Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Viele Funde mit MBAM

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 07.11.2015, 18:07   #1
seal.1
 
Viele Funde mit MBAM - Standard

Viele Funde mit MBAM



Hallo,

ich hatte mir vor Kurzem den Audiograbber heruntergeladen und im Anschluss auch das mp3plugin von deren Homepage. Bei der Installation wurde wohl jede Menge Müll mitinstalliert. Einiges habe ich mittlerweile wieder deinstalliert, wollte aber heute doch mal MBAM über mein System laufen lassen, da in Firefox einige Einstellungen geändert wurden (Startseite, Aussehen der Seite bei Start eines neuen Tabs). Dabei hat MBAM recht viel gefunden. Ich hänge das LOG mal an.
Bis auf die Probleme im Browser konnte ich bislang keine Beinträchtigungen im System feststellen, die die letzten Tage aufgetreten wäre. Es dauert lediglich lange, bis nach einem Neustart oder nach dem Ruhemodus etwas mit dem Rechner angefangen werden kann. Windows ist zwar hochgefahren, Anwendungen können aber erst nach einer gewissen Zeit gestartet werden.

Danke schon einmal für das Überprüfen der Logfiles. Muss diese leider aufgrund der Größe in mehreren Schritten posten.

GMER

Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-11-07 18:48:08
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 SAMSUNG_ rev.2AK1 596,17GB
Running: Gmer-19357.exe; Driver: C:\Users\Holgi\AppData\Local\Temp\pgloipod.sys


---- User code sections - GMER 2.1 ----

.text    C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2752] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                0000000076ae1401 2 bytes JMP 76f1b21b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2752] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                  0000000076ae1419 2 bytes JMP 76f1b346 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2752] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                0000000076ae1431 2 bytes JMP 76f98fd1 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2752] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                0000000076ae144a 2 bytes CALL 76ef489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                           * 9
.text    C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2752] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                   0000000076ae14dd 2 bytes JMP 76f988c4 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2752] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                            0000000076ae14f5 2 bytes JMP 76f98aa0 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2752] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                   0000000076ae150d 2 bytes JMP 76f987ba C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2752] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                            0000000076ae1525 2 bytes JMP 76f98b8a C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2752] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                  0000000076ae153d 2 bytes JMP 76f0fca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2752] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                       0000000076ae1555 2 bytes JMP 76f168ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2752] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                0000000076ae156d 2 bytes JMP 76f99089 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2752] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                  0000000076ae1585 2 bytes JMP 76f98bea C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2752] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                     0000000076ae159d 2 bytes JMP 76f9877e C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2752] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                  0000000076ae15b5 2 bytes JMP 76f0fd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2752] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                0000000076ae15cd 2 bytes JMP 76f1b2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2752] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                            0000000076ae16b2 2 bytes JMP 76f98f4c C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2752] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                            0000000076ae16bd 2 bytes JMP 76f98713 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Samsung\Kies\Kies.exe[4760] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                                    0000000076ae1401 2 bytes JMP 76f1b21b C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Samsung\Kies\Kies.exe[4760] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                      0000000076ae1419 2 bytes JMP 76f1b346 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Samsung\Kies\Kies.exe[4760] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                                    0000000076ae1431 2 bytes JMP 76f98fd1 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Samsung\Kies\Kies.exe[4760] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                                    0000000076ae144a 2 bytes CALL 76ef489d C:\Windows\syswow64\KERNEL32.dll
.text    ...                                                                                                                                                                                                           * 9
.text    C:\Program Files (x86)\Samsung\Kies\Kies.exe[4760] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                       0000000076ae14dd 2 bytes JMP 76f988c4 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Samsung\Kies\Kies.exe[4760] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                                0000000076ae14f5 2 bytes JMP 76f98aa0 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Samsung\Kies\Kies.exe[4760] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                       0000000076ae150d 2 bytes JMP 76f987ba C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Samsung\Kies\Kies.exe[4760] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                                0000000076ae1525 2 bytes JMP 76f98b8a C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Samsung\Kies\Kies.exe[4760] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                      0000000076ae153d 2 bytes JMP 76f0fca8 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Samsung\Kies\Kies.exe[4760] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                           0000000076ae1555 2 bytes JMP 76f168ef C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Samsung\Kies\Kies.exe[4760] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                                    0000000076ae156d 2 bytes JMP 76f99089 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Samsung\Kies\Kies.exe[4760] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                      0000000076ae1585 2 bytes JMP 76f98bea C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Samsung\Kies\Kies.exe[4760] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                         0000000076ae159d 2 bytes JMP 76f9877e C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Samsung\Kies\Kies.exe[4760] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                      0000000076ae15b5 2 bytes JMP 76f0fd41 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Samsung\Kies\Kies.exe[4760] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                                    0000000076ae15cd 2 bytes JMP 76f1b2dc C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Samsung\Kies\Kies.exe[4760] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                                0000000076ae16b2 2 bytes JMP 76f98f4c C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Samsung\Kies\Kies.exe[4760] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                                0000000076ae16bd 2 bytes JMP 76f98713 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe[3052] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                  0000000076ae1401 2 bytes JMP 76f1b21b C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe[3052] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                    0000000076ae1419 2 bytes JMP 76f1b346 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe[3052] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                  0000000076ae1431 2 bytes JMP 76f98fd1 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe[3052] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                  0000000076ae144a 2 bytes CALL 76ef489d C:\Windows\syswow64\KERNEL32.dll
.text    ...                                                                                                                                                                                                           * 9
.text    C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe[3052] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                     0000000076ae14dd 2 bytes JMP 76f988c4 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe[3052] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                              0000000076ae14f5 2 bytes JMP 76f98aa0 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe[3052] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                     0000000076ae150d 2 bytes JMP 76f987ba C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe[3052] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                              0000000076ae1525 2 bytes JMP 76f98b8a C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe[3052] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                    0000000076ae153d 2 bytes JMP 76f0fca8 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe[3052] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                         0000000076ae1555 2 bytes JMP 76f168ef C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe[3052] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                  0000000076ae156d 2 bytes JMP 76f99089 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe[3052] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                    0000000076ae1585 2 bytes JMP 76f98bea C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe[3052] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                       0000000076ae159d 2 bytes JMP 76f9877e C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe[3052] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                    0000000076ae15b5 2 bytes JMP 76f0fd41 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe[3052] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                  0000000076ae15cd 2 bytes JMP 76f1b2dc C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe[3052] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                              0000000076ae16b2 2 bytes JMP 76f98f4c C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe[3052] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                              0000000076ae16bd 2 bytes JMP 76f98713 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files\AVAST Software\Avast\avastui.exe[5824] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter                                                                                          0000000076ef8781 8 bytes [31, C0, C2, 04, 00, 90, 90, ...]
.text    C:\Program Files (x86)\Dell Update\DellUpService.exe[5800] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                            0000000076ae1401 2 bytes JMP 76f1b21b C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell Update\DellUpService.exe[5800] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                              0000000076ae1419 2 bytes JMP 76f1b346 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell Update\DellUpService.exe[5800] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                            0000000076ae1431 2 bytes JMP 76f98fd1 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell Update\DellUpService.exe[5800] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                            0000000076ae144a 2 bytes CALL 76ef489d C:\Windows\syswow64\KERNEL32.dll
.text    ...                                                                                                                                                                                                           * 9
.text    C:\Program Files (x86)\Dell Update\DellUpService.exe[5800] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                               0000000076ae14dd 2 bytes JMP 76f988c4 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell Update\DellUpService.exe[5800] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                        0000000076ae14f5 2 bytes JMP 76f98aa0 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell Update\DellUpService.exe[5800] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                               0000000076ae150d 2 bytes JMP 76f987ba C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell Update\DellUpService.exe[5800] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                        0000000076ae1525 2 bytes JMP 76f98b8a C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell Update\DellUpService.exe[5800] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                              0000000076ae153d 2 bytes JMP 76f0fca8 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell Update\DellUpService.exe[5800] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                   0000000076ae1555 2 bytes JMP 76f168ef C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell Update\DellUpService.exe[5800] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                            0000000076ae156d 2 bytes JMP 76f99089 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell Update\DellUpService.exe[5800] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                              0000000076ae1585 2 bytes JMP 76f98bea C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell Update\DellUpService.exe[5800] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                 0000000076ae159d 2 bytes JMP 76f9877e C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell Update\DellUpService.exe[5800] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                              0000000076ae15b5 2 bytes JMP 76f0fd41 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell Update\DellUpService.exe[5800] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                            0000000076ae15cd 2 bytes JMP 76f1b2dc C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell Update\DellUpService.exe[5800] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                        0000000076ae16b2 2 bytes JMP 76f98f4c C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell Update\DellUpService.exe[5800] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                        0000000076ae16bd 2 bytes JMP 76f98713 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell Update\DellUpTray.exe[1652] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                               0000000076ae1401 2 bytes JMP 76f1b21b C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell Update\DellUpTray.exe[1652] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                 0000000076ae1419 2 bytes JMP 76f1b346 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell Update\DellUpTray.exe[1652] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                               0000000076ae1431 2 bytes JMP 76f98fd1 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell Update\DellUpTray.exe[1652] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                               0000000076ae144a 2 bytes CALL 76ef489d C:\Windows\syswow64\KERNEL32.dll
.text    ...                                                                                                                                                                                                           * 9
.text    C:\Program Files (x86)\Dell Update\DellUpTray.exe[1652] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                  0000000076ae14dd 2 bytes JMP 76f988c4 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell Update\DellUpTray.exe[1652] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                           0000000076ae14f5 2 bytes JMP 76f98aa0 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell Update\DellUpTray.exe[1652] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                  0000000076ae150d 2 bytes JMP 76f987ba C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell Update\DellUpTray.exe[1652] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                           0000000076ae1525 2 bytes JMP 76f98b8a C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell Update\DellUpTray.exe[1652] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                 0000000076ae153d 2 bytes JMP 76f0fca8 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell Update\DellUpTray.exe[1652] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                      0000000076ae1555 2 bytes JMP 76f168ef C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell Update\DellUpTray.exe[1652] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                               0000000076ae156d 2 bytes JMP 76f99089 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell Update\DellUpTray.exe[1652] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                 0000000076ae1585 2 bytes JMP 76f98bea C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell Update\DellUpTray.exe[1652] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                    0000000076ae159d 2 bytes JMP 76f9877e C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell Update\DellUpTray.exe[1652] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                 0000000076ae15b5 2 bytes JMP 76f0fd41 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell Update\DellUpTray.exe[1652] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                               0000000076ae15cd 2 bytes JMP 76f1b2dc C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell Update\DellUpTray.exe[1652] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                           0000000076ae16b2 2 bytes JMP 76f98f4c C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Dell Update\DellUpTray.exe[1652] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                           0000000076ae16bd 2 bytes JMP 76f98713 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[6308] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                  0000000076ae1401 2 bytes JMP 76f1b21b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[6308] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                    0000000076ae1419 2 bytes JMP 76f1b346 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[6308] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                  0000000076ae1431 2 bytes JMP 76f98fd1 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[6308] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                  0000000076ae144a 2 bytes CALL 76ef489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                           * 9
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[6308] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                     0000000076ae14dd 2 bytes JMP 76f988c4 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[6308] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                              0000000076ae14f5 2 bytes JMP 76f98aa0 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[6308] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                     0000000076ae150d 2 bytes JMP 76f987ba C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[6308] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                              0000000076ae1525 2 bytes JMP 76f98b8a C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[6308] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                    0000000076ae153d 2 bytes JMP 76f0fca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[6308] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                         0000000076ae1555 2 bytes JMP 76f168ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[6308] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                  0000000076ae156d 2 bytes JMP 76f99089 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[6308] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                    0000000076ae1585 2 bytes JMP 76f98bea C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[6308] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                       0000000076ae159d 2 bytes JMP 76f9877e C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[6308] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                    0000000076ae15b5 2 bytes JMP 76f0fd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[6308] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                  0000000076ae15cd 2 bytes JMP 76f1b2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[6308] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                              0000000076ae16b2 2 bytes JMP 76f98f4c C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[6308] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                              0000000076ae16bd 2 bytes JMP 76f98713 C:\Windows\syswow64\kernel32.dll
---- Processes - GMER 2.1 ----

Process  C:\ProgramData\DatacardService\DCService.exe (*** suspicious ***) @ C:\ProgramData\DatacardService\DCService.exe [2060](2010-08-19 08:52:04)                                                                  0000000000400000
Process  C:\ProgramData\DatacardService\DCSHelper.exe (*** suspicious ***) @ C:\ProgramData\DatacardService\DCSHelper.exe [4412] (DataCardMonitor MFC Application/Huawei Technologies Co., Ltd.)(2010-08-19 08:52:14)  0000000000400000

---- Registry - GMER 2.1 ----

Reg      HKLM\SYSTEM\CurrentControlSet\services\ngvss\Parameters@asserts                                                                                                                                               ????????????????????s9????X??????????t??swenum???????????????7?.1????????1???????????d??Compbatt????\??\C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \cleanup.old??\??\C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware ??\??\C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.old????????????????????r?????>?>?>?>?>?>?>?>?????????8?8?8?9?9?9?8?9?9?9?9?9?9?9?9?C?_??????? ???????????????????_?*????????????&???????????????????????? ?????????????????????*????????????&???????????????????????@battery.inf,%acpi\acpi0003.devicedesc%;Microsoft-Netzteil??????@oem65.inf,%synmfg%;Synaptics????7??????????????????????????????? ?????????????????????*????????????&????????????????????d??@oem65.inf,%ps2.syndevicedesc%;Synaptics PS/2 Port TouchPad??????9?:?D?D?A?M?M?A?A?B?M?W?????7??????????????????????????????????? ?????????????????????*????????????&????????????????????????v?v?????????????Y?????????????????????????s?????????C???-???????.?????????????????s{5??????{4d36e97d-e325-11ce-bfc1-08002be10318}\0063????
Reg      HKLM\SYSTEM\ControlSet002\services\ngvss\Parameters@asserts                                                                                                                                                   ????20????????????????????`????????????e????????????????????@%systemroot%\system32\rascfg.dll,-32002??????????????????????????`????????????n????????????????t???????????????????PNP Filter??????@%SystemRoot%\system32\drivers\nsiproxy.sys,-2??????????????????????????????????t?????????????????????????????????:???????????h?????System32\DRIVERS\netbt.sys????????f????????????e??????????????????:???????????h?????NetBIOSGroup??????$????????????n?????????????????????e??Tdx?tcpip????????????????????????s???a??????????????t????????????_?g5f???9????????????????????????????R????????????n?????? ??X??????p?????\????????????n????system32\DRIVERS\qicflt.sys???????????????????????\??????2?????e-9??PNP Filter??????????????????t????????????????????????:????????6????????????e????@%SystemRoot%\System32\drivers\pacer.sys,-101???????????????t??????????????????????????????????????????????????????????????g?????????????9?g90??????????????p????????????????????e???????????????i??ft??????????????????????ft????????????????????R????????????

---- EOF - GMER 2.1 ----
         
MBAM

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 07.11.2015
Suchlaufzeit: 17:48
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.11.07.03
Rootkit-Datenbank: v2015.11.04.02
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Holgi

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 366665
Abgelaufene Zeit: 29 Min., 56 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 14
PUP.Optional.WinManger, HKLM\SOFTWARE\CLASSES\APPID\{85198F55-85AC-498A-BFE4-BBC33840F4AB}, In Quarantäne, [f43bd4a75e2d3ff7336d979bbf43bb45], 
PUP.Optional.WinManger, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{85198F55-85AC-498A-BFE4-BBC33840F4AB}, In Quarantäne, [f43bd4a75e2d3ff7336d979bbf43bb45], 
PUP.Optional.WinManger, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{85198F55-85AC-498A-BFE4-BBC33840F4AB}, In Quarantäne, [f43bd4a75e2d3ff7336d979bbf43bb45], 
PUP.Optional.Elex, HKLM\SOFTWARE\CLASSES\TYPELIB\{8DD92279-9B04-4C6F-A862-EF3C24603804}, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{8DD92279-9B04-4C6F-A862-EF3C24603804}, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{8DD92279-9B04-4C6F-A862-EF3C24603804}, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ihpmServer, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [8fa0c7b40883d462a2bc81cb946f33cd], 
PUP.Optional.Elex, HKLM\SOFTWARE\WOW6432NODE\ihpmserver, In Quarantäne, [7ab5d1aa276459dd1151732e6f94d42c], 
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\mystartsearchSoftware, In Quarantäne, [f83738430289ea4c8b3882069d6523dd], 
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [f936d1aa7e0dd95d6bf350fc4eb5a25e], 
PUP.Optional.Elex, HKLM\SOFTWARE\WOW6432NODE\RAYDLD, In Quarantäne, [53dcec8f92f946f04515790609f96a96], 
PUP.Optional.MyStartSearch.ShrtCln, HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [e847ea91ff8cae88b3aaf656d3308e72], 
PUP.Optional.DeskCut, HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\SOFTWARE\MOZILLA\EXTENDS, In Quarantäne, [2906c7b4becdf2442cf7b2b428db2dd3], 

Registrierungswerte: 9
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, mystartsearch, In Quarantäne, [8fa0c7b40883d462a2bc81cb946f33cd]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, hxxp://www.mystartsearch.com/web/?type=ds&ts=1446793264&z=65ba5896cdfdd8f206f479dg2zbzfqam8t7cfocqaz&from=cvs&uid=samsungxhm640jj_s2aqjdrzb55118b55118&q={searchTerms}, In Quarantäne, [4be4d6a53457ae8860fb6e138280a65a]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, mystartsearch, In Quarantäne, [f936d1aa7e0dd95d6bf350fc4eb5a25e]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, hxxp://www.mystartsearch.com/web/?type=ds&ts=1446793264&z=65ba5896cdfdd8f206f479dg2zbzfqam8t7cfocqaz&from=cvs&uid=samsungxhm640jj_s2aqjdrzb55118b55118&q={searchTerms}, In Quarantäne, [50dfd5a62764b0864f0c4b36976b0af6]
PUP.Optional.DeskCut, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|deskCutv2@gmail.com, C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\6skugad3.default-1437192079831\extensions\deskCutv2@gmail.com, In Quarantäne, [d05ff388f09bd2641b09cc9a50b3da26]
PUP.Optional.Elex, HKLM\SOFTWARE\WOW6432NODE\RAYDLD|dir, C:\Program Files (x86)\RayDld, In Quarantäne, [53dcec8f92f946f04515790609f96a96]
PUP.Optional.MyStartSearch.ShrtCln, HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, mystartsearch, In Quarantäne, [e847ea91ff8cae88b3aaf656d3308e72]
PUP.Optional.MyStartSearch.ShrtCln, HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, hxxp://www.mystartsearch.com/web/?type=ds&ts=1446793264&z=65ba5896cdfdd8f206f479dg2zbzfqam8t7cfocqaz&from=cvs&uid=samsungxhm640jj_s2aqjdrzb55118b55118&q={searchTerms}, In Quarantäne, [3df2a2d9e9a25cda90ca641d689aca36]
PUP.Optional.DeskCut, HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\SOFTWARE\MOZILLA\EXTENDS|appid, deskCutv2@gmail.com, In Quarantäne, [2906c7b4becdf2442cf7b2b428db2dd3]

