Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Rechner ist langsamer und zeigt bestimmte Elemente in der Taskleiste nicht mehr an

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 28.11.2015, 13:02   #1
svener
 
Rechner ist langsamer und zeigt bestimmte Elemente in der Taskleiste nicht mehr an - Standard

Rechner ist langsamer und zeigt bestimmte Elemente in der Taskleiste nicht mehr an



Liebe Community,

seit geraumer Zeit fährt mein Rechner sehr langsam hoch. Weiterhin werden bestimmte Elemente wie die Netzwerkverbindung in der Taskleiste nicht mehr angezeigt und mein Antivir lässt sich auch nicht mehr starten. Der Rechner schafft es auch nicht mehr selbstständig sich mit der Uhrzeit/ Datum zu synchronisieren.

Über Eure Hilfe würde ich mich sehr freuen.

Beste Grüße
Sven

Alt 28.11.2015, 13:16   #2
M-K-D-B
/// TB-Ausbilder
 
Rechner ist langsamer und zeigt bestimmte Elemente in der Taskleiste nicht mehr an - Standard

Rechner ist langsamer und zeigt bestimmte Elemente in der Taskleiste nicht mehr an






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!


Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:



Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)






Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________


Alt 28.11.2015, 13:52   #3
svener
 
Rechner ist langsamer und zeigt bestimmte Elemente in der Taskleiste nicht mehr an - Standard

Rechner ist langsamer und zeigt bestimmte Elemente in der Taskleiste nicht mehr an



Hallo Matthias,

besten Dank für Deine schnelle Antwort. Nachfolgend findest Du die Logfiles.

