Vista: PC hängt sich ständig auf



Hallo schrauber,

im Folgenden die gewünschten Logfiles.

Danke!

MBAR:
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2015.09.15.06
  rootkit: v2015.08.16.01

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
BozKurT :: BOZKURT-PC [administrator]

15.09.2015 22:50:26
mbar-log-2015-09-15 (22-50-26).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 494290
Time elapsed: 1 hour(s), 46 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
TDSSKiller:
Code:
ATTFilter
11:07:49.0817 0x1594  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
11:08:05.0812 0x1594  ============================================================
11:08:05.0812 0x1594  Current date / time: 2015/09/16 11:08:05.0812
11:08:05.0812 0x1594  SystemInfo:
11:08:05.0812 0x1594  
11:08:05.0812 0x1594  OS Version: 6.0.6002 ServicePack: 2.0
11:08:05.0812 0x1594  Product type: Workstation
11:08:05.0812 0x1594  ComputerName: BOZKURT-PC
11:08:05.0813 0x1594  UserName: BozKurT
11:08:05.0813 0x1594  Windows directory: C:\Windows
11:08:05.0813 0x1594  System windows directory: C:\Windows
11:08:05.0813 0x1594  Running under WOW64
11:08:05.0813 0x1594  Processor architecture: Intel x64
11:08:05.0813 0x1594  Number of processors: 4
11:08:05.0813 0x1594  Page size: 0x1000
11:08:05.0813 0x1594  Boot type: Normal boot
11:08:05.0813 0x1594  ============================================================
11:08:05.0982 0x1594  KLMD registered as C:\Windows\system32\drivers\46813218.sys
11:08:09.0870 0x1594  System UUID: {8F452056-406C-E227-11E0-1BF349B64D5D}
11:08:11.0131 0x1594  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:08:11.0148 0x1594  ============================================================
11:08:11.0148 0x1594  \Device\Harddisk0\DR0:
11:08:11.0148 0x1594  MBR partitions:
11:08:11.0148 0x1594  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2400800, BlocksNum 0x390CE800
11:08:11.0148 0x1594  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3B4CF021, BlocksNum 0x392369A0
11:08:11.0148 0x1594  ============================================================
11:08:11.0210 0x1594  C: <-> \Device\Harddisk0\DR0\Partition1
11:08:11.0268 0x1594  D: <-> \Device\Harddisk0\DR0\Partition2
11:08:11.0269 0x1594  ============================================================
11:08:11.0269 0x1594  Initialize success
11:08:11.0269 0x1594  ============================================================
11:09:06.0300 0x1154  ============================================================
11:09:06.0300 0x1154  Scan started
11:09:06.0300 0x1154  Mode: Manual; SigCheck; TDLFS; 
11:09:06.0300 0x1154  ============================================================
11:09:06.0300 0x1154  KSN ping started
11:09:08.0598 0x1154  KSN ping finished: true
11:09:09.0795 0x1154  ================ Scan system memory ========================
11:09:09.0795 0x1154  System memory - ok
11:09:09.0797 0x1154  ================ Scan services =============================
11:09:10.0057 0x1154  [ 517D30057C726C797764BFD70A55D82A, F1F48EF16DB9F7B5C6F8D0C595DE2E4ABD26FAF19372C1AA598F6988709D2170 ] Acer HomeMedia Connect Service C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
11:09:10.0332 0x1154  Acer HomeMedia Connect Service - detected UnsignedFile.Multi.Generic ( 1 )
11:09:12.0648 0x1154  Detect skipped due to KSN trusted
11:09:12.0648 0x1154  Acer HomeMedia Connect Service - ok
11:09:12.0913 0x1154  [ 1965AAFFAB07E3FB03C77F81BEBA3547, 351A1EBB1B95C8E03ED125C8F997DEE810B4DF36AD290E7685FC01963B522BFC ] ACPI            C:\Windows\system32\drivers\acpi.sys
11:09:12.0968 0x1154  ACPI - ok
11:09:13.0046 0x1154  [ 2F0683FD2DF1D92E891CACA14B45A8C1, B4A8D6A183FA0B7D642FAD6B51C19FEC998481E1C49480D2B391E5D8B55F5BBD ] adfs            C:\Windows\system32\drivers\adfs.sys
11:09:13.0090 0x1154  adfs - ok
11:09:13.0270 0x1154  [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
11:09:13.0358 0x1154  Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
11:09:15.0663 0x1154  Detect skipped due to KSN trusted
11:09:15.0663 0x1154  Adobe LM Service - ok
11:09:15.0755 0x1154  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:09:15.0797 0x1154  AdobeARMservice - ok
11:09:16.0138 0x1154  [ 368290D0A612D62DA6F3D798B1BB8FE7, D573BF8543F37BC51B88A2473EDFD28AFBCCC446E8CADD54A90FA48D8739D222 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:09:16.0316 0x1154  AdobeFlashPlayerUpdateSvc - ok
11:09:16.0416 0x1154  [ F14215E37CF124104575073F782111D2, 7F624F7F0FE9909C07AB2E4C74727686FDA9DF33778A9CBBE35027D6579E4F71 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
11:09:16.0475 0x1154  adp94xx - ok
11:09:16.0533 0x1154  [ 7D05A75E3066861A6610F7EE04FF085C, 406F2CE539C306BA60C233FBCDB029153588F0499BBE91E66FC915E5C5D7D2A5 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
11:09:16.0586 0x1154  adpahci - ok
11:09:16.0610 0x1154  [ 820A201FE08A0C345B3BEDBC30E1A77C, 3170B308724CAA0AD50B74D045C837C48BD6A3A11ABA222670BEA82192A861BF ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
11:09:16.0653 0x1154  adpu160m - ok
11:09:16.0705 0x1154  [ 9B4AB6854559DC168FBB4C24FC52E794, 83CD75DE0A16AE66586837565ECA8B98BA9309519139C4C2032474B8DDF5A1AD ] adpu320         C:\Windows\system32\drivers\adpu320.sys
11:09:16.0747 0x1154  adpu320 - ok
11:09:16.0788 0x1154  [ 0F421175574BFE0BF2F4D8E910A253BB, CEABE3A4F546EB6ACA079931AB532DC88FF757DEEF6F434991802220328A9CD6 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:09:17.0032 0x1154  AeLookupSvc - ok
11:09:17.0159 0x1154  [ E58A17E945593544C707423F9772EEA0, FC17AFF979354EB89DCA307BF07C52B84629AF540D4C6A32DD537695CA654205 ] AFD             C:\Windows\system32\drivers\afd.sys
11:09:17.0266 0x1154  AFD - ok
11:09:17.0325 0x1154  [ F6F6793B7F17B550ECFDBD3B229173F7, 7EB12A9372B7966440E39F1B567A43C21231D67DDFAA9C1DECC7E68627F82346 ] agp440          C:\Windows\system32\drivers\agp440.sys
11:09:17.0364 0x1154  agp440 - ok
11:09:17.0420 0x1154  [ 222CB641B4B8A1D1126F8033F9FD6A00, 8C7FD4BF87DC00893B99E64344C0E6A3F321DAD9BE60A99763629260E7C6312C ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
11:09:17.0457 0x1154  aic78xx - ok
11:09:17.0480 0x1154  [ 5922F4F59B7868F3D74BBBBEB7B825A3, 71504BC8B596F540BF059059670BC0C138D8759C1DD9F99F1EC368FD5C53F573 ] ALG             C:\Windows\System32\alg.exe
11:09:17.0652 0x1154  ALG - ok
11:09:17.0685 0x1154  [ 157D0898D4B73F075CE9FA26B482DF98, 84C3E163D7393FD306842F155C88A50B7D8AE88B59586F9014DB76B749CC33D5 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:09:17.0719 0x1154  aliide - ok
11:09:17.0740 0x1154  [ 970FA5059E61E30D25307B99903E991E, CFB241803A63EA3469B2596462A42DDCA813B3ACF96E56BB34F5979BB34DDC32 ] amdide          C:\Windows\system32\drivers\amdide.sys
11:09:17.0779 0x1154  amdide - ok
11:09:17.0815 0x1154  [ CDC3632A3A5EA4DBB83E46076A3165A1, 40BE3451A3F29CD3352360FF72165C54237E44D01006390805D493B0D06F51DB ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
11:09:17.0889 0x1154  AmdK8 - ok
11:09:17.0961 0x1154  [ 7C8ECAAD76EA1D076A450C8303D9BD98, 90904B2BE380A51BDCEDADA530214CE5321C06456E10F5985B40E3282902BEF6 ] Appinfo         C:\Windows\System32\appinfo.dll
11:09:18.0022 0x1154  Appinfo - ok
11:09:18.0129 0x1154  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:09:18.0146 0x1154  Apple Mobile Device - ok
11:09:18.0187 0x1154  [ BA8417D4765F3988FF921F30F630E303, 876A8F34E578020DD9EDD64F7F77A0A3B4592EC568830B500D7EA844D3159C72 ] arc             C:\Windows\system32\drivers\arc.sys
11:09:18.0225 0x1154  arc - ok
11:09:18.0272 0x1154  [ 9D41C435619733B34CC16A511E644B11, DEFFBBB5ECE33B7DF949DF979188AF3B6674E7580FC069397AB756EA84E24822 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:09:18.0309 0x1154  arcsas - ok
11:09:18.0451 0x1154  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:09:18.0495 0x1154  aspnet_state - ok
11:09:18.0547 0x1154  [ 22D13FF3DAFEC2A80634752B1EAA2DE6, 503F7E5F1B14D3F7AEAB0982E812B19DABE38FD4104D93922F50F0B2D19BECFB ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:09:18.0630 0x1154  AsyncMac - ok
11:09:18.0658 0x1154  [ E68D9B3A3905619732F7FE039466A623, 74C0B29E54EF064660B9C756E03D5A7EB78F261EFF768EB6E74D261FBD34340D ] atapi           C:\Windows\system32\drivers\atapi.sys
11:09:18.0693 0x1154  atapi - ok
11:09:18.0749 0x1154  [ 4FCE8096191D260028FB6585A4159D6F, FCCB53A93CE69C8A21B61A4DE678AB3A59A55828BCA655D5E5AB6B08CE6FB412 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:09:18.0902 0x1154  AudioEndpointBuilder - ok
11:09:18.0927 0x1154  [ 4FCE8096191D260028FB6585A4159D6F, FCCB53A93CE69C8A21B61A4DE678AB3A59A55828BCA655D5E5AB6B08CE6FB412 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:09:18.0961 0x1154  AudioSrv - ok
11:09:19.0137 0x1154  [ FFB96C2589FFA60473EAD78B39FBDE29, 6A2792753E2CB580672B3107C0DBB9D26B6DAA14B37D5EC314BD0E304197E03E ] BFE             C:\Windows\System32\bfe.dll
11:09:19.0280 0x1154  BFE - ok
11:09:19.0460 0x1154  [ 6D316F4859634071CC25C4FD4589AD2C, 73F69AC9E505F3B11A3CCFF8571930229A9058E672CD008A4BF26C0189564EAE ] BITS            C:\Windows\System32\qmgr.dll
11:09:19.0586 0x1154  BITS - ok
11:09:19.0617 0x1154  [ 79FEEB40056683F8F61398D81DDA65D2, 5EA3016194F71A2A2177C2B5129E82738EC621ACAD269809F4C131B72CFEB6C6 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
11:09:19.0691 0x1154  blbdrive - ok
11:09:19.0883 0x1154  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:09:19.0933 0x1154  Bonjour Service - ok
11:09:19.0982 0x1154  [ 2348447A80920B2493A9B582A23E81E1, 50F9242B7104607E633ABAF4E0A213C1C1226BF81F7FB4E216A9E878247B868C ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:09:20.0068 0x1154  bowser - ok
11:09:20.0117 0x1154  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
11:09:20.0194 0x1154  BrFiltLo - ok
11:09:20.0249 0x1154  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
11:09:20.0324 0x1154  BrFiltUp - ok
11:09:20.0409 0x1154  [ A1B39DE453433B115B4EA69EE0343816, 61441E7E9D5259A5987DBD3FC8D4E3221A57F42C7CC0F94DB48E80EEF96CA5D4 ] Browser         C:\Windows\System32\browser.dll
11:09:20.0485 0x1154  Browser - ok
11:09:20.0652 0x1154  [ B715096179D63B88C5948B9A7EEB1088, BCC55046068CAEE966EB100A3A71CDCDE056FE4900DF25D72DEC530D88DFCE8E ] Browser Defender Update Service C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe
11:09:20.0732 0x1154  Browser Defender Update Service - ok
11:09:20.0797 0x1154  [ F0F0BA4D815BE446AA6A4583CA3BCA9B, E0A5DB5A0C7D6AF93ED45F34D2597F77982DFF41E4FDAC827FE5D80323ADED60 ] Brserid         C:\Windows\system32\drivers\brserid.sys
11:09:20.0996 0x1154  Brserid - ok
11:09:21.0031 0x1154  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
11:09:21.0132 0x1154  BrSerWdm - ok
11:09:21.0156 0x1154  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
11:09:21.0265 0x1154  BrUsbMdm - ok
11:09:21.0280 0x1154  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
11:09:21.0369 0x1154  BrUsbSer - ok
11:09:21.0434 0x1154  [ E0777B34E05F8A82A21856EFC900C29F, A7ACE3C65D1773C50ACD98A13B3ADBDD2A6052D7F5D124CB6EE6E7C22151A424 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
11:09:21.0532 0x1154  BTHMODEM - ok
11:09:21.0619 0x1154  [ 09E6AFFAE6C0E9158BF05C7D08D0107A, 05524526EBD5F42F58404A698F397CD7CBC2CBB5F7211AB6B5C2691A87983A24 ] BUNAgentSvc     C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
11:09:21.0676 0x1154  BUNAgentSvc - detected UnsignedFile.Multi.Generic ( 1 )
11:09:23.0975 0x1154  Detect skipped due to KSN trusted
11:09:23.0975 0x1154  BUNAgentSvc - ok
11:09:24.0067 0x1154  [ 19C8E65DC74D8240C3C8BE0F8751B17E, 6F992CF521510D1A72A7509B8D893E081C9358DD87124368B6D02A15DC3B8121 ] camdrv42        C:\Windows\system32\DRIVERS\camdrv42.sys
11:09:24.0276 0x1154  camdrv42 - ok
11:09:24.0295 0x1154  [ B4D787DB8D30793A4D4DF9FEED18F136, 2A956F7DCFE61E556F30BDA6D45592A05533541D6ED321C251C1C05F6CEA6DDC ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:09:24.0366 0x1154  cdfs - ok
11:09:24.0402 0x1154  [ C025AA69BE3D0D25C7A2E746EF6F94FC, F4754B23CC256ADF92FDD42A9BA80F1ACB74834A58FCBEA2C52650FAFC7F9483 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:09:24.0471 0x1154  cdrom - ok
11:09:24.0520 0x1154  [ 5A268127633C7EE2A7FB87F39D748D56, 45C530A0EE0108543A75B9427F77EBB5E8350AE16C235763B6F32E72CE15C449 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:09:24.0595 0x1154  CertPropSvc - ok
11:09:24.0632 0x1154  [ 02EA568D498BBDD4BA55BF3FCE34D456, 5A418B156CBB48D14E0F6B6AE6E03B8CD97AABE838F260757014479566C63F17 ] circlass        C:\Windows\system32\drivers\circlass.sys
11:09:24.0711 0x1154  circlass - ok
11:09:24.0789 0x1154  [ D44BA2F707838E0FEF35BCEC5CBD9D60, A9E85E801B0B08F7E5AD6206C61F36E42B4A99878D8AA66EAD8B4E667E50D813 ] CLFS            C:\Windows\system32\CLFS.sys
11:09:24.0855 0x1154  CLFS - ok
11:09:24.0937 0x1154  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:09:24.0976 0x1154  clr_optimization_v2.0.50727_32 - ok
11:09:25.0032 0x1154  [ 753049933D5326D835F4FCACDF4AD5E3, 715BEE09C19BCBCAD2A93E4725DB3A1FDD8E2FEFFF6E0C3D2F98FC607FED5D3A ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:09:25.0090 0x1154  clr_optimization_v2.0.50727_64 - ok
11:09:25.0174 0x1154  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:09:25.0220 0x1154  clr_optimization_v4.0.30319_32 - ok
11:09:25.0258 0x1154  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:09:25.0284 0x1154  clr_optimization_v4.0.30319_64 - ok
11:09:25.0305 0x1154  [ E5D5499A1C50A54B5161296B6AFE6192, 20A8A0478918063A9EE81565F21F4ACCAA7B6A8B2E9E084099879D85574BAB3E ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:09:25.0344 0x1154  cmdide - ok
11:09:25.0379 0x1154  [ 7FB8AD01DB0EABE60C8A861531A8F431, E19353C686B07A0DBBA92CFCC88AB9B6BEBAF389416B78F4470BA673E7CD73C3 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
11:09:25.0415 0x1154  Compbatt - ok
11:09:25.0422 0x1154  COMSysApp - ok
11:09:25.0459 0x1154  [ A8585B6412253803CE8EFCBD6D6DC15C, C3906B080D3BB06CB976FD98C62CBA97DAE74970A5559D51EF5111D773949322 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
11:09:25.0493 0x1154  crcdisk - ok
11:09:25.0550 0x1154  [ 5AAC48EAF8EACF247DB44FB61B900D89, D20FCD5C71CA18F284D3DFD0CED37F6888A296E76B7B0563F2F4668CF90FE752 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:09:25.0616 0x1154  CryptSvc - ok
11:09:25.0779 0x1154  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF, 3BE4B8EE22FA55D3A17D3718781C8BCA631C78F7928092561F6B79BB60E7D7FE ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:09:25.0877 0x1154  DcomLaunch - ok
11:09:25.0936 0x1154  [ 8B722BA35205C71E7951CDC4CDBADE19, 39720A60DFD0532F7E1A1976240E9828559BF9E0C6D1CFBF4D911965BFD94158 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:09:26.0014 0x1154  DfsC - ok
11:09:26.0245 0x1154  [ C647F468F7DE343DF8C143655C5557D4, E2D35FE49C408B952D8FE0C7EF70D42798229D30B89CEF9858BAC9F4F9E98EF2 ] DFSR            C:\Windows\system32\DFSR.exe
11:09:26.0516 0x1154  DFSR - ok
11:09:26.0610 0x1154  [ 30710AEFCE721CEEE0F35EB6A01C263C, FB062EC86474D38BBC38E11E2618A9505001C287430B495C482977BBE58017C8 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
11:09:26.0672 0x1154  dg_ssudbus - ok
11:09:26.0734 0x1154  [ 3ED0321127CE70ACDAABBF77E157C2A7, 10973BD0AEF9597A4EA0A4947BDE922F9168F33D6ED97BFFEE6176AADAD78980 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
11:09:26.0797 0x1154  Dhcp - ok
11:09:26.0828 0x1154  [ B0107E40ECDB5FA692EBF832F295D905, 76466BB9E4F12436ECCCB9D89EB20762B4785F82F02591B51A735A590E248264 ] disk            C:\Windows\system32\drivers\disk.sys
11:09:26.0875 0x1154  disk - ok
11:09:26.0890 0x1154  dlcd_device - ok
11:09:26.0922 0x1154  [ 06230F1B721494A6DF8D47FD395BB1B0, F6CA8270740E01D9CE2FE8E34BC067C7EDC15BA610F461860E1D17D135C8A379 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:09:27.0000 0x1154  Dnscache - ok
11:09:27.0031 0x1154  [ 1A7156DD1E850E9914E5E991E3225B94, 99FF0C7125B01FCB0B92DC44756AE8FAA486F2E7F38DC6204F7EFE5918F8480A ] dot3svc         C:\Windows\System32\dot3svc.dll
11:09:27.0124 0x1154  dot3svc - ok
11:09:27.0187 0x1154  [ 74C02B1717740C3B8039539E23E4B53F, FF17BC1DAAE92C99D17EAE5C43FCFCC4B76E390D05EE2C603E5579C78A5536F0 ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
11:09:27.0280 0x1154  Dot4 - ok
11:09:27.0296 0x1154  [ 08321D1860235BF42CF2854234337AEA, 39BD593B373A43C34FDDE283BA17F8127558036E8B5604D7C7091BC99CA9D739 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
11:09:27.0358 0x1154  Dot4Print - ok
11:09:27.0436 0x1154  [ 4ADCCF0124F2B6911D3786A5D0E779E5, 950B6FA2B9ABF353036A64133ED441EF58EEE36DC4BF5D5C4FFB71796438B5AA ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