Registrierungsdaten: 7
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.mystartsearch.com/web/?type=ds&ts=1446793264&z=65ba5896cdfdd8f206f479dg2zbzfqam8t7cfocqaz&from=cvs&uid=samsungxhm640jj_s2aqjdrzb55118b55118&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/web/?type=ds&ts=1446793264&z=65ba5896cdfdd8f206f479dg2zbzfqam8t7cfocqaz&from=cvs&uid=samsungxhm640jj_s2aqjdrzb55118b55118&q={searchTerms}),Ersetzt,[d45b24573f4c76c01ca4241baf55ef11]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.mystartsearch.com/?type=hp&ts=1446793264&z=65ba5896cdfdd8f206f479dg2zbzfqam8t7cfocqaz&from=cvs&uid=samsungxhm640jj_s2aqjdrzb55118b55118, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/?type=hp&ts=1446793264&z=65ba5896cdfdd8f206f479dg2zbzfqam8t7cfocqaz&from=cvs&uid=samsungxhm640jj_s2aqjdrzb55118b55118),Ersetzt,[f03f611accbf85b1dfe1300fab5924dc]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.mystartsearch.com/web/?type=ds&ts=1446793264&z=65ba5896cdfdd8f206f479dg2zbzfqam8t7cfocqaz&from=cvs&uid=samsungxhm640jj_s2aqjdrzb55118b55118&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/web/?type=ds&ts=1446793264&z=65ba5896cdfdd8f206f479dg2zbzfqam8t7cfocqaz&from=cvs&uid=samsungxhm640jj_s2aqjdrzb55118b55118&q={searchTerms}),Ersetzt,[959abbc0b3d8ae88e3dddd624aba2ed2]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.mystartsearch.com/?type=hp&ts=1446793264&z=65ba5896cdfdd8f206f479dg2zbzfqam8t7cfocqaz&from=cvs&uid=samsungxhm640jj_s2aqjdrzb55118b55118, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/?type=hp&ts=1446793264&z=65ba5896cdfdd8f206f479dg2zbzfqam8t7cfocqaz&from=cvs&uid=samsungxhm640jj_s2aqjdrzb55118b55118),Ersetzt,[49e6e5968803d165764aba85e3219967]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|CustomizeSearch, hxxp://www.mystartsearch.com/web/?type=ds&ts=1446793264&z=65ba5896cdfdd8f206f479dg2zbzfqam8t7cfocqaz&from=cvs&uid=samsungxhm640jj_s2aqjdrzb55118b55118&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/web/?type=ds&ts=1446793264&z=65ba5896cdfdd8f206f479dg2zbzfqam8t7cfocqaz&from=cvs&uid=samsungxhm640jj_s2aqjdrzb55118b55118&q={searchTerms}),Ersetzt,[9b94f883d7b43afcf5cd1b24e4208f71]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://www.mystartsearch.com/web/?type=ds&ts=1446793264&z=65ba5896cdfdd8f206f479dg2zbzfqam8t7cfocqaz&from=cvs&uid=samsungxhm640jj_s2aqjdrzb55118b55118&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/web/?type=ds&ts=1446793264&z=65ba5896cdfdd8f206f479dg2zbzfqam8t7cfocqaz&from=cvs&uid=samsungxhm640jj_s2aqjdrzb55118b55118&q={searchTerms}),Ersetzt,[67c8bebddcaf72c4269c53ec7193867a]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[ed4208738dfe092d9ce0df67758fe818]

Ordner: 2
PUP.Optional.Elex, C:\Program Files (x86)\RayDld, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 

Dateien: 51
PUP.Optional.Freemium, C:\$RECYCLE.BIN\S-1-5-21-3276667617-2959320208-3705288580-1000\$RVJ3ICL\download-audiograbber-mp3plugin.exe, In Quarantäne, [d65993e891fab58117903d2d56aeb848], 
Heuristics.Shuriken, C:\Users\Holgi\AppData\Local\Temp\_@7403.tmp, In Quarantäne, [ffffffffffffffffffffffffffffffff], 
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\6skugad3.default-1437192079831\searchplugins\mystartsearch.xml, In Quarantäne, [a58a502bd9b2dd59cbf77513966cae52], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\uninstall.exe, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\ihpmServer.exe, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\ihpmServer.ini, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\Raydld.exe, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\MessageBox.xml, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\About.xml, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\about_banner.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\animate_history.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\animate_portal.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\animate_recent.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\big_button_down.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\bk_shadow.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\bottom_toolbar_bk.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\brower_back.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\brower_refresh.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\btn.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\btn_browser_dir.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\min.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\open_position.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\pause.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\progress_bk.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\progress_fore.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\scrollbar.bmp, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\Start.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\sysmenu.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\TaskListItem.xml, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\TaskListItemHistory.xml, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\TaskNew.xml, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\task_completed.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\task_failed.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\task_pause.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\toolbar_separator.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\WebPortal.xml, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\ck_box.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\ck_check.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\close.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\create.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\delete.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\drag_flag.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\exclamation.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\list_header_bk.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\logo_16.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\logo_small.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\main.xml, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\Menu.xml, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\MenuItem.xml, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\menu_bk.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\menu_bk_seperator.png, In Quarantäne, [1f1042396724d75ff8691091a3607a86], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         