Code:
ATTFilter
13:36:35.0853 0x108c  TDSS rootkit removing tool 3.1.0.6 Nov 16 2015 12:17:23
13:36:40.0221 0x108c  ============================================================
13:36:40.0221 0x108c  Current date / time: 2015/11/28 13:36:40.0221
13:36:40.0221 0x108c  SystemInfo:
13:36:40.0221 0x108c  
13:36:40.0221 0x108c  OS Version: 6.1.7601 ServicePack: 1.0
13:36:40.0221 0x108c  Product type: Workstation
13:36:40.0221 0x108c  ComputerName: SV-PC
13:36:40.0221 0x108c  UserName: Sven
13:36:40.0221 0x108c  Windows directory: C:\Windows
13:36:40.0221 0x108c  System windows directory: C:\Windows
13:36:40.0221 0x108c  Running under WOW64
13:36:40.0221 0x108c  Processor architecture: Intel x64
13:36:40.0221 0x108c  Number of processors: 4
13:36:40.0221 0x108c  Page size: 0x1000
13:36:40.0221 0x108c  Boot type: Normal boot
13:36:40.0221 0x108c  ============================================================
13:36:40.0424 0x108c  KLMD registered as C:\Windows\system32\drivers\26264645.sys
13:36:40.0783 0x108c  System UUID: {B055BD81-F81F-105F-7E23-125DD59C2225}
13:36:41.0282 0x108c  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:36:41.0297 0x108c  ============================================================
13:36:41.0297 0x108c  \Device\Harddisk0\DR0:
13:36:41.0297 0x108c  MBR partitions:
13:36:41.0297 0x108c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A5E800, BlocksNum 0x32000
13:36:41.0297 0x108c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A90800, BlocksNum 0x2399DAB0
13:36:41.0297 0x108c  ============================================================
13:36:41.0329 0x108c  C: <-> \Device\Harddisk0\DR0\Partition2
13:36:41.0329 0x108c  ============================================================
13:36:41.0329 0x108c  Initialize success
13:36:41.0329 0x108c  ============================================================
13:36:56.0227 0x0b0c  ============================================================
13:36:56.0227 0x0b0c  Scan started
13:36:56.0227 0x0b0c  Mode: Manual; SigCheck; TDLFS; 
13:36:56.0227 0x0b0c  ============================================================
13:36:56.0227 0x0b0c  KSN ping started
13:37:09.0986 0x0b0c  KSN ping finished: true
13:37:11.0998 0x0b0c  ================ Scan system memory ========================
13:37:11.0998 0x0b0c  System memory - ok
13:37:11.0998 0x0b0c  ================ Scan services =============================
13:37:12.0201 0x0b0c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
13:37:12.0279 0x0b0c  1394ohci - ok
13:37:12.0341 0x0b0c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:37:12.0357 0x0b0c  ACPI - ok
13:37:12.0419 0x0b0c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
13:37:12.0451 0x0b0c  AcpiPmi - ok
13:37:12.0575 0x0b0c  [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
13:37:12.0591 0x0b0c  Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
13:37:15.0305 0x0b0c  Detect skipped due to KSN trusted
13:37:15.0305 0x0b0c  Adobe LM Service - ok
13:37:15.0461 0x0b0c  [ 41D15EAD554396BF35B7C5246AD47A28, 456835B33E95D083CD0076F06B591D63FB969025940A5CFD87CAB37C658B6855 ] Adobe Version Cue CS2 c:\Progra~2\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
13:37:15.0477 0x0b0c  Adobe Version Cue CS2 - detected UnsignedFile.Multi.Generic ( 1 )
13:37:18.0207 0x0b0c  Detect skipped due to KSN trusted
13:37:18.0207 0x0b0c  Adobe Version Cue CS2 - ok
13:37:18.0316 0x0b0c  [ 11A52CF7B265631DEEB24C6149309EFF, CBA25D358185FD4BE261C6C1B518AD60F5D27D5FB418098AB262B10F5A11C178 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:37:18.0332 0x0b0c  AdobeARMservice - ok
13:37:18.0503 0x0b0c  [ 280A526E8111AC6A5BCC1A059E1E0340, FB92DDAE29A097D148AB23D8A0BD2B9E662EC1DBF0DA8B716374D6919B4C646F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:37:18.0519 0x0b0c  AdobeFlashPlayerUpdateSvc - ok
13:37:18.0613 0x0b0c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
13:37:18.0644 0x0b0c  adp94xx - ok
13:37:18.0675 0x0b0c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
13:37:18.0706 0x0b0c  adpahci - ok
13:37:18.0737 0x0b0c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
13:37:18.0753 0x0b0c  adpu320 - ok
13:37:18.0784 0x0b0c  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:37:18.0800 0x0b0c  AeLookupSvc - ok
13:37:18.0878 0x0b0c  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
13:37:18.0893 0x0b0c  AFD - ok
13:37:18.0956 0x0b0c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
13:37:18.0956 0x0b0c  agp440 - ok
13:37:18.0987 0x0b0c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
13:37:19.0003 0x0b0c  ALG - ok
13:37:19.0049 0x0b0c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:37:19.0065 0x0b0c  aliide - ok
13:37:19.0127 0x0b0c  [ 3D90CF67DB75823A8480E56BBCD2E028, 775D58B99ACA606D434713BC00132D43061C37CFEEAECD194FCFDF45792944A3 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:37:19.0159 0x0b0c  AMD External Events Utility - ok
13:37:19.0205 0x0b0c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
13:37:19.0221 0x0b0c  amdide - ok
13:37:19.0268 0x0b0c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
13:37:19.0283 0x0b0c  AmdK8 - ok
13:37:19.0517 0x0b0c  [ 52679612D742BF74CA1BA6AB86DDF431, 9D7A8FA8952519AD83CD36038F85B958BC97D1A25596EDC01CA1F6DD45DB542A ] amdkmdag        C:\Windows\system32\DRIVERS\atipmdag.sys
13:37:19.0689 0x0b0c  amdkmdag - ok
13:37:19.0783 0x0b0c  [ 414E0788920A8C856032BE2CBF29F984, 2DD027ADA24C871167C80A2F5C5ED5CB3AEA1E3A4E8C5FD352FA82C33B24479B ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
13:37:19.0798 0x0b0c  amdkmdap - ok
13:37:19.0845 0x0b0c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
13:37:19.0861 0x0b0c  AmdPPM - ok
13:37:19.0907 0x0b0c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:37:19.0923 0x0b0c  amdsata - ok
13:37:19.0954 0x0b0c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
13:37:19.0970 0x0b0c  amdsbs - ok
13:37:19.0985 0x0b0c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:37:20.0001 0x0b0c  amdxata - ok
13:37:20.0063 0x0b0c  [ 391887990CDAA83DE5C56C3FDE966DA1, BC55E21E03B3FE7BBDBB13D56AADB8FBA74F58521AC73B105AD9788E7AE18F0B ] AmUStor         C:\Windows\system32\drivers\AmUStor.SYS
13:37:20.0079 0x0b0c  AmUStor - ok
13:37:20.0235 0x0b0c  [ 6B31C215750CD41567E962D22839EE44, FF0B92807296B88DE37F9F2EB27FF7B73AA998B98074AA54A949A2B79690AFE5 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
13:37:20.0344 0x0b0c  AntiVirMailService - ok
13:37:20.0422 0x0b0c  [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
13:37:20.0438 0x0b0c  AntiVirSchedulerService - ok
13:37:20.0516 0x0b0c  [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
13:37:20.0563 0x0b0c  AntiVirService - ok
13:37:20.0641 0x0b0c  [ D84E576299C73B0B1DC477D2B99958C4, D6703C2B63B9FA87C2DA009CC7B6DF76C3603C6A9874B152D685A1B92EE2DF28 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
13:37:20.0687 0x0b0c  AntiVirWebService - ok