11:09:27.0499 0x1154  dot4usb - ok
11:09:27.0546 0x1154  [ 1583B39790DB3EAEC7EDB0CB0140C708, F94F9AE7054A38602CD25D4E10FE7C7B574BD9ED8440C3FDAA7275A1D1E663E7 ] DPS             C:\Windows\system32\dps.dll
11:09:27.0608 0x1154  DPS - ok
11:09:27.0655 0x1154  [ F1A78A98CFC2EE02144C6BEC945447E6, D2E2AA13BE6319F967002476A5D3CF09B1B44350576DD8E1C1C531854F53B488 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:09:27.0717 0x1154  drmkaud - ok
11:09:27.0764 0x1154  [ 362CCEF305F45829316D62D3410F2062, 35033749E9B6B5AFC9C8C305F4AA1597E9776D465E7BBC24A20E836B7BEF0D73 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:09:27.0826 0x1154  DXGKrnl - ok
11:09:27.0873 0x1154  [ 264CEE7B031A9D6C827F3D0CB031F2FE, 50CAD28A73D29E7E04A45330146CF713BA17101215955009121E36D43CD5C536 ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
11:09:27.0936 0x1154  E1G60 - ok
11:09:27.0982 0x1154  [ C2303883FD9BE49DC36A6400643002EA, F062D1D6D503CF5195BDE8C1DC75B541F559CB8175ADABCDB7690E9F1CA3EA4E ] EapHost         C:\Windows\System32\eapsvc.dll
11:09:28.0029 0x1154  EapHost - ok
11:09:28.0092 0x1154  [ 665E1507E129DC598C6EB390A10AC05B, 851018D4DB6E80FC27445EA13B8AADC340746CB6E71908F9B05EB094C4BB78D9 ] Ecache          C:\Windows\system32\drivers\ecache.sys
11:09:28.0138 0x1154  Ecache - ok
11:09:28.0201 0x1154  [ B1F2503E23425B386DF0F3413B2596F3, 02FB1FA57679DBFF2E13641AB7C24CC28D5A4CFB0C51B7A617D3A3A406B8DF0C ] eDataSecurity Service C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
11:09:28.0263 0x1154  eDataSecurity Service - ok
11:09:28.0310 0x1154  [ 14CE384D2E27B64C256BDA4DC39C312D, D5FA9C2BB162F1C22E419D33671B8202AAC245A87F6B183B97F83F5BFA165B41 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:09:28.0388 0x1154  ehRecvr - ok
11:09:28.0404 0x1154  [ B93159C1313D66FDFBBE876F5189CD52, 51E39160EA56F6B08449267EDF2A0F604612663768D2348DE23554AB07BDBB62 ] ehSched         C:\Windows\ehome\ehsched.exe
11:09:28.0450 0x1154  ehSched - ok
11:09:28.0482 0x1154  [ F5EE2527D74449868E3C3227A59BCD28, 11640E97EE9D8F9A5DC3FEA6BA7A737AA796A7235C7F5C7EF1ABFB51C9D730D3 ] ehstart         C:\Windows\ehome\ehstart.dll
11:09:28.0575 0x1154  ehstart - ok
11:09:28.0716 0x1154  [ C4636D6E10469404AB5308D9FD45ED07, 367D958D19F672395462206F27C1E138386C2F37B0FA77546F4217CF16D05C84 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
11:09:28.0778 0x1154  elxstor - ok
11:09:28.0825 0x1154  [ E10597CED1246F81C87F00E67E7C6855, 67B5A552D5988FD20C35FC5AEF557456C73CB3DAC88E7735A3E15E7F3B6C0D73 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
11:09:28.0918 0x1154  EMDMgmt - ok
11:09:28.0981 0x1154  [ BC3A58E938BB277E46BF4B3003B01ABD, 2BB054E632A96951DAB25B3BE8541AEC1B97A7739FC8D0E34BE8B9295600C8FC ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:09:29.0074 0x1154  ErrDev - ok
11:09:29.0199 0x1154  [ C0FE39B8F686B7C70A666E716CC12B49, C9030DFF61266579B1FF75FE14D3DCFDFDCECEF5FBD39BB4AB8357AB5C55CF48 ] ETService       C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
11:09:29.0246 0x1154  ETService - detected UnsignedFile.Multi.Generic ( 1 )
11:09:31.0586 0x1154  Detect skipped due to KSN trusted
11:09:31.0586 0x1154  ETService - ok
11:09:31.0773 0x1154  [ E12F22B73F153DECE721CD45EC05B4AF, 41887EEF4BB024329B4079AD50FC5FB705F0EB8BAF6C93A8242DC2A73D3AFD86 ] EventSystem     C:\Windows\system32\es.dll
11:09:31.0929 0x1154  EventSystem - ok
11:09:32.0070 0x1154  [ 486844F47B6636044A42454614ED4523, 3E24E78584B199C0FAA59613EEB7DF67B3B878B277A0130C7A3FF608C130BA2F ] exfat           C:\Windows\system32\drivers\exfat.sys
11:09:32.0600 0x1154  exfat - ok
11:09:32.0678 0x1154  [ 1E34B436811CCA4A2783C0BC7A0BEB2E, 7C9496100DEA53FBADDA8B1EFF9F943FD13E75601A039632887A35F190C1F799 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:09:32.0912 0x1154  fastfat - ok
11:09:33.0006 0x1154  [ 81B79B6DF71FA1D2C6D688D830616E39, 62F8BC0DB918A49B10A5BE1724A2E2F17FA7D8208D5D86822FACB2DCD97B3591 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
11:09:33.0052 0x1154  fdc - ok
11:09:33.0146 0x1154  [ BB9267ACACD8B7533DD936C34A0CBA5E, 32DE6E10ABA540D62F0D8AE30DE8769D7BF29E547838BEBE67C04183CC0B32C7 ] fdPHost         C:\Windows\system32\fdPHost.dll
11:09:33.0318 0x1154  fdPHost - ok
11:09:33.0349 0x1154  [ 300C80931EABBE1DB7591C516EFE8D0F, F031DA96B06B6FA8E0AD56D5E10E5A5882765C3FF258A4DE06A47EC34829FF04 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:09:33.0427 0x1154  FDResPub - ok
11:09:33.0458 0x1154  [ 457B7D1D533E4BD62A99AED9C7BB4C59, 3933907DE163F8D3A81ED25169B693D723296C437C7C990BFE9DEFD60F7635FD ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:09:33.0505 0x1154  FileInfo - ok
11:09:33.0520 0x1154  [ D421327FD6EFCCAF884A54C58E1B0D7F, C2F3B72EA36BA8B74A30E128C088307CA768FDBE232BFA216CD78B0F9B7AF18A ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:09:33.0583 0x1154  Filetrace - ok
11:09:33.0630 0x1154  [ 230923EA2B80F79B0F88D90F87B87EBD, 1F3287970FEC73011F3B675C447BF0CA35416490D4740C6960595B091181059C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
11:09:33.0708 0x1154  flpydisk - ok
11:09:33.0786 0x1154  [ E3041BC26D6930D61F42AEDB79C91720, 3556C033BB78445EC8B2F98A82455914764AFC70CBFF634DDBD3539885A1E457 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:09:33.0832 0x1154  FltMgr - ok
11:09:34.0113 0x1154  [ 785AD3D6B10EFD845E0E0F81F56CD976, B3D1732BA122FF856A8031DEAB37886BFC66E10F3DE377A439E69E031794C441 ] FontCache       C:\Windows\system32\FntCache.dll
11:09:34.0378 0x1154  FontCache - ok
11:09:34.0503 0x1154  [ BC5B0BE5AF3510B0FD8C140EE42C6D3E, B21CA5F14BDB6CFD97A24C28BB2AD0D704C46058F13B01FF4203514FE8B92591 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:09:34.0534 0x1154  FontCache3.0.0.0 - ok
11:09:35.0595 0x1154  [ DDEE99DC54EFA20BD5A442CD733C4462, 941D6C5D91F6419198F1A53BF7D33AA2D9118CEAC028B6ED8E5308751810B9B5 ] FsUsbExDisk     C:\Windows\SysWOW64\FsUsbExDisk.SYS
11:09:35.0673 0x1154  FsUsbExDisk - detected UnsignedFile.Multi.Generic ( 1 )
11:09:38.0013 0x1154  Detect skipped due to KSN trusted
11:09:38.0013 0x1154  FsUsbExDisk - ok
11:09:38.0076 0x1154  [ 5779B86CD8B32519FBECB136394D946A, 68A395CD2287D22CB5C8CFE5A3006A61AC0C3FDAADF166C93240FF83C0315DCF ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:09:38.0169 0x1154  Fs_Rec - ok
11:09:38.0200 0x1154  [ C8E416668D3DC2BE3D4FE4C79224997F, 7DBC8E7687179A649638F606C9584F2E8EC2065762997CDF151F9BB99FA8D535 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:09:38.0247 0x1154  gagp30kx - ok
11:09:38.0388 0x1154  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:09:38.0419 0x1154  GEARAspiWDM - ok
11:09:38.0481 0x1154  [ A0E1B575BA8F504968CD40C0FAEB2384, F64A24A5A93F4E757882E97C65DA612F07A87F4DDD2E10C1AB0250AFA03BCEF1 ] gpsvc           C:\Windows\System32\gpsvc.dll
11:09:38.0575 0x1154  gpsvc - ok
11:09:38.0934 0x1154  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:09:38.0965 0x1154  gupdate - ok
11:09:39.0168 0x1154  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:09:39.0183 0x1154  gupdatem - ok
11:09:39.0324 0x1154  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
11:09:39.0370 0x1154  gusvc - ok
11:09:39.0495 0x1154  [ DF45F8142DC6DF9D18C39B3EFFBD0409, E0F04525530FF403C5A34B7E9A03CDE70B7BACE12E2E50103554E92AF374BD09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:09:39.0604 0x1154  HdAudAddService - ok
11:09:39.0807 0x1154  [ F942C5820205F2FB453243EDFEC82A3D, 17A6A3DCF884FB524C93F2477D97E9F2B8E547709F8F2AEA93BEEA322B62E914 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
11:09:39.0963 0x1154  HDAudBus - ok
11:09:39.0994 0x1154  [ B4881C84A180E75B8C25DC1D726C375F, C0BEDBF43EFB0DD442A1D7985EA4A7493671648954B7D1840E30FB2FC46589A4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
11:09:40.0072 0x1154  HidBth - ok
11:09:40.0119 0x1154  [ 4E77A77E2C986E8F88F996BB3E1AD829, 1748676EB038A145405080B829DF4156C2596691BE5C67FD8269BE8D9351B400 ] HidIr           C:\Windows\system32\drivers\hidir.sys
11:09:40.0260 0x1154  HidIr - ok
11:09:40.0353 0x1154  [ 59361D38A297755D46A540E450202B2A, ED97800A3FF9B90EC58BC5122C42B53F46D9C157EFE488481E8677ED7058E33D ] hidserv         C:\Windows\system32\hidserv.dll
11:09:40.0494 0x1154  hidserv - ok
11:09:40.0525 0x1154  [ 443BDD2D30BB4F00795C797E2CF99EDF, BCE1A241AE5CCE3E1C65CCF07ECB4305C7106F2EFFD51F2C519EB00026B474C4 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:09:40.0618 0x1154  HidUsb - ok
11:09:40.0696 0x1154  [ B12F367EA39C0795FD57E31242CE1A5A, 498439FE4D1217211EB6C1AC35CDA5D59F3AE8F06AF5E41EE9FDB0DC559FBE27 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:09:40.0790 0x1154  hkmsvc - ok
11:09:40.0852 0x1154  [ D7109A1E6BD2DFDBCBA72A6BC626A13B, 6141B6645F4152A326ECA8AD0DD04CB38C9EDA395BDF6FF260AB17CB86FC4C87 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
11:09:40.0899 0x1154  HpCISSs - ok
11:09:41.0149 0x1154  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05, 7B3F117C1D606DDA7623BEC0BFBC362C33A12213E899F049AC56A55826984134 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
11:09:41.0196 0x1154  hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
11:09:43.0536 0x1154  Detect skipped due to KSN trusted
11:09:43.0536 0x1154  hpqcxs08 - ok
11:09:43.0598 0x1154  [ F3F72A2A86C22610BCA5439FA789DD52, DA5A8F09DCC512AA1558863AD4FAC12F72DD83CA8FB4D8D9831E4AFBB6B3C616 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
11:09:43.0692 0x1154  hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
11:09:46.0032 0x1154  Detect skipped due to KSN trusted
11:09:46.0032 0x1154  hpqddsvc - ok
11:09:46.0219 0x1154  [ 098F1E4E5C9CB5B0063A959063631610, 36B02A738413E4745978E3E90D9CE8ABC08376BEE411008A4312A752CB4A2E13 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:09:46.0359 0x1154  HTTP - ok
11:09:46.0484 0x1154  [ DA94C854CEA5FAC549D4E1F6E88349E8, 10BEB47DB90F55BD1792C2041E49ED13E4E52BCC11BE6599F6DA8D91B79CC8D1 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
11:09:46.0531 0x1154  i2omp - ok
11:09:46.0593 0x1154  [ CBB597659A2713CE0C9CC20C88C7591F, A2BAC75F7247D871842A32EAA7594D338E728D1BFEAEA3C1FCDBF65F007BC06A ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
11:09:46.0734 0x1154  i8042prt - ok
11:09:46.0765 0x1154  [ 3E3BF3627D886736D0B4E90054F929F6, 95A138B65DC9133E92F53A529C7AD897D8823EFAED343756549FDF6C8C749CD0 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
11:09:46.0827 0x1154  iaStorV - ok
11:09:47.0061 0x1154  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
11:09:47.0326 0x1154  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
11:09:49.0666 0x1154  Detect skipped due to KSN trusted
11:09:49.0666 0x1154  IDriverT - ok
11:09:49.0916 0x1154  [ A9AA69F749AC1D318151E77372CC83DB, 2A50A4D6ED22F5F6CB5DC56A639D904AD71E511DC744A6F6C3D1D4D39756AF31 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:09:50.0025 0x1154  idsvc - ok
11:09:50.0056 0x1154  [ 8C3951AD2FE886EF76C7B5027C3125D3, 85CF7231756E02BD9E5F4378F3FC794394A072B8028F27827F83ACE9EE554499 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
11:09:50.0103 0x1154  iirsp - ok
11:09:50.0322 0x1154  [ 0401A380C88754B2399F8043AC9B2BF9, BFF3B53FAFAE6622AA9F74BAA4A3D522C06E2D732B88916766603B9FE8D0D77F ] IKEEXT          C:\Windows\System32\ikeext.dll
11:09:50.0509 0x1154  IKEEXT - ok
11:09:50.0571 0x1154  [ 8C7FA71CB1EBCD3EDE8958D27B1BF0B4, 04243A34AF13B89DABE4C4D24204438094AA36A83591092E1251AD67E623C10F ] int15           C:\Windows\SysWOW64\drivers\int15_64.sys
11:09:50.0602 0x1154  int15 - ok
11:09:51.0055 0x1154  [ 023EB98945069178C21B324B880AD787, 324D66F2F975E4C4B80A8FB6E51B461CE0D8D076D8D5FC58EDBD360E9D473D52 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:09:51.0944 0x1154  IntcAzAudAddService - ok
11:09:52.0162 0x1154  [ DF797A12176F11B2D301C5B234BB200E, 384343636B21CA7EDF28EFD1B6728EAB1508CA49CE48FF3DC0D91DB843C0C73E ] intelide        C:\Windows\system32\drivers\intelide.sys
11:09:52.0194 0x1154  intelide - ok
11:09:52.0225 0x1154  [ BFD84AF32FA1BAD6231C4585CB469630, 33E0842F2D0879B02C115301174FCB19ED3AAF7B1B8E6284839CE16DE56476EA ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:09:52.0287 0x1154  intelppm - ok
11:09:52.0334 0x1154  [ 5624BC1BC5EEB49C0AB76A8114F05EA3, BD5AA534D8A923AF4D205EEC6DA55A3DC5F915E5F3223BF23F24C09824FA90B6 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:09:52.0428 0x1154  IPBusEnum - ok
11:09:52.0506 0x1154  [ D8AABC341311E4780D6FCE8C73C0AD81, 141E8032A934777567E6DAC35FB1C77C40D9B6EE477F17F872F35833A8F57F72 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:09:53.0301 0x1154  IpFilterDriver - ok
11:09:53.0410 0x1154  [ BF0DBFA9792C5C14FA00F61C75116C1B, 24C14DCAF57013F1C238E3C123279737420A714EB29CB69239C9838C9A269A59 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:09:53.0551 0x1154  iphlpsvc - ok
11:09:53.0566 0x1154  IpInIp - ok
11:09:53.0644 0x1154  [ 9C2EE2E6E5A7203BFAE15C299475EC67, E51628ECAB9CCCBCE02801C5E71406487A280765FEE318D14B0C227141B87658 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
11:09:53.0738 0x1154  IPMIDRV - ok
11:09:53.0785 0x1154  [ B7E6212F581EA5F6AB0C3A6CEEEB89BE, C29D7F392116BB09F7047A90702331F200DACFB3C94E7F912932971E0B7F0413 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
11:09:53.0972 0x1154  IPNAT - ok
11:09:54.0206 0x1154  [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
11:09:54.0268 0x1154  iPod Service - ok
11:09:54.0331 0x1154  [ 8C42CA155343A2F11D29FECA67FAA88D, 699F06D25C5F270CE1194F4D350CB0BE22C6AB609EECF35D066C034AC380BEE3 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:09:54.0393 0x1154  IRENUM - ok
11:09:54.0456 0x1154  [ 0672BFCEDC6FC468A2B0500D81437F4F, A0322B569C309F258684AFECCD52924A33F363186261730469245B7FA357C645 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:09:54.0487 0x1154  isapnp - ok
11:09:54.0658 0x1154  [ E4FDF99599F27EC25D2CF6D754243520, 9139E708EE30F10652C9A458BD58B0343A3C05E84CD3E71FA0B0E4123503CF7B ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
11:09:54.0674 0x1154  iScsiPrt - ok
11:09:54.0721 0x1154  [ 63C766CDC609FF8206CB447A65ABBA4A, D9CA006FA852C95E90E8A0837E296FCBFD76246DA8AFDE563863D5F95BDFEC52 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
11:09:54.0752 0x1154  iteatapi - ok
11:09:54.0830 0x1154  Iteidelr - ok
11:09:54.0908 0x1154  [ 25D0DACC04EADA6DCBC0B1E46F309759, 06457D87FDEAE5FA9B3365977B060D3101E09065BEE3E55E2AFED25986EDB3FA ] ITEIO.SYS       c:\Windows\System32\drivers\ITEIO.sys
11:09:55.0080 0x1154  ITEIO.SYS - detected UnsignedFile.Multi.Generic ( 1 )
11:09:57.0420 0x1154  Detect skipped due to KSN trusted
11:09:57.0420 0x1154  ITEIO.SYS - ok
11:09:57.0607 0x1154  [ 1281FE73B17664631D12F643CBEA3F59, B27571A0348CDF81DC102A61712CBA9A4AF7AC0015A7702B0DE73AD4E4646853 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
11:09:57.0732 0x1154  iteraid - ok
11:09:57.0763 0x1154  [ 423696F3BA6472DD17699209B933BC26, 00C2EAA1A8E9D422D178B7678598743234930C1858D76C632F079EF789BB56C3 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:09:57.0794 0x1154  kbdclass - ok
11:09:57.0856 0x1154  [ DBDF75D51464FBC47D0104EC3D572C05, E392EE961E734620245874C7700D56621A1A990C45DF5CE0B7D270BA708F255E ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
11:09:57.0903 0x1154  kbdhid - ok
11:09:57.0966 0x1154  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] KeyIso          C:\Windows\system32\lsass.exe
11:09:58.0153 0x1154  KeyIso - ok
11:09:58.0324 0x1154  [ AAF3F0043C09E6D2DC0D794F2C43CA65, DCE49115C708DDD18902D7D9E03E38A057314C7C50A34B054A36281C2818A6EE ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:09:58.0371 0x1154  KSecDD - ok
11:09:58.0449 0x1154  [ 1D419CF43DB29396ECD7113D129D94EB, 21ECCE9D17F055C7B5066110864E10C99291CE50B389C545371333904CE2DBB5 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:09:58.0683 0x1154  ksthunk - ok
11:09:58.0824 0x1154  [ 1FAF6926F3416D3DA05C5B265491BDAE, 3989E18522691CC3820092033E00ED39D08861DFB369AA0DFFF4B379E48EA1F0 ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:09:58.0917 0x1154  KtmRm - ok
11:09:58.0995 0x1154  [ 50C7A3CB427E9BB5ED0708A669956AB5, 3DAD1C01AE58FE2C6134283B19118E2F3C884DDFFBAE4A46B7B5E4FB1A2567A1 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:09:59.0401 0x1154  LanmanServer - ok
11:09:59.0526 0x1154  [ CAF86FC1388BE1E470F1A7B43E348ADB, 9E9AE0B617D1031E8462524802A2D997AE7C944A7D00D403FF903145A7FEB761 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:10:00.0181 0x1154  LanmanWorkstation - ok
11:10:00.0321 0x1154  [ 793FF718477345CD5D232C50BED1E452, 1D39CF9F10742C79FF99B9B4E0361EAEA63B4FC545C58B54B55537D18C802941 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