Alt 07.11.2015, 18:18   #2
seal.1
 
Viele Funde mit MBAM - Standard

Viele Funde mit MBAM



TDSSKiller

Code:
ATTFilter
16:53:00.0965 0x1f20  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
16:53:51.0558 0x1f20  ============================================================
16:53:51.0558 0x1f20  Current date / time: 2015/11/07 16:53:51.0558
16:53:51.0558 0x1f20  SystemInfo:
16:53:51.0558 0x1f20  
16:53:51.0558 0x1f20  OS Version: 6.1.7601 ServicePack: 1.0
16:53:51.0558 0x1f20  Product type: Workstation
16:53:51.0558 0x1f20  ComputerName: HOLGI-PC
16:53:51.0558 0x1f20  UserName: Holgi
16:53:51.0558 0x1f20  Windows directory: C:\Windows
16:53:51.0558 0x1f20  System windows directory: C:\Windows
16:53:51.0558 0x1f20  Running under WOW64
16:53:51.0558 0x1f20  Processor architecture: Intel x64
16:53:51.0558 0x1f20  Number of processors: 8
16:53:51.0558 0x1f20  Page size: 0x1000
16:53:51.0558 0x1f20  Boot type: Normal boot
16:53:51.0558 0x1f20  ============================================================
16:53:52.0051 0x1f20  KLMD registered as C:\Windows\system32\drivers\95615863.sys
16:53:52.0465 0x1f20  System UUID: {D726E359-B4DF-C402-B43B-08F3268D000E}
16:53:53.0411 0x1f20  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:53:53.0450 0x1f20  ============================================================
16:53:53.0450 0x1f20  \Device\Harddisk0\DR0:
16:53:53.0450 0x1f20  MBR partitions:
16:53:53.0450 0x1f20  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
16:53:53.0450 0x1f20  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x48AF80EB
16:53:53.0450 0x1f20  ============================================================
16:53:53.0815 0x1f20  C: <-> \Device\Harddisk0\DR0\Partition2
16:53:53.0815 0x1f20  ============================================================
16:53:53.0815 0x1f20  Initialize success
16:53:53.0815 0x1f20  ============================================================
16:54:37.0813 0x2354  ============================================================
16:54:37.0813 0x2354  Scan started
16:54:37.0813 0x2354  Mode: Manual; SigCheck; TDLFS; 
16:54:37.0813 0x2354  ============================================================
16:54:37.0813 0x2354  KSN ping started
16:54:40.0253 0x2354  KSN ping finished: true
16:54:41.0864 0x2354  ================ Scan system memory ========================
16:54:41.0864 0x2354  System memory - ok
16:54:41.0865 0x2354  ================ Scan services =============================
16:54:42.0558 0x2354  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:54:42.0777 0x2354  1394ohci - ok
16:54:42.0835 0x2354  [ 7A505465BBB1EB8B5AD4D76E8749383B, 999FBBFAF8CCF68D8B7EB5C4F23A5FC00F911FDD0ED192BE9C51F1BC4BE0EA51 ] Acceler         C:\Windows\system32\DRIVERS\Accelern.sys
16:54:42.0896 0x2354  Acceler - ok
16:54:42.0966 0x2354  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:54:43.0026 0x2354  ACPI - ok
16:54:43.0051 0x2354  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:54:43.0136 0x2354  AcpiPmi - ok
16:54:43.0464 0x2354  [ 249386D5903657326265C996B32A0EDB, AE0BCB06FB96B0CF50D5D6ED8F08E7AF333775911CABF828BFAA8FF5724310F8 ] AcrSch2Svc      C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
16:54:43.0508 0x2354  AcrSch2Svc - ok
16:54:43.0562 0x2354  [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:54:43.0578 0x2354  AdobeARMservice - ok
16:54:43.0622 0x2354  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:54:43.0665 0x2354  adp94xx - ok
16:54:43.0732 0x2354  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:54:43.0836 0x2354  adpahci - ok
16:54:43.0876 0x2354  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:54:43.0933 0x2354  adpu320 - ok
16:54:43.0977 0x2354  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:54:44.0117 0x2354  AeLookupSvc - ok
16:54:44.0239 0x2354  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
16:54:44.0253 0x2354  AERTFilters - ok
16:54:44.0290 0x2354  [ AE1FCE2CD1E99BEA89183BA8CD320872, 96F14BCA0C2479F39A5027A71922907D0F35CAD8E9A5037674DF7995BBDB2B51 ] afcdp           C:\Windows\system32\DRIVERS\afcdp.sys
16:54:44.0351 0x2354  afcdp - ok
16:54:44.0517 0x2354  [ AF44F7E027037628F1FAC3C13CDE73E6, 56A95EBF2241C275FD401487C5F0E86859F8637D8B1BD01B7157EE9BC22B1907 ] afcdpsrv        C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
16:54:44.0656 0x2354  afcdpsrv - ok
16:54:44.0724 0x2354  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
16:54:44.0802 0x2354  AFD - ok
16:54:44.0858 0x2354  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
16:54:44.0894 0x2354  agp440 - ok
16:54:44.0951 0x2354  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
16:54:45.0036 0x2354  ALG - ok
16:54:45.0103 0x2354  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:54:45.0176 0x2354  aliide - ok
16:54:45.0442 0x2354  ALSysIO - ok
16:54:45.0468 0x2354  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:54:45.0494 0x2354  amdide - ok
16:54:45.0523 0x2354  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:54:45.0631 0x2354  AmdK8 - ok
16:54:45.0662 0x2354  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
16:54:45.0722 0x2354  AmdPPM - ok
16:54:45.0763 0x2354  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:54:45.0850 0x2354  amdsata - ok
16:54:45.0872 0x2354  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:54:45.0904 0x2354  amdsbs - ok
16:54:45.0923 0x2354  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:54:45.0953 0x2354  amdxata - ok
16:54:46.0001 0x2354  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\Windows\system32\drivers\appid.sys
16:54:46.0085 0x2354  AppID - ok
16:54:46.0136 0x2354  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:54:46.0174 0x2354  AppIDSvc - ok
16:54:46.0234 0x2354  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
16:54:46.0253 0x2354  Appinfo - ok
16:54:46.0273 0x2354  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
16:54:46.0300 0x2354  arc - ok
16:54:46.0322 0x2354  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:54:46.0405 0x2354  arcsas - ok
16:54:46.0697 0x2354  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:54:46.0731 0x2354  aspnet_state - ok
16:54:46.0782 0x2354  [ 30E7D7B63BE378C6DCD31434E1C5EBEB, 6F38FBD6B45506E57D4EC6C84C83F0829F280167E14B65643F583B41AA23C18B ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
16:54:46.0808 0x2354  aswHwid - ok
16:54:46.0840 0x2354  [ 6C3B7781075271AD9DFBD77BC7FBB9F7, AC53FD0EE1D7695219225440D3922EEF0B953F45F0ED3034CF5F1630A6B40607 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
16:54:46.0899 0x2354  aswMonFlt - ok
16:54:46.0953 0x2354  [ 3C04B80B49697EB7DFE5FA43620F8728, 4BC11901898348318BA807938BEA888BC54FE80ADA17C209C728F14EA4E91F21 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
16:54:46.0981 0x2354  aswRdr - ok
16:54:47.0029 0x2354  [ AA8CB23B3B4A4B16F49CB54CA04FE0D9, A94D214B43EDAEC52656EA36C2A830E76C40B90E8F4BABEF4F16BA679A429586 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
16:54:47.0093 0x2354  aswRvrt - ok
16:54:47.0166 0x2354  [ 67BD1554B7B9643A95C018DEC38F8C82, CE34F380A5B1A16DA7A6F3EC3079BF7750FA6D198531452CD47C4C02154F0F6B ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
16:54:47.0273 0x2354  aswSnx - ok
16:54:47.0341 0x2354  [ 7A2A9AE27A2411FA23C9616887CEE200, D6E0468C42E3AB73A8E7465856DB6CB26E7F8E9E1C4EB9C374FD089193FB5FCC ] aswSP           C:\Windows\system32\drivers\aswSP.sys
16:54:47.0373 0x2354  aswSP - ok
16:54:47.0413 0x2354  [ 0652346DF90731A87E4C7C9A9C45A8E0, 38B8A760B532254A8CB2FD6B922269A1B96BB5E5F243D130B4BBD09ED50DEDB8 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
16:54:47.0446 0x2354  aswStm - ok
16:54:47.0478 0x2354  [ 54230972D23E6E4D034D7CB577DC784C, 7F51E81CBAFB143982AF2C68675CF0D46DD17A9A17A8805EBF628FAE84DFF8A9 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
16:54:47.0513 0x2354  aswVmm - ok
16:54:47.0549 0x2354  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:54:47.0597 0x2354  AsyncMac - ok
16:54:47.0666 0x2354  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:54:47.0715 0x2354  atapi - ok
16:54:47.0758 0x2354  [ B4BDE3F758A34658A37DFED3D9783CD8, BC9F6B9BDD639457894DE0F596AB3A655374E078796762FE5E8E5414F0481208 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
16:54:47.0809 0x2354  atksgt - ok
16:54:47.0918 0x2354  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:54:47.0962 0x2354  AudioEndpointBuilder - ok
16:54:47.0987 0x2354  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:54:48.0021 0x2354  AudioSrv - ok
16:54:48.0206 0x2354  [ 11120878E5276B367E1A10FF8C9B595B, 7C02EEF3733307C31BAC4DA9975EC017AC40D0893D88228C30FFAA536DAA73FB ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:54:48.0238 0x2354  avast! Antivirus - ok
16:54:48.0802 0x2354  [ CF5F47B708C539A40EBBDD7E4675FADA, F324726EB8E5B5A3DB74DC7E78B7141999E2677F1B607D6DEF809C1DA92D4A68 ] AvastVBoxSvc    C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
16:54:48.0948 0x2354  AvastVBoxSvc - ok
16:54:49.0013 0x2354  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:54:49.0106 0x2354  AxInstSV - ok
16:54:49.0194 0x2354  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
16:54:49.0309 0x2354  b06bdrv - ok
16:54:49.0355 0x2354  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:54:49.0510 0x2354  b57nd60a - ok
16:54:49.0565 0x2354  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:54:49.0584 0x2354  BDESVC - ok
16:54:49.0609 0x2354  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:54:49.0655 0x2354  Beep - ok
16:54:49.0709 0x2354  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
16:54:49.0801 0x2354  BFE - ok
16:54:49.0870 0x2354  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
16:54:50.0056 0x2354  BITS - ok
16:54:50.0087 0x2354  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:54:50.0116 0x2354  blbdrive - ok
16:54:50.0136 0x2354  [ 057F482CFDB57E75202E2E37795F2D3B, EC0B9A058E67F19F9660D899022433BF1AE241CDEB8256A0FC2F54EEEA9BE3A9 ] BMLoad          C:\Windows\system32\drivers\BMLoad.sys
16:54:50.0179 0x2354  BMLoad - detected UnsignedFile.Multi.Generic ( 1 )
16:54:52.0523 0x2354  Detect skipped due to KSN trusted
16:54:52.0523 0x2354  BMLoad - ok
16:54:52.0588 0x2354  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:54:52.0680 0x2354  bowser - ok
16:54:52.0730 0x2354  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
16:54:52.0803 0x2354  BrFiltLo - ok
16:54:52.0830 0x2354  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
16:54:52.0889 0x2354  BrFiltUp - ok
16:54:52.0939 0x2354  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
16:54:52.0990 0x2354  Browser - ok
16:54:53.0127 0x2354  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:54:53.0226 0x2354  Brserid - ok
16:54:53.0239 0x2354  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:54:53.0312 0x2354  BrSerWdm - ok
16:54:53.0342 0x2354  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:54:53.0422 0x2354  BrUsbMdm - ok
16:54:53.0442 0x2354  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:54:53.0517 0x2354  BrUsbSer - ok
16:54:53.0543 0x2354  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
16:54:53.0622 0x2354  BTHMODEM - ok
16:54:53.0680 0x2354  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
16:54:53.0726 0x2354  bthserv - ok
16:54:53.0741 0x2354  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:54:53.0793 0x2354  cdfs - ok
16:54:53.0887 0x2354  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:54:54.0008 0x2354  cdrom - ok
16:54:54.0048 0x2354  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:54:54.0086 0x2354  CertPropSvc - ok
16:54:54.0112 0x2354  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
16:54:54.0146 0x2354  circlass - ok
16:54:54.0196 0x2354  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
16:54:54.0263 0x2354  CLFS - ok
16:54:54.0489 0x2354  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:54:54.0506 0x2354  clr_optimization_v2.0.50727_32 - ok
16:54:54.0579 0x2354  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:54:54.0597 0x2354  clr_optimization_v2.0.50727_64 - ok
16:54:54.0688 0x2354  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:54:54.0708 0x2354  clr_optimization_v4.0.30319_32 - ok
16:54:54.0743 0x2354  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:54:54.0763 0x2354  clr_optimization_v4.0.30319_64 - ok
16:54:54.0866 0x2354  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
16:54:54.0941 0x2354  CmBatt - ok
16:54:55.0002 0x2354  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:54:55.0076 0x2354  cmdide - ok
16:54:55.0249 0x2354  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
16:54:55.0302 0x2354  CNG - ok
16:54:55.0333 0x2354  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
16:54:55.0359 0x2354  Compbatt - ok
16:54:55.0377 0x2354  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
16:54:55.0433 0x2354  CompositeBus - ok
16:54:55.0457 0x2354  COMSysApp - ok
16:54:55.0487 0x2354  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:54:55.0512 0x2354  crcdisk - ok
16:54:55.0621 0x2354  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:54:55.0668 0x2354  CryptSvc - ok
16:54:55.0703 0x2354  [ FBE228ABEAB2BE13B9C3A3A112D4D8DC, A9FF2DC38CBE00AAD904BB7EC74480953D513E46FDE607A7773FF5A2A25B8C15 ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
16:54:55.0760 0x2354  CtClsFlt - ok
16:54:55.0828 0x2354  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:54:55.0909 0x2354  DcomLaunch - ok
16:54:56.0151 0x2354  [ 3B604417EBAE4E1E66E6ABD8CC55FD76, 996C0C32A4F76E675909FBD48EA2EE296041271F26ABB339E05EDD272CB876DC ] DCService.exe   C:\ProgramData\DatacardService\DCService.exe
16:54:56.0189 0x2354  DCService.exe - detected UnsignedFile.Multi.Generic ( 1 )
16:54:58.0563 0x2354  Detect skipped due to KSN trusted
16:54:58.0563 0x2354  DCService.exe - ok
16:54:58.0625 0x2354  [ 3802CBF4BDDE6F99974B27EE1782E5F9, 51562209E16A1C0247D73D7BFC8827AE4A2E57AF11350379A8FBA1EC44E56E54 ] DDDriver        C:\Windows\system32\drivers\DDDriver64Dcsa.sys
16:54:58.0687 0x2354  DDDriver - ok
16:54:58.0719 0x2354  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
16:54:58.0797 0x2354  defragsvc - ok
16:54:59.0093 0x2354  [ A5EF2FD6F37F1D52E5164FDCB71B92E1, 9E456E75B3E18446F7211C1D2A5505F77703515108A712DA7998E21407B7CC15 ] DellDataVault   C:\Program Files\Dell\DellDataVault\DellDataVault.exe
16:54:59.0187 0x2354  DellDataVault - ok
16:54:59.0249 0x2354  [ 1E4C17073DBAD618FA63DEFC74E481BE, EC8FEA5E164CC972C5FF933A3FC350797B52A9010083E9D69133A7D6108483D3 ] DellDataVaultWiz C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
16:54:59.0265 0x2354  DellDataVaultWiz - ok
16:54:59.0296 0x2354  [ DC3BD578642252FD9569B9CD75CEF81E, 63F44BC19389C19BA9F9E974BF2E5236AF7F66D9076943B9CF46775264BBE413 ] DellProf        C:\Windows\system32\drivers\DellProf.sys
16:54:59.0358 0x2354  DellProf - ok
16:54:59.0405 0x2354  [ 44C694C2B542DB3CDAEBDB1FF3233F4D, 888CA6F60ECF508DE4D414FCAB680BC7A103237701D47840552F6CCA64FF7176 ] DellUpdate      C:\Program Files (x86)\Dell Update\DellUpService.exe
16:54:59.0436 0x2354  DellUpdate - ok
16:54:59.0467 0x2354  [ 3802CBF4BDDE6F99974B27EE1782E5F9, 51562209E16A1C0247D73D7BFC8827AE4A2E57AF11350379A8FBA1EC44E56E54 ] DellWAL         C:\Program Files\Dell\DellDataVault\DDDriver64Dcsa.sys
16:54:59.0499 0x2354  DellWAL - ok
16:54:59.0530 0x2354  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:54:59.0639 0x2354  DfsC - ok
16:54:59.0717 0x2354  [ 30710AEFCE721CEEE0F35EB6A01C263C, FB062EC86474D38BBC38E11E2618A9505001C287430B495C482977BBE58017C8 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
16:54:59.0748 0x2354  dg_ssudbus - ok
16:54:59.0795 0x2354  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:54:59.0857 0x2354  Dhcp - ok
16:54:59.0951 0x2354  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
16:55:00.0029 0x2354  DiagTrack - ok
16:55:00.0107 0x2354  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
16:55:00.0279 0x2354  discache - ok
16:55:00.0310 0x2354  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
16:55:00.0341 0x2354  Disk - ok
16:55:00.0372 0x2354  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:55:00.0403 0x2354  Dnscache - ok
16:55:00.0481 0x2354  [ 0840ABBBDF438691EE65A20040635CBE, F83597ECECFADBA45242B683A19A01ADF84203B016301B64530C7BE8234175E8 ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
16:55:00.0481 0x2354  DockLoginService - detected UnsignedFile.Multi.Generic ( 1 )
16:55:02.0868 0x2354  Detect skipped due to KSN trusted
16:55:02.0868 0x2354  DockLoginService - ok
16:55:02.0915 0x2354  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:55:03.0024 0x2354  dot3svc - ok
16:55:03.0071 0x2354  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
16:55:03.0149 0x2354  DPS - ok
16:55:03.0196 0x2354  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:55:03.0258 0x2354  drmkaud - ok
16:55:03.0305 0x2354  [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
16:55:03.0367 0x2354  dtsoftbus01 - ok
16:55:03.0695 0x2354  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:55:03.0773 0x2354  DXGKrnl - ok
16:55:03.0789 0x2354  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
16:55:03.0835 0x2354  EapHost - ok
16:55:04.0194 0x2354  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
16:55:04.0459 0x2354  ebdrv - ok
16:55:04.0553 0x2354  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] EFS             C:\Windows\System32\lsass.exe
16:55:04.0600 0x2354  EFS - ok
16:55:04.0725 0x2354  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:55:04.0849 0x2354  ehRecvr - ok
16:55:05.0021 0x2354  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
16:55:05.0052 0x2354  ehSched - ok
16:55:05.0115 0x2354  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:55:05.0193 0x2354  elxstor - ok
16:55:05.0208 0x21a4  Object required for P2P: [ 11120878E5276B367E1A10FF8C9B595B ] avast! Antivirus
16:55:05.0255 0x2354  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:55:05.0317 0x2354  ErrDev - ok
16:55:05.0395 0x2354  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
16:55:05.0489 0x2354  EventSystem - ok
16:55:05.0957 0x2354  [ 9D78D6D795393291029A587D25F65949, 76570673AA788A8F725EDA2A7B991F8E12D66ADE5F12E38D87E85C5E6CCD140E ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
16:55:05.0988 0x2354  EvtEng - ok
16:55:06.0019 0x2354  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:55:06.0097 0x2354  exfat - ok
16:55:06.0129 0x2354  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:55:06.0222 0x2354  fastfat - ok
16:55:06.0316 0x2354  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
16:55:06.0378 0x2354  Fax - ok
16:55:06.0409 0x2354  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
16:55:06.0441 0x2354  fdc - ok
16:55:06.0456 0x2354  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
16:55:06.0534 0x2354  fdPHost - ok
16:55:06.0550 0x2354  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:55:06.0597 0x2354  FDResPub - ok
16:55:06.0612 0x2354  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:55:06.0659 0x2354  FileInfo - ok
16:55:06.0690 0x2354  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:55:06.0768 0x2354  Filetrace - ok
16:55:06.0784 0x2354  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
16:55:06.0815 0x2354  flpydisk - ok
16:55:06.0846 0x2354  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:55:06.0877 0x2354  FltMgr - ok
16:55:07.0205 0x2354  [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache       C:\Windows\system32\FntCache.dll
16:55:07.0252 0x2354  FontCache - ok
16:55:07.0330 0x2354  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:55:07.0345 0x2354  FontCache3.0.0.0 - ok
16:55:07.0361 0x2354  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:55:07.0392 0x2354  FsDepends - ok
16:55:07.0439 0x2354  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:55:07.0455 0x2354  Fs_Rec - ok
16:55:07.0501 0x2354  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:55:07.0548 0x2354  fvevol - ok
16:55:07.0611 0x2354  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:55:07.0642 0x2354  gagp30kx - ok
16:55:07.0704 0x2354  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:55:07.0767 0x21a4  Object send P2P result: true
16:55:07.0813 0x2354  gpsvc - ok
16:55:07.0876 0x2354  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:55:07.0907 0x2354  hcw85cir - ok
16:55:07.0923 0x2354  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:55:07.0985 0x2354  HDAudBus - ok
16:55:08.0032 0x2354  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
16:55:08.0125 0x2354  HECIx64 - ok
16:55:08.0141 0x2354  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
16:55:08.0219 0x2354  HidBatt - ok
16:55:08.0235 0x2354  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
16:55:08.0266 0x2354  HidBth - ok
16:55:08.0297 0x2354  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
16:55:08.0375 0x2354  HidIr - ok
16:55:08.0406 0x2354  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
16:55:08.0453 0x2354  hidserv - ok
16:55:08.0531 0x2354  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:55:08.0562 0x2354  HidUsb - ok
16:55:08.0625 0x2354  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:55:08.0656 0x2354  hkmsvc - ok
16:55:08.0671 0x2354  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:55:08.0718 0x2354  HomeGroupListener - ok
16:55:08.0843 0x2354  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:55:08.0890 0x2354  HomeGroupProvider - ok
16:55:08.0952 0x2354  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:55:08.0983 0x2354  HpSAMD - ok
16:55:09.0139 0x2354  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:55:09.0217 0x2354  HTTP - ok
16:55:09.0280 0x2354  [ D969D0E26C5B1E813B17066A8318D5D4, 27308902D216CD38F40B9341F40AFDCFEC09EA3122FB88E7C7A5C42D0433315D ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
16:55:09.0327 0x2354  hwdatacard - ok
16:55:09.0358 0x2354  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:55:09.0405 0x2354  hwpolicy - ok
16:55:09.0483 0x2354  [ B45B3647BA32749B94FA689175EC8C26, F0876ECA6FA66A296DB7E11FA9E4094D96064AE87EC21CC752C9B7E6A7DFEDD2 ] hwusbdev        C:\Windows\system32\DRIVERS\ewusbdev.sys
16:55:09.0514 0x2354  hwusbdev - ok
16:55:09.0529 0x2354  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
16:55:09.0561 0x2354  i8042prt - ok
16:55:09.0607 0x2354  [ ABBF174CB394F5C437410A788B7E404A, 95554F675329E7062F0936E4E902FEFF2456CAD95D6C9B60DCC213EF6E4C62D8 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
16:55:09.0654 0x2354  iaStor - ok
16:55:09.0779 0x2354  [ 31A0E93CDF29007D6C6FFFB632F375ED, CA464928E9868B9A09C324DBBC8DA41A01C5C486B43578FC695250D523DE555B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:55:09.0810 0x2354  IAStorDataMgrSvc - ok
16:55:09.0873 0x2354  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:55:09.0951 0x2354  iaStorV - ok
16:55:10.0075 0x2354  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:55:10.0122 0x2354  idsvc - ok
16:55:10.0122 0x2354  IEEtwCollectorService - ok
16:55:10.0309 0x2354  [ D9394477A0F7EC7B89D9333FF735802F, D656E718BD2D92F8BC6277D09FC34FF3144C4A80DBBCDCA7537AFF4E7447E0DD ] ihpmServer      C:\Program Files (x86)\RayDld\ihpmServer.exe