13:37:20.0734 0x0b0c  [ FAB590E0FC28CB474B965F8267458E14, C1A8DFD5746B27373CA402246D404A33A69A9364C1D1EBE944559F69B5DFC98F ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
13:37:20.0765 0x0b0c  ApfiltrService - ok
13:37:20.0859 0x0b0c  [ F7A75F20B29859097B102851C08F707B, A612BE78887DC633123797D962108C962076C2405C35BD0266A3079458CD11D9 ] APNMCP          C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
13:37:20.0875 0x0b0c  APNMCP - ok
13:37:20.0937 0x0b0c  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
13:37:20.0953 0x0b0c  AppID - ok
13:37:20.0968 0x0b0c  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:37:20.0984 0x0b0c  AppIDSvc - ok
13:37:21.0031 0x0b0c  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
13:37:21.0046 0x0b0c  Appinfo - ok
13:37:21.0140 0x0b0c  [ A5299D04ED225D64CF07A568A3E1BF8C, 6F7E73893127BADC8C9815E9BCC0EB5F6584E254D0D09A0B6A680704C71E0A90 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:37:21.0155 0x0b0c  Apple Mobile Device - ok
13:37:21.0218 0x0b0c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
13:37:21.0233 0x0b0c  arc - ok
13:37:21.0233 0x0b0c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
13:37:21.0249 0x0b0c  arcsas - ok
13:37:21.0436 0x0b0c  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:37:21.0483 0x0b0c  aspnet_state - ok
13:37:21.0530 0x0b0c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:37:21.0561 0x0b0c  AsyncMac - ok
13:37:21.0592 0x0b0c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
13:37:21.0608 0x0b0c  atapi - ok
13:37:21.0717 0x0b0c  [ 70260C7C98CC0101316F5B2650C3BB44, 15F5DBDB1251D3F2EF2A0764BC2829A02448B98A0DF9AF316C8466F83BA9241F ] athr            C:\Windows\system32\DRIVERS\athrx.sys
13:37:21.0795 0x0b0c  athr - ok
13:37:21.0842 0x0b0c  [ FB7602C5C508BE281368AAE0B61B51C6, 81FB4ABFA006974C20CA0E9FEB279A51CC4A9F0C1DA67075AA0EAD13F43B3782 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
13:37:21.0857 0x0b0c  AtiHdmiService - ok
13:37:21.0935 0x0b0c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:37:21.0967 0x0b0c  AudioEndpointBuilder - ok
13:37:21.0998 0x0b0c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:37:22.0029 0x0b0c  AudioSrv - ok
13:37:22.0123 0x0b0c  [ 03C6DEB5C74C8140C2167677DBE2F79A, D5C727B007C5B486DECE1A1B83D8155299DD7CB46DC8208CE9185C5BAE5CC33A ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
13:37:22.0138 0x0b0c  avgntflt - ok
13:37:22.0201 0x0b0c  [ 043E5F34C3878C844568658B79B3E55C, D13D8FC5205562E02F252C0EE1AB2236C9212445D6EC3715041EBDF993CB467F ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
13:37:22.0216 0x0b0c  avipbb - ok
13:37:22.0341 0x0b0c  [ 6C4B9A2FF6924405E9ABFB558049D4DD, 9AB314B9ECF41832589726556A93CEAAE2AE774B1738A46A027E833B73A72118 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
13:37:22.0357 0x0b0c  Avira.ServiceHost - ok
13:37:22.0435 0x0b0c  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
13:37:22.0435 0x0b0c  avkmgr - ok
13:37:22.0497 0x0b0c  [ 080860E03F0219AF0A0377A02292741F, F0A151509BFEBFE639CC15388847EB2EDA298CFAE0AC4A1358A1472F42320249 ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
13:37:22.0528 0x0b0c  avnetflt - ok
13:37:22.0591 0x0b0c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:37:22.0622 0x0b0c  AxInstSV - ok
13:37:22.0669 0x0b0c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
13:37:22.0684 0x0b0c  b06bdrv - ok
13:37:22.0747 0x0b0c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:37:22.0762 0x0b0c  b57nd60a - ok
13:37:22.0825 0x0b0c  [ 9E84A931DBEE0292E38ED672F6293A99, 2945EAF0AC091709E0C5508B45EC343EDE507AC2B08A2D7D64F286D38424CBC4 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
13:37:22.0903 0x0b0c  BCM43XX - ok
13:37:22.0934 0x0b0c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:37:22.0949 0x0b0c  BDESVC - ok
13:37:22.0965 0x0b0c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:37:23.0012 0x0b0c  Beep - ok
13:37:23.0105 0x0b0c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
13:37:23.0137 0x0b0c  BFE - ok
13:37:23.0199 0x0b0c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
13:37:23.0261 0x0b0c  BITS - ok
13:37:23.0293 0x0b0c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:37:23.0308 0x0b0c  blbdrive - ok
13:37:23.0449 0x0b0c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:37:23.0464 0x0b0c  Bonjour Service - ok
13:37:23.0542 0x0b0c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:37:23.0558 0x0b0c  bowser - ok
13:37:23.0620 0x0b0c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:37:23.0636 0x0b0c  BrFiltLo - ok
13:37:23.0683 0x0b0c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:37:23.0698 0x0b0c  BrFiltUp - ok
13:37:23.0745 0x0b0c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
13:37:23.0776 0x0b0c  Browser - ok
13:37:23.0807 0x0b0c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:37:23.0823 0x0b0c  Brserid - ok
13:37:23.0854 0x0b0c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:37:23.0870 0x0b0c  BrSerWdm - ok
13:37:23.0885 0x0b0c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:37:23.0901 0x0b0c  BrUsbMdm - ok
13:37:23.0917 0x0b0c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:37:23.0932 0x0b0c  BrUsbSer - ok
13:37:23.0948 0x0b0c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
13:37:23.0979 0x0b0c  BTHMODEM - ok
13:37:24.0026 0x0b0c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
13:37:24.0057 0x0b0c  bthserv - ok
13:37:24.0088 0x0b0c  catchme - ok
13:37:24.0119 0x0b0c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:37:24.0151 0x0b0c  cdfs - ok
13:37:24.0213 0x0b0c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:37:24.0229 0x0b0c  cdrom - ok
13:37:24.0291 0x0b0c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:37:24.0322 0x0b0c  CertPropSvc - ok
13:37:24.0369 0x0b0c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
13:37:24.0385 0x0b0c  circlass - ok
13:37:24.0447 0x0b0c  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
13:37:24.0463 0x0b0c  CLFS - ok
13:37:24.0556 0x0b0c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:37:24.0572 0x0b0c  clr_optimization_v2.0.50727_32 - ok
13:37:24.0634 0x0b0c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:37:24.0650 0x0b0c  clr_optimization_v2.0.50727_64 - ok
13:37:24.0759 0x0b0c  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:37:24.0962 0x0b0c  clr_optimization_v4.0.30319_32 - ok
13:37:25.0009 0x0b0c  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:37:25.0165 0x0b0c  clr_optimization_v4.0.30319_64 - ok
13:37:25.0196 0x0b0c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:37:25.0211 0x0b0c  CmBatt - ok
13:37:25.0243 0x0b0c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:37:25.0258 0x0b0c  cmdide - ok
13:37:25.0352 0x0b0c  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
13:37:25.0383 0x0b0c  CNG - ok
13:37:25.0461 0x0b0c  [ 040FF3B09F26926A3792E047DB0F47DD, 665A4D692C5654B5D4FBAACB25057A28D7EB9464DDA5C9A9A737675D4BBDF990 ] cnnctfy2        C:\Windows\system32\DRIVERS\cnnctfy2.sys
13:37:25.0461 0x0b0c  cnnctfy2 - ok