11:10:00.0384 0x1154  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
11:10:02.0708 0x1154  Detect skipped due to KSN trusted
11:10:02.0708 0x1154  LightScribeService - ok
11:10:02.0755 0x1154  [ 96ECE2659B6654C10A0C310AE3A6D02C, 3322E87B9F64C3ACBCB634F2390AAB212FA7695383BF01F0092A803871BF19B2 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:10:02.0848 0x1154  lltdio - ok
11:10:02.0973 0x1154  [ 961CCBD0B1CCB5675D64976FAE37D092, 258378BE76A13E4368C9587E6A22727721E4B267B0D26D3D3E333B3B2A5A0611 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:10:03.0114 0x1154  lltdsvc - ok
11:10:03.0145 0x1154  [ A47F8080CACC23C91FE823AD19AA5612, 161575406D158D6D5C9220F1E82C0CC19108C74ADC35C509BAF9B0C414EFD8EE ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:10:03.0238 0x1154  lmhosts - ok
11:10:03.0270 0x1154  [ ACBE1AF32D3123E330A07BFBC5EC4A9B, 0E17E4DD30B5AF8F269EF8EA003836C9E16273262A050B9BE3ED802DD3AC9319 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
11:10:03.0316 0x1154  LSI_FC - ok
11:10:03.0363 0x1154  [ 799FFB2FC4729FA46D2157C0065B3525, AB462A34D061C113DA12641C45159A58D0AEA1C440233D061A20DF99586CFA93 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:10:03.0394 0x1154  LSI_SAS - ok
11:10:03.0426 0x1154  [ F445FF1DAAD8A226366BFAF42551226B, 92B63E15363F1EAE8A54D4E74ED21669D0A9FE99C654671556C58456228278B1 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
11:10:03.0472 0x1154  LSI_SCSI - ok
11:10:03.0488 0x1154  [ 52F87B9CC8932C2A7375C3B2A9BE5E3E, 2EB22DD418D4934BDD22C5DB49D5D06178EC0419AB5CC28DD544CA91823987B0 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:10:03.0566 0x1154  luafv - ok
11:10:03.0784 0x1154  [ 47701ECA633574E122687693B5C5D35C, 1DB12767462347504956450FAD0D90B6E682E2E8959A6C5DF3792C3C3DA289B1 ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
11:10:03.0816 0x1154  mbamchameleon - ok
11:10:03.0925 0x1154  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
11:10:03.0956 0x1154  MBAMProtector - ok
11:10:04.0315 0x1154  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
11:10:04.0377 0x1154  MBAMScheduler - ok
11:10:04.0642 0x1154  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:10:04.0923 0x1154  MBAMService - ok
11:10:05.0126 0x1154  [ 7AA446700A643BF0EAA72C6712A0EE32, 78CACB31C4212B62FDBF32CEC1DCD99BC94F6435E75CF08CAF8E9E4A63266C8A ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
11:10:05.0142 0x1154  McAfee SiteAdvisor Service - ok
11:10:05.0594 0x1154  [ 5F2E238661F79CC2D0347F0265BF0063, 378BCAD65677F9B4F98D0680C942C18B4CA5A9BFB87A434B8BE1C854CD8DD95B ] mcmscsvc        C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
11:10:05.0641 0x1154  mcmscsvc - ok
11:10:06.0452 0x1154  [ AA490BFB95998686AF46FDCD8093443B, 29C1EAF736E462CBCB2AD2B5DDAB59F718DA11C1FEA3259350976A365566A2E8 ] McNASvc         c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
11:10:06.0733 0x1154  McNASvc - ok
11:10:06.0967 0x1154  [ 573D566B19D66087E0204252BE8DBBB4, C816F647F4FFCC719FF258D70C46B608F977CE1010CB8D6D9CCB310AFAF8E31B ] McODS           C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
11:10:07.0045 0x1154  McODS - ok
11:10:07.0248 0x1154  [ 5A8D1ACD2070B8261236D5484AE63721, B0DC795C6490AC28BB7C19445880BBC984E89F4FA1A6EAAF5FAABB793965112C ] McProxy         c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
11:10:07.0310 0x1154  McProxy - ok
11:10:07.0388 0x1154  [ 4E1F46A3E8EB9B3014D836C0A07F36BF, D4386576CDB9FA453BE8EE264E4FAE79B71A5D11B59C4542707251C00F80C0FE ] McShield        C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
11:10:07.0435 0x1154  McShield - ok
11:10:07.0716 0x1154  [ 9C2BA4C40B94D049539AD99235715A9A, 126DA0178876C77CC627283B5E00D81CC1AC36CD883FDA787971BDC354F9F826 ] McSysmon        C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe
11:10:07.0825 0x1154  McSysmon - ok
11:10:07.0903 0x1154  [ 76A58DF02BD4EA29F189B82D0BEF17F8, B3A96AABE050BB332ECD9AF7C35D08B468AC459D30FF4D49B609BA3F95ECEEDA ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:10:07.0996 0x1154  Mcx2Svc - ok
11:10:08.0106 0x1154  [ 5C5CD6AACED32FB26C3FB34B3DCF972F, 34A66C21FA79800D3CDE933CFA71343218F94D67AAE763EA0B53AC49060CB6D0 ] megasas         C:\Windows\system32\drivers\megasas.sys
11:10:08.0152 0x1154  megasas - ok
11:10:08.0246 0x1154  [ 859BC2436B076C77C159ED694ACFE8F8, 4AEA57A8B9EACEC1B8DED3ECC95621C56E6D65CFE2DA9F07DAF7C7BAD132B624 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
11:10:08.0308 0x1154  MegaSR - ok
11:10:08.0386 0x1154  [ E9266B1BE3B2110277E5F1071F05F3D9, 98CFFD7A8C4DADA2228F2E5C2F504A0A6D0CA4258264D7E11460420F94201792 ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
11:10:08.0418 0x1154  mfeavfk - ok
11:10:08.0558 0x1154  [ 4216409C03FACEB8331708884B7C8ABB, F4B2E872C39CFE61809C0A355523E3A7AA8853610F221F454A89AA622A928D43 ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
11:10:08.0605 0x1154  mfehidk - ok
11:10:08.0636 0x1154  [ 87A4B421520BCDC3EB9C2E39292DD81D, 9CABD0047FF63E006992D8A2DD7094C9B2DC2777005D6C60AAF4D1EFE10602D5 ] mferkdk         C:\Windows\system32\drivers\mferkdk.sys
11:10:08.0667 0x1154  mferkdk - ok
11:10:08.0808 0x1154  [ 03A7B08BEB5D607F801AB455F87A6508, D1BBAD3C13FBA5990ABCD8875BDF8F33D671E778560DF962A53454AFBEEEE533 ] mfesmfk         C:\Windows\system32\drivers\mfesmfk.sys
11:10:08.0839 0x1154  mfesmfk - ok
11:10:09.0135 0x1154  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
11:10:09.0166 0x1154  Microsoft Office Groove Audit Service - ok
11:10:09.0244 0x1154  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] MMCSS           C:\Windows\system32\mmcss.dll
11:10:09.0525 0x1154  MMCSS - ok
11:10:09.0556 0x1154  [ 59848D5CC74606F0EE7557983BB73C2E, EA6ACF0619DE1E4272AEDC69F2E66E29DA499E8E8094243C9EF735FD8369229D ] Modem           C:\Windows\system32\drivers\modem.sys
11:10:09.0697 0x1154  Modem - ok
11:10:09.0837 0x1154  [ C247CC2A57E0A0C8C6DCCF7807B3E9E5, 357811D1B8F70828F6432879F59DAB916FBB55673B3473D879382DE33CFB3FAF ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:10:09.0900 0x1154  monitor - ok
11:10:09.0931 0x1154  [ 9367304E5E412B120CF5F4EA14E4E4F1, F87EBACEE27A50E6610FDCB4BD3001C35A99FEE6D63D643FF2CBF0D484CD082C ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:10:09.0962 0x1154  mouclass - ok
11:10:10.0009 0x1154  [ C2C2BD5C5CE5AAF786DDD74B75D2AC69, B77E4A7511923E7BD35A177A40B4E461AC9CB050D6F0575D4799DEF85DA6DA38 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:10:10.0071 0x1154  mouhid - ok
11:10:10.0118 0x1154  [ 108DE0E4E7B0F53F5764F9A241F7A4E6, 0D7688E322FE1DD21BAC1324DC9F27D1007E8417717A0EF8637768D318654CDA ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
11:10:10.0165 0x1154  MountMgr - ok
11:10:10.0570 0x1154  [ 9FC679D10A7377BB04ECC3D0E2E26B53, 24ACD4EC1618A052C29E4463138B28F62C8B78D442DB82F4925E64FC5849A096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:10:10.0617 0x1154  MozillaMaintenance - ok
11:10:10.0914 0x1154  [ 73150F67D20270FF95A021A22E64F28A, A8878DEFBE437FB453F8E9243FB5C787D07AC7415A4475388D479C10417C524F ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
11:10:10.0976 0x1154  MpFilter - ok
11:10:11.0070 0x1154  [ E843A4295A3381347B4CD17C5DE4090A, 964D5CF3AC89968D7ADCD29395ECEF773AD7609A5F7ACAC4C4FB90C48616519F ] MPFP            C:\Windows\system32\Drivers\Mpfp.sys
11:10:11.0116 0x1154  MPFP - ok
11:10:11.0335 0x1154  [ DE51C0969EE26777D2D10C5CF70538FA, AEF278816758FFA89E23F1ACA3C3F4C872CDAE1F86A3B96F8EA93999B37A78D4 ] MpfService      C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
11:10:11.0397 0x1154  MpfService - ok
11:10:11.0460 0x1154  [ F8276EB8698142884498A528DFEA8478, C0FF504F721F1D00F42CFE783D4F32C6728518F64646F5C5C11BA3A4824815BB ] mpio            C:\Windows\system32\drivers\mpio.sys
11:10:11.0506 0x1154  mpio - ok
11:10:11.0522 0x1154  [ C92B9ABDB65A5991E00C28F13491DBA2, D1233381A9E4262F0AB396BBDB7DE402D4370805E11EB8A118C846F6E9474098 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:10:11.0647 0x1154  mpsdrv - ok
11:10:11.0803 0x1154  [ 897E3BAF68BA406A61682AE39C83900C, 13F61D5C22BED061BE7C2669CCCAA2BAD4A0CE83800DF57A50306DE0A476FC27 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:10:12.0333 0x1154  MpsSvc - ok
11:10:12.0364 0x1154  [ 3C200630A89EF2C0864D515B7A75802E, AA4A312E7A28FCE7A944747BADB809CAAD3D67899EBBE663D473621DB25B140A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
11:10:12.0396 0x1154  Mraid35x - ok
11:10:12.0474 0x1154  [ F0142D3C0505B1B6DB8591A49C005C16, 3C773A2F8D8CE359B81AE6F4112EACBB0582169E4A09CD610E3DCE6DCF9403AF ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:10:12.0645 0x1154  MRxDAV - ok
11:10:12.0723 0x1154  [ B31DB7D6E624479EA20FEE17E712A44C, E316244BD83698793A66EA185BE1395827C7A9D5B73B60592BBF6413BFCF52F1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:10:13.0285 0x1154  mrxsmb - ok
11:10:13.0378 0x1154  [ 2EB4A3EDA9FBECEC53CA2BB0853E2B66, 0DBA1CB6A9A97E9406111F724F82A009B9492A4D602FCD288FB907830E070E0E ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:10:13.0472 0x1154  mrxsmb10 - ok
11:10:13.0534 0x1154  [ 3F979D9CE02323CB3EBD15174732C8C1, 2B8301222B582012A86B85F45374E3B1A562D1EC61DE6A3F5AF611C3B38F409C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:10:13.0597 0x1154  mrxsmb20 - ok
11:10:13.0706 0x1154  [ 1AC860612B85D8E85EE257D372E39F4D, 74682CCE44BCEE31BCA286D4F4E53B64CAAE244155F2B4C8FEB6AE7C391CA89D ] msahci          C:\Windows\system32\drivers\msahci.sys
11:10:13.0737 0x1154  msahci - ok
11:10:13.0784 0x1154  [ 264BBB4AAF312A485F0E44B65A6B7202, 1DF36540C77D5D885B6C2EE91F0446864D8E6D6CFED87A9ED0765E76FE05E102 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:10:13.0831 0x1154  msdsm - ok
11:10:13.0862 0x1154  [ 7EC02CE772F068ED0BEAFA3DA341A9BC, 3B5B4EA0BF1D1E57F4DF74A569304A5EE41821F5E2F352760B8C9CA82C6D8292 ] MSDTC           C:\Windows\System32\msdtc.exe
11:10:13.0971 0x1154  MSDTC - ok
11:10:14.0002 0x1154  [ 704F59BFC4512D2BB0146AEC31B10A7C, F7712944DDC192C47953D577BE31B79B4D11217305B1C3D0DCA31B1518CB8DCB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:10:14.0049 0x1154  Msfs - ok
11:10:14.0112 0x1154  [ 00EBC952961664780D43DCA157E79B27, 4F8F5718D8574A128E0F6CD54C9BE59A93A7638A5689A8FF68D0C81D3E67808F ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:10:14.0143 0x1154  msisadrv - ok
11:10:14.0314 0x1154  [ 366B0C1F4478B519C181E37D43DCDA32, A98E2BC397FAD7D90653F55AC283CACAE7465D7F10A198D715046B1D896AF246 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:10:14.0626 0x1154  MSiSCSI - ok
11:10:14.0642 0x1154  msiserver - ok
11:10:14.0892 0x1154  [ 9A55CFA5F970BB407C7F639D19578A89, 04D872B6A50AF265771D8EC15AF6B34763E3D0368B77D1204378B4FF607AAFA2 ] MSK80Service    C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
11:10:14.0923 0x1154  MSK80Service - ok
11:10:14.0985 0x1154  [ 0EA73E498F53B96D83DBFCA074AD4CF8, E3DDE34FCFF272E06CD8DA836F8D79E2515885715D4A7CD7BF8D97D7A4E0E781 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:10:15.0063 0x1154  MSKSSRV - ok
11:10:15.0235 0x1154  [ CE996C1821021ADF8E28E80A54E846A8, 99042E895B6C2EA80F3BA65563A12C8EBA882E3AD6A21DD8E799B0112C75DDD2 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
11:10:15.0266 0x1154  MsMpSvc - ok
11:10:15.0282 0x1154  [ 52E59B7E992A58E740AA63F57EDBAE8B, A89F607B330BA1F42CA9FF01EF289BBD088350CF376568E58CB9865F1DA6CD72 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:10:15.0375 0x1154  MSPCLOCK - ok
11:10:15.0438 0x1154  [ 49084A75BAE043AE02D5B44D02991BB2, 4CD2692D191035CE9D18F4D21F054FF8C3F9CF2734464EA33EAB480A28AD447F ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:10:15.0640 0x1154  MSPQM - ok
11:10:15.0718 0x1154  [ DC6CCF440CDEDE4293DB41C37A5060A5, 768D08A67508E1CE69B67642A5E5A639C0DD1E93C956C56ECC5A56B0E502C953 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:10:15.0765 0x1154  MsRPC - ok
11:10:15.0812 0x1154  [ 855796E59DF77EA93AF46F20155BF55B, 75DFCEE16A9D94EDF74295B9686D92552817E8A00958917CB0E17089EDCF6A97 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
11:10:15.0843 0x1154  mssmbios - ok
11:10:16.0077 0x1154  MSSQL$SQLEXPRESS - ok
11:10:16.0218 0x1154  [ 1D89EB4E2A99CABD4E81225F4F4C4B25, B9C4D956E3F74CB463A1A14287F4B550381FBB3E4B2DF9418E041E02A159E31E ] MSSQLServerADHelper c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
11:10:16.0264 0x1154  MSSQLServerADHelper - ok
11:10:16.0311 0x1154  [ 86D632D75D05D5B7C7C043FA3564AE86, 96911FBC106B91E76598EE110B5147D4C55E42C9194E857F866B6B395E78D2CB ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:10:16.0530 0x1154  MSTEE - ok
11:10:18.0324 0x1154  [ 0F4DD44765A7D23E0CD9965EE900558F, 4D61960F02C2F9281263833F04B203398A9D4E72F3819383420DA31FF8D581FE ] msvsmon90       C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe
11:10:19.0150 0x1154  msvsmon90 - ok
11:10:19.0213 0x1154  [ 0CC49F78D8ACA0877D885F149084E543, 984DDCB52F0DFC1B26C6504FE500E8D9C2CA7F79ED34608AE9866A0915B8BA67 ] Mup             C:\Windows\system32\Drivers\mup.sys
11:10:19.0260 0x1154  Mup - ok
11:10:19.0400 0x1154  [ A5B10C845E7538C60C0F5D87A57CB3F5, 2B4E16702591C59BC2CA2B99DBB504BAB4F4EF0835B0D9C7453D340CBF0BDF16 ] napagent        C:\Windows\system32\qagentRT.dll
11:10:19.0462 0x1154  napagent - ok
11:10:19.0587 0x1154  [ 2007B826C4ACD94AE32232B41F0842B9, 6267D165C3C8C5F83194890A6DBF71226D4B891AECD1D06F7AEB5D738C3DC9CA ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:10:19.0696 0x1154  NativeWifiP - ok
11:10:20.0180 0x1154  [ 65950E07329FCEE8E6516B17C8D0ABB6, 4429D9FF9B6E376D28D8FA4906B7554DF566EC23E455E3166C496B579622F204 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:10:20.0227 0x1154  NDIS - ok
11:10:20.0274 0x1154  [ 64DF698A425478E321981431AC171334, C43177CB60F5D58E1FF7A31E9BE5DA7D92C4B25235867DD65BADC069EDF023F3 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:10:20.0414 0x1154  NdisTapi - ok
11:10:20.0445 0x1154  [ 8BAA43196D7B5BB972C9A6B2BBF61A19, 8AFFB26F6E8CF67F562818BBFE12FB448E4FCDF9B68858B625681565DE30DDC1 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:10:20.0539 0x1154  Ndisuio - ok
11:10:20.0570 0x1154  [ F8158771905260982CE724076419EF19, B86FFA790A30ED614A11C87F4D738C913EFC0924DC14750D544001D4E9556071 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:10:20.0695 0x1154  NdisWan - ok
11:10:20.0742 0x1154  [ 9CB77ED7CB72850253E973A2D6AFDF49, C3C15B317A7F7AE68B7BC62343962C47F075240F252727811DB4BEE443F9103F ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:10:20.0804 0x1154  NDProxy - ok
11:10:21.0163 0x1154  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
11:10:21.0178 0x1154  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
11:10:23.0503 0x1154  Detect skipped due to KSN trusted
11:10:23.0503 0x1154  Net Driver HPZ12 - ok
11:10:23.0534 0x1154  [ A499294F5029A7862ADC115BDA7371CE, 6BE0AAFE4EB59E056A929D6C1A009D8DFD547025481108CEFB12E5D6F86DBE14 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:10:23.0628 0x1154  NetBIOS - ok
11:10:23.0752 0x1154  [ FC2C792EBDDC8E28DF939D6A92C83D61, 9EDF8B56E2B47C31457074DA371B604E5F7EB2B3B5CD4688CBEEDD5B266D119B ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
11:10:23.0815 0x1154  netbt - ok
11:10:23.0846 0x1154  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] Netlogon        C:\Windows\system32\lsass.exe
11:10:23.0862 0x1154  Netlogon - ok
11:10:24.0127 0x1154  [ 9B63B29DEFC0F3115A559D2597BF5D75, 297319D3F2E97CB34464EA59D8FD96AC2B8B1A4F2AEE666937F16A041128021F ] Netman          C:\Windows\System32\netman.dll
11:10:24.0298 0x1154  Netman - ok
11:10:25.0110 0x1154  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:10:25.0203 0x1154  NetMsmqActivator - ok
11:10:25.0266 0x1154  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:10:25.0297 0x1154  NetPipeActivator - ok
11:10:25.0422 0x1154  [ 7846D0136CC2B264926A73047BA7688A, 6F56CC1B17095C378D98B58A92F9EDA2D009529DDB6F60E815D85C7606C8EDC0 ] netprofm        C:\Windows\System32\netprofm.dll
11:10:25.0515 0x1154  netprofm - ok
11:10:25.0578 0x1154  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:10:25.0609 0x1154  NetTcpActivator - ok
11:10:25.0640 0x1154  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:10:25.0671 0x1154  NetTcpPortSharing - ok
11:10:25.0749 0x1154  [ 4AC08BD6AF2DF42E0C3196D826C8AEA7, 8D7DE921E14BAF09D7E2704CFB2FB1C8A78A46DAF86CDF7A347C5D113A8C110B ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
11:10:25.0796 0x1154  nfrd960 - ok
11:10:25.0999 0x1154  [ 4774AD83C650001B337B92E5E5DA337B, 138ECC7F556D8A12AE58B78B68F6515BE4C00F9F062596B48B6CA6C010F13035 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