16:55:10.0356 0x2354  ihpmServer - ok
16:55:10.0387 0x2354  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:55:10.0699 0x2354  iirsp - ok
16:55:10.0840 0x2354  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
16:55:10.0933 0x2354  IKEEXT - ok
16:55:11.0729 0x2354  [ CC279B89A16615B8DD13422544F6B478, DFC6AF05670CA79D8CC2C89FB5FBD8EECC4FB159CD8EFE422F06BE2A272608B6 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:55:11.0947 0x2354  IntcAzAudAddService - ok
16:55:11.0979 0x2354  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:55:12.0057 0x2354  intelide - ok
16:55:12.0166 0x2354  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:55:12.0244 0x2354  intelppm - ok
16:55:12.0306 0x2354  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:55:12.0337 0x2354  IPBusEnum - ok
16:55:12.0369 0x2354  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:55:12.0415 0x2354  IpFilterDriver - ok
16:55:12.0556 0x2354  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:55:12.0634 0x2354  iphlpsvc - ok
16:55:12.0665 0x2354  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:55:12.0743 0x2354  IPMIDRV - ok
16:55:12.0774 0x2354  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:55:12.0852 0x2354  IPNAT - ok
16:55:12.0883 0x2354  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:55:12.0946 0x2354  IRENUM - ok
16:55:12.0961 0x2354  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:55:13.0086 0x2354  isapnp - ok
16:55:13.0133 0x2354  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:55:13.0242 0x2354  iScsiPrt - ok
16:55:13.0336 0x2354  [ 3926C8C55A2CD2C94888BE39B4BEB629, 75777C6EBC1D415248B84C19895F2BDF5AAFC1511CEF6A0ABE14540D7E1151B5 ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
16:55:13.0383 0x2354  JMCR - ok
16:55:13.0414 0x2354  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:55:13.0445 0x2354  kbdclass - ok
16:55:13.0476 0x2354  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
16:55:13.0507 0x2354  kbdhid - ok
16:55:13.0523 0x2354  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] KeyIso          C:\Windows\system32\lsass.exe
16:55:13.0539 0x2354  KeyIso - ok
16:55:13.0585 0x2354  [ 3A8C03156C3E31E70EF84E48CA179B46, E25E43D53BB6EE1B5F34C95B4FAD111B37A36367B8D047B10FC614DEE13658E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:55:13.0617 0x2354  KSecDD - ok
16:55:13.0648 0x2354  [ C6330F7C2E92A00E6773E82F79078AFC, D8B851BF4FCE85F2A269F0B46BC7EC5A118FCFDACE8460E7B54C1A7CE306774A ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:55:13.0695 0x2354  KSecPkg - ok
16:55:13.0710 0x2354  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:55:13.0773 0x2354  ksthunk - ok
16:55:13.0851 0x2354  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:55:13.0897 0x2354  KtmRm - ok
16:55:13.0975 0x2354  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:55:14.0022 0x2354  LanmanServer - ok
16:55:14.0053 0x2354  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:55:14.0100 0x2354  LanmanWorkstation - ok
16:55:14.0147 0x2354  [ 955982BF4421B77722196552B62E8DC2, 3732449ACDBB78E1ED8436DF153C899C28573F458FDCFE345DFA1B305D085033 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
16:55:14.0241 0x2354  lirsgt - ok
16:55:14.0287 0x2354  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:55:14.0412 0x2354  lltdio - ok
16:55:14.0537 0x2354  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:55:14.0599 0x2354  lltdsvc - ok
16:55:14.0662 0x2354  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:55:14.0709 0x2354  lmhosts - ok
16:55:14.0818 0x2354  [ 23D990150D56B670A62B21B9ABDD45EE, BB9DBC0D02474976420321162C3AB1FDF975FA0494B1030488B03BC98A65F888 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:55:14.0849 0x2354  LMS - ok
16:55:14.0911 0x2354  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:55:14.0974 0x2354  LSI_FC - ok
16:55:15.0005 0x2354  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:55:15.0036 0x2354  LSI_SAS - ok
16:55:15.0067 0x2354  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
16:55:15.0114 0x2354  LSI_SAS2 - ok
16:55:15.0145 0x2354  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:55:15.0192 0x2354  LSI_SCSI - ok
16:55:15.0223 0x2354  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:55:15.0301 0x2354  luafv - ok
16:55:15.0348 0x2354  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
16:55:15.0379 0x2354  MBAMProtector - ok
16:55:15.0660 0x2354  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
16:55:15.0707 0x2354  MBAMService - ok
16:55:15.0723 0x2354  [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
16:55:15.0754 0x2354  MBAMWebAccessControl - ok
16:55:15.0816 0x2354  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:55:15.0832 0x2354  Mcx2Svc - ok
16:55:15.0879 0x2354  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
16:55:15.0925 0x2354  megasas - ok
16:55:15.0972 0x2354  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
16:55:16.0003 0x2354  MegaSR - ok
16:55:16.0035 0x2354  [ D70476AD02D6FD75282B196D3B58831D, F93565261EC57F43445C082DBCE5CE0D4B121A5C34B818A09AB5B311457588FD ] MEMSWEEP2       C:\Windows\system32\DAFB.tmp
16:55:16.0081 0x2354  MEMSWEEP2 - detected UnsignedFile.Multi.Generic ( 1 )
16:55:18.0468 0x2354  Detect skipped due to KSN trusted
16:55:18.0468 0x2354  MEMSWEEP2 - ok
16:55:18.0546 0x2354  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
16:55:18.0609 0x2354  MMCSS - ok
16:55:18.0671 0x2354  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
16:55:18.0733 0x2354  Modem - ok
16:55:18.0765 0x2354  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:55:18.0811 0x2354  monitor - ok
16:55:18.0843 0x2354  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:55:18.0874 0x2354  mouclass - ok
16:55:18.0905 0x2354  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:55:18.0999 0x2354  mouhid - ok
16:55:19.0045 0x2354  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:55:19.0077 0x2354  mountmgr - ok
16:55:19.0123 0x2354  [ C34AB4280614658903BE848CE79ACDB5, 9A943D9B3CF941DAE4EA4E2771B5EC5DA37AB16AD43095EF092B4259D62FF810 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:55:19.0139 0x2354  MozillaMaintenance - ok
16:55:19.0186 0x2354  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:55:19.0217 0x2354  mpio - ok
16:55:19.0233 0x2354  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:55:19.0311 0x2354  mpsdrv - ok
16:55:19.0513 0x2354  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:55:19.0560 0x2354  MpsSvc - ok
16:55:19.0591 0x2354  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:55:19.0654 0x2354  MRxDAV - ok
16:55:19.0685 0x2354  [ ACB6782973BD93760D597FC7BB37E692, 9B6EC2858D236DCE61FD5E0247F4D947A5DC484C9C0AABFDAF8270ABA392E787 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:55:19.0763 0x2354  mrxsmb - ok
16:55:19.0794 0x2354  [ 262BF7BB7D0E44CFAA9B12A1E0A6EDF1, CCC3A4CE929C7C8B07C1038BBE8425590CE14F5C37E1D5608978A3AD2F41519C ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:55:19.0825 0x2354  mrxsmb10 - ok
16:55:19.0841 0x2354  [ 8C0376974AA28398FF501E78C04ACB30, 81CE67BE933F67F760A72BF9B581F33BC151D98970765FE4425450A2EF450409 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:55:19.0872 0x2354  mrxsmb20 - ok
16:55:19.0919 0x2354  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:55:19.0981 0x2354  msahci - ok
16:55:20.0013 0x2354  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:55:20.0044 0x2354  msdsm - ok
16:55:20.0059 0x2354  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
16:55:20.0075 0x2354  MSDTC - ok
16:55:20.0122 0x2354  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:55:20.0231 0x2354  Msfs - ok
16:55:20.0247 0x2354  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:55:20.0309 0x2354  mshidkmdf - ok
16:55:20.0340 0x2354  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:55:20.0371 0x2354  msisadrv - ok
16:55:20.0418 0x2354  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:55:20.0481 0x2354  MSiSCSI - ok
16:55:20.0481 0x2354  msiserver - ok
16:55:20.0543 0x2354  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:55:20.0590 0x2354  MSKSSRV - ok
16:55:20.0605 0x2354  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:55:20.0637 0x2354  MSPCLOCK - ok
16:55:20.0668 0x2354  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:55:20.0715 0x2354  MSPQM - ok
16:55:20.0746 0x2354  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:55:20.0777 0x2354  MsRPC - ok
16:55:20.0793 0x2354  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
16:55:20.0808 0x2354  mssmbios - ok
16:55:20.0839 0x2354  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:55:20.0886 0x2354  MSTEE - ok
16:55:20.0902 0x2354  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
16:55:20.0949 0x2354  MTConfig - ok
16:55:20.0980 0x2354  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
16:55:20.0995 0x2354  Mup - ok
16:55:21.0042 0x2354  [ D7817027F42377B94F53A8F9CDF6A3D3, F7A707E383732A1F6283F0C79591C7D4CC32EAA58F071E7E930E57AC820F55D5 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
16:55:21.0058 0x2354  MyWiFiDHCPDNS - ok
16:55:21.0120 0x2354  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
16:55:21.0167 0x2354  napagent - ok
16:55:21.0198 0x2354  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:55:21.0292 0x2354  NativeWifiP - ok
16:55:21.0370 0x2354  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:55:21.0463 0x2354  NDIS - ok
16:55:21.0495 0x2354  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:55:21.0557 0x2354  NdisCap - ok
16:55:21.0588 0x2354  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:55:21.0635 0x2354  NdisTapi - ok
16:55:21.0651 0x2354  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:55:21.0697 0x2354  Ndisuio - ok
16:55:21.0729 0x2354  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:55:21.0822 0x2354  NdisWan - ok
16:55:21.0853 0x2354  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:55:21.0931 0x2354  NDProxy - ok
16:55:21.0947 0x2354  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:55:22.0009 0x2354  NetBIOS - ok
16:55:22.0041 0x2354  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:55:22.0087 0x2354  NetBT - ok
16:55:22.0103 0x2354  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] Netlogon        C:\Windows\system32\lsass.exe
16:55:22.0119 0x2354  Netlogon - ok
16:55:22.0181 0x2354  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
16:55:22.0228 0x2354  Netman - ok
16:55:22.0243 0x2354  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:55:22.0275 0x2354  NetMsmqActivator - ok
16:55:22.0275 0x2354  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:55:22.0306 0x2354  NetPipeActivator - ok
16:55:22.0337 0x2354  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
16:55:22.0415 0x2354  netprofm - ok
16:55:22.0415 0x2354  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:55:22.0446 0x2354  NetTcpActivator - ok
16:55:22.0446 0x2354  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:55:22.0462 0x2354  NetTcpPortSharing - ok
16:55:22.0821 0x2354  [ 18555F48844C2861D9DCE8F2B7223AE5, 35F8C0DFCF14780F86AD9A476A7AE22A98589B27ED9C7E109945CBBD227E6E2B ] NETw5s64        C:\Windows\system32\DRIVERS\NETw5s64.sys
16:55:23.0195 0x2354  NETw5s64 - detected UnsignedFile.Multi.Generic ( 1 )
16:55:25.0582 0x2354  Detect skipped due to KSN trusted
16:55:25.0582 0x2354  NETw5s64 - ok
16:55:26.0081 0x2354  [ DB8B323B4F2B46B32ECD2BAE7955E4AA, 89BC9F951B08A8566837DF442C95842061B921B79102A8AD2245783717355B34 ] NETwNs64        C:\Windows\system32\DRIVERS\NETwsw00.sys
16:55:26.0674 0x2354  NETwNs64 - ok
16:55:26.0877 0x2354  [ 82FFC84EC3AFC2F2D38DB880F50157C0, 4D37A44A5BBD3ECA2B29FE8565FC5840093E5BB41D197BEDA406BCE4A7C3479A ] Netzmanager Service C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
16:55:26.0970 0x2354  Netzmanager Service - detected UnsignedFile.Multi.Generic ( 1 )
16:55:29.0357 0x2354  Detect skipped due to KSN trusted
16:55:29.0357 0x2354  Netzmanager Service - ok
16:55:29.0419 0x2354  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:55:29.0451 0x2354  nfrd960 - ok
16:55:29.0482 0x2354  [ 8AED7DEF1F9659C911E1B1C9DD3CE8CD, 3ECFF30C8D8E7CF4514055F4E63B36C900EF104ECC75F804B11AF6307874153B ] ngvss           C:\Windows\system32\drivers\ngvss.sys
16:55:29.0513 0x2354  ngvss - ok
16:55:29.0560 0x2354  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:55:29.0622 0x2354  NlaSvc - ok
16:55:29.0638 0x2354  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:55:29.0685 0x2354  Npfs - ok
16:55:29.0731 0x2354  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
16:55:29.0794 0x2354  nsi - ok
16:55:29.0809 0x2354  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:55:29.0887 0x2354  nsiproxy - ok
16:55:30.0075 0x2354  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:55:30.0168 0x2354  Ntfs - ok
16:55:30.0199 0x2354  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
16:55:30.0262 0x2354  Null - ok
16:55:30.0309 0x2354  [ 0EBC9D13CD96C15B1B18D8678A609E4B, B10896DE16B0C102DFB3E73A6C11A1982C5B428015DAE1F8776BCEF94A0F75C6 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
16:55:30.0355 0x2354  nusb3hub - ok
16:55:30.0433 0x2354  [ 7BDEC000D56D485021D9C1E63C2F81CA, 7F1303FD0371AF8715BFC38433B730C797170AEF10C7DB845B7B547DA8DBB5D5 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
16:55:30.0465 0x2354  nusb3xhc - ok
16:55:30.0589 0x2354  [ 554964B900AE2954B8B589B6287034AC, C6C9EA3ADAFEBBF2AF944E4A0656BD795AD37706008CC0CA3F2150BD709476E7 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
16:55:30.0636 0x2354  NVHDA - ok
16:55:31.0057 0x2354  [ F554291C0A11F5B713B54C5886D4AA31, 65B7DF4BB3DFF616DC2C863988E30F901E14221C00E2A99A2079E19D91D93BAE ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:55:31.0619 0x2354  nvlddmkm - ok
16:55:31.0681 0x2354  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:55:31.0713 0x2354  nvraid - ok
16:55:31.0728 0x2354  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:55:31.0759 0x2354  nvstor - ok
16:55:31.0853 0x2354  [ 8E99BF264C1F20934A67E91BC9F4FB20, 89AA8823B751F4CEF4E862F1270E7EFDA81A6E5D9C5F72625CBF83C70B312353 ] nvsvc           C:\Windows\system32\nvvsvc.exe
16:55:31.0900 0x2354  nvsvc - ok
16:55:31.0915 0x2354  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:55:31.0947 0x2354  nv_agp - ok
16:55:32.0056 0x2354  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:55:32.0087 0x2354  odserv - ok
16:55:32.0118 0x2354  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:55:32.0196 0x2354  ohci1394 - ok
16:55:32.0337 0x2354  [ 2BA1E814DCBCDB16CDA4B18A0417F88F, 1A9D41092395786B94926652A4C0E36AFD35CB840D086999339410079451636E ] OpenVPNService  C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe
16:55:32.0352 0x2354  OpenVPNService - ok
16:55:32.0415 0x2354  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:55:32.0430 0x2354  ose - ok
16:55:32.0477 0x2354  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:55:32.0539 0x2354  p2pimsvc - ok
16:55:32.0571 0x2354  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
16:55:32.0617 0x2354  p2psvc - ok
16:55:32.0649 0x2354  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
16:55:32.0695 0x2354  Parport - ok
16:55:32.0727 0x2354  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:55:32.0758 0x2354  partmgr - ok
16:55:32.0789 0x2354  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:55:32.0820 0x2354  PcaSvc - ok
16:55:32.0867 0x2354  [ BC0018C2D29F655188A0ED3FA94FDB24, BCF7F2CA5E30F569AEB69049BA3C196982C72EA7264CFBA59D7123041BA96E5A ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
16:55:32.0898 0x2354  pccsmcfd - ok
16:55:32.0945 0x2354  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
16:55:32.0976 0x2354  pci - ok
16:55:33.0007 0x2354  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:55:33.0085 0x2354  pciide - ok
16:55:33.0148 0x2354  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:55:33.0179 0x2354  pcmcia - ok
16:55:33.0195 0x2354  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:55:33.0210 0x2354  pcw - ok
16:55:33.0273 0x2354  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:55:33.0335 0x2354  PEAUTH - ok
16:55:33.0538 0x2354  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:55:33.0553 0x2354  PerfHost - ok
16:55:33.0631 0x2354  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
16:55:33.0709 0x2354  pla - ok
16:55:33.0756 0x2354  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:55:33.0803 0x2354  PlugPlay - ok
16:55:33.0834 0x2354  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:55:33.0881 0x2354  PNRPAutoReg - ok
16:55:33.0928 0x2354  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:55:33.0959 0x2354  PNRPsvc - ok
16:55:33.0990 0x2354  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:55:34.0053 0x2354  PolicyAgent - ok
16:55:34.0099 0x2354  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
16:55:34.0146 0x2354  Power - ok
16:55:34.0209 0x2354  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:55:34.0255 0x2354  PptpMiniport - ok
16:55:34.0271 0x2354  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
16:55:34.0318 0x2354  Processor - ok
16:55:34.0380 0x2354  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:55:34.0411 0x2354  ProfSvc - ok
16:55:34.0427 0x2354  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:55:34.0443 0x2354  ProtectedStorage - ok
16:55:34.0458 0x2354  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:55:34.0521 0x2354  Psched - ok
16:55:34.0567 0x2354  [ 4712CC14E720ECCCC0AA16949D18AAF1, AF0223D118A25CA14EC1AF8A40A793D3CBCBE3576CCACBCD4F9A3D3F10407262 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
16:55:34.0583 0x2354  PxHlpa64 - ok
16:55:34.0645 0x2354  [ 0928BD20273625622722FE1DE5BBDE57, 5313C222F8810D3A62CCE64482B5E50E58BBE2A2C298A23C84A454C34324AC52 ] qicflt          C:\Windows\system32\DRIVERS\qicflt.sys
16:55:34.0692 0x2354  qicflt - ok
16:55:34.0786 0x2354  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:55:34.0879 0x2354  ql2300 - ok
16:55:34.0911 0x2354  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:55:34.0942 0x2354  ql40xx - ok
16:55:35.0004 0x2354  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
16:55:35.0035 0x2354  QWAVE - ok
16:55:35.0051 0x2354  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:55:35.0113 0x2354  QWAVEdrv - ok
16:55:35.0145 0x2354  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:55:35.0191 0x2354  RasAcd - ok
16:55:35.0269 0x2354  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:55:35.0347 0x2354  RasAgileVpn - ok
16:55:35.0394 0x2354  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
16:55:35.0457 0x2354  RasAuto - ok
16:55:35.0472 0x2354  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:55:35.0566 0x2354  Rasl2tp - ok
16:55:35.0613 0x2354  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
16:55:35.0691 0x2354  RasMan - ok
16:55:35.0706 0x2354  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:55:35.0769 0x2354  RasPppoe - ok
16:55:35.0784 0x2354  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:55:35.0893 0x2354  RasSstp - ok
16:55:35.0909 0x2354  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:55:35.0971 0x2354  rdbss - ok
16:55:36.0003 0x2354  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
16:55:36.0081 0x2354  rdpbus - ok
16:55:36.0112 0x2354  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:55:36.0159 0x2354  RDPCDD - ok
16:55:36.0174 0x2354  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:55:36.0237 0x2354  RDPENCDD - ok
16:55:36.0268 0x2354  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:55:36.0330 0x2354  RDPREFMP - ok
16:55:36.0424 0x2354  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:55:36.0455 0x2354  RdpVideoMiniport - ok
16:55:36.0486 0x2354  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:55:36.0549 0x2354  RDPWD - ok
16:55:36.0580 0x2354  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:55:36.0642 0x2354  rdyboost - ok
16:55:36.0720 0x2354  [ A2F664C5556A37F60D9DE89A0AE3510C, 630AB93C1BC8EBF1EA9CAFF644EE09E41AD45695AA9AC09DDA67B4ADB23CC5BC ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
16:55:36.0736 0x2354  RegSrvc - ok
16:55:36.0798 0x2354  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:55:36.0861 0x2354  RemoteAccess - ok
16:55:36.0907 0x2354  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:55:36.0970 0x2354  RemoteRegistry - ok
16:55:37.0001 0x2354  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:55:37.0079 0x2354  RpcEptMapper - ok
16:55:37.0095 0x2354  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
16:55:37.0126 0x2354  RpcLocator - ok
16:55:37.0141 0x2354  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
16:55:37.0204 0x2354  RpcSs - ok
16:55:37.0235 0x2354  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:55:37.0282 0x2354  rspndr - ok
16:55:37.0360 0x2354  [ B85642BE0761159B63CFFC137384E17F, ACB04AC581EE475543AEA3003E3643DC2A007C4D3F1831C120F1D07BDAFF2FA4 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
16:55:37.0375 0x2354  RtkAudioService - ok
16:55:37.0422 0x2354  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
16:55:37.0469 0x2354  RTL8167 - ok
16:55:37.0485 0x2354  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] SamSs           C:\Windows\system32\lsass.exe
16:55:37.0500 0x2354  SamSs - ok
16:55:37.0516 0x2354  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:55:37.0547 0x2354  sbp2port - ok
16:55:37.0594 0x2354  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:55:37.0641 0x2354  SCardSvr - ok
16:55:37.0641 0x2354  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:55:37.0687 0x2354  scfilter - ok
16:55:37.0765 0x2354  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
16:55:37.0812 0x2354  Schedule - ok
16:55:37.0843 0x2354  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:55:37.0890 0x2354  SCPolicySvc - ok
16:55:37.0906 0x2354  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:55:37.0921 0x2354  SDRSVC - ok
16:55:37.0953 0x2354  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:55:37.0968 0x2354  secdrv - ok
16:55:37.0984 0x2354  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
16:55:38.0031 0x2354  seclogon - ok
16:55:38.0046 0x2354  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
16:55:38.0093 0x2354  SENS - ok
16:55:38.0093 0x2354  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:55:38.0140 0x2354  SensrSvc - ok
16:55:38.0171 0x2354  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
16:55:38.0202 0x2354  Serenum - ok
16:55:38.0218 0x2354  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
16:55:38.0249 0x2354  Serial - ok
16:55:38.0280 0x2354  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:55:38.0296 0x2354  sermouse - ok
16:55:38.0389 0x2354  [ C15B813F2FDB44F87F23312472C6E790, 2AA4024C312D0FFDC7DD2F46D011C8C54085216A3B5FA99FA42312C2E991E141 ] ServiceLayer    C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
16:55:38.0421 0x2354  ServiceLayer - ok
16:55:38.0436 0x2354  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