13:37:25.0492 0x0b0c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
13:37:25.0508 0x0b0c  Compbatt - ok
13:37:25.0555 0x0b0c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
13:37:25.0570 0x0b0c  CompositeBus - ok
13:37:25.0570 0x0b0c  COMSysApp - ok
13:37:25.0633 0x0b0c  [ 4361C4CAFBEAC86627F2132E103D9E5B, 68CB922C0E6C32A0ACA5D0AD67402A802534D8CD66613FC14A18B13AA827245B ] Connectify      C:\Program Files (x86)\Connectify\ConnectifyService.exe
13:37:25.0633 0x0b0c  Connectify - detected UnsignedFile.Multi.Generic ( 1 )
13:37:28.0363 0x0b0c  Detect skipped due to KSN trusted
13:37:28.0363 0x0b0c  Connectify - ok
13:37:28.0565 0x0b0c  cpuz130 - ok
13:37:28.0581 0x0b0c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
13:37:28.0597 0x0b0c  crcdisk - ok
13:37:28.0659 0x0b0c  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:37:28.0675 0x0b0c  CryptSvc - ok
13:37:28.0737 0x0b0c  [ 44BDDEB03C84A1C993C992FFB5700357, 29080E9A434BB2A932783B0B5104BC9E3C514A0FFB387123B75F4F4045E353BC ] CVirtA          C:\Windows\system32\DRIVERS\CVirtA64.sys
13:37:28.0753 0x0b0c  CVirtA - ok
13:37:28.0877 0x0b0c  [ 98C413E1A2FB6E5A4C101C25B3D0B275, 86C02211285F1807A6B276F07C56DE1A54BD5947E513884D8D971A22F4362849 ] CVPND           C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
13:37:28.0940 0x0b0c  CVPND - ok
13:37:28.0987 0x0b0c  [ 79AF0E203D089AF442A3F70ED00A37FB, BF28BF9AEE23A3052D5ADA6C1B4C255C5F09DED69BB88D2CA3C011D2C3CFA8C1 ] CVPNDRVA        C:\Windows\system32\Drivers\CVPNDRVA.sys
13:37:29.0002 0x0b0c  CVPNDRVA - ok
13:37:29.0080 0x0b0c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:37:29.0127 0x0b0c  DcomLaunch - ok
13:37:29.0174 0x0b0c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
13:37:29.0221 0x0b0c  defragsvc - ok
13:37:29.0252 0x0b0c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:37:29.0299 0x0b0c  DfsC - ok
13:37:29.0330 0x0b0c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:37:29.0361 0x0b0c  Dhcp - ok
13:37:29.0486 0x0b0c  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
13:37:29.0533 0x0b0c  DiagTrack - ok
13:37:29.0564 0x0b0c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
13:37:29.0595 0x0b0c  discache - ok
13:37:29.0657 0x0b0c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
13:37:29.0673 0x0b0c  Disk - ok
13:37:29.0720 0x0b0c  [ 05CB5910B3CA6019FC3CCA815EE06FFB, 8FA532ED500BB1F08E8034A6125BDD53B74D5E6AB0A83A6185B07AAFCD90AA82 ] DNE             C:\Windows\system32\DRIVERS\dne64x.sys
13:37:29.0735 0x0b0c  DNE - ok
13:37:29.0782 0x0b0c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:37:29.0813 0x0b0c  Dnscache - ok
13:37:29.0860 0x0b0c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:37:29.0907 0x0b0c  dot3svc - ok
13:37:29.0954 0x0b0c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
13:37:30.0001 0x0b0c  DPS - ok
13:37:30.0047 0x0b0c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:37:30.0063 0x0b0c  drmkaud - ok
13:37:30.0110 0x0b0c  [ E2B2853A0210D6EDAB2261870BD80C1A, BAC20DFFCFD8C324BC5B9CDA7BAFD553BBA8E3ED9224FDCF471357A456AC0A61 ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
13:37:30.0125 0x0b0c  DsiWMIService - ok
13:37:30.0203 0x0b0c  dtpd - ok
13:37:30.0281 0x0b0c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:37:30.0328 0x0b0c  DXGKrnl - ok
13:37:30.0359 0x0b0c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
13:37:30.0391 0x0b0c  EapHost - ok
13:37:30.0531 0x0b0c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
13:37:30.0625 0x0b0c  ebdrv - ok
13:37:30.0703 0x0b0c  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] EFS             C:\Windows\System32\lsass.exe
13:37:30.0703 0x0b0c  EFS - ok
13:37:30.0812 0x0b0c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:37:30.0859 0x0b0c  ehRecvr - ok
13:37:30.0890 0x0b0c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
13:37:30.0905 0x0b0c  ehSched - ok
13:37:30.0968 0x0b0c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
13:37:30.0983 0x0b0c  elxstor - ok
13:37:31.0077 0x0b0c  [ 09DDC2D4724A4FF844F738B60E63D872, 698F4BFABD6A5F822B40EC81413702BC6F04B49B5DF4DECE844AFC27E3FAE28D ] ePowerSvc       C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
13:37:31.0093 0x1140  Object required for P2P: [ 6C4B9A2FF6924405E9ABFB558049D4DD ] Avira.ServiceHost
13:37:31.0108 0x0b0c  ePowerSvc - ok
13:37:31.0155 0x0b0c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:37:31.0171 0x0b0c  ErrDev - ok
13:37:31.0217 0x0b0c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
13:37:31.0264 0x0b0c  EventSystem - ok
13:37:31.0311 0x0b0c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
13:37:31.0373 0x0b0c  exfat - ok
13:37:31.0420 0x0b0c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:37:31.0467 0x0b0c  fastfat - ok
13:37:31.0529 0x0b0c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
13:37:31.0561 0x0b0c  Fax - ok
13:37:31.0592 0x0b0c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
13:37:31.0607 0x0b0c  fdc - ok
13:37:31.0639 0x0b0c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
13:37:31.0685 0x0b0c  fdPHost - ok
13:37:31.0701 0x0b0c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:37:31.0732 0x0b0c  FDResPub - ok
13:37:31.0763 0x0b0c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:37:31.0779 0x0b0c  FileInfo - ok
13:37:31.0810 0x0b0c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:37:31.0857 0x0b0c  Filetrace - ok
13:37:31.0888 0x0b0c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
13:37:31.0904 0x0b0c  flpydisk - ok
13:37:31.0951 0x0b0c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:37:31.0966 0x0b0c  FltMgr - ok
13:37:32.0075 0x0b0c  [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache       C:\Windows\system32\FntCache.dll
13:37:32.0138 0x0b0c  FontCache - ok
13:37:32.0231 0x0b0c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:37:32.0231 0x0b0c  FontCache3.0.0.0 - ok
13:37:32.0263 0x0b0c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:37:32.0278 0x0b0c  FsDepends - ok
13:37:32.0309 0x0b0c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:37:32.0325 0x0b0c  Fs_Rec - ok
13:37:32.0387 0x0b0c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:37:32.0403 0x0b0c  fvevol - ok
13:37:32.0434 0x0b0c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
13:37:32.0450 0x0b0c  gagp30kx - ok
13:37:32.0512 0x0b0c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:37:32.0528 0x0b0c  GEARAspiWDM - ok
13:37:32.0590 0x0b0c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:37:32.0653 0x0b0c  gpsvc - ok
13:37:32.0699 0x0b0c  [ 0191DEE9B9EB7902AF2CF4F67301095D, 9E2E263E84167E1AD3FFCEA84066AF07CD6A653F5D8266A619E4973BC4B25460 ] GREGService     C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
13:37:32.0699 0x0b0c  GREGService - ok
13:37:32.0855 0x0b0c  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:37:32.0855 0x0b0c  gupdate - ok
13:37:32.0902 0x0b0c  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:37:32.0918 0x0b0c  gupdatem - ok