11:10:26.0077 0x1154  NisDrv - ok
11:10:26.0202 0x1154  [ 96B7D15161A778B359E707796CCEA646, 9E4A25D9848FAECC517474EAD548E7975CBE3F41AAA964E5245E78F2A723925E ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
11:10:26.0264 0x1154  NisSrv - ok
11:10:26.0389 0x1154  [ 9DC33E66BB7E6470BFE8AA9EF5FBED43, 23E583B264BBD7933E3A000F00D646ABE526D1068C41BC24CF93739529FCA339 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:10:26.0763 0x1154  NlaSvc - ok
11:10:26.0904 0x1154  [ C9773EF9CBF2877725A45F07396D5DA6, BD05CAC7CDCDC8132E8092585A38A227451D08A7FB9F602FCD8C2B05468247EC ] nmwcdx64        C:\Windows\system32\drivers\ccdcmbx64.sys
11:10:27.0325 0x1154  nmwcdx64 - ok
11:10:27.0372 0x1154  [ B298874F8E0EA93F06EC40AA8D146478, 275D769E5EFD3153985DAF84C5B22B9D65428E09AB41099901ABDD03B3A2625D ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:10:27.0434 0x1154  Npfs - ok
11:10:27.0496 0x1154  [ ACB62BAA1C319B17752553DF3026EEEB, 5A309DF390A097245250BB64AD5F8575BECA601E0A122DDCB494C67D3D9EA089 ] nsi             C:\Windows\system32\nsisvc.dll
11:10:27.0590 0x1154  nsi - ok
11:10:27.0606 0x1154  [ 1523AF19EE8B030BA682F7A53537EAEB, B000630CE4B562D39B5EE4148409B2E01D8924D33D27607B24ADC901357E7AA5 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:10:27.0684 0x1154  nsiproxy - ok
11:10:28.0152 0x1154  [ 2ACCAA3C3C55370A32F17B3595E1A217, 8539A293A5E1EBA2CC0FA9E999099D3B6B035D41069398AE17D737BBE4D9FEA8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:10:28.0666 0x1154  Ntfs - ok
11:10:28.0776 0x1154  [ A2B6583A5652A385DFF5E4F49AD48761, 7214F722DE8EAEE9F33FF3AAE32AF14BEA8D1CE71680B813130D4AA41E8D32C8 ] NTIBackupSvc    C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
11:10:28.0932 0x1154  NTIBackupSvc - detected UnsignedFile.Multi.Generic ( 1 )
11:10:31.0256 0x1154  Detect skipped due to KSN trusted
11:10:31.0256 0x1154  NTIBackupSvc - ok
11:10:31.0303 0x1154  [ 7D397449AAF52B0E7C79B64F6AD4473E, 05FB804B6A71C48BA734CC55146B20068911AB6F7D98C0AA073505EC5CEB15CE ] NTIDrvr         C:\Windows\system32\Drivers\NTIDrvr.sys
11:10:31.0350 0x1154  NTIDrvr - ok
11:10:31.0443 0x1154  [ 40B87FE8A1A9A5AC9E5A91D96F212BCD, 0C0BE4EF2999613B1559F9A709B31DB1E5EBB3336732A24D5C3E705461549E24 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
11:10:31.0521 0x1154  NTISchedulerSvc - detected UnsignedFile.Multi.Generic ( 1 )
11:10:33.0846 0x1154  Detect skipped due to KSN trusted
11:10:33.0846 0x1154  NTISchedulerSvc - ok
11:10:33.0877 0x1154  [ DD5D684975352B85B52E3FD5347C20CB, BB03C50D5178643550C024130E20FD9A023AE110B3C85A2D6E18FB8DBB3A12E4 ] Null            C:\Windows\system32\drivers\Null.sys
11:10:33.0970 0x1154  Null - ok
11:10:34.0345 0x1154  [ 98350606682594521D56ECCB5D01ECF7, CC25B5AF0F9196727A2AC601392E1B84DCCF49232C770C337A3592B0456BCDA2 ] NVENETFD        C:\Windows\system32\DRIVERS\nvmfdx64.sys
11:10:34.0828 0x1154  NVENETFD - ok
11:10:35.0000 0x1154  [ 6E022D5F44CD8B029CF799807BB31269, F204AB9B2EBE96DE6A1DB6864F4DFED1D7819B891AEEE14F06F0B4EC73206706 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
11:10:35.0031 0x1154  NVHDA - ok
11:10:37.0543 0x1154  [ FCBA1C22727939E7CFF9EB08FE9692AB, 081FBF38EA17746C5CF2260AD32B62385D4A075476E30CBB9A2AA080F8AA0CA4 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:10:38.0182 0x1154  nvlddmkm - ok
11:10:38.0245 0x1154  [ 2C040B7ADA5B06F6FACADAC8514AA034, EF32F7C411090230ED1D95B2D01E8464DCC89D72EFD94BBC8DF6856D00B1A783 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:10:38.0338 0x1154  nvraid - ok
11:10:38.0385 0x1154  [ F7EA0FE82842D05EDA3EFDD376DBFDBA, 0ED0543A5331C0D8BBFD1BE3174482ED1B3EE70CA41CE8CE5C81977C37B3D129 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:10:38.0448 0x1154  nvstor - ok
11:10:38.0494 0x1154  [ 581286807B5832503FD700A3217B589F, EE5C6E2EFD653D9A4E955A7852BE1CC704587354DA2587CC09BE70056AE7D0FA ] nvstor64        C:\Windows\system32\DRIVERS\nvstor64.sys
11:10:38.0526 0x1154  nvstor64 - ok
11:10:38.0697 0x1154  [ 10C232F6CFFD51D2332898AE7AE0FF23, 92E5452D8467852C22D702ACAFB5DBFD312A8F72A4353B8D0A9C18AEFCE4B2B2 ] nvsvc           C:\Windows\system32\nvvsvc.exe
11:10:39.0040 0x1154  nvsvc - ok
11:10:39.0462 0x1154  [ 4789E020D2617046862D1790FC235FF6, FCFD56DF2CADA830E7B2D4B91D5A9D2FE783B1396CBA124000765168FA5B6574 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:10:39.0586 0x1154  nvUpdatusService - ok
11:10:39.0602 0x1154  [ 19067CA93075EF4823E3938A686F532F, 81339372E90CE9E2594461146A82B62452CF9DB3FF53381D30F6922059EDCF99 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:10:39.0664 0x1154  nv_agp - ok
11:10:39.0680 0x1154  NwlnkFlt - ok
11:10:39.0680 0x1154  NwlnkFwd - ok
11:10:39.0930 0x1154  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:10:40.0023 0x1154  odserv - ok
11:10:40.0164 0x1154  [ B5B1CE65AC15BBD11C0619E3EF7CFC28, E9AA27724A7576D1869FF861A498DB8AF79A7B297F10272F1D63E6CB88CD455B ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
11:10:40.0210 0x1154  ohci1394 - ok
11:10:40.0288 0x1154  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:10:40.0335 0x1154  ose - ok
11:10:40.0444 0x1154  [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
11:10:40.0710 0x1154  p2pimsvc - ok
11:10:40.0866 0x1154  [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] p2psvc          C:\Windows\system32\p2psvc.dll
11:10:40.0928 0x1154  p2psvc - ok
11:10:40.0975 0x1154  [ AECD57F94C887F58919F307C35498EA0, CD8E8B54A445EF0DC485D5F221588875C98328596F64EE03B2D8BD0B860504FB ] Parport         C:\Windows\system32\drivers\parport.sys
11:10:41.0115 0x1154  Parport - ok
11:10:41.0287 0x1154  [ B43751085E2ABE389DA466BC62A4B987, 167CB6B18B6B7B74A229A976833E1FBE6D51C9C0EB8A23C92FC2465B692DF383 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:10:42.0176 0x1154  partmgr - ok
11:10:42.0238 0x1154  [ 9AB157B374192FF276C1628FBDBA2B0E, E63E2EE1ABEEC5234F4F1318757EDB4A7567057B1DF1A2414C8698D47062B6AC ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:10:42.0472 0x1154  PcaSvc - ok
11:10:42.0550 0x1154  [ 47AB1E0FC9D0E12BB53BA246E3A0906D, 82B452D614B535FAD3AFEEA06DFBBF8F7C5031563A2558CFA04F9B94C76E45DF ] pci             C:\Windows\system32\drivers\pci.sys
11:10:42.0628 0x1154  pci - ok
11:10:42.0660 0x1154  [ 2657F6C0B78C36D95034BE109336E382, C85CFDA57A64B7CC1BB09225C2F81629CEF21C5F25735B098F214397D6DE0D2C ] pciide          C:\Windows\system32\drivers\pciide.sys
11:10:42.0722 0x1154  pciide - ok
11:10:42.0816 0x1154  [ 037661F3D7C507C9993B7010CEEE6288, A7B415675B14FD755D0167BBA458A902AA9ABFC4343A1B887289D31DE8A55285 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:10:42.0878 0x1154  pcmcia - ok
11:10:43.0221 0x1154  [ BF907EC8C6783E861246C8060E788334, E1368E1E4951FD1C54CBCD47BEA0879C0E0DAD8373BB9F1D86D2A7211276EDA2 ] PCTCore         C:\Windows\system32\drivers\PCTCore64.sys
11:10:43.0330 0x1154  PCTCore - ok
11:10:43.0455 0x1154  [ FF43E3B1687E4E2140DE6349EA5C7372, CFBCECC5ED55BF3E75B4016BCB53BF7DC6C4220F92CC65AEA86F6228578A80E0 ] pctDS           C:\Windows\system32\drivers\pctDS64.sys
11:10:43.0518 0x1154  pctDS - ok
11:10:43.0674 0x1154  [ 60E9A05852AF7E9CB11237C00AEE4CCF, 22F3FFF4CB74461B163615631DB77A3C95CCB4738F2BFCF98708192237F41793 ] pctEFA          C:\Windows\system32\drivers\pctEFA64.sys
11:10:43.0767 0x1154  pctEFA - ok
11:10:43.0892 0x1154  [ 58865916F53592A61549B04941BFD80D, 3511AF2EFD06636E144C36ECA8C7AA1A33C269EDB10A6D879AA25D9E11359AA9 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:10:44.0110 0x1154  PEAUTH - ok
11:10:44.0968 0x1154  [ 0ED8727EA0172860F47258456C06CAEA, 3CDAA1044E412EC4303CEABD36A8C7BADA2D6C6692E09B8FE440709E3F4F0166 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:10:45.0187 0x1154  PerfHost - ok
11:10:45.0639 0x1154  [ E9E68C1A0F25CF4A7AC966EEA74EE89E, 6C6903A856C29AD690FDA1B74ADB2222C3453FBE2B364245FA61D53C77C586C0 ] pla             C:\Windows\system32\pla.dll
11:10:45.0936 0x1154  pla - ok
11:10:46.0045 0x1154  [ FE6B0F59215C9FD9F9D26539C58C8B82, 52CF8BE31A28430226D117EB80974AEAE5EA07F39DE881164232D44BF67FF752 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:10:46.0107 0x1154  PlugPlay - ok
11:10:46.0170 0x1154  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
11:10:46.0201 0x1154  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
11:10:48.0541 0x1154  Detect skipped due to KSN trusted
11:10:48.0541 0x1154  Pml Driver HPZ12 - ok
11:10:48.0634 0x1154  [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
11:10:48.0681 0x1154  PNRPAutoReg - ok
11:10:48.0837 0x1154  [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
11:10:48.0884 0x1154  PNRPsvc - ok
11:10:49.0024 0x1154  [ 89A5560671C2D8B4A4B51F3E1AA069D8, 07DEE5D73DDE09F954E2E13BB5603F0033829B6199C81A7C1709D94AB92B351E ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:10:49.0118 0x1154  PolicyAgent - ok
11:10:49.0149 0x1154  [ 23386E9952025F5F21C368971E2E7301, F7241C1799A8AA0E9106B101B841670304DC695FD8D290C690CE0ED5C13BC514 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:10:49.0243 0x1154  PptpMiniport - ok
11:10:49.0336 0x1154  [ 5080E59ECEE0BC923F14018803AA7A01, 2E201511821AECCF056962399AFA3533ED765A3E7FD30E7B38A6D13837367E69 ] Processor       C:\Windows\system32\drivers\processr.sys
11:10:49.0461 0x1154  Processor - ok
11:10:49.0524 0x1154  [ EF321BEED9CF3DF60EBA29A1D618AD8A, FE277119BCC9938054DFA670844B31E4F66C19EBC6E59E747F99C38F76A433BD ] ProfSvc         C:\Windows\system32\profsvc.dll
11:10:49.0633 0x1154  ProfSvc - ok
11:10:49.0664 0x1154  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:10:49.0711 0x1154  ProtectedStorage - ok
11:10:49.0742 0x1154  [ C5AB7F0809392D0DA027F4A2A81BFA31, B5BC9712AD93661A77AF4D67DB5F05C58A93CF7CDD6F7BA20568C0A9F4630321 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
11:10:49.0851 0x1154  PSched - ok
11:10:49.0882 0x1154  [ 2CFD31D41CDE75328ACAEEE2D4F4B836, 3C49F738C9CDD999C8487876C956790E4103EAFDC64E5FD76E62B28C5EC80734 ] PSDFilter       C:\Windows\system32\DRIVERS\psdfilter.sys
11:10:49.0929 0x1154  PSDFilter - ok
11:10:49.0992 0x1154  [ 51A585F999672D8BB07F22AE12B40846, FC10C804803EBEACCFD92FED8385C5AF8E00E2F578FA64049D4BD928340C1786 ] PSDNServ        C:\Windows\system32\DRIVERS\PSDNServ.sys
11:10:50.0070 0x1154  PSDNServ - ok
11:10:50.0085 0x1154  [ DB50D3F5C31B1A848B04F7F2A6FF2709, 97B30A77AAC0A9A091EE138A6C0FF9FBD299E0F35410917006C7FE81A25866DD ] psdvdisk        C:\Windows\system32\DRIVERS\PSDVdisk.sys
11:10:50.0163 0x1154  psdvdisk - ok
11:10:50.0319 0x1154  [ 0B83F4E681062F3839BE2EC1D98FD94A, 47E1B8014C59981693F5544872AF00383528AAEF0C6FE9AE8C45A6359EFB067D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
11:10:50.0460 0x1154  ql2300 - ok
11:10:50.0491 0x1154  [ E1C80F8D4D1E39EF9595809C1369BF2A, 5C18F8366049C690FC8AA4A992AA0765A6607F72E0EF889A5F3757E59FB1C143 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
11:10:50.0553 0x1154  ql40xx - ok
11:10:50.0616 0x1154  [ 90574842C3DA781E279061A3EFF91F07, F87DE7355DAA4FACF2126A0427C08BAAD9E647E0B02EE5447746BE969B28DA8D ] QWAVE           C:\Windows\system32\qwave.dll
11:10:50.0709 0x1154  QWAVE - ok
11:10:50.0787 0x1154  [ E8D76EDAB77EC9C634C27B8EAC33ADC5, 171A3C5D5C3C5845C3BF9A4BCD88E744B025C910AC2F528D0E7D66F173FF0BED ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:10:50.0881 0x1154  QWAVEdrv - ok
11:10:50.0943 0x1154  [ 1013B3B663A56D3DDD784F581C1BD005, 36B83F234C2D6A6112BC8B5EF0AB5075EE98AC0BED702C37E4C1C3D17EB49956 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:10:51.0099 0x1154  RasAcd - ok
11:10:51.0177 0x1154  [ B2AE18F847D07F0044404DDF7CB04497, 24B1D5E1D0621160640264656E3D447C611DEE1B0EE308971EF85F0AC3D9F7DD ] RasAuto         C:\Windows\System32\rasauto.dll
11:10:51.0286 0x1154  RasAuto - ok
11:10:51.0364 0x1154  [ AC7BC4D42A7E558718DFDEC599BBFC2C, E059EB9472FDDB73AF09FFEBA58D8284AFCDAB1516E0C5759980E60C892F8126 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:10:51.0474 0x1154  Rasl2tp - ok
11:10:51.0552 0x1154  [ 3AD83E4046C43BE510DE681588ACB8AF, C5445A23F35395B3EA3974C0D5E314E23D900C694D31F7B7A83FE9027D95A91C ] RasMan          C:\Windows\System32\rasmans.dll
11:10:51.0676 0x1154  RasMan - ok
11:10:51.0754 0x1154  [ 4517FBF8B42524AFE4EDE1DE102AAE3E, F01C8A773A637B66192BD16DDE467CAECC6E62853DBDB507FF3FC67B4B388988 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:10:51.0895 0x1154  RasPppoe - ok
11:10:51.0957 0x1154  [ C6A593B51F34C33E5474539544072527, 8182C1D15CDC164363D3DD355197160167A00BA9FA833AA444317D06344EF7CE ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:10:52.0051 0x1154  RasSstp - ok
11:10:52.0191 0x1154  [ 322DB5C6B55E8D8EE8D6F358B2AAABB1, 07B89F701594F680F50A885B923521763A6131104CEE63D422E1C359C23AE2F6 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:10:52.0316 0x1154  rdbss - ok
11:10:52.0378 0x1154  [ 603900CC05F6BE65CCBF373800AF3716, 83B010D51D1087673CF15FD0A992FD91CC910A073FEA9A8F20F6124B6E5489F2 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:10:52.0456 0x1154  RDPCDD - ok
11:10:52.0550 0x1154  [ C045D1FB111C28DF0D1BE8D4BDA22C06, 572986C93B982387EE94797A1EDE1C6C444B0F1078AC8201099452BFA021458F ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
11:10:52.0737 0x1154  rdpdr - ok
11:10:52.0784 0x1154  [ CAB9421DAF3D97B33D0D055858E2C3AB, 66C353CD310A91FAB0D0871ACCE71110595B63536560D0331DA70B1E33AC45BE ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:10:52.0940 0x1154  RDPENCDD - ok
11:10:53.0049 0x1154  [ AE4BD9E1C33D351D8E607FC81F15160C, AD785CA72B7C6EB9F94B2E797C758C0F804DB26EE056DDC6D4F85BB562A02EA4 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:10:53.0268 0x1154  RDPWD - ok
11:10:53.0455 0x1154  [ C612B9557DA73F70D41F8A6FBC8E5344, D7D11F202066F848FBD3F26D9FF915C7F3D68F30631393B2049F3AC5A40FD108 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:10:53.0611 0x1154  RemoteAccess - ok
11:10:53.0736 0x1154  [ 44B9D8EC2F3EF3A0EFB00857AF70D861, A45D8024A242456A73337C91663A3E1633BF163234CDFD5DF86840F31FFFE84D ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:10:53.0892 0x1154  RemoteRegistry - ok
11:10:54.0001 0x1154  [ A035A7BF5132682F53F1E7B955690CE7, 35162F1B139531312655BA9B85C2BA3A97B837ADBA918429344237B9A58E50FE ] RichVideo       C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
11:10:54.0328 0x1154  RichVideo - detected UnsignedFile.Multi.Generic ( 1 )
11:10:56.0668 0x1154  Detect skipped due to KSN trusted
11:10:56.0668 0x1154  RichVideo - ok
11:10:56.0731 0x1154  [ F46C457840D4B7A4DAAFEE739CE04102, 94E946036240B3BAFF17C4A49745E29E492ABBC7BE5110741B212DF4D7F45B84 ] RpcLocator      C:\Windows\system32\locator.exe
11:10:57.0199 0x1154  RpcLocator - ok
11:10:57.0433 0x1154  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF, 3BE4B8EE22FA55D3A17D3718781C8BCA631C78F7928092561F6B79BB60E7D7FE ] RpcSs           C:\Windows\system32\rpcss.dll
11:10:57.0573 0x1154  RpcSs - ok
11:10:57.0636 0x1154  [ 22A9CB08B1A6707C1550C6BF099AAE73, 46A9D40A03DC0B6C93274C0C1CDB132B2339E76E77CAB0F12AEDAD4C31822B91 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:10:57.0807 0x1154  rspndr - ok
11:10:57.0885 0x1154  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] SamSs           C:\Windows\system32\lsass.exe
11:10:57.0901 0x1154  SamSs - ok
11:10:57.0963 0x1154  [ CD9C693589C60AD59BBBCFB0E524E01B, F9EBD4FF4C712A563B1120D123012E41105D31402BE45D6F8C8DA71155D64ECB ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:10:58.0057 0x1154  sbp2port - ok
11:10:58.0338 0x1154  [ FD1CDCF108D5EF3366F00D18B70FB89B, 5BCE3A9D5DC0B6937A734264C5B8DE0E6B8F77A869A118F94D57E662AAB28FE2 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:10:59.0398 0x1154  SCardSvr - ok
11:10:59.0508 0x1154  [ C453886F47A10D44A9B4AFCBF349071D, B677FD3C638436CE84EC7087569CEEF912F59D0B800B4C76A5CC72289243C49B ] Schedule        C:\Windows\system32\schedsvc.dll
11:11:01.0645 0x1154  Schedule - ok
11:11:01.0707 0x1154  [ 5A268127633C7EE2A7FB87F39D748D56, 45C530A0EE0108543A75B9427F77EBB5E8350AE16C235763B6F32E72CE15C449 ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:11:01.0754 0x1154  SCPolicySvc - ok
11:11:01.0863 0x1154  [ 4FF71B076A7760FE75EA5AE2D0EE0018, DDDBC9530120F8C1AB449076F6F06F74354149B4C458E6682F957628EE795DE8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:11:02.0050 0x1154  SDRSVC - ok
11:11:02.0113 0x1154  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:11:02.0409 0x1154  secdrv - ok
11:11:02.0487 0x1154  [ 5ACDCBC67FCF894A1815B9F96D704490, FE0247A8BEDB860EBD46A9D49C641D0B9AA24EE34132CDDADC9F5A605238FDA7 ] seclogon        C:\Windows\system32\seclogon.dll
11:11:02.0565 0x1154  seclogon - ok