16:55:38.0514 0x2354  SessionEnv - ok
16:55:38.0530 0x2354  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:55:38.0592 0x2354  sffdisk - ok
16:55:38.0608 0x2354  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:55:38.0670 0x2354  sffp_mmc - ok
16:55:38.0686 0x2354  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:55:38.0717 0x2354  sffp_sd - ok
16:55:38.0733 0x2354  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:55:38.0779 0x2354  sfloppy - ok
16:55:38.0873 0x2354  [ E1974A92AC0914A3859359A0A8C82C68, 4908917F72D6E531B44488F06A05915F0DA9767758E44C886F5F93F46BA79654 ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
16:55:38.0904 0x2354  SftService - ok
16:55:38.0951 0x2354  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:55:38.0998 0x2354  SharedAccess - ok
16:55:39.0060 0x2354  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:55:39.0107 0x2354  ShellHWDetection - ok
16:55:39.0138 0x2354  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
16:55:39.0154 0x2354  SiSRaid2 - ok
16:55:39.0185 0x2354  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:55:39.0201 0x2354  SiSRaid4 - ok
16:55:39.0263 0x2354  [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
16:55:39.0279 0x2354  SkypeUpdate - ok
16:55:39.0325 0x2354  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:55:39.0372 0x2354  Smb - ok
16:55:39.0419 0x2354  [ 10450F432811D7FDA60A97FCC674D7B2, FD6245B06DD81C6E287DA47173D622357D86D84E3A5444CD34645973FE2E8BF5 ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
16:55:39.0450 0x2354  snapman - ok
16:55:39.0466 0x2354  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:55:39.0497 0x2354  SNMPTRAP - ok
16:55:39.0497 0x2354  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:55:39.0528 0x2354  spldr - ok
16:55:39.0591 0x2354  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
16:55:39.0622 0x2354  Spooler - ok
16:55:39.0762 0x2354  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
16:55:39.0934 0x2354  sppsvc - ok
16:55:39.0981 0x2354  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:55:40.0059 0x2354  sppuinotify - ok
16:55:40.0090 0x2354  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:55:40.0137 0x2354  srv - ok
16:55:40.0168 0x2354  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:55:40.0293 0x2354  srv2 - ok
16:55:40.0339 0x2354  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:55:40.0386 0x2354  srvnet - ok
16:55:40.0449 0x2354  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:55:40.0573 0x2354  SSDPSRV - ok
16:55:40.0589 0x2354  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:55:40.0636 0x2354  SstpSvc - ok
16:55:40.0667 0x2354  [ 91310683D7B6B292B746D60734B59322, 2C56C3E4AA7356FB544B52F80ABDA39A80473390CB2059C69BDCCAD40FE56325 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
16:55:40.0698 0x2354  ssudmdm - ok
16:55:40.0729 0x2354  [ 92E7F6666633D2DD91D527503DAA7BE0, E97C7FFCAF2C7A83B270B6C797A91C2731FEA26874FE1E59B4CB55D5D98744BB ] stdcfltn        C:\Windows\system32\DRIVERS\stdcfltn.sys
16:55:40.0761 0x2354  stdcfltn - ok
16:55:40.0854 0x2354  [ 49D9C17FDDFAC66F27FA735E94923216, 18C8FE5B794927989CDD3BB7A5500C73CCC23559470EEB37D42FD9AD04098C0D ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:55:40.0870 0x2354  Stereo Service - ok
16:55:40.0917 0x2354  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
16:55:40.0932 0x2354  stexstor - ok
16:55:41.0026 0x2354  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
16:55:41.0057 0x2354  stisvc - ok
16:55:41.0119 0x2354  [ B75D72683E471D128203A5A73A6F3772, C7E056406CADB0AE87DB87A4C4BADDDDD0D1E1BF41EACD44AD92BC3D541C7D50 ] SupportAssistAgent C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
16:55:41.0135 0x2354  SupportAssistAgent - ok
16:55:41.0151 0x2354  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
16:55:41.0166 0x2354  swenum - ok
16:55:41.0197 0x2354  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
16:55:41.0260 0x2354  swprv - ok
16:55:41.0322 0x2354  [ 36F506C894E1EA59C65FAF6398BDF49A, 70B7CA69958796C3AFA1ACA4C3BF054CBFEE84DC73A55D395EFED4A80B5399A2 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
16:55:41.0385 0x2354  SynTP - ok
16:55:41.0447 0x2354  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
16:55:41.0541 0x2354  SysMain - ok
16:55:41.0587 0x2354  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:55:41.0603 0x2354  TabletInputService - ok
16:55:41.0634 0x2354  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:55:41.0681 0x2354  TapiSrv - ok
16:55:41.0712 0x2354  [ 048CFE7569D6ADCAB9349BB1A566A79E, E248D2A66881FDFF9505896F383EFFEF2FD5AFC15D8992E653F5C31F1F80DAF3 ] tbhsd           C:\Windows\system32\drivers\tbhsd.sys
16:55:41.0743 0x2354  tbhsd - ok
16:55:41.0759 0x2354  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
16:55:41.0790 0x2354  TBS - ok
16:55:41.0899 0x2354  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:55:42.0009 0x2354  Tcpip - ok
16:55:42.0055 0x2354  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:55:42.0149 0x2354  TCPIP6 - ok
16:55:42.0180 0x2354  [ 1A95043750E359F993154EF8559BE518, C1CDFAA87084B4D7CF38598E6C723EDD2E1DCA23D29449F48D016F589DACEA29 ] tcpipBM         C:\Windows\system32\drivers\tcpipBM.sys
16:55:42.0196 0x2354  tcpipBM - detected UnsignedFile.Multi.Generic ( 1 )
16:55:44.0598 0x2354  Detect skipped due to KSN trusted
16:55:44.0598 0x2354  tcpipBM - ok
16:55:44.0645 0x2354  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:55:44.0692 0x2354  tcpipreg - ok
16:55:44.0754 0x2354  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:55:44.0832 0x2354  TDPIPE - ok
16:55:44.0941 0x2354  [ 99527D49EE0A96FC25537C61B270A372, 519E23F86EC86349F92C4A88DBD19C097AEE0A6E152776B32B45D293ED14946B ] tdrpman273      C:\Windows\system32\DRIVERS\tdrpm273.sys
16:55:45.0004 0x2354  tdrpman273 - ok
16:55:45.0051 0x2354  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:55:45.0097 0x2354  TDTCP - ok
16:55:45.0175 0x2354  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:55:45.0253 0x2354  tdx - ok
16:55:45.0331 0x2354  [ 4283D7125BA4BD0CB50BB0F78B54257A, A9DBFC45CDF7444BA7AD92734E66E3E4F844BF036AC19FD43F915151191F12C5 ] TelekomNM6      C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys
16:55:45.0363 0x2354  TelekomNM6 - ok
16:55:45.0441 0x2354  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
16:55:45.0503 0x2354  TermDD - ok
16:55:45.0706 0x2354  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
16:55:45.0753 0x2354  TermService - ok
16:55:45.0799 0x2354  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
16:55:45.0846 0x2354  Themes - ok
16:55:45.0909 0x2354  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
16:55:45.0971 0x2354  THREADORDER - ok
16:55:46.0002 0x2354  [ 3E24B7FE52BC455DA8D6E2CC2B4CA23F, 0AC9C626F0ED7F27CCE0236897D44836789331953AA0A73B2A88E4A91CF996B6 ] tifsfilter      C:\Windows\system32\DRIVERS\tifsfilt.sys
16:55:46.0033 0x2354  tifsfilter - ok
16:55:46.0065 0x2354  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
16:55:46.0143 0x2354  TrkWks - ok
16:55:46.0267 0x2354  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:55:46.0377 0x2354  TrustedInstaller - ok
16:55:46.0423 0x2354  [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:55:46.0501 0x2354  tssecsrv - ok
16:55:46.0564 0x2354  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:55:46.0689 0x2354  TsUsbFlt - ok
16:55:46.0735 0x2354  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
16:55:46.0798 0x2354  TsUsbGD - ok
16:55:46.0876 0x2354  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:55:47.0032 0x2354  tunnel - ok
16:55:47.0125 0x2354  [ 825E7A1F48FB8BCFBA27C178AAB4E275, 94F039917B52BEFFFE383E14A6169AE81B6E79C30BA7DD017A9CFE15708A1605 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
16:55:47.0172 0x2354  TurboB - ok
16:55:47.0266 0x2354  [ B206BE1174D5964D49A56BB6C4E0524A, 9D7DA11220B69E2EDEA9E55EC0E4CB554DD7F638ABF49B76353CE5A5C75965B8 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
16:55:47.0297 0x2354  TurboBoost - ok
16:55:47.0328 0x2354  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:55:47.0391 0x2354  uagp35 - ok
16:55:47.0469 0x2354  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:55:47.0640 0x2354  udfs - ok
16:55:47.0687 0x2354  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:55:47.0765 0x2354  UI0Detect - ok
16:55:47.0812 0x2354  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:55:47.0874 0x2354  uliagpkx - ok
16:55:47.0890 0x2354  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:55:47.0968 0x2354  umbus - ok
16:55:47.0999 0x2354  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
16:55:48.0077 0x2354  UmPass - ok
16:55:48.0389 0x2354  [ CBDEE152D73200EE49031A26310B9D3E, 92E22235446F8DB3BFE97EDE7DE7D33F43EAC5957C5B41ACCEC4EBFD19BFF819 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:55:48.0467 0x2354  UNS - ok
16:55:48.0529 0x2354  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
16:55:48.0607 0x2354  upnphost - ok
16:55:48.0685 0x2354  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:55:48.0748 0x2354  usbccgp - ok
16:55:48.0795 0x2354  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:55:48.0873 0x2354  usbcir - ok
16:55:48.0919 0x2354  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
16:55:49.0044 0x2354  usbehci - ok
16:55:49.0138 0x2354  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:55:49.0247 0x2354  usbhub - ok
16:55:49.0309 0x2354  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:55:49.0403 0x2354  usbohci - ok
16:55:49.0450 0x2354  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:55:49.0543 0x2354  usbprint - ok
16:55:49.0621 0x2354  [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser          C:\Windows\system32\drivers\usbser.sys
16:55:49.0715 0x2354  usbser - ok
16:55:49.0746 0x2354  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:55:49.0840 0x2354  USBSTOR - ok
16:55:49.0902 0x2354  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:55:49.0980 0x2354  usbuhci - ok
16:55:50.0011 0x2354  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
16:55:50.0043 0x2354  usbvideo - ok
16:55:50.0105 0x2354  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
16:55:50.0136 0x2354  UxSms - ok
16:55:50.0183 0x2354  [ 5424EC756808C1002457033D969115C7, 85B86C3DF9BCF4BA085C4978BE36A38D0079CE24C5C61FB754286E476EB77741 ] VaultSvc        C:\Windows\system32\lsass.exe
16:55:50.0214 0x2354  VaultSvc - ok
16:55:50.0370 0x2354  [ 3470D2C83CA7A056B91216EA1D571304, 3189ABF6E8C08B1B0F406DB5E78F9ABD9A0AE3FF52615B681A8DEB1A38E26B83 ] VBoxAswDrv      C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
16:55:50.0417 0x2354  VBoxAswDrv - ok
16:55:50.0464 0x2354  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:55:50.0495 0x2354  vdrvroot - ok
16:55:50.0604 0x2354  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
16:55:50.0698 0x2354  vds - ok
16:55:50.0776 0x2354  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:55:50.0854 0x2354  vga - ok
16:55:50.0869 0x2354  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:55:50.0947 0x2354  VgaSave - ok
16:55:51.0072 0x2354  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:55:51.0244 0x2354  vhdmp - ok
16:55:51.0291 0x2354  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:55:51.0353 0x2354  viaide - ok
16:55:51.0400 0x2354  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:55:51.0493 0x2354  volmgr - ok
16:55:51.0603 0x2354  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:55:51.0696 0x2354  volmgrx - ok
16:55:51.0790 0x2354  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:55:51.0852 0x2354  volsnap - ok
16:55:51.0899 0x2354  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:55:51.0977 0x2354  vsmraid - ok
16:55:52.0195 0x2354  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
16:55:52.0273 0x2354  VSS - ok
16:55:52.0305 0x2354  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:55:52.0383 0x2354  vwifibus - ok
16:55:52.0445 0x2354  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] VWiFiFlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:55:52.0523 0x2354  VWiFiFlt - ok
16:55:52.0539 0x2354  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
16:55:52.0617 0x2354  vwifimp - ok
16:55:52.0695 0x2354  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
16:55:52.0757 0x2354  W32Time - ok
16:55:52.0788 0x2354  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:55:52.0866 0x2354  WacomPen - ok
16:55:52.0897 0x2354  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:55:52.0991 0x2354  WANARP - ok
16:55:53.0007 0x2354  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:55:53.0038 0x2354  Wanarpv6 - ok
16:55:53.0225 0x2354  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
16:55:53.0365 0x2354  WatAdminSvc - ok
16:55:53.0646 0x2354  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
16:55:53.0724 0x2354  wbengine - ok
16:55:53.0771 0x2354  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:55:53.0849 0x2354  WbioSrvc - ok
16:55:53.0896 0x2354  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:55:53.0989 0x2354  wcncsvc - ok
16:55:54.0021 0x2354  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:55:54.0067 0x2354  WcsPlugInService - ok
16:55:54.0130 0x2354  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
16:55:54.0177 0x2354  Wd - ok
16:55:54.0364 0x2354  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:55:54.0457 0x2354  Wdf01000 - ok
16:55:54.0520 0x2354  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:55:54.0582 0x2354  WdiServiceHost - ok
16:55:54.0598 0x2354  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:55:54.0645 0x2354  WdiSystemHost - ok
16:55:54.0707 0x2354  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
16:55:54.0738 0x2354  WebClient - ok
16:55:54.0832 0x2354  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:55:55.0003 0x2354  Wecsvc - ok
16:55:55.0019 0x2354  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:55:55.0066 0x2354  wercplsupport - ok
16:55:55.0144 0x2354  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:55:55.0175 0x2354  WerSvc - ok
16:55:55.0237 0x2354  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:55:55.0315 0x2354  WfpLwf - ok
16:55:55.0440 0x2354  [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
16:55:55.0503 0x2354  WimFltr - ok
16:55:55.0518 0x2354  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:55:55.0565 0x2354  WIMMount - ok
16:55:55.0627 0x2354  WinDefend - ok
16:55:55.0643 0x2354  WinHttpAutoProxySvc - ok
16:55:55.0830 0x2354  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:55:55.0955 0x2354  Winmgmt - ok
16:55:56.0080 0x2354  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
16:55:56.0189 0x2354  WinRM - ok
16:55:56.0267 0x2354  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:55:56.0329 0x2354  WinUsb - ok
16:55:56.0579 0x2354  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:55:56.0688 0x2354  Wlansvc - ok
16:55:56.0782 0x2354  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:55:56.0829 0x2354  wlcrasvc - ok
16:55:56.0985 0x2354  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:55:57.0078 0x2354  wlidsvc - ok
16:55:57.0156 0x2354  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
16:55:57.0234 0x2354  WmiAcpi - ok
16:55:57.0328 0x2354  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:55:57.0375 0x2354  wmiApSrv - ok
16:55:57.0437 0x2354  WMPNetworkSvc - ok
16:55:57.0484 0x2354  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:55:57.0562 0x2354  WPCSvc - ok
16:55:57.0593 0x2354  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:55:57.0655 0x2354  WPDBusEnum - ok
16:55:57.0687 0x2354  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:55:57.0733 0x2354  ws2ifsl - ok
16:55:57.0749 0x2354  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
16:55:57.0780 0x2354  wscsvc - ok
16:55:57.0780 0x2354  WSearch - ok
16:55:58.0451 0x2354  [ 291778E1A36716182AFBC1731B2DFEAB, C0B928CCCE8C496C90C42E0D294BAB51DC67C02B0D20CFB6A16B0AE1F51CC497 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:55:58.0529 0x2354  wuauserv - ok
16:55:58.0591 0x2354  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:55:58.0623 0x2354  WudfPf - ok
16:55:58.0701 0x2354  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:55:58.0794 0x2354  WUDFRd - ok
16:55:58.0841 0x2354  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:55:58.0903 0x2354  wudfsvc - ok
16:55:58.0966 0x2354  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:55:59.0044 0x2354  WwanSvc - ok
16:55:59.0933 0x2354  [ 51842449D6076C512D626C77E2665167, 2409BDEE5F607DE651A190C3DFAAB8EE0EEF18F04E6B2F34A7FF855021D5ED66 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
16:56:00.0042 0x2354  ZeroConfigService - ok
16:56:00.0058 0x2354  ================ Scan global ===============================
16:56:00.0105 0x2354  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
16:56:00.0167 0x2354  [ 4AD1C61152A0199E3D7F9A82C07AC629, A4A42C7757EB084EE368A6BC4EBAB0C47BE41B0B4119A6AECD1B8E3332A7C5D5 ] C:\Windows\system32\winsrv.dll
16:56:00.0214 0x2354  [ 4AD1C61152A0199E3D7F9A82C07AC629, A4A42C7757EB084EE368A6BC4EBAB0C47BE41B0B4119A6AECD1B8E3332A7C5D5 ] C:\Windows\system32\winsrv.dll
16:56:00.0276 0x2354  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:56:00.0370 0x2354  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
16:56:00.0385 0x2354  [ Global ] - ok
16:56:00.0385 0x2354  ================ Scan MBR ==================================
16:56:00.0385 0x2354  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:56:01.0134 0x2354  \Device\Harddisk0\DR0 - ok
16:56:01.0134 0x2354  ================ Scan VBR ==================================
16:56:01.0150 0x2354  [ BD9D504880971C708CA366C533DF27B0 ] \Device\Harddisk0\DR0\Partition1
16:56:01.0150 0x2354  \Device\Harddisk0\DR0\Partition1 - ok
16:56:01.0181 0x2354  [ 0E662C73D12129A298A047E9FA3BE88B ] \Device\Harddisk0\DR0\Partition2
16:56:01.0228 0x2354  \Device\Harddisk0\DR0\Partition2 - ok
16:56:01.0228 0x2354  ================ Scan generic autorun ======================
16:56:01.0228 0x2354  SynTPEnh - ok
16:56:01.0665 0x2354  [ 82311E6BB2DFE95068B612DAE1A45CD1, 21962178AF6439B64C162EF71D6F7100B5D4CAA24053E74E85EB4FA334CA6B32 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
16:56:01.0961 0x2354  RTHDVCPL - ok
16:56:02.0179 0x2354  [ 1E7EBBF7D89DE7979308494FE98EB393, 84619B1A27F72FB5B412528AC247FA1CC174056BB08BF9B2B4749625BFE2688A ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
16:56:02.0257 0x2354  RtHDVBg - ok
16:56:02.0413 0x2354  [ 2078AE5DF5876F58124CDC2B4F972CD3, 59023E6A595950BFA611502AA9AA68C1AD48114DDCBD6BA7FDE4CDC86A7170B1 ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
16:56:02.0445 0x2354  Acronis Scheduler2 Service - ok
16:56:02.0663 0x2354  [ A358C6D2F299ACDE00D40C605BA5FEDC, FFAE3A508C8756D67E7C37870E53A621D0F174A66E48BBD30B03F2DAF1C0BFB8 ] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
16:56:02.0710 0x2354  FreeFallProtection - ok
16:56:02.0835 0x2354  [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\Windows\WindowsMobile\wmdc.exe
16:56:02.0881 0x2354  Windows Mobile Device Center - ok
16:56:02.0944 0x2354  [ 813F9EA38AEB2AD4D9BD689388DDD93A, 68766E259C0D7F6EAFBF8C24A903C34CE624FF37EBFB8CDBFC1405AC6DA6E8F8 ] C:\Program Files (x86)\Telekom\InternetManager_H\DataCardMonitor.exe
16:56:02.0959 0x2354  DataCardMonitor - detected UnsignedFile.Multi.Generic ( 1 )
16:56:05.0362 0x2354  Detect skipped due to KSN trusted
16:56:05.0362 0x2354  DataCardMonitor - ok
16:56:05.0580 0x2354  [ 637E9EEA864CE9C5778E3C4358B1E0D1, BF1E58E0C50DCB06FD1611786ECF500F426DFEFCF795D8A048A4B1BCA51F4556 ] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
16:56:05.0643 0x2354  Dell DataSafe Online - ok
16:56:05.0892 0x2354  [ 30293898C1A9DFBCFE38EB6A2F7D555A, 467B0BE56B0CF06607C5C0EAE4D4703810A2E65D4137CEB6ECA581E4E848CA70 ] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
16:56:05.0939 0x2354  Dell Webcam Central - detected UnsignedFile.Multi.Generic ( 1 )
16:56:08.0373 0x2354  Detect skipped due to KSN trusted
16:56:08.0373 0x2354  Dell Webcam Central - ok
16:56:08.0529 0x2354  [ 25107F58D1B8F60D67D1EE95798C0DE8, C3B5205E8818576EBF33E3B9FD8664A498714B823D9128FC1CA0A64F81499263 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
16:56:08.0575 0x2354  IAStorIcon - ok
16:56:08.0763 0x2354  [ 3A767D4CF95CAC1299554B89C4DE5920, E18D2BD562981A4BA54A677C8838ABE9056D1704EC2CC1A8B465390CAC9D1875 ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
16:56:08.0809 0x2354  KiesTrayAgent - ok
16:56:08.0934 0x2354  [ 9D51EA92A612B37E76E5E4621650C50A, 00BD61C8527A80C0F684882379A0AC2E5A54E8BBECC797087B960CDC8454C373 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
16:56:08.0965 0x2354  NUSB3MON - ok
16:56:09.0262 0x2354  [ C433243E73FCF988435CEC1F461C48EE, 65C601B72EC48528F9CFF8F412E5AB75497E018E92754A4669741F34996A954E ] C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
16:56:09.0340 0x2354  SAOB Monitor - ok
16:56:09.0886 0x2354  [ A7D3BA9573C2BD5DDCA2A87140915D6A, 2D36D01A10B5F988FB6ED2204FAB3F05B7E31373B7A16B13E3CE5E8EB81420EA ] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
16:56:10.0167 0x2354  TrueImageMonitor.exe - ok
16:56:10.0822 0x2354  [ 123CE08362EE48BBA7F9F1D7EB50F24F, B78A49B186475805D7022E22AE163C535F3594F62CEA2759547EC514FA6CBFCC ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
16:56:10.0993 0x2354  AvastUI.exe - ok
16:56:11.0087 0x2354  [ FCEC6F664FA7E5FE323165FBC9314470, 4E5AB1E6C3D2881D95E74F2F28649A7DBC4919CA249829A0E4CD9804E401A025 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
16:56:11.0118 0x2354  SunJavaUpdateSched - ok
16:56:11.0493 0x2354  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:56:11.0555 0x2354  Sidebar - ok
16:56:11.0617 0x2354  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:56:11.0664 0x2354  mctadmin - ok
16:56:11.0758 0x2354  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:56:11.0805 0x2354  Sidebar - ok
16:56:11.0805 0x2354  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:56:11.0836 0x2354  mctadmin - ok
16:56:11.0992 0x2354  [ 7EF9633A2409048FB40DBC2B83A42C0F, ADB04ED61B7626AD3696CCF8356AA26C251FCA35A1C7CB8A04F83401F04936D0 ] C:\Program Files (x86)\Samsung\Kies\Kies.exe
16:56:12.0054 0x2354  KiesPreload - ok
16:56:12.0101 0x2354  HW_OPENEYE_OUC_Telekom Internet Manager - ok
16:56:12.0101 0x2354  Waiting for KSN requests completion. In queue: 13
16:56:13.0115 0x2354  Waiting for KSN requests completion. In queue: 13
16:56:14.0129 0x2354  Waiting for KSN requests completion. In queue: 13
16:56:15.0205 0x2354  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.4.2233.1299 ), 0x41000 ( enabled : updated )
16:56:15.0330 0x2354  Win FW state via NFP2: enabled ( trusted )
16:56:17.0826 0x2354  ============================================================
16:56:17.0826 0x2354  Scan finished
16:56:17.0826 0x2354  ============================================================
16:56:17.0842 0x15d8  Detected object count: 0
16:56:17.0842 0x15d8  Actual detected object count: 0
16:56:32.0007 0x0270  Deinitialize success
         