13:37:32.0965 0x0b0c  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
13:37:32.0965 0x0b0c  hamachi - ok
13:37:33.0167 0x0b0c  [ C0EF69A59C13D9204D1D70434AA3D00C, 56BD4F7C74B2A36665677C32F30C4E1839DB9AAAC82FFA4A2622B4D261D865F2 ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
13:37:33.0245 0x0b0c  Hamachi2Svc - ok
13:37:33.0292 0x0b0c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:37:33.0292 0x0b0c  hcw85cir - ok
13:37:33.0370 0x0b0c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:37:33.0401 0x0b0c  HdAudAddService - ok
13:37:33.0464 0x0b0c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
13:37:33.0479 0x0b0c  HDAudBus - ok
13:37:33.0542 0x0b0c  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
13:37:33.0542 0x0b0c  HECIx64 - ok
13:37:33.0573 0x0b0c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
13:37:33.0589 0x0b0c  HidBatt - ok
13:37:33.0604 0x0b0c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
13:37:33.0620 0x0b0c  HidBth - ok
13:37:33.0651 0x0b0c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
13:37:33.0667 0x0b0c  HidIr - ok
13:37:33.0698 0x0b0c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
13:37:33.0745 0x0b0c  hidserv - ok
13:37:33.0791 0x0b0c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:37:33.0807 0x0b0c  HidUsb - ok
13:37:33.0854 0x0b0c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:37:33.0885 0x1140  Object send P2P result: true
13:37:33.0901 0x0b0c  hkmsvc - ok
13:37:33.0947 0x0b0c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:37:33.0963 0x0b0c  HomeGroupListener - ok
13:37:34.0010 0x0b0c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:37:34.0025 0x0b0c  HomeGroupProvider - ok
13:37:34.0088 0x0b0c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:37:34.0103 0x0b0c  HpSAMD - ok
13:37:34.0181 0x0b0c  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:37:34.0213 0x0b0c  HTTP - ok
13:37:34.0259 0x0b0c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:37:34.0275 0x0b0c  hwpolicy - ok
13:37:34.0322 0x0b0c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
13:37:34.0337 0x0b0c  i8042prt - ok
13:37:34.0384 0x0b0c  [ ABBF174CB394F5C437410A788B7E404A, 95554F675329E7062F0936E4E902FEFF2456CAD95D6C9B60DCC213EF6E4C62D8 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
13:37:34.0415 0x0b0c  iaStor - ok
13:37:34.0462 0x0b0c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:37:34.0493 0x0b0c  iaStorV - ok
13:37:34.0556 0x0b0c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:37:34.0587 0x0b0c  idsvc - ok
13:37:34.0634 0x0b0c  IEEtwCollectorService - ok
13:37:34.0883 0x0b0c  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
13:37:35.0071 0x0b0c  igfx - ok
13:37:35.0149 0x0b0c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
13:37:35.0164 0x0b0c  iirsp - ok
13:37:35.0180 0x0b0c  iked - ok
13:37:35.0242 0x0b0c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
13:37:35.0273 0x0b0c  IKEEXT - ok
13:37:35.0383 0x0b0c  [ 53019327813FF5AB2964B33B2C61307C, DFE61235DA59E4AD122201F0054E6073A9538764DD4FD18A11588949089FFBA9 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:37:35.0445 0x0b0c  IntcAzAudAddService - ok
13:37:35.0523 0x0b0c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
13:37:35.0539 0x0b0c  intelide - ok
13:37:35.0570 0x0b0c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:37:35.0585 0x0b0c  intelppm - ok
13:37:35.0632 0x0b0c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:37:35.0663 0x0b0c  IPBusEnum - ok
13:37:35.0726 0x0b0c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:37:35.0773 0x0b0c  IpFilterDriver - ok
13:37:35.0851 0x0b0c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:37:35.0866 0x0b0c  iphlpsvc - ok
13:37:35.0913 0x0b0c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
13:37:35.0929 0x0b0c  IPMIDRV - ok
13:37:35.0960 0x0b0c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:37:36.0007 0x0b0c  IPNAT - ok
13:37:36.0100 0x0b0c  [ 6E50CFA46527B39015B750AAD161C5CC, 93F99EF7771C56EBE41FBC0C668F686644FBDF94E31456D3F5A9A8AE2F70EAB6 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:37:36.0131 0x0b0c  iPod Service - ok
13:37:36.0163 0x0b0c  ipsecd - ok
13:37:36.0194 0x0b0c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:37:36.0209 0x0b0c  IRENUM - ok
13:37:36.0241 0x0b0c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:37:36.0256 0x0b0c  isapnp - ok
13:37:36.0303 0x0b0c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
13:37:36.0319 0x0b0c  iScsiPrt - ok
13:37:36.0365 0x0b0c  [ 9D7EA8C7215D8D4AE7BE110EEE61085D, C8AEC99985AEAD52FA4FA14DA98EE465594EA1392E2010D0B474CD467D766EE8 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
13:37:36.0381 0x0b0c  k57nd60a - ok
13:37:36.0428 0x0b0c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
13:37:36.0443 0x0b0c  kbdclass - ok
13:37:36.0490 0x0b0c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
13:37:36.0506 0x0b0c  kbdhid - ok
13:37:36.0521 0x0b0c  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] KeyIso          C:\Windows\system32\lsass.exe
13:37:36.0537 0x0b0c  KeyIso - ok
13:37:36.0584 0x0b0c  [ 67A1743377EBB5D9A370A8C2086CFDCC, 2F0FD6C1969B1EEEEFFC1A8F972E1E90F1AD9558FF00EC159BC19ED927FD4BF5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:37:36.0599 0x0b0c  KSecDD - ok
13:37:36.0615 0x0b0c  [ 522A1595D5701800DD41B2D472F5AAED, B62924AE94A5AC454AD6057BC133D717BB1C6445BE36D6BECAB76E1600F60C33 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:37:36.0631 0x0b0c  KSecPkg - ok
13:37:36.0677 0x0b0c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:37:36.0709 0x0b0c  ksthunk - ok
13:37:36.0740 0x0b0c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:37:36.0802 0x0b0c  KtmRm - ok
13:37:36.0849 0x0b0c  [ 2AC603C3188C704CFCE353659AA7AD71, 0DAC2E8858221145FA35883BAE0D6484E60EB624158DE9F063FF209951CD1CDF ] L1E             C:\Windows\system32\DRIVERS\L1E62x64.sys
13:37:36.0849 0x0b0c  L1E - ok
13:37:36.0896 0x0b0c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
13:37:36.0943 0x0b0c  LanmanServer - ok
13:37:37.0005 0x0b0c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:37:37.0036 0x0b0c  LanmanWorkstation - ok
13:37:37.0083 0x0b0c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:37:37.0114 0x0b0c  lltdio - ok
13:37:37.0161 0x0b0c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:37:37.0208 0x0b0c  lltdsvc - ok
13:37:37.0239 0x0b0c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:37:37.0270 0x0b0c  lmhosts - ok
13:37:37.0364 0x0b0c  [ D6BF6FD055BD719F3D62E51B90857159, A7777D18E404164B4DA531AD94D2A712D9CC6A9288795B7388037752A558E96F ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
13:37:37.0379 0x0b0c  LMIGuardianSvc - ok
13:37:37.0489 0x0b0c  [ 23DE5B62B0445A6F874BE633C95B483E, 39A8E5BD057F5EE049FA48848C5881DCD2CFB16CD9E2A03CC9DDF35F116FEE0B ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:37:37.0520 0x0b0c  LMS - ok
13:37:37.0551 0x0b0c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
13:37:37.0567 0x0b0c  LSI_FC - ok