11:11:02.0628 0x1154  [ 90973A64B96CD647FF81C79443618EED, 1D3CB7F724B7EADA6443DF07B258EE7FB7FEC92C2A7A9D3C57F6A220EF0DDDC4 ] SENS            C:\Windows\System32\sens.dll
11:11:02.0706 0x1154  SENS - ok
11:11:02.0768 0x1154  [ 2449316316411D65BD2C761A6FFB2CE2, A428D3B4E113D3CB6DD87CC52CF71E179189A9A9E326B39FB50C7B3155A41A88 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
11:11:02.0862 0x1154  Serenum - ok
11:11:02.0893 0x1154  [ 4B438170BE2FC8E0BD35EE87A960F84F, A585E17607DCB3E79518BC9914C7030C39B30A1B5B5B32137DABA32FF7079858 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:11:02.0971 0x1154  Serial - ok
11:11:03.0033 0x1154  [ A842F04833684BCEEA7336211BE478DF, 9D964AEA237C44898098AC9C2D043F00C66EDA7D73C381D616737C01A9D0FF45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
11:11:03.0174 0x1154  sermouse - ok
11:11:03.0267 0x1154  [ A8E4A4407A09F35DCCC3771AF590B0C4, F56ECE42CE81098FCCBCDFBBF006C3FB9EDD29C62F03C4EAE012EE690669481B ] SessionEnv      C:\Windows\system32\sessenv.dll
11:11:03.0392 0x1154  SessionEnv - ok
11:11:03.0423 0x1154  [ 14D4B4465193A87C127933978E8C4106, A5C3F2F09E9A0715529B05AC1020EF0F432121E129447795257087E0D6A812FC ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:11:03.0564 0x1154  sffdisk - ok
11:11:03.0642 0x1154  [ 7073AEE3F82F3D598E3825962AA98AB2, 82A959A0970CBA8CC16D44736ED12158E59E138484F3F53EBDD3A4C02DA3700D ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:11:03.0798 0x1154  sffp_mmc - ok
11:11:03.0876 0x1154  [ 35E59EBE4A01A0532ED67975161C7B82, 4F4296B8903FCD06439CC8BF93C703852E523834F09CF9121FDA729A988AF11B ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:11:04.0078 0x1154  sffp_sd - ok
11:11:04.0141 0x1154  [ 6B7838C94135768BD455CBDC23E39E5F, 868E054ED546479DEAD7C2834C7AB080820522C16F5B4BEF0F3B279A33ABA9C8 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
11:11:04.0219 0x1154  sfloppy - ok
11:11:04.0468 0x1154  [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34, 9659C7B5046DE2C0416A74FDE6F798C3E78D38327CB71BAE49D57A8347A9097D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:11:04.0780 0x1154  SharedAccess - ok
11:11:05.0061 0x1154  [ 56793271ECDEDD350C5ADD305603E963, 7A29407C1C550FF3A6A3544811ABD971E9C760B984A7E64D5A1440C69D6AF483 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:11:05.0654 0x1154  ShellHWDetection - ok
11:11:05.0716 0x1154  [ 7A5DE502AEB719D4594C6471060A78B3, E8E16DF8AFFC230FBB1A5938925D464A1BA776184B8C020B37669EE2105DB9F2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
11:11:05.0779 0x1154  SiSRaid2 - ok
11:11:05.0841 0x1154  [ 3A2F769FAB9582BC720E11EA1DFB184D, 83EEBCE37E8709FCE15FB44F546C727C56064ED49B73A471EA33480573558419 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:11:05.0982 0x1154  SiSRaid4 - ok
11:11:06.0590 0x1154  [ A9A27A8E257B45A604FDAD4F26FE7241, C5A1056522EE2BA7B70D34E391477A0E9351569CEF28B875172F4B363F6D4177 ] slsvc           C:\Windows\system32\SLsvc.exe
11:11:07.0058 0x1154  slsvc - ok
11:11:07.0152 0x1154  [ FD74B4B7C2088E390A30C85A896FC3AF, 897F1F89A4DDB356CF6E59EFBC32A2081C0CADE283793DB6879D263F7B2E313F ] SLUINotify      C:\Windows\system32\SLUINotify.dll
11:11:07.0276 0x1154  SLUINotify - ok
11:11:07.0417 0x1154  [ 290B6F6A0EC4FCDFC90F5CB6D7020473, 971888FE760641FF86165B9876E6FC12DBC309C0FED2734C60B9E0EBC078AAE0 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:11:07.0620 0x1154  Smb - ok
11:11:07.0698 0x1154  [ F8F47F38909823B1AF28D60B96340CFF, EFD948EE09F22F9F373A98BA6D9BC519FD9244986E4BE7B2BACD92D3C145AD1D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:11:07.0932 0x1154  SNMPTRAP - ok
11:11:08.0025 0x1154  [ 386C3C63F00A7040C7EC5E384217E89D, DD8766BCBD77EC6F67979A8B37B943A3A0E5478CE3FB129BF8FCA29B66529721 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:11:08.0056 0x1154  spldr - ok
11:11:08.0197 0x1154  [ F66FF751E7EFC816D266977939EF5DC3, 689BDD0B442830E162F2F9A8EFBD0E137F518C7F0CD92EDF4A43EFBA188B69F4 ] Spooler         C:\Windows\System32\spoolsv.exe
11:11:08.0290 0x1154  Spooler - ok
11:11:08.0665 0x1154  [ 86EBD8B1F23E743AAD21F4D5B4D40985, 8FA4DFDAE15712266B878C364FEFDB63CB30A3DCC25F83CDFE8C8AB3AE864BE6 ] SQLBrowser      c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
11:11:08.0790 0x1154  SQLBrowser - ok
11:11:09.0008 0x1154  [ 3C432A96363097870995E2A3C8B66ABD, AA0AE0935FC5317FE93D7D3C3B9A6B2E026915D07704AF3E36F14FEA8595F4A6 ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
11:11:09.0086 0x1154  SQLWriter - ok
11:11:09.0226 0x1154  [ 4A3CE977E95070922EBA8EEE80EF08C0, EDC0DB3CBB20F7E4E517078C67CB4833F415EA386605011B13AE78C117DE0267 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:11:09.0492 0x1154  srv - ok
11:11:09.0616 0x1154  [ A1AD14A6D7A37891FFFECA35EBBB0730, AE00950D330EE4C05F5AA9BC7E63E974766D8E93B607CB3E683C727E8A65049D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:11:09.0710 0x1154  srv2 - ok
11:11:09.0804 0x1154  [ DA20A8B6800396211638D91F68FF09A6, 624ACDB9C4B20C3556ACD01E0794A7BAC0A8F867580210251540C5E14413A428 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:11:09.0897 0x1154  srvnet - ok
11:11:10.0006 0x1154  [ 52D6F40B50ECFC051979FEC68E74F0F8, 9C8C65AC69BA5C9885CF2A4BD72B869754948377AA3FED2680E7BF8C5639F2A2 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
11:11:10.0100 0x1154  ssadbus - ok
11:11:10.0162 0x1154  [ D6CFD3B2EABCF9327DE39C62BABFA1E3, C748AF55B07FCB9C5A3E3E0CB783CE6387A2C5D646BCA6B5F5FFF37ACCE82AD3 ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
11:11:10.0194 0x1154  ssadmdfl - ok
11:11:10.0303 0x1154  [ 5EB01E6148742C3EC2185AC92F6D16FD, 5BD22C745D9BD47C60929F9C556E4B262F9415866EFE9F9263EAD916D74ECAE0 ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys
11:11:10.0350 0x1154  ssadmdm - ok
11:11:10.0443 0x1154  [ 192C74646EC5725AEF3F80D19FF75F6A, 8F24FF139A46B1F837356B9D682526107D7BADCFA510842FEACB6F06C02D93D9 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:11:10.0521 0x1154  SSDPSRV - ok
11:11:10.0693 0x1154  [ 2EE3FA0308E6185BA64A9A7F2E74332B, EC6A15281685E6CDEADABDFD08C4AF980AD3B404C945EB121D7F90AFCA3D6849 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:11:10.0755 0x1154  SstpSvc - ok
11:11:10.0833 0x1154  [ 91310683D7B6B292B746D60734B59322, 2C56C3E4AA7356FB544B52F80ABDA39A80473390CB2059C69BDCCAD40FE56325 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
11:11:10.0942 0x1154  ssudmdm - ok
11:11:11.0332 0x1154  [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
11:11:11.0410 0x1154  ss_conn_service - ok
11:11:11.0535 0x1154  [ BC76D75A372BC02831A6A6AEA66510F8, 98EABF22D16E5326CE4FD4B7092E7A6BD52118698792D98A25C477ACCFDE7FF6 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
11:11:11.0691 0x1154  Steam Client Service - ok
11:11:11.0738 0x1154  [ 5A19667A580B1CE886EAF968B9743F45, 0A9EBE4057A0A6EF4732623794C2416A6BD8B87356DA46652BD92762505F57C7 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:11:11.0863 0x1154  Stereo Service - ok
11:11:11.0988 0x1154  [ 15825C1FBFB8779992CB65087F316AF5, E9431C016D209A7322C0586F11EEF0AB461AB5822960287BB1D0FBC30183614D ] stisvc          C:\Windows\System32\wiaservc.dll
11:11:12.0066 0x1154  stisvc - ok
11:11:12.0128 0x1154  [ 8A851CA908B8B974F89C50D2E18D4F0C, 27EA13E50B5B72ABF6C5B7B7D34A7154A12BB27B1C1B2EEFCAA36A96010DB4DC ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
11:11:12.0159 0x1154  swenum - ok
11:11:12.0253 0x1154  [ 6DE37F4DE19D4EFD9C48C43ADDBC949A, 9C3714238571704CEE2AD4F1E15029243E00B494345C41F74EFDF3F0328CC9EA ] swprv           C:\Windows\System32\swprv.dll
11:11:12.0362 0x1154  swprv - ok
11:11:12.0378 0x1154  [ 2F26A2C6FC96B29BEFF5D8ED74E6625B, 0227EAF144BC35AA4FF2535E8C9974C0609B7634EE45F4166B9F88F79B17BBF1 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
11:11:12.0424 0x1154  Symc8xx - ok
11:11:12.0456 0x1154  [ A909667976D3BCCD1DF813FED517D837, 0874DD4C1CA7AE2E519EBB45433BC9F11A574408F5D2F9E23A340CA76512F5CE ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
11:11:12.0580 0x1154  Sym_hi - ok
11:11:12.0596 0x1154  [ 36887B56EC2D98B9C362F6AE4DE5B7B0, 7349FABACB633A9EEE3D4E241A5F443C28D23CC87F21EAAB3F1711644AA21D7C ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
11:11:12.0643 0x1154  Sym_u3 - ok
11:11:12.0690 0x1154  [ 92D7A8B0F87B036F17D25885937897A6, 6759BAB11E5FBB143BE13DF1611AE5D41D379DF423D881E92E910DF6A37CBA85 ] SysMain         C:\Windows\system32\sysmain.dll
11:11:12.0908 0x1154  SysMain - ok
11:11:13.0002 0x1154  [ 005CE42567F9113A3BCCB3B20073B029, B1831D71410AD6E7DEB59D26BF6D2D07D2F6112936D6A6FDA57E9296ADA4076D ] TabletInputService C:\Windows\System32\TabSvc.dll
11:11:13.0111 0x1154  TabletInputService - ok
11:11:13.0314 0x1154  [ CC2562B4D55E0B6A4758C65407F63B79, C6AD05B345C699A715EC13830D8EA6EE9822F4B713D15B1F29AC044674A0F498 ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:11:13.0392 0x1154  TapiSrv - ok
11:11:13.0454 0x1154  [ 048CFE7569D6ADCAB9349BB1A566A79E, E248D2A66881FDFF9505896F383EFFEF2FD5AFC15D8992E653F5C31F1F80DAF3 ] tbhsd           C:\Windows\system32\drivers\tbhsd.sys
11:11:13.0563 0x1154  tbhsd - ok
11:11:13.0626 0x1154  [ CDBE8D7C1E201B911CDC346D06617FB5, 16D5965E32A109DA38D77F4B6281081569D78371B2F522DE51100967F8776C7A ] TBS             C:\Windows\System32\tbssvc.dll
11:11:13.0672 0x1154  TBS - ok
11:11:13.0797 0x1154  [ 89399663A2F0393AFFC79E8397ECA844, BA7D4DF5A2F5EB5328522D6136BB71F56263305B9396A437A8AFEF5A8C5C496C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:11:13.0953 0x1154  Tcpip - ok
11:11:14.0109 0x1154  [ 89399663A2F0393AFFC79E8397ECA844, BA7D4DF5A2F5EB5328522D6136BB71F56263305B9396A437A8AFEF5A8C5C496C ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
11:11:14.0203 0x1154  Tcpip6 - ok
11:11:14.0265 0x1154  [ A7FF25D9B9DA36797BD1EA48DB292DCE, D89C946633E77765923BD698F2665DC03C5CF1676EB2BAF4450A856B2E856997 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:11:14.0374 0x1154  tcpipreg - ok
11:11:14.0437 0x1154  [ 1D8BF4AAA5FB7A2761475781DC1195BC, A28E972E9331BAD685D4C786FDE221565E0AD3E222B24B9182B7FA916BFCD9C8 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:11:14.0546 0x1154  TDPIPE - ok
11:11:14.0608 0x1154  [ 7F7E00CDF609DF657F4CDA02DD1C9BB1, 42A408E82D4017D27D3B0BBBA02BF4B21DEC060C89849785ED65962D18029B65 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:11:14.0749 0x1154  TDTCP - ok
11:11:14.0827 0x1154  [ 458919C8C42E398DC4802178D5FFEE27, E38828411DCE0AE2E2BF0D270FD80E47B46EDE4B44DAFD1DF11F54D427EACEB5 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:11:14.0905 0x1154  tdx - ok
11:11:14.0952 0x1154  [ 8C19678D22649EC002EF2282EAE92F98, 551E7EBA54C2345F2B7FD7AAA7ADA4C852C94F1B35E6E4BBEF883BAFA34F6262 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
11:11:14.0983 0x1154  TermDD - ok
11:11:15.0264 0x1154  [ 5A67A1108E347FCA6A64B74FFB108BDE, F9EC8932366FF4101C6F059567DDF099D895C90567C3E770DDDC71562434A821 ] TermService     C:\Windows\System32\termsrv.dll
11:11:15.0373 0x1154  TermService - ok
11:11:15.0404 0x1154  [ 56793271ECDEDD350C5ADD305603E963, 7A29407C1C550FF3A6A3544811ABD971E9C760B984A7E64D5A1440C69D6AF483 ] Themes          C:\Windows\system32\shsvcs.dll
11:11:15.0435 0x1154  Themes - ok
11:11:15.0607 0x1154  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] THREADORDER     C:\Windows\system32\mmcss.dll
11:11:15.0685 0x1154  THREADORDER - ok
11:11:15.0716 0x1154  [ F4689F05AF472A651A7B1B7B02D200E7, 3D34B8879DBC69013D1A87A3F47B8A622A60B57F2E962E9F5925C5A01F44640F ] TrkWks          C:\Windows\System32\trkwks.dll
11:11:15.0794 0x1154  TrkWks - ok
11:11:15.0888 0x1154  [ 66328B08EF5A9305D8EDE36B93930369, FD8136BF15AB8D2DB15D011C4F813737D68EED1178462DB8CE40606C16185A30 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:11:15.0919 0x1154  TrustedInstaller - ok
11:11:16.0044 0x1154  [ B2388462329ACD17AF50D8701E0C1B18, 959D7B7CCB526367645BAA11C56C88C9AD741EE338BAD6513C54FC7ED43F3AC0 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:11:16.0153 0x1154  tssecsrv - ok
11:11:16.0184 0x1154  [ 89EC74A9E602D16A75A4170511029B3C, AACD82A6F5FE31FF1315F5CA69E5EB6BD172DD86610F0641177CCC131B542034 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
11:11:16.0231 0x1154  tunmp - ok
11:11:16.0309 0x1154  [ 30A9B3F45AD081BFFC3BCAA9C812B609, 57204F1F72FEFA086FF1D8A14487D56F4DEDD3C50FBB6903E0C4AC749EA720DE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:11:16.0387 0x1154  tunnel - ok
11:11:16.0465 0x1154  [ FEC266EF401966311744BD0F359F7F56, 6EE0223AEFA7A81BEB155FC0CD4421C2BEBCDCBC9663C23064B0445101114BF8 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:11:16.0512 0x1154  uagp35 - ok
11:11:16.0527 0x1154  [ 00C8CE31657624A125FDB90EFD554371, 649F809D28EE81F791AFDF2A2BBB58122679D7B66938ECE5FB40EFF705FEBED9 ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
11:11:16.0590 0x1154  UBHelper - ok
11:11:16.0668 0x1154  [ FAF2640A2A76ED03D449E443194C4C34, CC2517DCFE6962EB2EDEB93E44CB53B113974C9C69A050E3F36385C8D78E810B ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:11:16.0761 0x1154  udfs - ok
11:11:16.0886 0x1154  [ 060507C4113391394478F6953A79EEDC, 5D0AE5F1184165289DC8E8CD493607FCB68512CF90F748E3BFD2250655D784D4 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:11:16.0995 0x1154  UI0Detect - ok
11:11:17.0026 0x1154  [ 4EC9447AC3AB462647F60E547208CA00, F304125321B1ECA915EDDBDB6A71EAEF3123DCB5604C9497D72F12E0C1BD5315 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:11:17.0089 0x1154  uliagpkx - ok
11:11:17.0136 0x1154  [ 697F0446134CDC8F99E69306184FBBB4, A741882B8FE403E3A5DECED5D4A2254B14AF40ACECD4DAA3D00D71C2205C2C5F ] uliahci         C:\Windows\system32\drivers\uliahci.sys
11:11:17.0198 0x1154  uliahci - ok
11:11:17.0214 0x1154  [ 31707F09846056651EA2C37858F5DDB0, A619AC4B32EA77AC29458894614870086C4DDB81525ADBCFF1AB8970FC5C257A ] UlSata          C:\Windows\system32\drivers\ulsata.sys
11:11:17.0276 0x1154  UlSata - ok
11:11:17.0307 0x1154  [ 85E5E43ED5B48C8376281BAB519271B7, DBDA4216553F7C5EA0C579346D0A638E62766D5B8FCB1BFF3149BB37BBF978D3 ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
11:11:17.0370 0x1154  ulsata2 - ok
11:11:17.0401 0x1154  [ 46E9A994C4FED537DD951F60B86AD3F4, 256F93ED3BD43B50F0D4489164D959F95AB070CC25A80A46355D2B387D336224 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:11:17.0510 0x1154  umbus - ok
11:11:17.0557 0x1154  [ 7093799FF80E9DECA0680D2E3535BE60, 1CBFCCA84CB9212176BF5A1D32334BD54E58A2668A4746252738800468AD4AD4 ] upnphost        C:\Windows\System32\upnphost.dll
11:11:17.0682 0x1154  upnphost - ok
11:11:17.0760 0x1154  [ F49988FBF59413B974B1380D6F743EBC, 29571E42C056C6CB8D0743C6A6B80D2ACD163850137B5391D1EE076C927F0B4C ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
11:11:17.0822 0x1154  upperdev - ok
11:11:17.0884 0x1154  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
11:11:17.0994 0x1154  USBAAPL64 - ok
11:11:18.0040 0x1154  [ A565B509000BD3E42A9B93B9FFD40D3D, A22734F2DDAAD743D479D40EA91024F1A16A18D9D6C9FC4F90F3930AD040BFA3 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
11:11:18.0118 0x1154  usbaudio - ok
11:11:18.0196 0x1154  [ 858CC93477F9A9383E07861892600FF9, C72B25E7F6AF46AC22F8D2A1FA0345B290AAE642442C8A388EA75944334BB289 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:11:18.0384 0x1154  usbccgp - ok
11:11:18.0430 0x1154  [ 9247F7E0B65852C1F6631480984D6ED2, E3360A0EE891B8BADEF5FF53F796C79D6AD218961087F866E451F3B6F278672A ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:11:18.0571 0x1154  usbcir - ok
11:11:18.0758 0x1154  [ 82C3790E4E6F35087EF00994C7A72988, 95FA022BDAC65DCD2DA52C8FCC1F2C186B321F4599F40CB90262E24FD10AE16C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
11:11:18.0805 0x1154  usbehci - ok
11:11:18.0914 0x1154  [ BE2EB33AF6EE2E5DA07EB987E0A321F5, 0FCFABA080C553451AE4FAFB54DFE57639251D97DA204C07EC66F469826F3B46 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:11:18.0992 0x1154  usbhub - ok
11:11:19.0023 0x1154  [ 396041C6EA61202991221AA6A3B16190, 42B2372CF3496F53710C1DEBE49E18B1DAD38F7474A72B0F744DD98EBD3E21E5 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
11:11:19.0101 0x1154  usbohci - ok
11:11:19.0132 0x1154  [ 28B693B6D31E7B9332C1BDCEFEF228C1, 6B756E6D7459F755C76BC3F497643F6818F107304B789952B233C6585434F3A8 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:11:19.0210 0x1154  usbprint - ok
11:11:19.0288 0x1154  [ C024814884CE9E6C2E6ED76A63AC3B9A, 39C9EB54998547B0B65EEE6391AA326B02C7CA52FAE9CEB98D538FEC8D9F1858 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
11:11:19.0382 0x1154  usbscan - ok