__________________


Alt 07.11.2015, 18:20   #3
seal.1
 
Viele Funde mit MBAM - Standard

Viele Funde mit MBAM



FRST

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
durchgeführt von Holgi (Administrator) auf HOLGI-PC (07-11-2015 18:32:52)
Gestartet von C:\Users\Holgi\Desktop
Geladene Profile: Holgi (Verfügbare Profile: Holgi)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
() C:\ProgramData\DatacardService\DCService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
() C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2247976 2010-07-15] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7666392 2014-12-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2014-12-11] (Realtek Semiconductor)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [395344 2011-09-22] (Acronis)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [727664 2010-09-24] ()
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [DataCardMonitor] => C:\Program Files (x86)\Telekom\InternetManager_H\DataCardMonitor.exe [253952 2011-11-12] (Huawei Technologies Co., Ltd.)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1807680 2010-02-09] ()
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [487562 2010-08-20] (Creative Technology Ltd)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-04-28] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [SAOB Monitor] => C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe [2571032 2011-09-22] (Acronis)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5587832 2011-09-22] (Acronis)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6133520 2015-11-07] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1566016 2015-04-28] (Samsung)
HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\...\Run: [HW_OPENEYE_OUC_Telekom Internet Manager] => "C:\Program Files (x86)\Telekom\InternetManager_H\UpdateDog\ouc.exe"
HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000
HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\...\MountPoints2: {e55e48c7-55ea-11e3-a3d5-f04da25be7c1} - E:\autorun.exe
HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\...\MountPoints2: {ea07ee0e-0b42-11e1-a38f-f04da25be7c1} - F:\AutoRun.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-10-10] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2015-11-07]
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-12-08]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2010-12-08]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Holgi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk [2015-11-07]
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{350F2940-3E78-47FF-B200-C99DC4725C00}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{C89C2341-DECE-4F90-A0FD-65356F4EFB31}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> {5C721AC4-8738-42C0-8CD2-58F97E0398EB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {0632309F-DE38-4268-9692-036784E9A1D7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {0632309F-DE38-4268-9692-036784E9A1D7} URL = 
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {17805846-7469-41E4-9A7C-FFCF75F42C6C} URL = hxxp://suche.t-online.de/fast-cgi/tsc?sr=tportal&q={searchTerms}&dia=tie8
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {23275BE6-9F0A-4EA7-B2C7-C2E8FD0F511D} URL = hxxp://dict.leo.org/ende?lp=ende&search={searchTerms}
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {5C721AC4-8738-42C0-8CD2-58F97E0398EB} URL = 
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {7A7EFF3B-7BF9-478E-9AB7-B445D7AD9D3C} URL = hxxp://preisvergleich.t-online.de/angebote/{searchTerms}?soid=42534758
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {9164E28C-0259-45DE-B2AF-595F2689BD4D} URL = hxxp://suche.t-online.de/fast-cgi/tsc?sr=twiki&q={searchTerms}&dia=tie8
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {925BC6A2-7FCF-40DF-8BFF-FAC13BBEDE51} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=tonline-browser_toolbar3_search-21&index=blended&linkCode=ur2
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {A5651A03-AFF1-4BC2-8DF7-C66D28D8D840} URL = hxxp://dict.leo.org/frde?lp=frde&search={searchTerms}
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {C8EF559E-E0D7-4601-88BE-42F03229A230} URL = hxxp://rover.ebay.com/rover/1/707-1403-9414-51/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {D58F6799-D10F-4A49-AC4B-7B2CE2CF9328} URL = hxxp://dict.leo.org/esde?lp=esde&search={searchTerms}
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000 -> {F44C3FA9-AB56-49F4-A91A-C9D8CE06A609} URL = hxxp://suche.t-online.de/fast-cgi/tsc?sr=tweb&q={searchTerms}&dia=tie8
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-02] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Toolbar 3.0 der Telekom Browserhilfsobjekt -> {C9603180-FA5C-4DB0-A013-ADC60309AF82} -> C:\Program Files\Deutsche Telekom\Toolbar3\ToToolbar.dll [2010-11-03] (Deutsche Telekom AG)
BHO: Kein Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-11-02] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-02] (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-02] (Oracle Corporation)
Toolbar: HKLM - Kein Name - {2015C8D4-8534-48DB-B5FB-5C76291F080C} -  Keine Datei
DPF: HKLM-x32 {3860DD98-0549-4D50-AA72-5D17D200EE10} hxxp://cdn.scan.onecare.live.com/resource/download/scanner/de-de/wlscctrl2.cab
DPF: HKLM-x32 {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} hxxp://download.bitdefender.com/resources/scanner/sources/de/scan8/oscan8.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\6skugad3.default-1437192079831
FF Homepage: hxxps://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-11-07] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-11-07] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-11-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-11-11] (NVIDIA Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Program Files (x86)\TVUPlayer\npTVUAx.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\6skugad3.default-1437192079831\user.js [2015-11-06]
FF Extension: YouTube Unblocker - C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\6skugad3.default-1437192079831\Extensions\youtubeunblocker@unblocker.yt [2015-10-15]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\6skugad3.default-1437192079831\Extensions\ich@maltegoetz.de.xpi [2015-07-28]
FF Extension: NoScript - C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\6skugad3.default-1437192079831\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-10-31]
FF Extension: Video DownloadHelper - C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\6skugad3.default-1437192079831\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-30]
FF Extension: Adblock Plus - C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\6skugad3.default-1437192079831\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-25]
FF Extension: BetterPrivacy - C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\6skugad3.default-1437192079831\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-07-18]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-10-10] [ist nicht signiert]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-07-18]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-18]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-10-10] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4048280 2015-10-10] (Avast Software)
R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-08-19] () [Datei ist nicht signiert]
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168 2015-09-11] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201560 2015-09-11] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-03-19] ()
S3 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [Datei ist nicht signiert]
S3 OpenVPNService; C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe [37176 2014-04-14] (The OpenVPN Project)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2014-12-11] (Realtek Semiconductor)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [21160 2015-09-30] (Dell Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2015-03-19] (Intel® Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-10-10] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-10-10] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-10-10] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-10-10] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-07] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-10-10] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-10-10] (AVAST Software)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2014-12-22] ()
R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2009-12-15] (Bytemobile, Inc.) [Datei ist nicht signiert]
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [32464 2015-09-11] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
S3 DellWAL; C:\Program Files\Dell\DellDataVault\DDDriver64Dcsa.sys [32464 2015-09-11] (Dell Computer Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-07-22] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2014-12-22] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
S3 MEMSWEEP2; C:\Windows\system32\DAFB.tmp [6144 2010-05-26] (Sophos Plc) [Datei ist nicht signiert]
S3 NETw5s64; C:\Windows\System32\DRIVERS\NETw5s64.sys [7689216 2010-05-31] (Intel Corporation) [Datei ist nicht signiert]
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [132656 2015-10-10] (AVAST Software)
R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2009-12-15] (Bytemobile, Inc.) [Datei ist nicht signiert]
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [274336 2015-10-10] (Avast Software)
S3 ALSysIO; \??\C:\Users\Holgi\AppData\Local\Temp\ALSysIO64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-07 18:32 - 2015-11-07 18:33 - 00026442 _____ C:\Users\Holgi\Desktop\FRST.txt
2015-11-07 18:31 - 2015-11-07 18:31 - 00000472 _____ C:\Users\Holgi\Desktop\defogger_disable.log
2015-11-07 18:22 - 2015-11-07 18:22 - 00380416 _____ C:\Users\Holgi\Desktop\Gmer-19357.exe
2015-11-07 18:21 - 2015-11-07 18:21 - 02198528 _____ (Farbar) C:\Users\Holgi\Desktop\FRST64.exe
2015-11-07 18:20 - 2015-11-07 18:20 - 00050477 _____ C:\Users\Holgi\Desktop\Defogger.exe
2015-11-07 16:52 - 2015-11-07 16:52 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Holgi\Desktop\tdsskiller.exe
2015-11-07 16:52 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-07 16:52 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-07 16:52 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-07 16:52 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-07 16:52 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-07 16:52 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-07 16:52 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-07 16:52 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-07 16:52 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-07 16:52 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-07 16:52 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-07 16:52 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-07 16:52 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-07 16:52 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-07 16:52 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-07 16:52 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-06 14:20 - 2015-11-06 14:21 - 00000000 ____D C:\Program Files (x86)\audiograbber
2015-11-06 14:20 - 2015-11-06 14:20 - 00000000 ____D C:\Users\Holgi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Audiograbber
2015-11-06 14:20 - 2015-11-06 14:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audiograbber
2015-11-06 08:29 - 2015-11-06 08:29 - 01665325 _____ C:\Users\Holgi\Downloads\agsetup.exe
2015-11-06 08:05 - 2015-11-06 08:05 - 00000000 ____D C:\Users\Holgi\AppData\Roaming\dlg
2015-11-06 08:04 - 2015-11-06 08:04 - 00000000 ____D C:\Users\Holgi\AppData\Roaming\AVG
2015-11-06 08:04 - 2015-11-06 08:04 - 00000000 ____D C:\Users\Holgi\AppData\Local\Avg
2015-11-06 08:02 - 2015-11-06 08:05 - 00000000 ____D C:\ProgramData\AVG
2015-11-06 07:42 - 2015-11-07 18:18 - 00001031 _____ C:\Users\Holgi\Desktop\Audiograbber.lnk
2015-11-06 07:42 - 2015-11-06 07:42 - 00003122 _____ C:\Windows\System32\Tasks\{E9A38163-DBF4-4557-958A-DDD3201F8303}
2015-11-06 07:34 - 2015-11-06 07:35 - 00000000 ____D C:\Users\Holgi\AppData\Roaming\EAC
2015-11-06 07:16 - 2015-11-06 14:48 - 00000000 ____D C:\Users\Holgi\Downloads\Alex
2015-11-05 18:38 - 2015-11-05 18:38 - 00000000 __HDC C:\ProgramData\{AA6BF06E-316C-487A-9BC2-5F06A43C56B1}
2015-10-25 05:38 - 2015-09-14 20:45 - 03210240 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-10-15 19:13 - 2015-11-02 21:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-13 20:27 - 2015-09-29 04:16 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-13 20:27 - 2015-09-29 04:13 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-13 20:27 - 2015-09-29 04:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-13 20:27 - 2015-09-29 04:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-13 20:27 - 2015-09-29 04:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-13 20:27 - 2015-09-29 04:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-13 20:27 - 2015-09-29 04:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-13 20:27 - 2015-09-29 04:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-13 20:27 - 2015-09-29 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-13 20:27 - 2015-09-29 04:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-13 20:27 - 2015-09-29 04:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-13 20:27 - 2015-09-29 04:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-13 20:27 - 2015-09-29 04:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-13 20:27 - 2015-09-29 04:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-13 20:27 - 2015-09-29 04:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-13 20:27 - 2015-09-29 04:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-13 20:27 - 2015-09-29 04:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-13 20:27 - 2015-09-29 04:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-13 20:27 - 2015-09-29 04:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-13 20:27 - 2015-09-29 04:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-13 20:27 - 2015-09-29 04:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-13 20:27 - 2015-09-29 04:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-13 20:27 - 2015-09-29 04:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-13 20:27 - 2015-09-29 04:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-13 20:27 - 2015-09-29 04:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-13 20:27 - 2015-09-29 04:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-13 20:27 - 2015-09-29 04:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-13 20:27 - 2015-09-29 04:02 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-13 20:27 - 2015-09-29 04:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-13 20:27 - 2015-09-29 04:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-13 20:27 - 2015-09-29 04:01 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 04:01 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 03:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-13 20:27 - 2015-09-29 03:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-13 20:27 - 2015-09-29 03:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-13 20:27 - 2015-09-29 03:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-13 20:27 - 2015-09-29 03:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-13 20:27 - 2015-09-29 03:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-13 20:27 - 2015-09-29 03:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-13 20:27 - 2015-09-29 03:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-13 20:27 - 2015-09-29 03:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-13 20:27 - 2015-09-29 03:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-13 20:27 - 2015-09-29 03:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-13 20:27 - 2015-09-29 03:57 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-13 20:27 - 2015-09-29 03:57 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-13 20:27 - 2015-09-29 03:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-13 20:27 - 2015-09-29 03:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-13 20:27 - 2015-09-29 03:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-13 20:27 - 2015-09-29 03:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-13 20:27 - 2015-09-29 03:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-13 20:27 - 2015-09-29 03:49 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 03:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 02:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-13 20:27 - 2015-09-29 02:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-13 20:27 - 2015-09-29 02:49 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-13 20:27 - 2015-09-29 02:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-13 20:27 - 2015-09-29 02:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-13 20:27 - 2015-09-29 02:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 02:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 02:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-13 20:27 - 2015-09-29 02:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-13 20:27 - 2015-09-18 20:31 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-13 20:27 - 2015-09-18 19:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-13 20:27 - 2015-09-16 05:48 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-13 20:27 - 2015-09-16 05:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-13 20:27 - 2015-09-16 05:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-13 20:27 - 2015-09-16 05:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-13 20:27 - 2015-09-16 05:21 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-13 20:27 - 2015-09-16 05:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-13 20:27 - 2015-09-16 05:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-13 20:27 - 2015-09-16 05:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-13 20:27 - 2015-09-16 05:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-13 20:27 - 2015-09-16 05:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-13 20:27 - 2015-09-16 05:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-13 20:27 - 2015-09-16 05:10 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-13 20:27 - 2015-09-16 05:09 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-13 20:27 - 2015-09-16 05:08 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-13 20:27 - 2015-09-16 05:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-13 20:27 - 2015-09-16 05:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-13 20:27 - 2015-09-16 05:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-13 20:27 - 2015-09-16 05:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-13 20:27 - 2015-09-16 04:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-13 20:27 - 2015-09-16 04:58 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-13 20:27 - 2015-09-16 04:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-13 20:27 - 2015-09-16 04:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-13 20:27 - 2015-09-16 04:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-13 20:27 - 2015-09-16 04:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-13 20:27 - 2015-09-16 04:43 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-13 20:27 - 2015-09-16 04:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-13 20:27 - 2015-09-16 04:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-13 20:27 - 2015-09-16 04:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-13 20:27 - 2015-09-16 04:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-13 20:27 - 2015-09-16 04:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-13 20:27 - 2015-09-16 04:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-13 20:27 - 2015-09-16 04:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-13 20:27 - 2015-09-16 04:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-13 20:27 - 2015-09-16 04:29 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-13 20:27 - 2015-09-16 04:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-13 20:27 - 2015-09-16 04:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-13 20:27 - 2015-09-16 04:26 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-13 20:27 - 2015-09-16 04:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-13 20:27 - 2015-09-16 04:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-13 20:27 - 2015-09-16 04:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-13 20:27 - 2015-09-16 04:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-13 20:27 - 2015-09-16 04:22 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-13 20:27 - 2015-09-16 04:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-13 20:27 - 2015-09-16 04:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-13 20:27 - 2015-09-16 04:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-13 20:27 - 2015-09-16 04:11 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-13 20:27 - 2015-09-16 04:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-13 20:27 - 2015-09-16 04:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-13 20:27 - 2015-09-16 04:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-13 20:27 - 2015-09-16 04:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-13 20:27 - 2015-09-16 04:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-13 20:27 - 2015-09-16 04:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-13 20:27 - 2015-09-16 03:59 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-13 20:27 - 2015-09-16 03:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-13 20:27 - 2015-09-16 03:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-13 20:27 - 2015-09-16 03:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-13 20:27 - 2015-09-16 03:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-13 20:27 - 2015-09-16 03:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-13 20:27 - 2015-09-16 03:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-13 20:27 - 2015-09-16 03:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-13 20:27 - 2015-09-16 03:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-13 20:27 - 2015-09-16 03:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-13 20:27 - 2015-09-15 19:17 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-13 20:27 - 2015-09-15 19:17 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-13 20:27 - 2015-09-15 19:11 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-13 20:27 - 2015-09-15 19:11 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-13 20:27 - 2015-09-15 19:11 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-13 20:27 - 2015-09-15 19:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-13 20:27 - 2015-09-15 19:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-13 20:27 - 2015-09-15 19:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-13 20:27 - 2015-09-15 19:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-13 20:27 - 2015-09-15 18:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-13 20:27 - 2015-09-15 18:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-13 20:27 - 2015-09-15 18:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-13 20:27 - 2015-09-15 18:35 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-13 20:27 - 2015-08-06 19:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-13 20:27 - 2015-08-06 19:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-13 20:27 - 2015-08-06 18:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-13 20:27 - 2015-08-06 18:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-13 20:26 - 2015-10-01 19:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-13 20:26 - 2015-10-01 19:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-13 20:26 - 2015-10-01 19:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-13 20:26 - 2015-10-01 19:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-13 20:26 - 2015-10-01 19:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-13 20:26 - 2015-10-01 19:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-13 20:26 - 2015-10-01 19:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-13 20:26 - 2015-10-01 18:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-13 20:26 - 2015-10-01 18:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-10 08:10 - 2015-10-10 08:09 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-10-10 08:10 - 2015-09-18 20:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-10 08:10 - 2015-09-18 20:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-10 08:10 - 2015-09-18 20:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-10 08:10 - 2015-09-18 20:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-10 08:10 - 2015-09-18 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-10 08:10 - 2015-09-18 20:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-10 08:10 - 2015-09-18 20:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-10 08:10 - 2015-08-05 18:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2015-10-10 08:10 - 2015-08-05 18:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-10-10 08:09 - 2015-10-10 08:09 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-10-10 08:07 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-10 08:07 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-08 17:59 - 2015-10-08 17:59 - 00726888 _____ C:\Windows\Minidump\100815-37190-01.dmp