13:37:37.0582 0x0b0c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
13:37:37.0598 0x0b0c  LSI_SAS - ok
13:37:37.0613 0x0b0c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:37:37.0629 0x0b0c  LSI_SAS2 - ok
13:37:37.0645 0x0b0c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:37:37.0660 0x0b0c  LSI_SCSI - ok
13:37:37.0691 0x0b0c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
13:37:37.0738 0x0b0c  luafv - ok
13:37:37.0801 0x0b0c  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
13:37:37.0816 0x0b0c  MBAMProtector - ok
13:37:37.0957 0x0b0c  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
13:37:37.0988 0x0b0c  MBAMService - ok
13:37:38.0081 0x0b0c  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
13:37:38.0097 0x0b0c  MBAMSwissArmy - ok
13:37:38.0159 0x0b0c  [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
13:37:38.0175 0x0b0c  MBAMWebAccessControl - ok
13:37:38.0253 0x0b0c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:37:38.0269 0x0b0c  Mcx2Svc - ok
13:37:38.0300 0x0b0c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
13:37:38.0315 0x0b0c  megasas - ok
13:37:38.0347 0x0b0c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
13:37:38.0362 0x0b0c  MegaSR - ok
13:37:38.0393 0x0b0c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
13:37:38.0425 0x0b0c  MMCSS - ok
13:37:38.0440 0x0b0c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
13:37:38.0487 0x0b0c  Modem - ok
13:37:38.0518 0x0b0c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:37:38.0534 0x0b0c  monitor - ok
13:37:38.0581 0x0b0c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:37:38.0596 0x0b0c  mouclass - ok
13:37:38.0643 0x0b0c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:37:38.0659 0x0b0c  mouhid - ok
13:37:38.0705 0x0b0c  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:37:38.0721 0x0b0c  mountmgr - ok
13:37:38.0830 0x0b0c  [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:37:38.0846 0x0b0c  MozillaMaintenance - ok
13:37:38.0877 0x0b0c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:37:38.0893 0x0b0c  mpio - ok
13:37:38.0939 0x0b0c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:37:38.0971 0x0b0c  mpsdrv - ok
13:37:39.0049 0x0b0c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:37:39.0095 0x0b0c  MpsSvc - ok
13:37:39.0142 0x0b0c  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:37:39.0173 0x0b0c  MRxDAV - ok
13:37:39.0205 0x0b0c  [ B2081803D510DCE174992BA880EDCA70, 37DB53C9756EC03EB7165DEB58251615D70B7C86DF32A54DE25ADAF30A04D792 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:37:39.0220 0x0b0c  mrxsmb - ok
13:37:39.0267 0x0b0c  [ 552FA62B0EFECD22D8D52499324BCA4F, C3A02C9C30C36928AC7B1025496544967187A05BEF5D100B54F2C0155E47145C ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:37:39.0283 0x0b0c  mrxsmb10 - ok
13:37:39.0329 0x0b0c  [ 97687971F9CB30E2633DE0F1296B9F61, 865DA87523E4C32D65D55D5475A5CDDFA10699780DA500E6D606384FB3BEB1BE ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:37:39.0345 0x0b0c  mrxsmb20 - ok
13:37:39.0376 0x0b0c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:37:39.0392 0x0b0c  msahci - ok
13:37:39.0439 0x0b0c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:37:39.0454 0x0b0c  msdsm - ok
13:37:39.0470 0x0b0c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
13:37:39.0485 0x0b0c  MSDTC - ok
13:37:39.0517 0x0b0c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:37:39.0579 0x0b0c  Msfs - ok
13:37:39.0626 0x0b0c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:37:39.0673 0x0b0c  mshidkmdf - ok
13:37:39.0704 0x0b0c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:37:39.0719 0x0b0c  msisadrv - ok
13:37:39.0751 0x0b0c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:37:39.0797 0x0b0c  MSiSCSI - ok
13:37:39.0797 0x0b0c  msiserver - ok
13:37:39.0829 0x0b0c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:37:39.0860 0x0b0c  MSKSSRV - ok
13:37:39.0891 0x0b0c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:37:39.0938 0x0b0c  MSPCLOCK - ok
13:37:39.0953 0x0b0c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:37:39.0985 0x0b0c  MSPQM - ok
13:37:40.0031 0x0b0c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:37:40.0047 0x0b0c  MsRPC - ok
13:37:40.0094 0x0b0c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
13:37:40.0109 0x0b0c  mssmbios - ok
13:37:40.0141 0x0b0c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:37:40.0187 0x0b0c  MSTEE - ok
13:37:40.0187 0x0b0c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
13:37:40.0203 0x0b0c  MTConfig - ok
13:37:40.0219 0x0b0c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
13:37:40.0234 0x0b0c  Mup - ok
13:37:40.0281 0x0b0c  [ 6FFECC25B39DC7652A0CEC0ADA9DB589, 927EF066CBBA8353149F8C3B7C4299AC06FED439DA874D25CFB583E5912611A2 ] mwlPSDFilter    C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
13:37:40.0281 0x0b0c  mwlPSDFilter - ok
13:37:40.0297 0x0b0c  [ 0BEFE32CA56D6EE89D58175725596A85, E36B9E6159AF7F67D549F7178896CCCB8FC3964531B1DA20CBDD465E632D8FCF ] mwlPSDNServ     C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
13:37:40.0297 0x0b0c  mwlPSDNServ - ok
13:37:40.0312 0x0b0c  [ D43BC633B8660463E446E28E14A51262, C55F235B5E08FAC6D70B0FAC737D714E318A93F8E43FF8095B86A76559AF211D ] mwlPSDVDisk     C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
13:37:40.0328 0x0b0c  mwlPSDVDisk - ok
13:37:40.0453 0x0b0c  [ 22A4905C958BEB68D78385B633C1351B, FFF03DB9F0A7DCFFF221FA1EAEBF9EA04732F4D0562EA02412D178B887773574 ] MWLService      C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
13:37:40.0468 0x0b0c  MWLService - ok
13:37:40.0531 0x0b0c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
13:37:40.0577 0x0b0c  napagent - ok
13:37:40.0624 0x0b0c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:37:40.0655 0x0b0c  NativeWifiP - ok
13:37:40.0827 0x0b0c  [ E59AFB64C2F6E0C99350E1C944C75088, 10A9044192D0A83857A57286EABB05037922860483DA2B05AFCC485A8311E4EF ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
13:37:40.0843 0x0b0c  NAUpdate - ok
13:37:40.0889 0x0b0c  [ DACA803A8D732FE5EEAA024EC342F81D, 2DDEA48CD417EDD657D487BADA7C31C05F35DA328AAC5AA63A99FDFD44F2BF02 ] NBVol           C:\Windows\system32\DRIVERS\NBVol.sys
13:37:40.0905 0x0b0c  NBVol - ok
13:37:40.0921 0x0b0c  [ 6208F622E9E35860DFB0753DFF56F0C0, AF7730B4AB642E0E45C05AE1429C7B3D90B0889CF94B21AC7869790D4DB6FDBE ] NBVolUp         C:\Windows\system32\DRIVERS\NBVolUp.sys
13:37:40.0921 0x0b0c  NBVolUp - ok
13:37:41.0014 0x0b0c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:37:41.0045 0x0b0c  NDIS - ok
13:37:41.0092 0x0b0c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:37:41.0123 0x0b0c  NdisCap - ok
13:37:41.0186 0x0b0c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:37:41.0217 0x0b0c  NdisTapi - ok
13:37:41.0279 0x0b0c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:37:41.0311 0x0b0c  Ndisuio - ok
13:37:41.0342 0x0b0c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:37:41.0373 0x0b0c  NdisWan - ok