11:11:19.0429 0x1154  [ B854C1558FCA0C269A38663E8B59B581, 08CC36B33FA2281FC88671BE051863AA8CA911446D24596049DB77FB4CB09EA6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:11:19.0522 0x1154  USBSTOR - ok
11:11:19.0569 0x1154  [ B2872CBF9F47316ABD0E0C74A1ABA507, E9FB3EEA1D834A035675E22A3224E4E278C4D304F6511822D83250409D62BD3A ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
11:11:19.0632 0x1154  usbuhci - ok
11:11:19.0725 0x1154  [ D76E231E4850BB3F88A3D9A78DF191E3, 98CAD31C41AD155EA853DF850D94FA29543C3A7D26262D1B6881281D033CEBAF ] UxSms           C:\Windows\System32\uxsms.dll
11:11:19.0772 0x1154  UxSms - ok
11:11:19.0897 0x1154  [ 294945381DFA7CE58CECF0A9896AF327, 67414C6D79D2826BC86BB37349C9D74DB4B667310CBC1ABFD103E26332AE4A00 ] vds             C:\Windows\System32\vds.exe
11:11:19.0990 0x1154  vds - ok
11:11:20.0022 0x1154  [ 916B94BCF1E09873FFF2D5FB11767BBC, 072007FED4EF30C4D7AF8628CBEB2AC99EEAD99D7AB533E90E3748E3D4F11C28 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:11:20.0084 0x1154  vga - ok
11:11:20.0115 0x1154  [ B83AB16B51FEDA65DD81B8C59D114D63, 97D39AA763037752D87216B83896AFD2AD6DFEBB3BCDCED7A9ABFE5706B804C5 ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:11:20.0224 0x1154  VgaSave - ok
11:11:20.0240 0x1154  [ 8294B6C3FDB6C33F24E150DE647ECDAA, FEBD9536EF61F700DFD5D9CB815808C8415D5B23590B3CE17B12D84F4670EA4D ] viaide          C:\Windows\system32\drivers\viaide.sys
11:11:20.0287 0x1154  viaide - ok
11:11:20.0334 0x1154  [ 2B7E885ED951519A12C450D24535DFCA, 249009EBC1D306D51FDFA4A89588462AA2D8B6DF0A20BE250B60DD73200CB7F3 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:11:20.0412 0x1154  volmgr - ok
11:11:20.0474 0x1154  [ CEC5AC15277D75D9E5DEC2E1C6EAF877, EA989E257C4409F9AF3B35C4D7ED9134D930FE3733B077C4F3AA5497796F2CB0 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:11:20.0536 0x1154  volmgrx - ok
11:11:20.0646 0x1154  [ 582F710097B46140F5A89A19A6573D4B, 6F695B17BF476D027D3012352F3D4DFD0E0815823DA51A136767ECEF6D64A1CA ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:11:20.0692 0x1154  volsnap - ok
11:11:20.0724 0x1154  [ A68F455ED2673835209318DD61BFBB0E, 8B2B255E8E2F8B415F7AC0F7F4C423F639DD47737F7CEE0F7C816D9A6893C5F7 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:11:20.0786 0x1154  vsmraid - ok
11:11:20.0880 0x1154  [ B75232DAD33BFD95BF6F0A3E6BFF51E1, A8120040F144AD42A39347A615F31BF752634994D4D134E2FAD23FEA9C1D71DF ] VSS             C:\Windows\system32\vssvc.exe
11:11:21.0270 0x1154  VSS - ok
11:11:21.0441 0x1154  [ F14A7DE2EA41883E250892E1E5230A9A, EBCB74BE26437F6FE84A3B41AD034F451D4BD12CA77D4C7A433DB912E7D31593 ] W32Time         C:\Windows\system32\w32time.dll
11:11:21.0738 0x1154  W32Time - ok
11:11:21.0769 0x1154  [ FEF8FE5923FEAD2CEE4DFABFCE3393A7, D682FBF78CF987609AF35A019E7C90CBE02800D7DFC272FFDD71D82AA362FA7A ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
11:11:21.0847 0x1154  WacomPen - ok
11:11:22.0003 0x1154  [ B8E7049622300D20BA6D8BE0C47C0CFD, 57CF218D1F7D505E354A15C552D94E3C5A68C2B07D7A76EBB0C87A0BFF5772D9 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
11:11:22.0190 0x1154  Wanarp - ok
11:11:22.0221 0x1154  [ B8E7049622300D20BA6D8BE0C47C0CFD, 57CF218D1F7D505E354A15C552D94E3C5A68C2B07D7A76EBB0C87A0BFF5772D9 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:11:22.0252 0x1154  Wanarpv6 - ok
11:11:22.0440 0x1154  [ B4E4C37D0AA6100090A53213EE2BF1C1, 67107F542F3C937FA5D9B28BA2EBFE994FFE287F16C0BFCF79AD20B95C13F78B ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:11:22.0518 0x1154  wcncsvc - ok
11:11:22.0580 0x1154  [ EA4B369560E986F19D93F45A881484AC, B61411D64901C9CB8C80402CD1E8808F5A0FACA38206C8D584C7C1019F5ADF5A ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:11:22.0736 0x1154  WcsPlugInService - ok
11:11:22.0798 0x1154  [ 0C17A0816F65B89E362E682AD5E7266E, 6233213D07B234056A1EC6FE1166A65371645269132B428FF3A29DDC0000301A ] Wd              C:\Windows\system32\drivers\wd.sys
11:11:22.0861 0x1154  Wd - ok
11:11:23.0095 0x1154  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:11:23.0313 0x1154  Wdf01000 - ok
11:11:23.0360 0x1154  [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:11:23.0500 0x1154  WdiServiceHost - ok
11:11:23.0547 0x1154  [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:11:23.0594 0x1154  WdiSystemHost - ok
11:11:23.0656 0x1154  [ 5B8CAF0FE216A57C95E8471A3BE051D6, DB1AB99FCB6B9FD1B22A052DE533D80B3826AD4D0D4890105EF09479FD9A04AB ] WebClient       C:\Windows\System32\webclnt.dll
11:11:23.0968 0x1154  WebClient - ok
11:11:24.0031 0x1154  [ 8D40BC587993F876658BF9FB0F7D3462, 23748E11F5CCE3D4978D748780283FA5A1154F53FF70D924CB2128FF8A4705F7 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:11:24.0530 0x1154  Wecsvc - ok
11:11:24.0592 0x1154  [ 9C980351D7E96288EA0C23AE232BD065, BA627B04C4259716B451F421F5310A69D8DE9407DE496AA0489139125E9DC16A ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:11:24.0780 0x1154  wercplsupport - ok
11:11:24.0826 0x1154  [ 66B9ECEBC46683F47EDC06333C075FEF, 35C33596D97DB65DE0A687644E9AD924AD5FCBAFD83FE4D23E7E58EF4BC4CC87 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:11:24.0920 0x1154  WerSvc - ok
11:11:24.0951 0x1154  WinDefend - ok
11:11:24.0967 0x1154  WinHttpAutoProxySvc - ok
11:11:25.0404 0x1154  [ D2E7296ED1BD26D8DB2799770C077A02, B494719C2DEB7B9D2505866868143C4E4F59B88461920AA49BD9F1251B6571B8 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:11:25.0450 0x1154  Winmgmt - ok
11:11:25.0934 0x1154  [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869, 22D53818F4A4ACE441E121151CFD7CB1EDF5E8303DF9E113C9BB304B418A96EF ] WinRM           C:\Windows\system32\WsmSvc.dll
11:11:26.0262 0x1154  WinRM - ok
11:11:26.0558 0x1154  [ EC339C8115E91BAED835957E9A677F16, 3BBE6D4F1731198E8F0CFEE67C4CCA5C31E6968F8E02EF9E029C1847A26F513B ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:11:27.0135 0x1154  Wlansvc - ok
11:11:27.0790 0x1154  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:11:27.0915 0x1154  wlidsvc - ok
11:11:27.0962 0x1154  [ E18AEBAAA5A773FE11AA2C70F65320F5, 9E2F6FC0F46D0EEEBF4BC1E3D8800B3D268079ABF8EDDD70CD21B789883D7390 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
11:11:27.0993 0x1154  WmiAcpi - ok
11:11:28.0118 0x1154  [ 21FA389E65A852698B6A1341F36EE02D, 2D60911EAAE26C4CE3DEF4FAD1EDE093F912209AA90741AAA8B93F06B37DF605 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:11:28.0196 0x1154  wmiApSrv - ok
11:11:28.0243 0x1154  WMPNetworkSvc - ok
11:11:28.0352 0x1154  [ CBC156C913F099E6680D1DF9307DB7A8, FD8B227F445679E31048CA41442A978A98F267FED96E22C235F63C72AEEE2AB0 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:11:28.0742 0x1154  WPCSvc - ok
11:11:28.0851 0x1154  [ 490A18B4E4D53DC10879DEAA8E8B70D9, D069D8C22CF78A0970E85C0B9879E08FF19458FAA75AE447BCF9236731F64252 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:11:29.0023 0x1154  WPDBusEnum - ok
11:11:29.0070 0x1154  [ 5E2401B3FC1089C90E081291357371A9, 224D378EEBFB721CBC24896CAE01B31DC54B6ED82C19C5B954E96D5E98B83C59 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
11:11:29.0179 0x1154  WpdUsb - ok
11:11:30.0364 0x1154  [ 4CF27ED8D93A30BAA6F4DF50E62B7675, BDD0BD5C8DF13E0617429775F717E7078537C85921750BD3FE8401D7302166FD ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:11:30.0489 0x1154  WPFFontCache_v0400 - ok
11:11:30.0552 0x1154  [ 8A900348370E359B6BFF6A550E4649E1, 3EAD0B951EAF8E940ED6A79FAAAB7D22ACCF3985795F80206A3A07161D319B39 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:11:30.0661 0x1154  ws2ifsl - ok
11:11:30.0692 0x1154  [ 9EA3E6D0EF7A5C2B9181961052A4B01A, F39BAF1FC7DD1600C0052C2A6AA3BCBC8CA3DA96D1AC7B42B0F2810D051EE1B0 ] wscsvc          C:\Windows\System32\wscsvc.dll
11:11:30.0770 0x1154  wscsvc - ok
11:11:30.0770 0x1154  WSearch - ok
11:11:31.0254 0x1154  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:11:31.0378 0x1154  wuauserv - ok
11:11:31.0472 0x1154  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:11:31.0644 0x1154  WudfPf - ok
11:11:31.0800 0x1154  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:11:31.0893 0x1154  WUDFRd - ok
11:11:31.0971 0x1154  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:11:32.0065 0x1154  wudfsvc - ok
11:11:32.0158 0x1154  ================ Scan global ===============================
11:11:32.0236 0x1154  [ 0CF5A36772FCACDA29DE19E3B6843BBB, BB179387AC1F9A20ED6B2418CEF593BE26C2DDD3536B0C9C155F014F40C4BD25 ] C:\Windows\system32\basesrv.dll
11:11:32.0471 0x1154  [ D665D594B7E11133D29D726BDDC7A5B0, 8EE45E719ACB23F388F2BE7E4311588E90DE7CF50988927CF0FED36DE380FACB ] C:\Windows\system32\winsrv.dll
11:11:32.0752 0x1154  [ D665D594B7E11133D29D726BDDC7A5B0, 8EE45E719ACB23F388F2BE7E4311588E90DE7CF50988927CF0FED36DE380FACB ] C:\Windows\system32\winsrv.dll
11:11:32.0955 0x1154  [ E8E05C05FBFEBD47FB7DBF7233F15302, 3099E64022E0E5347F7C8EFAD6D6E577157FC6B49386F3203E5438B38AE1EE36 ] C:\Windows\system32\services.exe
11:11:32.0971 0x1154  [ Global ] - ok
11:11:32.0971 0x1154  ================ Scan MBR ==================================
11:11:33.0017 0x1154  [ EF932EAA6EF4C94E66A7F6CEEC7EB422 ] \Device\Harddisk0\DR0
11:11:36.0543 0x1154  \Device\Harddisk0\DR0 - ok
11:11:36.0543 0x1154  ================ Scan VBR ==================================
11:11:36.0574 0x1154  [ 562D07A5574EB0955335B97C4F9B9FC0 ] \Device\Harddisk0\DR0\Partition1
11:11:36.0652 0x1154  \Device\Harddisk0\DR0\Partition1 - ok
11:11:36.0683 0x1154  [ F8B8C5C2497F390B51106855E4014694 ] \Device\Harddisk0\DR0\Partition2
11:11:36.0730 0x1154  \Device\Harddisk0\DR0\Partition2 - ok
11:11:36.0730 0x1154  ================ Scan generic autorun ======================
11:11:36.0730 0x1154  Windows Defender - ok
11:11:37.0058 0x1154  [ E67E5F3967F6475C135274B763D59F01, 86CB1ADCFB3B447B74936B5F241F483ED62987F58CA6DE702101B5CADDE4A2CE ] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
11:11:37.0245 0x1154  Acer Empowering Technology Monitor - detected UnsignedFile.Multi.Generic ( 1 )
11:11:39.0601 0x1154  Detect skipped due to KSN trusted
11:11:39.0601 0x1154  Acer Empowering Technology Monitor - ok
11:11:39.0741 0x1154  [ 8C323C7D3E4BABEAF2E4A1911E11ABEF, DAF9747361CDD2F8E6CA1CE15B0A1DB79F40E474F3BA8C7A531DFD1C237F2905 ] C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
11:11:39.0913 0x1154  EmpoweringTechnology - detected UnsignedFile.Multi.Generic ( 1 )
11:11:42.0237 0x1154  Detect skipped due to KSN trusted
11:11:42.0237 0x1154  EmpoweringTechnology - ok
11:11:42.0471 0x1154  [ E2A0459382FBF3436A75D28DA176F600, EBCD17CB55C2D86E6689A630032E384328EF9D3CB6E2121810949D042FD830AF ] C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSloader.exe
11:11:42.0565 0x1154  eDataSecurity Loader - ok
11:11:44.0296 0x1154  [ 3BCE40C17DAA88ADF19925C6BBEBC6B4, 2A4D5ED6D956ECB009652B8216EB7F5B08980AB9755341E02AA5A2A45BB9758B ] C:\Windows\RAVCpl64.exe
11:11:44.0873 0x1154  RtHDVCpl - ok
11:11:45.0107 0x1154  [ 6F964FE101F0187F7E244B59890384B8, 1532372720C5D2861A09C38FC7D936257A87686703CC98BA5253FD77DE192A27 ] C:\Windows\Skytel.exe
11:11:45.0731 0x1154  Skytel - ok
11:11:45.0841 0x1154  [ 1E7EC34AABCDC822446EBFA30504771A, E9A9F5CBC842E43EFAA935B12BFCB4B968EE55CBE082231338BFF14B32D50197 ] C:\Program Files\Acer\WR_PopUp\ProductReg.exe
11:11:46.0496 0x1154  ProductReg - detected UnsignedFile.Multi.Generic ( 1 )
11:11:48.0836 0x1154  Detect skipped due to KSN trusted
11:11:48.0836 0x1154  ProductReg - ok
11:11:49.0163 0x1154  [ 35BA4E6632BA690EA6421C1E03537D0E, 99D6B4DB12ABE3A7F44AB1B2D626978E85231185AE280D9516986027BC8385CB ] c:\Program Files\Microsoft Security Client\msseces.exe
11:11:49.0304 0x1154  MSC - ok
11:11:49.0569 0x1154  [ 88A8EBA41A7FE46167D10975DC15BC4A, C5282C1A1D29096335B0E0A4B87CE4ADC782050EE8B25AF0B3FA5064AD3DB39A ] C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
11:11:49.0600 0x1154  mcagent_exe - ok
11:11:49.0725 0x1154  [ 37728F6DB0A8D31B0A1C49A7228E1D34, 6F545DF31523E41CA90C4277B544BE7A132D0CCAAFB5F621916E7FC4083D47A9 ] C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
11:11:49.0881 0x1154  PCMMediaSharing - detected UnsignedFile.Multi.Generic ( 1 )
11:11:52.0221 0x1154  Detect skipped due to KSN trusted
11:11:52.0221 0x1154  PCMMediaSharing - ok
11:11:52.0283 0x1154  [ D7EE83A9257D508656172A2B9DD3C317, 2C39EBC113C45B10B56E0F06E8C9A40879EB432273B538CC0944B9BC4D5EBFAC ] C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
11:11:52.0377 0x1154  BkupTray - detected UnsignedFile.Multi.Generic ( 1 )
11:11:54.0701 0x1154  Detect skipped due to KSN trusted
11:11:54.0701 0x1154  BkupTray - ok
11:11:54.0889 0x1154  [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
11:11:54.0935 0x1154  GrooveMonitor - ok
11:11:55.0060 0x1154  [ 21293443961A4E2597453EE7A9347F22, FDA88181C975C251E56D5A38E5473F45B9CB4E1258A6E93320D34D656AB1E6ED ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
11:11:55.0201 0x1154  HP Software Update - ok
11:11:55.0528 0x1154  [ F90CA3DE6C5B97CEAA81D2958D306D12, AF2088665928CE9A9CD96713D993D86E371427B50948D29FA7738987D9D3CCC4 ] C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe
11:11:55.0653 0x1154  PCTools FGuard - ok
11:11:55.0856 0x1154  [ 12E54BDE520DC85A611D7245DF44BCE5, 8F90F71AC97CE47D6A4F3491A48E3F857E8DEFD51E2DFDD528666AFC592E3B4E ] C:\Program Files (x86)\FreePDF_XP\fpassist.exe
11:11:56.0308 0x1154  FreePDF Assistant - detected UnsignedFile.Multi.Generic ( 1 )
11:11:58.0633 0x1154  Detect skipped due to KSN trusted
11:11:58.0633 0x1154  FreePDF Assistant - ok
11:11:58.0804 0x1154  [ 09E60B4FE341A94A300830C008907099, 5F07868953FAA8FFA9E6477F6BAC52DEEDF3EA4A3F8AF5B4E15878D8240223AB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
11:11:58.0851 0x1154  APSDaemon - ok
11:11:59.0023 0x1154  [ 08E7173D1B74095335052459200CB1EA, 5B6EB8A65B5F451BF6115EB7CD1355E5870E6D764F22D767D13216BF17C5668F ] C:\Program Files (x86)\QuickTime\QTTask.exe
11:11:59.0132 0x1154  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
11:12:01.0472 0x1154  Detect skipped due to KSN trusted
11:12:01.0472 0x1154  QuickTime Task - ok
11:12:01.0550 0x1154  [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
11:12:01.0597 0x1154  iTunesHelper - ok
11:12:01.0815 0x1154  [ F916BA0DA28A4B4F7B1ADE76EB42F088, FB3C91D44709D039E959B275F6ECE26AF9307D272FE3E25CC41EAC259AA3B596 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
11:12:01.0909 0x1154  SunJavaUpdateSched - ok
11:12:02.0127 0x1154  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:12:02.0439 0x1154  Sidebar - ok
11:12:02.0439 0x1154  WindowsWelcomeCenter - ok
11:12:02.0860 0x1154  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:12:02.0923 0x1154  Sidebar - ok
11:12:02.0938 0x1154  WindowsWelcomeCenter - ok
11:12:03.0001 0x1154  [ 7E370DF3743B39CD375C52F7995783C4, 39832D3ECF7BDFF48D28E9599DEBF4DFF68F2A71D4069B6B445F25575C401901 ] C:\WINDOWS\system32\ctfmon.exe
11:12:03.0032 0x1154  ctfmon.exe - ok
11:12:03.0188 0x1154  [ E616A6A6E91B0A86F2F6217CDE835FFE, 411671C4B2BB4DB3F02A21C199A5479F31394165704736A549B53245B94577F7 ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
11:12:03.0266 0x1154  swg - ok
11:12:03.0796 0x1154  [ 9C5A0F070196B601D629F5BA9AA921F8, BB77BAD24B44A3CB32CD1FACB758E347BE2F5C49C11E494797635D741867AF2B ] C:\Program Files\Windows Sidebar\sidebar.exe
11:12:04.0186 0x1154  Sidebar - ok
11:12:04.0186 0x1154  AudialsNotifier - ok
11:12:04.0233 0x1154  KiesPreload - ok
11:12:04.0420 0x1154  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:12:04.0498 0x1154  Sidebar - ok
11:12:04.0498 0x1154  WindowsWelcomeCenter - ok
11:12:04.0592 0x1154  [ 98AAE2DFD357F8677669D4C4DBA5729E, 5173AC3879F8EDED9C340A136F296328D019A46D9D79E4FBE6FB2204C1AC4B79 ] C:\Windows\Acer_Normal\run_DT.exe
11:12:04.0639 0x1154  RUN - ok
11:12:04.0639 0x1154  Waiting for KSN requests completion. In queue: 9
11:12:05.0653 0x1154  Waiting for KSN requests completion. In queue: 9
11:12:06.0667 0x1154  Waiting for KSN requests completion. In queue: 9
11:12:07.0696 0x1154  AV detected via SS2: McAfee VirusScan, C:\Program Files (x86)\McAfee.com\Agent\mcupdate.exe ( 9.3.0.0 ), 0x51000 ( enabled : updated )
11:12:07.0743 0x1154  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
11:12:07.0743 0x1154  FW detected via SS2: McAfee Personal Firewall, C:\Program Files (x86)\McAfee.com\Agent\mcupdate.exe ( 9.3.0.0 ), 0x51010 ( enabled )
11:12:10.0145 0x1154  ============================================================
11:12:10.0145 0x1154  Scan finished
11:12:10.0145 0x1154  ============================================================
11:12:10.0145 0x1500  Detected object count: 0
11:12:10.0145 0x1500  Actual detected object count: 0
         