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-07 18:32 - 2014-11-18 20:25 - 00000000 ____D C:\FRST
2015-11-07 18:31 - 2015-07-18 19:34 - 01944785 _____ C:\Windows\WindowsUpdate.log
2015-11-07 18:30 - 2010-11-21 07:50 - 00699342 _____ C:\Windows\system32\perfh007.dat
2015-11-07 18:30 - 2010-11-21 07:50 - 00149450 _____ C:\Windows\system32\perfc007.dat
2015-11-07 18:30 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-07 18:28 - 2014-04-26 08:20 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-07 18:25 - 2015-07-18 19:34 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-07 18:25 - 2010-11-21 04:47 - 00061244 _____ C:\Windows\PFRO.log
2015-11-07 18:25 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-07 18:25 - 2009-07-14 05:51 - 02305393 _____ C:\Windows\setupact.log
2015-11-07 18:20 - 2015-07-18 19:36 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-11-07 18:20 - 2015-07-18 19:36 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-11-07 18:20 - 2014-11-30 08:03 - 00001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-11-07 18:20 - 2013-07-14 06:45 - 00001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-11-07 18:20 - 2013-01-22 18:35 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-11-07 18:20 - 2012-02-19 19:48 - 00001995 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
2015-11-07 18:20 - 2012-02-19 19:48 - 00001939 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2015-11-07 18:20 - 2012-02-19 19:48 - 00001918 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
2015-11-07 18:20 - 2011-01-01 11:35 - 00002395 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk
2015-11-07 18:20 - 2010-12-20 18:47 - 00001967 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hilfedokumentation von Dell.lnk
2015-11-07 18:20 - 2010-12-08 19:23 - 00001480 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2015-11-07 18:20 - 2010-12-08 19:23 - 00001364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2015-11-07 18:20 - 2010-12-08 19:23 - 00001295 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2015-11-07 18:20 - 2010-12-08 19:22 - 00002524 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2015-11-07 18:20 - 2010-12-08 19:14 - 00002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
2015-11-07 18:20 - 2009-07-14 05:57 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-11-07 18:20 - 2009-07-14 05:57 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2015-11-07 18:20 - 2009-07-14 05:57 - 00001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2015-11-07 18:20 - 2009-07-14 05:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2015-11-07 18:20 - 2009-07-14 05:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2015-11-07 18:19 - 2015-07-19 11:37 - 00001415 _____ C:\Users\Holgi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-11-07 18:19 - 2015-07-18 21:19 - 00001962 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-11-07 18:19 - 2015-07-12 15:45 - 00001066 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-11-07 18:19 - 2015-07-07 19:14 - 00002057 _____ C:\Users\Public\Desktop\MyPhoneExplorer.lnk
2015-11-07 18:19 - 2015-03-28 18:27 - 00002095 _____ C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2015.lnk
2015-11-07 18:19 - 2014-12-23 07:36 - 00002567 _____ C:\Users\Public\Desktop\Emu64.lnk
2015-11-07 18:19 - 2014-11-30 08:03 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-11-07 18:19 - 2014-09-15 06:01 - 00002208 _____ C:\Users\Public\Desktop\Google Earth.lnk
2015-11-07 18:19 - 2014-07-29 20:06 - 00001950 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2015-11-07 18:19 - 2014-05-08 14:14 - 00002095 _____ C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2014.lnk
2015-11-07 18:19 - 2014-04-26 08:20 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-11-07 18:19 - 2014-03-23 09:52 - 00001992 _____ C:\Users\Public\Desktop\Samsung Kies.lnk
2015-11-07 18:19 - 2014-03-23 09:52 - 00001990 _____ C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2015-11-07 18:19 - 2013-08-21 20:03 - 00001151 _____ C:\Users\Public\Desktop\HMA! Pro VPN.lnk
2015-11-07 18:19 - 2013-07-14 06:45 - 00001155 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-11-07 18:19 - 2013-05-17 16:21 - 00001235 _____ C:\Users\Public\Desktop\NAVIGON Fresh.lnk
2015-11-07 18:19 - 2013-03-10 10:18 - 00002095 _____ C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2013.lnk
2015-11-07 18:19 - 2013-03-08 08:46 - 00001011 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Netzmanager.lnk
2015-11-07 18:19 - 2013-03-08 08:46 - 00000999 _____ C:\Users\Public\Desktop\Netzmanager.lnk
2015-11-07 18:19 - 2013-01-22 18:35 - 00002015 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-11-07 18:19 - 2012-04-20 16:49 - 00002093 _____ C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2012.lnk
2015-11-07 18:19 - 2012-02-05 20:28 - 00001095 _____ C:\Users\Public\Desktop\GIMP 2.lnk
2015-11-07 18:19 - 2011-11-12 21:29 - 00001272 _____ C:\Users\Public\Desktop\Telekom Internet Manager.lnk
2015-11-07 18:19 - 2011-11-12 21:07 - 00002093 _____ C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2011.lnk
2015-11-07 18:19 - 2011-10-30 10:11 - 00002039 _____ C:\Users\Public\Desktop\WISO Sparbuch 2010.lnk
2015-11-07 18:19 - 2011-07-16 19:26 - 00000862 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-11-07 18:19 - 2010-12-31 16:34 - 00001565 _____ C:\Users\Public\Desktop\Acronis Online Backup.lnk
2015-11-07 18:19 - 2010-12-31 16:34 - 00001135 _____ C:\Users\Public\Desktop\Acronis True Image Home 2011.lnk
2015-11-07 18:19 - 2009-07-14 06:01 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2015-11-07 18:19 - 2009-07-14 05:49 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2015-11-07 18:18 - 2015-07-26 19:36 - 00001998 _____ C:\Users\Holgi\Desktop\Hitman Absolution Deluxe Professional Edition.lnk
2015-11-07 18:18 - 2015-07-11 06:54 - 00000833 _____ C:\Users\Holgi\Desktop\LGMobile Support Tool.lnk
2015-11-07 18:18 - 2015-07-01 21:47 - 00001175 _____ C:\Users\Holgi\Desktop\Auslogics DiskDefrag.lnk
2015-11-07 18:18 - 2015-01-05 07:59 - 00000923 _____ C:\Users\Holgi\Desktop\HTML Editor.lnk
2015-11-07 18:18 - 2014-11-30 07:57 - 00001270 _____ C:\Users\Holgi\Desktop\Revo Uninstaller.lnk
2015-11-07 18:18 - 2014-11-25 21:07 - 00002165 _____ C:\Users\Holgi\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2015-11-07 18:18 - 2014-09-13 14:08 - 00001227 _____ C:\Users\Holgi\Desktop\BmLauncher.exe.lnk
2015-11-07 18:18 - 2014-08-31 11:14 - 00001318 _____ C:\Users\Holgi\Desktop\WinRAR.exe - Verknüpfung.lnk
2015-11-07 18:18 - 2014-08-19 07:57 - 00001129 _____ C:\Users\Holgi\Desktop\CheckDrive.lnk
2015-11-07 18:18 - 2014-01-04 12:29 - 00002282 _____ C:\Users\Holgi\Desktop\Snowy Treasure Hunter.lnk
2015-11-07 18:18 - 2014-01-04 12:29 - 00002133 _____ C:\Users\Holgi\AppData\Roaming\Microsoft\Windows\Start Menu\MyPlayCity Games.lnk
2015-11-07 18:18 - 2013-12-01 12:01 - 00001126 _____ C:\Users\Holgi\Desktop\TWORuntimeStandAlone.exe - Verknüpfung.lnk
2015-11-07 18:18 - 2012-12-09 10:28 - 00001115 _____ C:\Users\Holgi\Desktop\DVDStyler.lnk
2015-11-07 18:18 - 2012-02-19 19:48 - 00002031 _____ C:\Users\Holgi\Desktop\JDownloader.lnk
2015-11-07 18:18 - 2012-01-19 20:30 - 00000974 _____ C:\Users\Holgi\Desktop\DigiFoto3.lnk
2015-11-07 18:18 - 2011-01-08 16:18 - 00001850 _____ C:\Users\Holgi\Desktop\Bus-Simulator 2009.lnk
2015-11-07 17:46 - 2009-07-14 05:45 - 00027456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-07 17:46 - 2009-07-14 05:45 - 00027456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-07 17:42 - 2014-11-18 20:24 - 00000000 ____D C:\Users\Holgi\Desktop\Bereinigung
2015-11-07 17:37 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Registration
2015-11-07 17:33 - 2011-01-04 21:26 - 00000000 ____D C:\Users\Holgi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-11-07 17:33 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-11-07 17:03 - 2015-06-23 19:51 - 00003484 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2015-11-07 16:32 - 2014-12-06 07:03 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-07 16:32 - 2014-12-06 07:03 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-07 16:31 - 2014-09-04 09:25 - 00000000 ____D C:\Users\Holgi\AppData\Local\Adobe
2015-11-07 08:10 - 2015-07-18 21:19 - 01059656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-11-07 08:10 - 2015-07-18 21:19 - 00449992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-11-06 15:02 - 2012-07-08 08:18 - 00000000 ____D C:\Users\Holgi\AppData\Roaming\vlc
2015-11-05 18:37 - 2015-02-11 18:22 - 00003814 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2015-11-05 18:28 - 2015-05-13 19:50 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-11-05 18:26 - 2015-02-27 19:52 - 00000000 ____D C:\Users\Holgi\Downloads\Film
2015-11-03 20:32 - 2015-07-18 21:19 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-11-02 21:47 - 2014-04-26 08:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-11-02 21:47 - 2014-04-26 08:20 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-11-02 21:21 - 2009-07-14 05:45 - 00306416 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-02 21:20 - 2014-11-30 08:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-02 21:11 - 2015-08-27 16:06 - 00000000 ____D C:\Users\Holgi\.oracle_jre_usage
2015-11-02 21:11 - 2014-10-15 18:58 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-11-02 21:11 - 2014-10-15 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-02 21:11 - 2014-10-15 18:57 - 00000000 ____D C:\Program Files (x86)\Java
2015-11-01 17:34 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-10-17 22:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-10-16 19:47 - 2013-08-15 21:10 - 00000000 ____D C:\Windows\system32\MRT
2015-10-16 19:35 - 2015-07-19 10:51 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-16 19:32 - 2010-12-20 20:04 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-11 15:45 - 2013-08-29 14:03 - 00000000 ____D C:\Users\Holgi\Desktop\Geschichten
2015-10-10 08:11 - 2015-07-19 13:42 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-10 08:11 - 2015-07-19 13:42 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-10 08:10 - 2015-07-18 21:19 - 00153744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-10-10 08:09 - 2015-07-18 21:19 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-10-10 08:09 - 2015-07-18 21:19 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-10-10 08:09 - 2015-07-18 21:19 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-10-10 08:09 - 2015-07-18 21:19 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-10-10 08:09 - 2015-07-18 21:19 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-10-10 08:08 - 2015-07-18 21:19 - 00132656 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2015-10-10 05:24 - 2015-07-19 18:01 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-09 21:43 - 2015-07-18 20:29 - 00000000 ____D C:\Windows\Panther
2015-10-09 21:36 - 2015-09-10 07:42 - 00000000 ___HD C:\$Windows.~BT
2015-10-09 02:01 - 2015-07-19 18:01 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-08 17:59 - 2015-08-12 19:37 - 821347918 _____ C:\Windows\MEMORY.DMP
2015-10-08 17:59 - 2015-08-12 19:37 - 00000000 ____D C:\Windows\Minidump

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-03-31 19:55 - 2012-05-15 09:33 - 1456640 _____ () C:\Program Files (x86)\Common Files\Falk Navi-Manager classic.msi
2011-01-01 13:50 - 2012-03-28 09:14 - 1456640 _____ () C:\Program Files (x86)\Common Files\Falk Navi-Manager.msi
2012-02-04 09:53 - 2012-02-04 09:53 - 0099384 _____ () C:\Users\Holgi\AppData\Roaming\inst.exe
2012-02-04 09:53 - 2012-02-04 09:53 - 0007859 _____ () C:\Users\Holgi\AppData\Roaming\pcouffin.cat
2012-02-04 09:53 - 2012-02-04 09:53 - 0001167 _____ () C:\Users\Holgi\AppData\Roaming\pcouffin.inf
2012-02-04 09:53 - 2012-02-04 09:53 - 0000055 _____ () C:\Users\Holgi\AppData\Roaming\pcouffin.log
2012-02-04 09:53 - 2012-02-04 09:53 - 0082816 _____ (VSO Software) C:\Users\Holgi\AppData\Roaming\pcouffin.sys
2012-01-26 20:30 - 2012-02-04 08:11 - 0001057 _____ () C:\Users\Holgi\AppData\Roaming\vso_ts_preview.xml
2015-08-03 17:56 - 2015-08-03 17:56 - 0007602 _____ () C:\Users\Holgi\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\Holgi\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Holgi\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Holgi\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\Holgi\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\Holgi\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Holgi\AppData\Local\Temp\SDShelEx-x64.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-01 00:18

==================== Ende von FRST.txt ============================
         
__________________

Alt 07.11.2015, 18:21   #4
seal.1
 
Viele Funde mit MBAM - Standard

Viele Funde mit MBAM



Addition.txt

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-11-2015
durchgeführt von Holgi (2015-11-07 18:34:25)
Gestartet von C:\Users\Holgi\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-07-18 19:39:29)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3276667617-2959320208-3705288580-500 - Administrator - Disabled)
Gast (S-1-5-21-3276667617-2959320208-3705288580-501 - Limited - Disabled)
Holgi (S-1-5-21-3276667617-2959320208-3705288580-1000 - Administrator - Enabled) => C:\Users\Holgi
HomeGroupUser$ (S-1-5-21-3276667617-2959320208-3705288580-1006 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.11.15 - STMicroelectronics)
Acronis*True*Image*Home 2011 (HKLM-x32\...\{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}) (Version: 14.0.6942 - Acronis)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 5.4.0.0 - Auslogics Labs Pty Ltd)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.4.2233 - AVAST Software)
Batman: Arkham Asylum Game of the Year Edition (HKLM-x32\...\{CFABC775-5386-4BA5-86B4-505BBD36E812}) (Version: 1.0.0.0 - Square Enix Limited)
Bullzip PDF Printer 10.7.0.2277 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.7.0.2277 - Bullzip)
Bus-Simulator 2009 (HKLM-x32\...\Bus-Simulator 2009_is1) (Version:  - astragon Software GmbH)
Call of Duty(R) - World at War(TM) 1.1 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.1 Patch (x32 Version: 1.1 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.2 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.2 Patch (x32 Version: 1.2 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.4 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.4 Patch (x32 Version: 1.4 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.5 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.5 Patch (x32 Version: 1.5 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
Canon Inkjet Printer Driver Add-On Module (HKLM\...\CANONIJINBOXADDON100) (Version:  - )
CanoScan LiDE 200 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4807) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version:  - )
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 4.4 - Abelssoft)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dell Data Vault (Version: 4.3.5.1 - Dell Inc.) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version:  - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.47 - Dell)
Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.2.0011 - Dell, Inc.)
Dell Dock (HKLM-x32\...\Dell Dock) (Version: 2.0 - Stardock Corporation)
Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.1.1.14 - Dell)
Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.35 - Creative Technology Ltd)
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.0.1 - CEWE COLOR AG u Co. OHG)
DVDStyler v2.3.4 (HKLM-x32\...\DVDStyler_is1) (Version:  - )
Emu64 V4.30 (HKLM-x32\...\{FB1EBA58-4829-4AE5-A9C8-7170E7BA7005}) (Version: 4.3.0003 - ALFSOFT)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
Hitman Absolution Deluxe Professional Edition 1.0.447 (HKLM-x32\...\Hitman Absolution Deluxe Professional Edition 1.0.447) (Version:  - )
HMA! Pro VPN 2.8.6.0 (HKLM-x32\...\HMA! Pro VPN) (Version: 2.8.6.0 - Privax Ltd)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6535d76a-59fb-4935-b2c5-cd61917c4a4b}) (Version: 17.16.0 - Intel Corporation)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.41.2 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.14.1 - LG Electronics)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Meine Dienste Software (HKLM\...\Meine Dienste Software) (Version: 1.0.1.3 - Telekom)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (DEU) (HKLM\...\{1DB0C90B-2A9F-3A1E-B1DF-616C5A2A1417}) (Version:  - )
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\...\MyFreeCodec) (Version:  - )
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
NAVIGON Fresh 3.4.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.4.1 - NAVIGON)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.071 - Deutsche Telekom AG)
Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
NVIDIA 3D Vision Treiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
PC Connectivity Solution (HKLM-x32\...\{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}) (Version: 12.0.17.0 - Nokia)
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.8.5 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.01 - Roxio)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Snowy Treasure Hunter (HKLM-x32\...\Snowy Treasure Hunter_is1) (Version: 1.0 - MyPlayCity, Inc.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.4.0 - Synaptics Incorporated)
Telekom Internet Manager (HKLM-x32\...\Telekom Internet Manager) (Version: 11.301.05.05.748 - Huawei Technologies Co.,Ltd)
Toolbar 3.0 der Telekom x64 (HKLM\...\Toolbar3 x64_is1) (Version: 3.0.2 (3) - Deutsche Telekom AG)
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.10.2 - Tweaking.com)
Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VueScan (HKLM-x32\...\VueScan) (Version:  - )
Windows Driver Package - Hamrick Software Image  (1/8/1999 1.0) (HKLM\...\0DB87D30776CD338CFA6B6217DCA1796A4C60715) (Version: 1/8/1999 1.0 - Hamrick Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live OneCare safety scanner (HKLM-x32\...\Windows Live OneCare safety scanner) (Version:  - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
WISO Sparbuch 2010 (HKLM-x32\...\{46B70DEB-97B3-4E38-B746-EC16905E6A8F}) (Version: 17.00.6531 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2011 (HKLM-x32\...\{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}) (Version: 18.00.6928 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2012 (HKLM-x32\...\{0CC1DAFB-40C8-4903-953D-471E541477C7}) (Version: 19.00.7303 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2013 (HKLM-x32\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{AC9476C8-C555-4127-B3B5-0DEA9982F691}) (Version: 21.00.8480 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2015 (HKLM-x32\...\{CF569C20-A897-45AB-B595-A6E4C46F5C41}) (Version: 22.00.8811 - Buhl Data Service GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