13:37:41.0420 0x0b0c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:37:41.0467 0x0b0c  NDProxy - ok
13:37:41.0513 0x0b0c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:37:41.0545 0x0b0c  NetBIOS - ok
13:37:41.0607 0x0b0c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:37:41.0638 0x0b0c  NetBT - ok
13:37:41.0669 0x0b0c  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] Netlogon        C:\Windows\system32\lsass.exe
13:37:41.0685 0x0b0c  Netlogon - ok
13:37:41.0732 0x0b0c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
13:37:41.0779 0x0b0c  Netman - ok
13:37:41.0872 0x0b0c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:37:41.0935 0x0b0c  NetMsmqActivator - ok
13:37:41.0935 0x0b0c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:37:41.0966 0x0b0c  NetPipeActivator - ok
13:37:42.0013 0x0b0c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
13:37:42.0059 0x0b0c  netprofm - ok
13:37:42.0075 0x0b0c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:37:42.0091 0x0b0c  NetTcpActivator - ok
13:37:42.0091 0x0b0c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:37:42.0106 0x0b0c  NetTcpPortSharing - ok
13:37:42.0153 0x0b0c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
13:37:42.0169 0x0b0c  nfrd960 - ok
13:37:42.0215 0x0b0c  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:37:42.0247 0x0b0c  NlaSvc - ok
13:37:42.0262 0x0b0c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:37:42.0309 0x0b0c  Npfs - ok
13:37:42.0356 0x0b0c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
13:37:42.0403 0x0b0c  nsi - ok
13:37:42.0403 0x0b0c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:37:42.0449 0x0b0c  nsiproxy - ok
13:37:42.0527 0x0b0c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:37:42.0605 0x0b0c  Ntfs - ok
13:37:42.0683 0x0b0c  [ 5B3CE960C62DBE864BE9A0BD043A3E30, 8474C68B0A8F94945C3278C682143F289245FC31C28DBB4609E993F90F7AD309 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
13:37:42.0699 0x0b0c  NTI IScheduleSvc - detected UnsignedFile.Multi.Generic ( 1 )
13:37:46.0973 0x0b0c  Detect skipped due to KSN trusted
13:37:46.0973 0x0b0c  NTI IScheduleSvc - ok
13:37:47.0051 0x0b0c  [ 15221DD637D9D0FFC60848EBBF1DF538, 72E20DAAC3BF7CA9303DB515A7C93C629D7EEDA04C9A7CE91AFBCBB574F257D4 ] NTIBackupSvc    C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
13:37:47.0067 0x0b0c  NTIBackupSvc - ok
13:37:47.0098 0x0b0c  [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
13:37:47.0098 0x0b0c  NTIDrvr - ok
13:37:47.0145 0x0b0c  [ B5071E15D4C3F5EF5018AFF7E85A85E5, FF3ACAEDD127CC4BB0A6FD2D34B5E4D98478A86122BE31DB84702A12567288E0 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
13:37:47.0176 0x0b0c  NTISchedulerSvc - ok
13:37:47.0207 0x0b0c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
13:37:47.0239 0x0b0c  Null - ok
13:37:47.0301 0x0b0c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:37:47.0317 0x0b0c  nvraid - ok
13:37:47.0363 0x0b0c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:37:47.0379 0x0b0c  nvstor - ok
13:37:47.0426 0x0b0c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:37:47.0441 0x0b0c  nv_agp - ok
13:37:47.0551 0x0b0c  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:37:47.0582 0x0b0c  odserv - ok
13:37:47.0629 0x0b0c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:37:47.0629 0x0b0c  ohci1394 - ok
13:37:47.0738 0x0b0c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:37:47.0738 0x0b0c  ose - ok
13:37:48.0003 0x0b0c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:37:48.0128 0x0b0c  osppsvc - ok
13:37:48.0190 0x0b0c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:37:48.0221 0x0b0c  p2pimsvc - ok
13:37:48.0268 0x0b0c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
13:37:48.0299 0x0b0c  p2psvc - ok
13:37:48.0315 0x0b0c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
13:37:48.0331 0x0b0c  Parport - ok
13:37:48.0377 0x0b0c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:37:48.0377 0x0b0c  partmgr - ok
13:37:48.0440 0x0b0c  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:37:48.0455 0x0b0c  PcaSvc - ok
13:37:48.0502 0x0b0c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
13:37:48.0518 0x0b0c  pci - ok
13:37:48.0549 0x0b0c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
13:37:48.0565 0x0b0c  pciide - ok
13:37:48.0596 0x0b0c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
13:37:48.0611 0x0b0c  pcmcia - ok
13:37:48.0627 0x0b0c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:37:48.0643 0x0b0c  pcw - ok
13:37:48.0814 0x0b0c  [ 501015A7570DA3E2B159B6191B37B347, C202C053ED78E956C00EDB8F265CED53344BD90D3A614FBFF789B98B0C4D7A90 ] PDF Architect 3 C:\Program Files (x86)\PDF Architect 3\ws.exe
13:37:48.0877 0x0b0c  PDF Architect 3 - ok
13:37:48.0955 0x0b0c  [ 07DA9CEDFC7441AE061DFA7E2BD825F6, 35A8060EA0E2E34EBB1EB25F40BB72A6D3B83CBA8BD8CD4BF9E427A777D42D28 ] PDF Architect 3 CrashHandler C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
13:37:48.0986 0x0b0c  PDF Architect 3 CrashHandler - ok
13:37:49.0079 0x0b0c  [ 1234BB5F8C7EC1E52F32A3EBF65F52EA, AEE529A96C6F21D27B3F5AEF6AADF42129C676584DEE550C8F42815D1C913B0C ] PDF Architect 3 Creator C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
13:37:49.0095 0x0b0c  PDF Architect 3 Creator - ok
13:37:49.0157 0x0b0c  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:37:49.0189 0x0b0c  PEAUTH - ok
13:37:49.0282 0x0b0c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:37:49.0298 0x0b0c  PerfHost - ok
13:37:49.0391 0x0b0c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
13:37:49.0454 0x0b0c  pla - ok
13:37:49.0516 0x0b0c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:37:49.0547 0x0b0c  PlugPlay - ok
13:37:49.0563 0x0b0c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:37:49.0579 0x0b0c  PNRPAutoReg - ok
13:37:49.0594 0x0b0c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:37:49.0625 0x0b0c  PNRPsvc - ok
13:37:49.0672 0x0b0c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:37:49.0719 0x0b0c  PolicyAgent - ok
13:37:49.0766 0x0b0c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
13:37:49.0813 0x0b0c  Power - ok
13:37:49.0844 0x0b0c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:37:49.0891 0x0b0c  PptpMiniport - ok
13:37:49.0937 0x0b0c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
13:37:49.0953 0x0b0c  Processor - ok
13:37:49.0984 0x0b0c  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:37:50.0000 0x0b0c  ProfSvc - ok
13:37:50.0015 0x0b0c  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:37:50.0031 0x0b0c  ProtectedStorage - ok
13:37:50.0078 0x0b0c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:37:50.0125 0x0b0c  Psched - ok
13:37:50.0203 0x0b0c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
13:37:50.0249 0x0b0c  ql2300 - ok
13:37:50.0281 0x0b0c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
13:37:50.0296 0x0b0c  ql40xx - ok
13:37:50.0327 0x0b0c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