Alt 17.09.2015, 05:49   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Vista: PC hängt sich ständig auf - Standard

Windows Vista: PC hängt sich ständig auf



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 17.09.2015, 10:44   #9
sacet
 
Windows Vista: PC hängt sich ständig auf - Standard

Windows Vista: PC hängt sich ständig auf



Hallo schrauber!

Es erschien sehr oft die Fehlermeldung: ""NIRKMD" konnte nicht gefunden werden. Stellen Sie sicher, dass Sie den Namen richtig eingegeben haben und wiederholen Sie den Vorgang" beim Verwenden von Combofix.

Das gewünschte Lofgile Combofix:
Code:
ATTFilter
ComboFix 15-09-07.01 - BozKurT 17.09.2015  11:02:36.1.4 - x64
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.4094.2531 [GMT 2:00]
ausgeführt von:: c:\users\BozKurT\Desktop\ComboFix.exe
AV: McAfee VirusScan *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
FW: McAfee Personal Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee VirusScan *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
c:\users\BozKurT\AppData\Roaming\Daopu
c:\users\BozKurT\AppData\Roaming\Daopu\ycbiq.aca
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-08-17 bis 2015-09-17  ))))))))))))))))))))))))))))))
.
.
2015-09-17 09:27 . 2015-09-17 09:27	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2015-09-17 09:27 . 2015-09-17 09:27	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-09-17 08:53 . 2015-09-17 08:59	--------	d-----w-	C:\32788R22FWJFW
2015-09-16 09:46 . 2015-07-31 09:21	11745192	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D0DFC0D0-8EBD-4F6F-BEB4-BB8FA9286A9F}\mpengine.dll
2015-09-15 21:02 . 2015-07-31 09:21	11745192	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-09-15 20:44 . 2015-09-15 22:36	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-09-15 20:44 . 2015-09-15 20:49	192216	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-09-15 20:42 . 2015-09-15 20:42	109272	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-09-14 08:13 . 2015-07-10 14:31	2048	----a-w-	c:\windows\system32\tzres.dll
2015-09-14 08:13 . 2015-07-10 14:21	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2015-09-14 08:11 . 2015-08-05 15:58	940032	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2015-09-14 08:11 . 2015-08-05 15:42	1506816	----a-w-	c:\program files\Windows Journal\JNWDRV.dll
2015-09-14 08:11 . 2015-08-05 15:42	1823232	----a-w-	c:\program files\Windows Journal\NBDoc.DLL
2015-09-14 08:11 . 2015-08-05 14:42	2294784	----a-w-	c:\program files\Windows Journal\Journal.exe
2015-09-14 08:11 . 2015-08-05 15:42	1482752	----a-w-	c:\program files\Windows Journal\JNTFiltr.dll
2015-09-14 08:11 . 2015-08-05 15:42	1455104	----a-w-	c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2015-09-14 07:57 . 2015-08-13 14:36	145920	----a-w-	c:\windows\system32\drivers\srvnet.sys
2015-09-14 07:57 . 2015-08-13 14:36	450560	----a-w-	c:\windows\system32\drivers\srv.sys
2015-09-14 07:54 . 2015-09-02 21:26	1402368	----a-w-	c:\windows\SysWow64\msxml6.dll
2015-09-14 07:54 . 2015-09-02 21:26	1253376	----a-w-	c:\windows\SysWow64\msxml3.dll
2015-09-14 07:54 . 2015-09-02 21:26	1875968	----a-w-	c:\windows\system32\msxml3.dll
2015-09-14 07:54 . 2015-09-02 21:26	1796096	----a-w-	c:\windows\system32\msxml6.dll
2015-09-12 18:50 . 2015-09-12 18:50	--------	d-----w-	c:\programdata\AVG
2015-09-12 18:47 . 2015-09-12 23:35	--------	d-----w-	c:\program files\WajaInternetEn
2015-09-12 18:44 . 2015-09-12 18:45	--------	d-----w-	c:\users\BozKurT\AppData\Roaming\Browser-Security
2015-09-12 13:56 . 2015-09-12 13:56	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2015-09-09 10:34 . 2015-08-05 15:43	855552	----a-w-	c:\windows\system32\schedsvc.dll
2015-09-09 10:33 . 2015-09-02 21:26	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2015-09-09 10:33 . 2015-09-02 21:25	48128	----a-w-	c:\windows\system32\atmlib.dll
2015-09-09 10:33 . 2015-09-02 20:17	2797056	----a-w-	c:\windows\system32\win32k.sys
2015-09-09 10:33 . 2015-09-02 20:16	372736	----a-w-	c:\windows\system32\atmfd.dll
2015-09-09 10:33 . 2015-09-02 19:54	297472	----a-w-	c:\windows\SysWow64\atmfd.dll
2015-09-08 11:50 . 2015-09-12 23:13	--------	d-----w-	c:\program files (x86)\Common Files\Java
2015-09-05 16:49 . 2015-07-01 18:59	1190000	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FE6D1314-4AD9-48C2-8FA4-2D1EEF3BC4A5}\gapaengine.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-09-08 11:49 . 2014-10-18 21:20	97888	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-08-26 16:37 . 2006-11-02 12:35	134753440	----a-w-	c:\windows\system32\mrt.exe
2015-08-11 23:01 . 2012-06-09 13:48	778440	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-08-11 23:01 . 2011-08-21 11:57	142536	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-08-04 22:03 . 2015-08-04 22:03	877152	----a-w-	c:\windows\SysWow64\msvcr120_clr0400.dll
2015-08-04 22:03 . 2015-08-04 22:03	538208	----a-w-	c:\windows\SysWow64\msvcp120_clr0400.dll
2015-08-04 21:53 . 2015-08-04 21:53	872528	----a-w-	c:\windows\system32\msvcr120_clr0400.dll
2015-08-04 21:53 . 2015-08-04 21:53	681552	----a-w-	c:\windows\system32\msvcp120_clr0400.dll
2015-07-31 21:46 . 2015-08-11 22:46	219648	----a-w-	c:\windows\SysWow64\d3d10_1core.dll
2015-07-31 21:46 . 2015-08-11 22:46	189952	----a-w-	c:\windows\SysWow64\d3d10core.dll
2015-07-31 21:46 . 2015-08-11 22:46	160768	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2015-07-31 21:46 . 2015-08-11 22:46	1029120	----a-w-	c:\windows\SysWow64\d3d10.dll
2015-07-31 21:44 . 2015-08-11 22:46	287232	----a-w-	c:\windows\system32\d3d10core.dll
2015-07-31 21:44 . 2015-08-11 22:46	327680	----a-w-	c:\windows\system32\d3d10_1core.dll
2015-07-31 21:44 . 2015-08-11 22:46	196096	----a-w-	c:\windows\system32\d3d10_1.dll
2015-07-31 21:44 . 2015-08-11 22:46	1268224	----a-w-	c:\windows\system32\d3d10.dll
2015-07-31 21:10 . 2015-08-11 22:46	2002944	----a-w-	c:\windows\system32\d3d10warp.dll
2015-07-31 21:09 . 2015-08-11 22:46	566272	----a-w-	c:\windows\system32\d3d10level9.dll
2015-07-31 21:00 . 2015-08-11 22:46	834048	----a-w-	c:\windows\system32\d2d1.dll
2015-07-31 20:59 . 2015-08-11 22:46	1561088	----a-w-	c:\windows\system32\DWrite.dll
2015-07-31 20:59 . 2015-08-11 22:46	1154560	----a-w-	c:\windows\system32\FntCache.dll
2015-07-31 20:41 . 2015-08-11 22:46	1172480	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2015-07-31 20:40 . 2015-08-11 22:46	486400	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2015-07-31 20:35 . 2015-08-11 22:46	682496	----a-w-	c:\windows\SysWow64\d2d1.dll
2015-07-31 20:33 . 2015-08-11 22:46	1072640	----a-w-	c:\windows\SysWow64\DWrite.dll
2015-07-31 20:03 . 2015-08-11 23:11	124624	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-07-31 19:27 . 2015-08-11 23:11	103120	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-07-21 20:59 . 2015-08-11 22:56	1586304	----a-w-	c:\windows\system32\ntdll.dll
2015-07-21 20:59 . 2015-08-11 22:56	1168600	----a-w-	c:\windows\SysWow64\ntdll.dll
2015-07-21 15:50 . 2015-08-11 22:56	68544	----a-w-	c:\windows\system32\drivers\mountmgr.sys
2015-07-21 15:50 . 2015-08-11 22:56	4690880	----a-w-	c:\windows\system32\ntoskrnl.exe
2015-07-21 15:50 . 2015-08-11 22:56	154048	----a-w-	c:\windows\system32\drivers\ecache.sys
2015-07-21 15:41 . 2015-08-11 22:56	11264	----a-w-	c:\windows\system32\msmmsp.dll
2015-07-21 15:40 . 2015-08-11 22:56	399360	----a-w-	c:\windows\system32\emdmgmt.dll
2015-07-21 15:40 . 2015-08-11 22:56	85504	----a-w-	c:\windows\system32\csrsrv.dll
2015-07-18 15:41 . 2015-08-11 23:03	80384	----a-w-	c:\windows\system32\basesrv.dll
2015-07-11 17:13 . 2015-08-11 23:06	12901888	----a-w-	c:\windows\system32\shell32.dll
2015-07-10 19:37 . 2015-08-11 23:08	2067968	----a-w-	c:\windows\SysWow64\mstscax.dll
2015-07-10 19:35 . 2015-08-11 23:08	2425344	----a-w-	c:\windows\system32\mstscax.dll
2015-07-09 14:39 . 2015-08-11 23:04	169472	----a-w-	c:\windows\system32\notepad.exe
2015-07-09 14:39 . 2015-08-11 23:04	169472	----a-w-	c:\windows\notepad.exe
2015-07-09 14:25 . 2015-08-11 23:04	151040	----a-w-	c:\windows\SysWow64\notepad.exe
2015-07-05 10:08 . 2011-02-10 14:38	300704	------w-	c:\windows\system32\MpSigStub.exe
2015-07-03 16:04 . 2015-07-15 19:39	1316864	----a-w-	c:\windows\SysWow64\ole32.dll
2015-07-03 15:41 . 2015-07-15 19:39	1916416	----a-w-	c:\windows\system32\ole32.dll
2015-07-01 18:59 . 2011-03-25 21:32	1190000	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2015-07-01 15:57 . 2015-08-11 22:45	199680	----a-w-	c:\windows\SysWow64\WebClnt.dll
2015-07-01 15:43 . 2015-08-11 22:45	218112	----a-w-	c:\windows\system32\WebClnt.dll
2015-06-27 16:03 . 2015-07-15 19:41	77312	----a-w-	c:\windows\SysWow64\secur32.dll
2015-06-27 16:03 . 2015-07-15 19:41	678400	----a-w-	c:\windows\SysWow64\rpcrt4.dll
2015-06-27 16:02 . 2015-07-15 19:41	218112	----a-w-	c:\windows\SysWow64\msv1_0.dll
2015-06-27 16:02 . 2015-07-15 19:41	501248	----a-w-	c:\windows\SysWow64\kerberos.dll
2015-06-27 16:01 . 2015-07-15 19:41	801280	----a-w-	c:\windows\SysWow64\advapi32.dll
2015-06-27 15:40 . 2015-07-15 19:41	1304576	----a-w-	c:\windows\system32\rpcrt4.dll
2015-06-27 15:40 . 2015-07-15 19:41	269824	----a-w-	c:\windows\system32\msv1_0.dll
2015-06-27 15:40 . 2015-07-15 19:41	658944	----a-w-	c:\windows\system32\kerberos.dll
2015-06-27 15:39 . 2015-07-15 19:41	1065472	----a-w-	c:\windows\system32\advapi32.dll
2015-06-27 14:30 . 2015-07-15 19:41	278016	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2015-06-27 14:30 . 2015-07-15 19:41	109056	----a-w-	c:\windows\system32\drivers\mrxsmb20.sys
2006-05-03 10:06	163328	--sha-w-	c:\windows\SysWOW64\flvDX.dll
2007-02-21 11:47	31232	--sha-w-	c:\windows\SysWOW64\msfDX.dll
2008-03-16 13:30	216064	--sha-w-	c:\windows\SysWOW64\nbDX.dll
2010-01-06 22:00	107520	--sha-w-	c:\windows\SysWOW64\TAKDSDecoder.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-07-29 16:52	121392	----a-w-	c:\program files (x86)\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-18 68856]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"mcagent_exe"="c:\program files (x86)\McAfee.com\Agent\mcagent.exe" [2009-01-08 645328]
"PCMMediaSharing"="c:\program files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe" [2008-05-20 204908]
"BkupTray"="c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-25 28672]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"PCTools FGuard"="c:\program files (x86)\PC Tools Security\BDT\FGuard.exe" [2011-04-12 247760]
"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2011-02-23 371200]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-10-11 60712]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-10-15 157480]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-08-04 597552]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
S2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe;c:\program files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
Themes
.
Inhalt des "geplante Tasks" Ordners
.
2015-09-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-09 23:01]
.
2015-09-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-04 11:16]
.
2015-09-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-04 11:16]
.
2014-07-14 c:\windows\Tasks\McDefragTask.job
- c:\progra~2\mcafee\mqc\QcConsol.exe [2009-03-24 09:53]
.
2014-11-01 c:\windows\Tasks\McQcTask.job
- c:\progra~2\mcafee\mqc\QcConsol.exe [2009-03-24 09:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-07-29 16:53	50736	----a-w-	c:\program files (x86)\Acer\Empowering Technology\eDataSecurity\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acer Empowering Technology Monitor"="c:\program files\Acer\Empowering Technology\SysMonitor.exe" [2008-08-19 319488]
"EmpoweringTechnology"="c:\program files\Acer\Empowering Technology\Framework.Launcher.exe" [2008-08-19 323584]
"eDataSecurity Loader"="c:\program files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSloader.exe" [2008-07-29 561200]
"RtHDVCpl"="RAVCpl64.exe" [2008-08-19 6456352]
"Skytel"="Skytel.exe" [2008-08-19 1833504]
"ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-10-14 6144]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-04-29 1337000]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = local;*.local
IE: Free YouTube to MP3 Converter - c:\users\BozKurT\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://de.search.yahoo.com/search?fr=mcafee&type=A111DE662&p=
FF - prefs.js: network.proxy.http - localhost
FF - prefs.js: network.proxy.http_port - 9666
FF - prefs.js: network.proxy.socks - localhost
FF - prefs.js: network.proxy.socks_port - 9050
FF - prefs.js: network.proxy.ssl - localhost
FF - prefs.js: network.proxy.ssl_port - 9666
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: !HIDDEN! 2009-10-31 18:07; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - user.js: app.update.enabled - false
FF - user.js: app.update.auto - false
FF - user.js: app.update.silent - false
FF - user.js: app.update.staging.enabled - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AudialsNotifier - c:\program files (x86)\Audials\Audials 11\AudialsNotifier.exe
Wow6432Node-HKCU-Run-KiesPreload - c:\program files (x86)\Samsung\Kies\Kies.exe
Wow6432Node-HKLM-Run-eRecoveryService - (no file)
c:\users\BozKurT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-MyFreeCodec - c:\program files (x86)\MyFree Codec\1.0b beta\uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2015-09-17  11:31:54
ComboFix-quarantined-files.txt  2015-09-17 09:31
.
Vor Suchlauf: 17 Verzeichnis(se), 333.344.837.632 Bytes frei
Nach Suchlauf: 23 Verzeichnis(se), 334.165.188.608 Bytes frei
.
- - End Of File - - 54C3709C0B4289C495944D10032821CF
EF932EAA6EF4C94E66A7F6CEEC7EB422
         

Alt 18.09.2015, 05:54   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Vista: PC hängt sich ständig auf - Standard

Windows Vista: PC hängt sich ständig auf



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.09.2015, 11:37   #11
sacet
 
Windows Vista: PC hängt sich ständig auf - Standard

Windows Vista: PC hängt sich ständig auf



Habe gleich zum ersten Schritt (Malwarebytes Anti Malware) Mist gebaut
Hatte das Programm schon vorher drauf und habe trotzdem es nochmal neu runtergeladen.
Resultat: Setup der neuen Version bricht immer wieder ab und das alte kann ich nicht löschen, da unins000.msg nicht im Ordner ist. Was tun?

Alt 19.09.2015, 15:48   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Vista: PC hängt sich ständig auf - Standard

Windows Vista: PC hängt sich ständig auf



Und wenn Du einfach die installierte Version startest und ein Update machst?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 19.09.2015, 18:49   #13
sacet
 
Windows Vista: PC hängt sich ständig auf - Standard

Windows Vista: PC hängt sich ständig auf



Wenn ich die installierte Version auführen will, erscheint folgendes Fenster: "Run time error '383': 'Text' property is read-only". Also fällt das auch weg.

Alt 20.09.2015, 12:12   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Vista: PC hängt sich ständig auf - Standard

Windows Vista: PC hängt sich ständig auf



Dann lass MBAM erstmal weg und mach den Rest.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 21.09.2015, 11:35   #15
sacet
 
Windows Vista: PC hängt sich ständig auf - Standard

Windows Vista: PC hängt sich ständig auf



Hi schrauber,

hier die gewünschten Files:

MBAM:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 21.09.2015
Suchlaufzeit: 11:03:51
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.09.21.02
Rootkit-Datenbank: v2015.09.18.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows Vista Service Pack 2
CPU: x64
Dateisystem: NTFS
Benutzer: BozKurT

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 466105
Abgelaufene Zeit: 42 Min., 41 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 3
PUP.Optional.PCPerformer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\PC Performer_DEFAULT, Löschen bei Neustart, [266081b1424971c57dc8d9d6b25255ab], 
PUP.Optional.PCPerformer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\PC Performer_UPDATES, Löschen bei Neustart, [6d194fe34c3fc86e7ec807a80bf9d12f], 
PUP.Optional.Squeaky, HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\SOFTWARE\Squeaky, In Quarantäne, [444280b2474471c5b8e0764649bb827e], 

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 2
PUP.Optional.Wajam, C:\Program Files\WajaInternetEn, Löschen bei Neustart, [b1d566ccf398f54142c7de51e81bd927], 
PUP.Optional.Wajam, C:\Program Files\WajaInternetEn\WajaInternetEnlibs, In Quarantäne, [b1d566ccf398f54142c7de51e81bd927], 

Dateien: 4
PUP.Optional.Wajam, C:\Program Files\WajaInternetEn\snotlings, In Quarantäne, [b1d566ccf398f54142c7de51e81bd927], 
PUP.Optional.Wajam, C:\Program Files\WajaInternetEn\waaaghs, In Quarantäne, [b1d566ccf398f54142c7de51e81bd927], 
PUP.Optional.Wajam, C:\Program Files\WajaInternetEn\WajaInternetEnlibs\axtpj.kna, In Quarantäne, [b1d566ccf398f54142c7de51e81bd927], 
PUP.Optional.Wajam, C:\Program Files\WajaInternetEn\WajaInternetEnlibs\qxwzg.zrt, In Quarantäne, [b1d566ccf398f54142c7de51e81bd927], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
AdwCleaner:
Code:
ATTFilter
# AdwCleaner v5.008 - Bericht erstellt am 21/09/2015 um 12:04:47
# Aktualisiert am 18/09/2015 von Xplode
# Datenbank : 2015-09-20.1 [Server]
# Betriebssystem : Windows (TM) Vista Home Premium Service Pack 2 (x64)
# Benutzername : BozKurT - BOZKURT-PC
# Gestartet von : C:\Users\BozKurT\Desktop\AdwCleaner_5.008.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[#] Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB
[#] Ordner Gelöscht : C:\ProgramData\driver whiz
[#] Ordner Gelöscht : C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[#] Ordner Gelöscht : C:\ProgramData\{CD649BED-8A0E-48BE-B3B6-0F5055BED534}
[#] Ordner Gelöscht : C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
[#] Ordner Gelöscht : C:\Users\BozKurT\AppData\LocalLow\HPAppData
[#] Ordner Gelöscht : C:\Users\BozKurT\AppData\LocalLow\Browser-Security
[#] Ordner Gelöscht : C:\Users\BozKurT\AppData\Roaming\Browser-Security
[#] Ordner Gelöscht : C:\Users\BozKurT\Searches\Documents\Updater

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\Extensions\firefox@browser-security.de.xpi
[-] Datei Gelöscht : C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\foxydeal.sqlite
[-] Datei Gelöscht : C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\user.js

***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****

[-] Task Gelöscht : PC Performer

***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\IBUpdaterService
[-] Schlüssel Gelöscht : HKCU\Software\Myfree Codec
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Myfree Codec
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{97BBECCF-B1FD-4010-8D4B-EFC9E3CCEECF}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyFreeCodec
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Myfree Codec
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\OCS
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6207E55EA2FE71A4AA7ABD89AEF31D1B

***** [ Internetbrowser ] *****


*************************

:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2994 Bytes] ##########
         
JRT:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.2 (09.14.2015:1)
OS: Windows (TM) Vista Home Premium x64
Ran by BozKurT on 21.09.2015 at 12:17:37,99
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\Users\BozKurT\Appdata\Local\crashrpt



~~~ FireFox

Emptied folder: C:\Users\BozKurT\AppData\Roaming\mozilla\firefox\profiles\bah1vfjy.default\minidumps [35 files]