16-10-2015 19:23:09 Windows Update
23-10-2015 21:15:50 Geplanter Prüfpunkt
25-10-2015 05:38:47 Windows Update
03-11-2015 21:55:12 Geplanter Prüfpunkt
06-11-2015 07:38:05 Revo Uninstaller's restore point - Exact Audio Copy 1.1
06-11-2015 08:07:14 Revo Uninstaller's restore point - Wajam
06-11-2015 08:09:16 Revo Uninstaller's restore point - AVG PC TuneUp 2015
06-11-2015 08:09:56 AVG PC TuneUp 2015 wird entfernt
06-11-2015 08:10:56 AVG PC TuneUp 2015 (de-DE) wird entfernt
06-11-2015 08:17:54 Revo Uninstaller's restore point - Audiograbber MP3-Plugin
06-11-2015 18:42:40 Revo Uninstaller's restore point - Browser-Security
07-11-2015 16:52:06 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2014-11-25 22:06 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {043C4A89-D999-419D-9B75-95C31AB1709F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {10B55E9F-8EFF-4818-B227-6A7A2AD4A40E} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-05-25] (PC-Doctor, Inc.)
Task: {1B241653-2F7E-40CE-9754-3C36264592D9} - System32\Tasks\{BE14172C-77D4-4388-9396-9224263C2F73} => C:\Users\Holgi\Downloads\Drucker\n1220un650uxp571cde\N065USG\CANOIT32.EXE
Task: {2890385C-0040-46BF-BEF3-EF49A12AEF69} - System32\Tasks\{E663369F-0D0C-43C2-AF00-F925DB8C053F} => pcalua.exe -a C:\Users\Holgi\Desktop\activescan2_de.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {2EF10E00-F778-4E45-89E1-841A356724E5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {3CC747E1-8AEE-4E81-A133-0113B844A01F} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {60DD2E85-8ADB-4E7E-A65B-7867F0357B2C} - \SidebarExecute -> Keine Datei <==== ACHTUNG
Task: {75CC3F7C-C678-4205-89F4-777E392410BC} - System32\Tasks\{E9A38163-DBF4-4557-958A-DDD3201F8303} => pcalua.exe -a C:\Users\Holgi\Downloads\agsetup.exe -d C:\Users\Holgi\Downloads
Task: {83C53294-F6FB-46C0-B532-07418F5A220C} - System32\Tasks\{64354971-86FB-4918-8AF8-1D957A46373F} => C:\Spiele\Sherlock Holmes\Sherlock Holmes jagt Arsene Lupin\game.exe
Task: {89AD2C6C-452E-4BF9-9ED8-02BC21F4C99E} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-05-25] (PC-Doctor, Inc.)
Task: {A1A3DDC0-BB8A-45E2-9E9A-34D8F8EB9624} - System32\Tasks\{01308888-5B4A-44D9-9F6F-0D62ADEBC2BE} => pcalua.exe -a C:\Users\Holgi\Downloads\internet_video_converter_2.10_en_ansi_std_setup.exe -d C:\Users\Holgi\Downloads
Task: {BF7C20EC-FD6C-4455-9F32-E0100F43833F} - System32\Tasks\{44D190DB-F0B8-41E0-9CBD-3947F8B60D39} => pcalua.exe -a "C:\Users\Holgi\Desktop\digitaler Tacho\SiemensSequenceSetup.exe" -d "C:\Users\Holgi\Desktop\digitaler Tacho"
Task: {D2E0603E-1268-4DBE-AA31-508AE3F62A19} - System32\Tasks\{C760D34C-3CE2-45B5-8F6B-AA2B6BE30E37} => pcalua.exe -a C:\Users\Holgi\Desktop\Kartenupdate\2012-1_F_M.exe -d C:\Users\Holgi\Desktop\Kartenupdate
Task: {EF9672E3-CDC5-4719-AED4-FE5571FBC4F7} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-09-30] (Dell Inc.)
Task: {FF136E9A-1160-4395-BA32-0456E899EF05} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-10-10] (AVAST Software)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-18 19:34 - 2013-11-11 16:02 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-08-19 09:52 - 2010-08-19 09:52 - 00229376 _____ () C:\ProgramData\DatacardService\DCService.exe
2010-12-08 19:07 - 2010-09-24 17:21 - 00727664 _____ () C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
2010-02-09 20:34 - 2010-02-09 20:34 - 01807680 _____ () C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
2015-10-10 08:09 - 2015-10-10 08:09 - 00103376 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-10-10 08:09 - 2015-10-10 08:09 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-11-07 16:22 - 2015-11-07 16:22 - 02990592 _____ () C:\Program Files\AVAST Software\Avast\defs\15110700\algo.dll
2010-12-08 19:08 - 2010-08-12 01:19 - 00056544 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STCoreXml.dll
2010-12-08 19:08 - 2010-08-12 01:19 - 00113888 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll
2010-12-08 19:08 - 2010-08-12 01:19 - 00126176 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
2010-02-09 20:34 - 2010-02-09 20:34 - 00275776 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
2010-02-09 20:34 - 2010-02-09 20:34 - 00058688 _____ () C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
2010-02-09 20:34 - 2010-02-09 20:34 - 00095552 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
2010-02-09 20:34 - 2010-02-09 20:34 - 00046400 _____ () C:\Program Files (x86)\Dell DataSafe Online\de\SdbUI.resources.dll
2010-02-09 20:34 - 2010-02-09 20:34 - 00365888 _____ () C:\Program Files (x86)\Dell DataSafe Online\de\DataSafeOnline.resources.dll
2010-02-09 20:34 - 2010-02-09 20:34 - 00152896 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
2010-02-09 20:34 - 2010-02-09 20:34 - 00017728 _____ () C:\Program Files (x86)\Dell DataSafe Online\cpputils.dll
2010-02-09 20:34 - 2010-02-09 20:34 - 00062784 _____ () C:\Program Files (x86)\Dell DataSafe Online\de\SdbShared.resources.dll
2011-09-22 21:20 - 2011-09-22 21:20 - 11233136 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\Common\ti_managers.dll
2015-10-10 08:09 - 2015-10-10 08:09 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-07-19 14:03 - 2015-07-19 14:03 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3d576cbc4ffc5ad06fd61510c5d8f326\IsdiInterop.ni.dll
2010-12-08 19:05 - 2010-03-04 03:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\...\dell.com -> dell.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3276667617-2959320208-3705288580-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Holgi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WISO Mein Steuer-Sparbuch heute.lnk => C:\Windows\pss\WISO Mein Steuer-Sparbuch heute.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Holgi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dell Dock.lnk => C:\Windows\pss\Dell Dock.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Holgi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: NokiaOviSuite2 => C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: SAOB Monitor => C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [UDP Query User{B25F2246-5F63-4E9E-9119-A0ACD35C338E}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{237228FE-66CC-41EC-B5D7-BDE9369D349E}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{CD029E10-EB43-4366-9E3F-4CA9D950C09F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{4589439F-A3F8-4C4B-BFDF-A2057A797929}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{AC326B24-519F-497F-B774-E384FB7651B0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{824A8337-40C9-4A8C-985B-3F01AF05B54E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{4FAF9312-6553-4812-9C41-E95369BF6DCB}C:\spiele\batman\binaries\shippingpc-bmgame.exe] => (Block) C:\spiele\batman\binaries\shippingpc-bmgame.exe
FirewallRules: [TCP Query User{09F52AF3-2894-45BB-BB3A-DB4F36DFBE94}C:\spiele\batman\binaries\shippingpc-bmgame.exe] => (Block) C:\spiele\batman\binaries\shippingpc-bmgame.exe
FirewallRules: [{773E35B6-6D81-4EBF-982D-CCDDC869C299}] => (Block) %ProgramFiles% (x86)\Microsoft Games for Windows - LIVE\Client\GFWLive.exe
FirewallRules: [{B2CC0B18-B685-41B9-B0BA-94EC7B731F6E}] => (Block) %SystemDrive%\Spiele\Batman\Binaries\BmLauncher.exe
FirewallRules: [{332C345D-8F77-48FD-8AB0-A8FD6BA04D96}] => (Allow) C:\Spiele\Batman\Binaries\ShippingPC-BmGame.exe
FirewallRules: [{F325FBA9-105F-4B09-ACEA-914B328B6BB1}] => (Allow) C:\Spiele\Batman\Binaries\ShippingPC-BmGame.exe
FirewallRules: [{0A1B062B-3FF7-4A63-9A58-142F434410EA}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{913F6BEA-6AE0-4DFB-B4F7-E2B13C308E77}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{1141DC4D-D863-4C85-8501-9E2140F6F02F}] => (Block) %SystemDrive%\Spiele\Battlefield 3\Battlefield 3\bf3.exe
FirewallRules: [UDP Query User{1EF2BA56-43C0-448A-B439-D414C2296E27}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{50132BBC-8222-4722-80DA-9F4366E55502}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{7F01E816-B1C7-4AF1-9F8C-C59C46B11479}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CA0DF5C7-4799-48F7-B3A4-852368ACE6B3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{54525941-34D7-403F-9976-B0F708365D64}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{15CFE174-9D5E-48D8-9C63-29D16BA89798}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{B12641BB-9EF2-436D-A762-AEDE971DC3A9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7A63AE4A-E303-4430-9674-51E91339D17C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{09EF8F80-786D-4DD8-AADE-2A2A921AA2C3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{106E1870-36C7-4081-862C-32D74BAEC982}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FE3FD1F4-D253-4415-B9B6-82A6B0611D91}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D5932018-C7D5-4A13-9D0B-1E96C2DD8DB6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [UDP Query User{BEAB4A23-01B9-4028-A93F-6C1CB1A247ED}C:\spiele\golf\tworuntimestandalone.exe] => (Block) C:\spiele\golf\tworuntimestandalone.exe
FirewallRules: [TCP Query User{B195538A-27A6-4F0F-B254-49E5F614DFF8}C:\spiele\golf\tworuntimestandalone.exe] => (Block) C:\spiele\golf\tworuntimestandalone.exe
FirewallRules: [{E1FCE2A5-2DC7-487C-83BC-A562BA7BB804}] => (Allow) C:\Spiele\James Bond\Bond.exe
FirewallRules: [{BEB49BFD-5714-4867-80B9-5840A09E799C}] => (Allow) C:\Spiele\James Bond\Bond.exe
FirewallRules: [UDP Query User{5396DF1A-057B-42DA-BB96-41160C5178F1}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{BFDAD360-E496-4147-95B3-DD1463B02520}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{C0678F6E-99C6-428B-B997-13EF3C34CF62}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{047C784F-24BB-4219-A2F2-C3EDD94DCF37}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{FC2132E7-39DB-46B8-9EEF-DE4766F2AABF}C:\windows\syswow64\java.exe] => (Allow) C:\windows\syswow64\java.exe
FirewallRules: [TCP Query User{62CAFF67-4ED5-41CB-96AD-30BD37BF30E6}C:\windows\syswow64\java.exe] => (Allow) C:\windows\syswow64\java.exe
FirewallRules: [{3EFD8B1A-10E8-4455-B261-0C0BCE0DD38A}] => (Allow) D:\DVD-Start.exe
FirewallRules: [{29398EEB-2327-496C-8D67-51DA086CB626}] => (Allow) D:\DVD-Start.exe
FirewallRules: [{7F302EC6-0094-4192-B939-B4367DA155F3}] => (Allow) D:\DVD-Start.exe
FirewallRules: [{26A356F4-D45F-41CF-97C1-244EEFE63B56}] => (Allow) D:\DVD-Start.exe
FirewallRules: [UDP Query User{4E4494A0-B9BA-4F57-A068-8C2DDD6A13BD}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{91FA5908-411A-4B44-A7AA-F6F4EF110C7F}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{83D2F237-C363-4AAE-B8FD-5CFB93214DC7}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{F2F03895-FA9C-45E6-A560-4A5F77D6A4B6}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{8F2AC02A-8713-4ECC-8769-5D0F37BAC538}] => (Allow) LPort=1900
FirewallRules: [{25C491EA-650E-43C0-B869-7EF3F3F69040}] => (Allow) LPort=2869
FirewallRules: [{D262DFBD-BD72-4420-8FD7-C7A6AB1935C1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{EBC28E04-64A8-40B8-9D75-3D1B3D08D406}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6A841AC1-DC76-4587-B497-7F836C4DB866}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{551ED04A-F368-459B-A394-CB41DF57CA90}C:\spiele\golf\tworuntimestandalone.exe] => (Block) C:\spiele\golf\tworuntimestandalone.exe
FirewallRules: [UDP Query User{26045591-447C-4DD3-9DA2-A6D94121ACE2}C:\spiele\golf\tworuntimestandalone.exe] => (Block) C:\spiele\golf\tworuntimestandalone.exe
FirewallRules: [TCP Query User{93FF09E4-F02F-44ED-B3A0-649B75C7A138}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Block) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{5F56AE1F-1AB4-48D1-8009-1C56A7A62315}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Block) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{0C17B6FE-2533-4127-8446-F32BF89691C4}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{0927BAB3-18D1-4578-B73D-F39D92E84498}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/07/2015 06:27:55 PM) (Source: Swapdrive Backup) (EventID: 0) (User: )
Description: Swapdrive Backup: Web Service Error: System.Net.WebException: Die Verbindung mit dem Remoteserver kann nicht hergestellt werden. ---> System.Net.Sockets.SocketException: Ein Verbindungsversuch ist fehlgeschlagen, da die Gegenstelle nach einer bestimmten Zeitspanne nicht richtig reagiert hat, oder die hergestellte Verbindung war fehlerhaft, da der verbundene Host nicht reagiert hat 63.245.197.212:443
   bei System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress)
   bei System.Net.Sockets.Socket.InternalConnect(EndPoint remoteEP)
   bei System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Int32 timeout, Exception& exception)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.Net.HttpWebRequest.GetRequestStream(TransportContext& context)
   bei System.Net.HttpWebRequest.GetRequestStream()
   bei System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
   bei Swapdrive.Shared.com.backup.uswsvcdell.Service.GetInfo(GetInfoRequest req)
   bei Swapdrive.Shared.ActivationWsvcs.GetInfo()

Error: (11/07/2015 06:25:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/07/2015 05:40:45 PM) (Source: Swapdrive Backup) (EventID: 0) (User: )
Description: Swapdrive Backup: Web Service Error: System.Net.WebException: Die Verbindung mit dem Remoteserver kann nicht hergestellt werden. ---> System.Net.Sockets.SocketException: Ein Verbindungsversuch ist fehlgeschlagen, da die Gegenstelle nach einer bestimmten Zeitspanne nicht richtig reagiert hat, oder die hergestellte Verbindung war fehlerhaft, da der verbundene Host nicht reagiert hat 63.245.197.212:443
   bei System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress)
   bei System.Net.Sockets.Socket.InternalConnect(EndPoint remoteEP)
   bei System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Int32 timeout, Exception& exception)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.Net.HttpWebRequest.GetRequestStream(TransportContext& context)
   bei System.Net.HttpWebRequest.GetRequestStream()
   bei System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
   bei Swapdrive.Shared.com.backup.uswsvcdell.Service.GetInfo(GetInfoRequest req)
   bei Swapdrive.Shared.ActivationWsvcs.GetInfo()

Error: (11/07/2015 05:38:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/06/2015 08:10:56 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: Holgi-PC)
Description: Die Anwendung oder der Dienst "AVG PC TuneUp Service" konnte nicht neu gestartet werden.

Error: (11/02/2015 09:25:03 PM) (Source: Swapdrive Backup) (EventID: 0) (User: )
Description: Swapdrive Backup: Web Service Error: System.Net.WebException: Die Verbindung mit dem Remoteserver kann nicht hergestellt werden. ---> System.Net.Sockets.SocketException: Ein Verbindungsversuch ist fehlgeschlagen, da die Gegenstelle nach einer bestimmten Zeitspanne nicht richtig reagiert hat, oder die hergestellte Verbindung war fehlerhaft, da der verbundene Host nicht reagiert hat 63.245.197.212:443
   bei System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress)
   bei System.Net.Sockets.Socket.InternalConnect(EndPoint remoteEP)
   bei System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Int32 timeout, Exception& exception)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.Net.HttpWebRequest.GetRequestStream(TransportContext& context)
   bei System.Net.HttpWebRequest.GetRequestStream()
   bei System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
   bei Swapdrive.Shared.com.backup.uswsvcdell.Service.GetInfo(GetInfoRequest req)
   bei Swapdrive.Shared.ActivationWsvcs.GetInfo()

Error: (11/02/2015 09:22:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/31/2015 12:44:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 41.0.2.5765, Zeitstempel: 0x561ef9f1
Name des fehlerhaften Moduls: mozglue.dll, Version: 41.0.2.5765, Zeitstempel: 0x561ee53f
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ec91
ID des fehlerhaften Prozesses: 0x1b34
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (10/16/2015 08:07:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/15/2015 06:52:35 PM) (Source: ESENT) (EventID: 454) (User: )
Description: wuaueng.dll (1160) SUS20ClientDataStore: Bei Datenbankwiederherstellung trat ein unerwarteter Fehler -1032 auf.


Systemfehler:
=============
Error: (11/07/2015 05:35:36 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (11/06/2015 08:01:32 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "ihpmServer" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (11/04/2015 03:35:31 PM) (Source: Schannel) (EventID: 4114) (User: NT-AUTORITÄT)
Description: Das vom Remoteserver erhaltene Zertifikat wurde von einer nicht vertrauenswürdigen Zertifizierungsstelle ausgestellt. Aus diesem Grund können keine der im Zertifikat enthalten Daten verifiziert werden. Fehler bei der SSL-Verbindungsanforderung. Die angehängten Daten enthalten das Serverzertifikat.

Error: (11/04/2015 03:35:31 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 48. Der interne Fehlerstatus lautet: 552.

Error: (11/03/2015 09:16:35 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "LAP-KUEMO",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{C89C2341-DECE-4F90-A0FD-65356F4EFB31}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (11/01/2015 07:58:49 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "JANNIK-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{C89C2341-DECE-4F90-A0FD-65356F4EFB31}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (11/01/2015 07:22:50 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "JANNIK-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{C89C2341-DECE-4F90-A0FD-65356F4EFB31}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (11/01/2015 06:53:25 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "JANNIK-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{C89C2341-DECE-4F90-A0FD-65356F4EFB31}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (11/01/2015 06:41:30 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "JANNIK-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{C89C2341-DECE-4F90-A0FD-65356F4EFB31}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (10/21/2015 07:38:35 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.


CodeIntegrity:
===================================
  Date: 2015-11-06 08:05:52.655
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-06 08:05:52.578
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-06 08:05:52.281
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-06 08:05:52.173
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-19 20:25:32.945
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-19 20:25:32.664
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-06-13 19:35:46.458
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\DAFB.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-06-13 19:35:46.411
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\DAFB.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-06-13 19:07:27.678
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\DAFB.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-06-13 19:07:27.631
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\DAFB.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7 CPU Q 740 @ 1.73GHz
Prozentuale Nutzung des RAM: 30%
Installierter physikalischer RAM: 8124.38 MB
Verfügbarer physikalischer RAM: 5625.37 MB
Summe virtueller Speicher: 16246.96 MB
Verfügbarer virtueller Speicher: 13260.06 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:581.48 GB) (Free:311.8 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: FA3F015A)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=581.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 08.11.2015, 19:48   #5
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Viele Funde mit MBAM - Standard

Viele Funde mit MBAM





Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.


Los geht's:

Schritt 1

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 08.11.2015, 20:15   #6
seal.1
 
Viele Funde mit MBAM - Standard

Viele Funde mit MBAM



Hi Jürgen,

danke für die schnelle Antwort. Habe ich mir neben Adware noch etwas eingefangen? Mir machte nur die Menge der Funde von MBAM etwas Sorgen (83) und dabei wurde ein Fund mit "Malware" gekennzeichnet.

Hier das Ergebnis von AdwCleaner.

Code:
ATTFilter
# AdwCleaner v5.019 - Bericht erstellt am 08/11/2015 um 21:04:47
# Aktualisiert am 08/11/2015 von Xplode
# Datenbank : 2015-11-08.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Holgi - HOLGI-PC
# Gestartet von : C:\Users\Holgi\Desktop\adwcleaner_5.019.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\6skugad3.default-1437192079831\foxydeal.sqlite
[-] Datei Gelöscht : C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\6skugad3.default-1437192079831\user.js

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec

***** [ Internetbrowser ] *****

[-] [C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\6skugad3.default-1437192079831\prefs.js] [Preference] Gelöscht : user_pref("browser.search.hiddenOneOffs", "Bing,LEO Eng-Deu,mystartsearch,Wikipedia (de)");
[-] [C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\6skugad3.default-1437192079831\prefs.js] [Preference] Gelöscht : user_pref("extensions.quick_start.enable_search1", false);
[-] [C:\Users\Holgi\AppData\Roaming\Mozilla\Firefox\Profiles\6skugad3.default-1437192079831\prefs.js] [Preference] Gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C6].txt - [1761 Bytes] ##########
         

Alt 08.11.2015, 20:20   #7
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Viele Funde mit MBAM - Standard

Viele Funde mit MBAM



Schauen wir noch was ESET findet:

Schritt 1

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 10.11.2015, 04:39   #8
seal.1
 
Viele Funde mit MBAM - Standard

Viele Funde mit MBAM



Hier die Ergebnisse.

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
Can not extract cabC:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScanner.cabErr:Der Vorgang wurde erfolgreich beendet.
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
Can not extract cabC:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScanner.cabErr:Der Vorgang wurde erfolgreich beendet.
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
Can not extract cabC:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScanner.cabErr:Der Vorgang wurde erfolgreich beendet.
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
Can not extract cabC:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScanner.cabErr:Der Vorgang wurde erfolgreich beendet.
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
Can not extract cabC:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScanner.cabErr:Der Vorgang wurde erfolgreich beendet.
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=6232015246049c46accb6fbc44ffb8b5
# end=init
# utc_time=2015-11-09 09:06:31
# local_time=2015-11-09 10:06:31 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 26641
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=6232015246049c46accb6fbc44ffb8b5
# end=updated
# utc_time=2015-11-09 09:27:43
# local_time=2015-11-09 10:27:43 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=6232015246049c46accb6fbc44ffb8b5
# engine=26641
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-11-09 11:56:58
# local_time=2015-11-10 12:56:58 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 88 199176 9862707 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 9803648 198743268 0 0
# scanned=240503
# found=0
# cleaned=0
# scan_time=8954
         

Alt 10.11.2015, 18:03   #9
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Viele Funde mit MBAM - Standard

Viele Funde mit MBAM



Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 11.11.2015, 19:42   #10
seal.1
 
Viele Funde mit MBAM - Standard

Viele Funde mit MBAM



Nö, keine besonderen Probleme. Läuft wie die ganze Zeit. Hatte ich mir neben Adware noch etwas eingefangen?

Alt 12.11.2015, 21:10   #11
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Viele Funde mit MBAM - Standard

Viele Funde mit MBAM



Nö...



Wir haben es geschafft!
Die Logs sehen für mich im Moment sauber aus.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.
Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen.




Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.



Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken (z.B. hier) in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.

Meine Kauf-Empfehlung:


ESET Smart Security

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware scannen.

Optional:
NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Antwort

Themen zu Viele Funde mit MBAM
anschluss, audiograbber, avast, bot, browser, einstellungen, explorer, firefox, harddisk, ics, install.exe, installation, internet, internet explorer, log, malwarebytes, mozilla, neue, neustart, port, registry, scan, service.exe, software, system, temp, windows



Ähnliche Themen: Viele Funde mit MBAM


  1. WIN7 64bit - MBAM mehrer Funde
    Log-Analyse und Auswertung - 24.06.2015 (10)
  2. Mbam Funde auf Win 7, plötzliche Neustarts
    Log-Analyse und Auswertung - 22.11.2014 (7)
  3. Viele Funde via MBAM Windows 8, kein log file gespeichert?
    Log-Analyse und Auswertung - 12.11.2014 (7)
  4. Diverse Funde mit MBAM
    Plagegeister aller Art und deren Bekämpfung - 15.10.2014 (5)
  5. Windows 7: 30 Funde mbam, 2 Funde avira
    Log-Analyse und Auswertung - 30.08.2014 (12)
  6. Sweetpage und mehrere Funde von MBAM und ESET
    Log-Analyse und Auswertung - 29.06.2014 (23)
  7. mehr als 1000 Funde von MBAM
    Plagegeister aller Art und deren Bekämpfung - 17.06.2014 (32)
  8. Vista: Viele Funde durch MBAM, Zugangsprobleme Internet, PC langsam
    Log-Analyse und Auswertung - 04.03.2014 (11)
  9. MBAM hat 16 Funde gemeldet
    Plagegeister aller Art und deren Bekämpfung - 17.02.2014 (14)
  10. Windows 8.1: evtl. BKA-Virus und Funde durch MBAM
    Log-Analyse und Auswertung - 20.12.2013 (13)
  11. Funde mit mbam und Avast
    Plagegeister aller Art und deren Bekämpfung - 24.09.2013 (11)
  12. Windows 7: Funde mit MBAM / entrusted toolbar gefunden
    Log-Analyse und Auswertung - 15.09.2013 (9)
  13. Malwarebytes Log - Viele Funde
    Log-Analyse und Auswertung - 08.09.2013 (7)
  14. Bundestrojaner, MBAM keine Funde, OTL Log
    Plagegeister aller Art und deren Bekämpfung - 24.07.2013 (7)
  15. MBAM Logs Trojaner Funde
    Log-Analyse und Auswertung - 04.02.2011 (1)
  16. MBAM 6 Funde - Trojaner TR/Spy.Bebloh.A.14
    Log-Analyse und Auswertung - 07.10.2009 (12)
  17. Mehrere Funde bei Mbam
    Plagegeister aller Art und deren Bekämpfung - 17.04.2009 (0)

Zum Thema Viele Funde mit MBAM - Hallo, ich hatte mir vor Kurzem den Audiograbber heruntergeladen und im Anschluss auch das mp3plugin von deren Homepage. Bei der Installation wurde wohl jede Menge Müll mitinstalliert. Einiges habe ich - Viele Funde mit MBAM...
Archiv
Du betrachtest: Viele Funde mit MBAM auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.