~~~ Chrome


[C:\Users\BozKurT\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\BozKurT\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\BozKurT\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\BozKurT\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.09.2015 at 12:23:30,62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
durchgeführt von BozKurT (Administrator) auf BOZKURT-PC (21-09-2015 12:27:09)
Gestartet von C:\Users\BozKurT\Desktop
Geladene Profile: BozKurT (Verfügbare Profile: BozKurT & UpdatusUser)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(CyberLink) C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
(McAfee, Inc.) C:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\Mcshield.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
(McAfee, Inc.) C:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\MPF\MpfSrv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Acer Empowering Technology Monitor] => C:\Program Files\Acer\Empowering Technology\SysMonitor.exe [319488 2008-08-19] ()
HKLM\...\Run: [EmpoweringTechnology] => C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe [323584 2008-08-19] ()
HKLM\...\Run: [eDataSecurity Loader] => C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSloader.exe [561200 2008-07-29] (Egis Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RAVCpl64.exe [6456352 2008-08-19] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1833504 2008-08-19] (Realtek Semiconductor Corp.)
HKLM\...\Run: [ProductReg] => C:\Program Files\Acer\WR_PopUp\ProductReg.exe [6144 2008-10-14] (Acer)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [mcagent_exe] => C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe [645328 2009-01-08] (McAfee, Inc.)
HKLM-x32\...\Run: [PCMMediaSharing] => C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe [204908 2008-05-20] ()
HKLM-x32\...\Run: [BkupTray] => C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [28672 2008-04-25] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [PCTools FGuard] => C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe [247760 2011-04-12] (Threat Expert Ltd.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2009-03-18] (Google Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\PSDProtect.dll [2008-07-29] (Egis Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [2008-07-29] (Egis Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2009-10-31]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6F21192C-801A-4D88-85E3-3960D83C1647}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com
URLSearchHook: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000 - PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} -  Keine Datei
URLSearchHook: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000 - PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
SearchScopes: HKLM -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000 -> DefaultScope {C657300E-A21D-4D23-AD70-7D6194B2FE6F} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=A011DE662&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7GGLL_de
SearchScopes: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000 -> {C657300E-A21D-4D23-AD70-7D6194B2FE6F} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=A011DE662&p={SearchTerms}
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\Program Files (x86)\McAfee\MSK\mskapbho64.dll [2009-01-09] ()
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> c:\Program Files\McAfee\VirusScan\scriptsn.dll [2009-03-25] (McAfee, Inc.)
BHO: ShowBarObj Class -> {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} -> C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\ActiveToolBand.dll [2008-07-29] (Egis)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-22] (Google Inc.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\Program Files (x86)\McAfee\MSK\mskapbho.dll [2009-01-09] ()
BHO-x32: PC Tools Browser Guard BHO -> {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} -> C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll [2011-04-12] (Threat Expert Ltd.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll Keine Datei
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll [2009-03-25] (McAfee, Inc.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-22] (Google Inc.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll Keine Datei
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll [2008-07-29] (Egis Incorporated.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-22] (Google Inc.)
Toolbar: HKLM-x32 - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-07-29] (Egis Incorporated.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Toolbar: HKLM-x32 - PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll [2011-04-12] (Threat Expert Ltd.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000 -> PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} -  Keine Datei
DPF: HKLM-x32 {5C051655-FCD5-4969-9182-770EA5AA5565} hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab
DPF: HKLM-x32 {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default
FF SearchEngineOrder.1: Sichere Suche
FF Homepage: about:home
FF Keyword.URL: hxxp://de.search.yahoo.com/search?fr=mcafee&type=A111DE662&p=
FF NetworkProxy: "http", "localhost"
FF NetworkProxy: "http_port", 9666
FF NetworkProxy: "socks", "localhost"
FF NetworkProxy: "socks_port", 9050
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "ssl", "localhost"
FF NetworkProxy: "ssl_port", 9666
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2009-04-15] (DivX,Inc.)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll [2009-04-15] (DivX, Inc)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [Keine Datei]
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Program Files (x86)\TVUPlayer\npTVUAx.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @unity3d.com/UnityPlayer -> C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll [2010-06-12] (Unity Technologies ApS)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-07-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-07-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-07-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-07-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-07-11] (Apple Inc.)
FF Extension: YouTube Unblocker - C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\Extensions\youtubeunblocker@unblocker.yt [2015-08-04]
FF Extension: UltraSurf Firefox Tool - C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\Extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA} [2009-08-28]
FF Extension: 1-Click Dailymotion Video Downloader - C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\Extensions\DailymotionVideoDownloader@PeterOlayev.com.xpi [2013-08-18]
FF Extension: MPEG4Plugin - C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\Extensions\{4901eb44-5cb1-4eb9-b0aa-2357bcce2942}.xpi [2014-12-04]
FF Extension: {7f640839-0d9f-4fa5-91b7-5ae9ea4d8ce5} - C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\Extensions\{7f640839-0d9f-4fa5-91b7-5ae9ea4d8ce5}.xpi [2014-11-30]
FF Extension: Adblock Plus - C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-25]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: Kein Name - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-09-17]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-03-18]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009-10-31]
FF HKLM-x32\...\Firefox\Extensions: [{cb84136f-9c44-433a-9048-c5cd9df1dc16}] - C:\Program Files (x86)\PC Tools Security\BDT\Firefox
FF Extension: Browser Defender Toolbar - C:\Program Files (x86)\PC Tools Security\BDT\Firefox [2011-04-17]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR Profile: C:\Users\BozKurT\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2010-06-12]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2010-06-12]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Acer HomeMedia Connect Service; C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [269448 2008-05-20] (CyberLink) [Datei ist nicht signiert]
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-04-09] (Adobe Systems) [Datei ist nicht signiert]
S2 Browser Defender Update Service; C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe [337872 2011-04-12] (Threat Expert Ltd.)
S2 BUNAgentSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [16384 2008-03-03] (NewTech Infosystems, Inc.) [Datei ist nicht signiert]
S2 dlcd_device; C:\Windows\system32\dlcdcoms.exe [566768 2007-01-17] ( )
S2 eDataSecurity Service; C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [500784 2008-07-29] (Egis Incorporated)
R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-08-19] () [Datei ist nicht signiert]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
S2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [154856 2015-09-15] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe [797864 2009-01-08] (McAfee, Inc.)
R2 McNASvc; c:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe [2482848 2009-01-09] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [696848 2009-04-01] (McAfee, Inc.)
R2 McProxy; c:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe [359952 2009-01-09] (McAfee, Inc.)
R2 McShield; C:\Program Files\McAfee\VirusScan\Mcshield.exe [153920 2009-03-25] (McAfee, Inc.)
R3 McSysmon; C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe [606736 2009-03-24] (McAfee, Inc.)
R2 MpfService; C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe [884360 2009-03-19] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files (x86)\McAfee\MSK\MskSrver.exe [26640 2009-01-09] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4466688 2007-11-08] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S2 NTIBackupSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [45056 2008-04-25] (NewTech InfoSystems, Inc.) [Datei ist nicht signiert]
S2 NTISchedulerSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072 2008-04-25] () [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [241734 2008-06-13] () [Datei ist nicht signiert]
S2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-21] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-21] (Microsoft Corporation)
S1 Beep; kein ImagePath
S3 camdrv42; C:\Windows\System32\DRIVERS\camdrv42.sys [1533952 2007-04-23] ()
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-12-30] () [Datei ist nicht signiert]
U4 Iteidelr; kein ImagePath
S3 ITEIO.SYS; c:\Windows\System32\drivers\ITEIO.sys [13144 2008-02-25] (Windows (R) Codename Longhorn DDK provider) [Datei ist nicht signiert]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [102600 2009-03-25] (McAfee, Inc.)
R1 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [307400 2009-03-25] (McAfee, Inc.)
S3 mferkdk; C:\Windows\System32\drivers\mferkdk.sys [40904 2009-03-25] (McAfee, Inc.)
R3 mfesmfk; C:\Windows\System32\drivers\mfesmfk.sys [49480 2009-03-25] (McAfee, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R1 MPFP; C:\Windows\System32\Drivers\Mpfp.sys [176144 2008-10-23] (McAfee, Inc.)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S3 nmwcdx64; C:\Windows\System32\drivers\ccdcmbx64.sys [18432 2008-05-02] (Nokia)
R0 PCTCore; C:\Windows\System32\drivers\PCTCore64.sys [282440 2011-03-10] (PC Tools)
R0 pctDS; C:\Windows\System32\drivers\pctDS64.sys [452872 2010-06-29] (PC Tools)
R0 pctEFA; C:\Windows\System32\drivers\pctEFA64.sys [816016 2010-07-16] (PC Tools)
R0 PSDFilter; C:\Windows\System32\DRIVERS\psdfilter.sys [22064 2008-07-29] (Egis Incorporated)
R2 PSDNServ; C:\Windows\System32\DRIVERS\PSDNServ.sys [21040 2008-07-29] (Egis Incorporated)
R2 psdvdisk; C:\Windows\System32\DRIVERS\PSDVdisk.sys [60976 2008-07-29] (Egis Incorporated)
S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerfltx64.sys [8704 2008-05-02] (Windows (R) Codename Longhorn DDK provider)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-21 12:23 - 2015-09-21 12:23 - 00001390 _____ C:\Users\BozKurT\Desktop\JRT.txt
2015-09-21 12:15 - 2015-09-21 12:15 - 01798976 _____ (Malwarebytes) C:\Users\BozKurT\Desktop\JRT.exe
2015-09-21 12:04 - 2015-09-21 12:19 - 00000027 _____ C:\Windows\SysWOW64\MPFServiceFailureCount.txt
2015-09-21 11:57 - 2015-09-21 11:57 - 01662976 _____ C:\Users\BozKurT\Desktop\AdwCleaner_5.008.exe
2015-09-21 11:54 - 2015-09-21 11:54 - 00002354 _____ C:\Users\BozKurT\Desktop\mbam.txt
2015-09-21 11:01 - 2015-09-21 11:53 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-21 11:01 - 2015-09-21 11:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-09-21 11:01 - 2015-09-21 11:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-21 11:01 - 2015-09-21 11:01 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-09-21 11:01 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-21 11:01 - 2015-06-18 08:41 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-09-21 11:01 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-09-21 11:00 - 2015-09-21 11:00 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\BozKurT\Desktop\mbam-setup-2.1.8.1057(1).exe
2015-09-21 10:55 - 2015-09-21 10:55 - 00321848 _____ (Malwarebytes Corporation) C:\Users\BozKurT\Downloads\mbam-clean-2.1.1.1001.exe
2015-09-17 15:47 - 2015-09-17 15:47 - 00000000 ____D C:\Users\BozKurT\Searches\Documents\Eigene Scans
2015-09-17 11:31 - 2015-09-17 11:31 - 00028035 _____ C:\ComboFix.txt
2015-09-17 10:59 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-09-17 10:59 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-09-17 10:59 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-09-17 10:59 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-09-17 10:59 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-09-17 10:59 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-09-17 10:59 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-09-17 10:59 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-09-17 10:54 - 2015-09-17 11:32 - 00000000 ____D C:\Qoobox
2015-09-17 10:53 - 2015-09-17 11:28 - 00000000 ____D C:\Windows\erdnt
2015-09-17 10:53 - 2015-09-17 10:59 - 00000000 ____D C:\32788R22FWJFW
2015-09-17 10:46 - 2015-09-17 10:46 - 05635119 ____R (Swearware) C:\Users\BozKurT\Desktop\ComboFix.exe
2015-09-16 23:45 - 2015-09-16 23:45 - 00000000 ____D C:\Users\BozKurT\Desktop\FRST-OlderVersion
2015-09-16 18:18 - 2015-09-16 18:21 - 00000000 ____D C:\Users\BozKurT\Desktop\ImageTransfer_2015-09-16_18-16
2015-09-16 00:38 - 2015-09-16 00:38 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\BozKurT\Desktop\tdsskiller.exe
2015-09-15 22:44 - 2015-09-16 00:36 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-15 22:40 - 2015-09-16 00:36 - 00000000 ____D C:\Users\BozKurT\Desktop\mbar
2015-09-15 22:35 - 2015-09-15 22:36 - 16563352 _____ (Malwarebytes Corp.) C:\Users\BozKurT\Desktop\mbar-1.09.3.1001.exe
2015-09-14 16:31 - 2015-09-14 17:30 - 00050976 _____ C:\Users\BozKurT\Desktop\Addition.txt
2015-09-14 16:24 - 2015-09-21 12:27 - 00030631 _____ C:\Users\BozKurT\Desktop\FRST.txt
2015-09-14 14:51 - 2015-09-16 23:45 - 02191360 _____ (Farbar) C:\Users\BozKurT\Desktop\FRST64.exe
2015-09-14 10:13 - 2015-07-10 16:31 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-14 10:13 - 2015-07-10 16:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-09-14 09:57 - 2015-08-13 16:36 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-09-14 09:57 - 2015-08-13 16:36 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-09-14 09:54 - 2015-09-02 23:26 - 01875968 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-14 09:54 - 2015-09-02 23:26 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-14 09:54 - 2015-09-02 23:26 - 01402368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-14 09:54 - 2015-09-02 23:26 - 01253376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-13 15:58 - 2015-08-17 19:56 - 17890304 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-13 15:58 - 2015-08-17 19:53 - 02348544 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-13 15:58 - 2015-08-17 19:49 - 10936832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-13 15:58 - 2015-08-17 19:48 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-13 15:58 - 2015-08-17 19:47 - 02158080 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-13 15:58 - 2015-08-17 19:47 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-13 15:58 - 2015-08-17 19:47 - 01387520 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-13 15:58 - 2015-08-17 19:46 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-13 15:58 - 2015-08-17 19:46 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-13 15:58 - 2015-08-17 19:46 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-13 15:58 - 2015-08-17 19:46 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-13 15:58 - 2015-08-17 19:46 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-13 15:58 - 2015-08-17 19:46 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-13 15:58 - 2015-08-17 19:46 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-13 15:58 - 2015-08-17 19:46 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-13 15:58 - 2015-08-17 19:46 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-09-13 15:58 - 2015-08-17 19:46 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-13 15:58 - 2015-08-17 19:46 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-13 15:58 - 2015-08-17 19:46 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-13 15:58 - 2015-08-17 19:46 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-09-13 15:58 - 2015-08-17 19:46 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-09-13 15:58 - 2015-08-17 19:46 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-09-13 15:58 - 2015-08-17 19:18 - 01814016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-13 15:58 - 2015-08-17 19:17 - 12388352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-13 15:58 - 2015-08-17 19:14 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-13 15:58 - 2015-08-17 19:13 - 09751040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-13 15:58 - 2015-08-17 19:12 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-13 15:58 - 2015-08-17 19:12 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-13 15:58 - 2015-08-17 19:11 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-13 15:58 - 2015-08-17 19:11 - 00422400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-13 15:58 - 2015-08-17 19:10 - 01804288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-13 15:58 - 2015-08-17 19:10 - 00718848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-13 15:58 - 2015-08-17 19:10 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-13 15:58 - 2015-08-17 19:10 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-13 15:58 - 2015-08-17 19:10 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-09-13 15:58 - 2015-08-17 19:10 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-13 15:58 - 2015-08-17 19:10 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-13 15:58 - 2015-08-17 19:10 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-09-13 15:58 - 2015-08-17 19:10 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-13 15:58 - 2015-08-17 19:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-09-13 15:58 - 2015-08-17 19:10 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-09-13 15:58 - 2015-08-17 19:10 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-09-13 15:58 - 2015-08-17 19:10 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-09-13 15:58 - 2015-08-17 19:09 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-09-12 20:50 - 2015-09-12 20:50 - 00000000 ____D C:\ProgramData\AVG
2015-09-12 15:42 - 2015-09-12 15:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java(218)
2015-09-09 12:34 - 2015-08-05 17:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-09 12:33 - 2015-09-02 23:26 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-09 12:33 - 2015-09-02 23:25 - 00048128 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-09 12:33 - 2015-09-02 22:17 - 02797056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-09 12:33 - 2015-09-02 22:16 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-09 12:33 - 2015-09-02 21:54 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-08 13:50 - 2015-09-08 13:50 - 00000000 ____D C:\Users\BozKurT\AppData\Roaming\Sun
2015-09-08 13:45 - 2015-09-08 13:45 - 00795720 _____ C:\Users\BozKurT\AppData\Local\dd_VC_MinRed_MSI4B14.txt

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-21 12:27 - 2014-04-24 15:30 - 00000000 ____D C:\FRST
2015-09-21 12:26 - 2006-11-02 17:22 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-21 12:26 - 2006-11-02 17:22 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-21 12:20 - 2008-10-31 20:50 - 00229667 _____ C:\Windows\system32\Config.MPF
2015-09-21 12:19 - 2006-10-10 03:06 - 00000000 _____ C:\Windows\system32\LogConfigTemp.xml
2015-09-21 12:07 - 2009-11-16 20:16 - 00000000 ____D C:\ProgramData\TEMP
2015-09-21 12:07 - 2008-10-31 21:05 - 01817736 _____ C:\Users\Public\eDSMSNLoader32.log
2015-09-21 12:07 - 2008-10-31 21:00 - 00000147 _____ C:\Windows\SysWOW64\agent.log
2015-09-21 12:06 - 2013-10-11 20:04 - 07501428 _____ C:\Windows\PFRO.log
2015-09-21 12:06 - 2010-02-04 20:11 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-21 12:06 - 2008-10-31 20:20 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-21 12:06 - 2006-11-02 17:42 - 00032554 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-09-21 12:06 - 2006-11-02 17:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-21 12:05 - 2006-10-10 02:59 - 01107524 _____ C:\Windows\WindowsUpdate.log
2015-09-21 12:04 - 2014-04-25 20:03 - 00000000 ____D C:\AdwCleaner
2015-09-21 12:01 - 2012-06-30 14:14 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-21 11:47 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\Globalization
2015-09-21 11:31 - 2010-02-04 20:11 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-20 19:30 - 2012-03-26 15:58 - 00000000 ____D C:\Users\BozKurT\Desktop\emine
2015-09-20 18:16 - 2015-02-16 20:29 - 00003706 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{4D2CA3CA-A550-409B-BBD7-2167104BBC95}
2015-09-20 12:49 - 2008-01-21 13:10 - 01758728 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-20 12:49 - 2008-01-21 13:09 - 00746138 _____ C:\Windows\system32\perfh007.dat
2015-09-20 12:49 - 2008-01-21 13:09 - 00177920 _____ C:\Windows\system32\perfc007.dat
2015-09-20 12:29 - 2009-03-29 17:03 - 00000000 ____D C:\Users\BozKurT\Desktop\Süleyman
2015-09-18 12:26 - 2010-02-04 20:11 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-18 12:26 - 2010-02-04 20:11 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-18 00:12 - 2008-10-31 20:48 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-09-18 00:12 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\system32\spool
2015-09-17 22:32 - 2009-03-27 16:21 - 00000000 ____D C:\Users\BozKurT\AppData\Roaming\vlc
2015-09-17 11:31 - 2006-11-02 15:33 - 00000000 __RHD C:\Users\Default
2015-09-17 11:27 - 2006-11-02 14:34 - 00000215 _____ C:\Windows\system.ini
2015-09-16 23:38 - 2015-05-25 14:15 - 00000000 ____D C:\Users\BozKurT\Desktop\drucken
2015-09-16 23:29 - 2009-03-18 15:02 - 00000000 ____D C:\Users\BozKurT\Searches\Documents\Meine empfangenen Dateien
2015-09-14 16:17 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\rescache
2015-09-14 10:19 - 2006-11-02 17:07 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-14 10:18 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-14 10:14 - 2010-10-24 12:12 - 04078436 _____ C:\Windows\system32\Drivers\Cat.DB
2015-09-14 10:13 - 2008-10-31 20:35 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-14 10:11 - 2013-08-14 23:51 - 00000000 ____D C:\Windows\system32\MRT
2015-09-14 09:38 - 2009-03-18 13:54 - 00000000 ____D C:\Users\BozKurT
2015-09-13 01:34 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\system32\Msdtc
2015-09-13 01:34 - 2006-11-02 14:33 - 75497472 _____ C:\Windows\system32\config\components_previous
2015-09-13 01:34 - 2006-11-02 14:33 - 58458112 _____ C:\Windows\system32\config\system_previous
2015-09-13 01:34 - 2006-11-02 14:33 - 106430464 _____ C:\Windows\system32\config\software_previous
2015-09-13 01:34 - 2006-11-02 14:33 - 00786432 _____ C:\Windows\system32\config\default_previous
2015-09-13 01:34 - 2006-11-02 14:33 - 00262144 _____ C:\Windows\system32\config\security_previous
2015-09-13 01:34 - 2006-11-02 14:33 - 00262144 _____ C:\Windows\system32\config\sam_previous
2015-09-13 01:13 - 2014-10-18 23:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-13 01:13 - 2006-11-02 17:07 - 00000000 ____D C:\Windows\ShellNew
2015-09-13 01:12 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\registration
2015-09-12 15:43 - 2014-04-27 21:33 - 00000000 ____D C:\ProgramData\Oracle
2015-09-09 23:35 - 2009-11-23 12:44 - 00000000 ____D C:\Users\BozKurT\Desktop\Ugur
2015-09-09 16:18 - 2006-11-02 17:21 - 03338416 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-08 13:49 - 2014-10-18 23:20 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-09-08 13:48 - 2009-03-19 14:25 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-08 13:45 - 2013-10-09 16:29 - 02160832 _____ C:\Users\BozKurT\AppData\Local\dd_install_vb_xcor_90.txt
2015-09-08 13:44 - 2013-10-09 16:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 9.0
2015-09-08 13:42 - 2013-10-09 16:29 - 00136446 _____ C:\Users\BozKurT\AppData\Local\dd_depcheck_VB_EXP_90.txt
2015-09-08 13:41 - 2011-08-10 16:44 - 00000000 ____D C:\Program Files (x86)\IpodConverter
2015-09-08 13:38 - 2015-05-17 21:24 - 00000000 ____D C:\Users\BozKurT\AppData\Roaming\Skype
2015-09-08 13:38 - 2015-05-17 21:23 - 00000000 ____D C:\ProgramData\Skype
2015-08-26 18:37 - 2006-11-02 14:35 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-03-06 01:06 - 2014-03-06 01:06 - 0001181 _____ () C:\Users\BozKurT\AppData\Roaming\trace_FilterInstaller.1.txt
2014-03-06 01:06 - 2014-03-06 01:14 - 0000919 _____ () C:\Users\BozKurT\AppData\Roaming\trace_FilterInstaller.txt
2014-03-06 01:06 - 2014-03-06 01:14 - 0000000 _____ () C:\Users\BozKurT\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2011-01-12 21:56 - 2015-08-01 12:46 - 0001356 _____ () C:\Users\BozKurT\AppData\Local\d3d9caps.dat
2011-07-03 10:15 - 2012-07-21 23:02 - 0000732 _____ () C:\Users\BozKurT\AppData\Local\d3d9caps64.dat
2009-03-19 14:28 - 2015-07-17 01:35 - 0223232 _____ () C:\Users\BozKurT\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-07-02 11:22 - 2009-07-02 11:22 - 0036172 _____ () C:\Users\BozKurT\AppData\Local\dd_depcheck_NETFX_EXP_35.txt
2013-10-09 16:29 - 2015-09-08 13:42 - 0136446 _____ () C:\Users\BozKurT\AppData\Local\dd_depcheck_VB_EXP_90.txt
2009-07-02 11:22 - 2009-07-02 11:22 - 0000002 _____ () C:\Users\BozKurT\AppData\Local\dd_dotnetfx35error_lp.txt
2009-07-02 11:22 - 2009-07-02 11:23 - 0203664 _____ () C:\Users\BozKurT\AppData\Local\dd_dotnetfx35install_lp.txt
2013-10-09 16:29 - 2013-10-09 16:29 - 0000002 _____ () C:\Users\BozKurT\AppData\Local\dd_error_vb_xcor_90.txt
2013-10-09 16:32 - 2013-10-09 16:32 - 1176452 _____ () C:\Users\BozKurT\AppData\Local\dd_ExpRemoteDbg_x64_MSI741A.txt
2013-10-09 16:29 - 2015-09-08 13:45 - 2160832 _____ () C:\Users\BozKurT\AppData\Local\dd_install_vb_xcor_90.txt
2009-07-02 11:22 - 2009-07-02 11:22 - 0811646 _____ () C:\Users\BozKurT\AppData\Local\dd_NET_Framework35_LangPack_MSI6767.txt
2013-10-09 16:37 - 2013-10-09 16:37 - 0341986 _____ () C:\Users\BozKurT\AppData\Local\dd_SQLCEToolsForVS2007_MSI77B0.txt
2013-10-09 16:37 - 2013-10-09 16:37 - 0383494 _____ () C:\Users\BozKurT\AppData\Local\dd_SSCERuntime_MSI77A0.txt
2010-10-24 12:12 - 2010-10-24 12:12 - 0422964 _____ () C:\Users\BozKurT\AppData\Local\dd_vcredistMSI3F4F.txt
2011-04-17 14:03 - 2011-04-17 14:03 - 0438398 _____ () C:\Users\BozKurT\AppData\Local\dd_vcredistMSI7D1E.txt
2010-10-24 12:12 - 2010-10-24 12:12 - 0013782 _____ () C:\Users\BozKurT\AppData\Local\dd_vcredistUI3F4F.txt
2010-10-24 12:12 - 2010-10-24 12:12 - 0012938 _____ () C:\Users\BozKurT\AppData\Local\dd_vcredistUI3F50.txt
2011-04-17 14:03 - 2011-04-17 14:03 - 0012646 _____ () C:\Users\BozKurT\AppData\Local\dd_vcredistUI7D1E.txt
2011-04-17 14:03 - 2011-04-17 14:03 - 0011786 _____ () C:\Users\BozKurT\AppData\Local\dd_vcredistUI7D1F.txt
2015-09-08 13:45 - 2015-09-08 13:45 - 0795720 _____ () C:\Users\BozKurT\AppData\Local\dd_VC_MinRed_MSI4B14.txt
2013-10-09 16:32 - 2013-10-09 16:32 - 0853224 _____ () C:\Users\BozKurT\AppData\Local\dd_VC_MinRed_MSI7400.txt
2013-10-09 16:32 - 2013-10-09 16:32 - 0255488 _____ () C:\Users\BozKurT\AppData\Local\dd_WinSDK_ExpTools_x64_MSI743E.txt
2013-10-09 16:32 - 2013-10-09 16:32 - 0204582 _____ () C:\Users\BozKurT\AppData\Local\dd_WinSDK_Win32ExpTools_x64_MSI7455.txt
2009-07-02 11:22 - 2015-09-08 13:45 - 1782730 _____ () C:\Users\BozKurT\AppData\Local\uxeventlog.txt
2015-09-08 13:42 - 2015-09-08 13:45 - 8302854 _____ () C:\Users\BozKurT\AppData\Local\VSMsiLog48F9.txt
2013-10-09 16:33 - 2013-10-09 16:37 - 11430914 _____ () C:\Users\BozKurT\AppData\Local\VSMsiLog7469.txt
2009-04-02 23:42 - 2009-04-02 23:42 - 0000011 _____ () C:\ProgramData\.tv5
2009-10-31 18:57 - 2012-05-01 21:39 - 0001723 _____ () C:\ProgramData\hpzinstall.log

Einige Dateien in TEMP:
====================
C:\Users\BozKurT\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-21 12:13

==================== Ende von FRST.txt ============================
         
Vielen Dank!

Antwort

Themen zu Windows Vista: PC hängt sich ständig auf
bestimmte, blieb, datei, dauert, einfach, fehlermeldung, garnichts, gestartet, hängt, java, java update, laden, lag, minute, pc hängt, seite, seiten, systemwiederherstellung, troja, update, versuche, vista, windows, windows vista, woran



Ähnliche Themen: Windows Vista: PC hängt sich ständig auf


  1. Windows Vista hängt sich auf!
    Alles rund um Windows - 13.10.2015 (13)
  2. Windows 7 hängt sich ständig auf
    Log-Analyse und Auswertung - 15.03.2015 (27)
  3. Windows Vista hängt sich nach kurzer Standby auf und reagiert nicht mehr.
    Alles rund um Windows - 12.10.2014 (3)
  4. Windows Vista: ewiges booten, email-browser hängt sich auf und vieles mehr
    Plagegeister aller Art und deren Bekämpfung - 11.03.2014 (21)
  5. Samsung Laptop mit Vista hängt sich ständig auf - auch schon beim Surfen
    Plagegeister aller Art und deren Bekämpfung - 20.01.2014 (11)
  6. Laptop hängt sich ständig auf
    Log-Analyse und Auswertung - 11.01.2014 (3)
  7. Firefox hängt sich ständig auf
    Log-Analyse und Auswertung - 26.07.2013 (1)
  8. PC hängt sich ständig auf
    Plagegeister aller Art und deren Bekämpfung - 12.10.2012 (25)
  9. PC hängt sich ständig auf...Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 20.09.2010 (7)
  10. Rechner hängt sich ständig auf.....
    Log-Analyse und Auswertung - 20.08.2010 (6)
  11. PC hängt sich ständig auf
    Log-Analyse und Auswertung - 02.07.2010 (9)
  12. PC hängt sich ständig auf, bzw. Monitor schaltet sich an und aus
    Netzwerk und Hardware - 12.04.2010 (4)
  13. PC hängt sich ständig auf
    Log-Analyse und Auswertung - 10.11.2009 (0)
  14. Pc hängt sich ständig auf :-(
    Log-Analyse und Auswertung - 14.10.2009 (11)
  15. PC hängt sich ständig auf bzw. friert ein
    Log-Analyse und Auswertung - 19.05.2009 (0)
  16. internetseiten bauen sich langsam auf/laptop hängt sich ständig auf
    Plagegeister aller Art und deren Bekämpfung - 14.01.2009 (0)
  17. Explorer hängt sich ständig auf
    Log-Analyse und Auswertung - 13.02.2006 (1)

Zum Thema Windows Vista: PC hängt sich ständig auf - Hallo liebes Trojaner-Board-Team! Ich bins mal wieder Habe seit langem mal wieder einen MWB Suchdurchlauf gestartet und musste den kurz vor Ende unterbrechen, da ich los musste. Zu dem Zeitpunkt - Windows Vista: PC hängt sich ständig auf...
Archiv
Du betrachtest: Windows Vista: PC hängt sich ständig auf auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.