13:37:50.0359 0x0b0c  QWAVE - ok
13:37:50.0374 0x0b0c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:37:50.0390 0x0b0c  QWAVEdrv - ok
13:37:50.0405 0x0b0c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:37:50.0452 0x0b0c  RasAcd - ok
13:37:50.0468 0x0b0c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:37:50.0515 0x0b0c  RasAgileVpn - ok
13:37:50.0530 0x0b0c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
13:37:50.0577 0x0b0c  RasAuto - ok
13:37:50.0624 0x0b0c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:37:50.0671 0x0b0c  Rasl2tp - ok
13:37:50.0702 0x0b0c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
13:37:50.0749 0x0b0c  RasMan - ok
13:37:50.0780 0x0b0c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:37:50.0827 0x0b0c  RasPppoe - ok
13:37:50.0842 0x0b0c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:37:50.0889 0x0b0c  RasSstp - ok
13:37:50.0936 0x0b0c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:37:50.0983 0x0b0c  rdbss - ok
13:37:50.0998 0x0b0c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
13:37:51.0014 0x0b0c  rdpbus - ok
13:37:51.0045 0x0b0c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:37:51.0092 0x0b0c  RDPCDD - ok
13:37:51.0107 0x0b0c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:37:51.0139 0x0b0c  RDPENCDD - ok
13:37:51.0154 0x0b0c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:37:51.0201 0x0b0c  RDPREFMP - ok
13:37:51.0248 0x0b0c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:37:51.0263 0x0b0c  RDPWD - ok
13:37:51.0310 0x0b0c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:37:51.0326 0x0b0c  rdyboost - ok
13:37:51.0341 0x0b0c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:37:51.0388 0x0b0c  RemoteAccess - ok
13:37:51.0482 0x0b0c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:37:51.0529 0x0b0c  RemoteRegistry - ok
13:37:51.0575 0x0b0c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:37:51.0622 0x0b0c  RpcEptMapper - ok
13:37:51.0653 0x0b0c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
13:37:51.0669 0x0b0c  RpcLocator - ok
13:37:51.0731 0x0b0c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
13:37:51.0778 0x0b0c  RpcSs - ok
13:37:51.0809 0x0b0c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:37:51.0856 0x0b0c  rspndr - ok
13:37:51.0856 0x0b0c  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] SamSs           C:\Windows\system32\lsass.exe
13:37:51.0872 0x0b0c  SamSs - ok
13:37:51.0919 0x0b0c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:37:51.0919 0x0b0c  sbp2port - ok
13:37:51.0965 0x0b0c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:37:52.0012 0x0b0c  SCardSvr - ok
13:37:52.0059 0x0b0c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:37:52.0106 0x0b0c  scfilter - ok
13:37:52.0184 0x0b0c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
13:37:52.0246 0x0b0c  Schedule - ok
13:37:52.0293 0x0b0c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:37:52.0324 0x0b0c  SCPolicySvc - ok
13:37:52.0371 0x0b0c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:37:52.0387 0x0b0c  SDRSVC - ok
13:37:52.0433 0x0b0c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:37:52.0465 0x0b0c  secdrv - ok
13:37:52.0480 0x0b0c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
13:37:52.0511 0x0b0c  seclogon - ok
13:37:52.0543 0x0b0c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
13:37:52.0589 0x0b0c  SENS - ok
13:37:52.0605 0x0b0c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:37:52.0621 0x0b0c  SensrSvc - ok
13:37:52.0667 0x0b0c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
13:37:52.0683 0x0b0c  Serenum - ok
13:37:52.0699 0x0b0c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
13:37:52.0714 0x0b0c  Serial - ok
13:37:52.0761 0x0b0c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
13:37:52.0777 0x0b0c  sermouse - ok
13:37:52.0823 0x0b0c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
13:37:52.0870 0x0b0c  SessionEnv - ok
13:37:52.0917 0x0b0c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:37:52.0933 0x0b0c  sffdisk - ok
13:37:52.0933 0x0b0c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:37:52.0948 0x0b0c  sffp_mmc - ok
13:37:52.0964 0x0b0c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:37:52.0979 0x0b0c  sffp_sd - ok
13:37:53.0011 0x0b0c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
13:37:53.0026 0x0b0c  sfloppy - ok
13:37:53.0104 0x0b0c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:37:53.0151 0x0b0c  SharedAccess - ok
13:37:53.0198 0x0b0c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:37:53.0245 0x0b0c  ShellHWDetection - ok
13:37:53.0291 0x0b0c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:37:53.0307 0x0b0c  SiSRaid2 - ok
13:37:53.0338 0x0b0c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
13:37:53.0354 0x0b0c  SiSRaid4 - ok
13:37:53.0463 0x0b0c  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:37:53.0479 0x0b0c  SkypeUpdate - ok
13:37:53.0494 0x0b0c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:37:53.0541 0x0b0c  Smb - ok
13:37:53.0588 0x0b0c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:37:53.0603 0x0b0c  SNMPTRAP - ok
13:37:53.0635 0x0b0c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:37:53.0635 0x0b0c  spldr - ok
13:37:53.0697 0x0b0c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
13:37:53.0728 0x0b0c  Spooler - ok
13:37:53.0884 0x0b0c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
13:37:54.0009 0x0b0c  sppsvc - ok
13:37:54.0103 0x0b0c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:37:54.0149 0x0b0c  sppuinotify - ok
13:37:54.0196 0x0b0c  [ 656736958178461D25B51BB0D9EC7D09, A1C987CD3C1B36516691B6FB6B0589897826E9237C72AD8B5D79D20ACAFCC883 ] sptd            C:\Windows\System32\Drivers\sptd.sys
13:37:54.0212 0x0b0c  sptd - ok
13:37:54.0274 0x0b0c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:37:54.0290 0x0b0c  srv - ok
13:37:54.0321 0x0b0c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:37:54.0337 0x0b0c  srv2 - ok
13:37:54.0383 0x0b0c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:37:54.0399 0x0b0c  srvnet - ok
13:37:54.0446 0x0b0c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:37:54.0493 0x0b0c  SSDPSRV - ok
13:37:54.0508 0x0b0c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:37:54.0539 0x0b0c  SstpSvc - ok
13:37:54.0571 0x0b0c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
13:37:54.0586 0x0b0c  stexstor - ok
13:37:54.0649 0x0b0c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
13:37:54.0680 0x0b0c  stisvc - ok
13:37:54.0727 0x0b0c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
13:37:54.0727 0x0b0c  swenum - ok
13:37:54.0773 0x0b0c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
13:37:54.0836 0x0b0c  swprv - ok
13:37:54.0929 0x0b0c  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
13:37:54.0992 0x0b0c  SysMain - ok
13:37:55.0039 0x0b0c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:37:55.0054 0x0b0c  TabletInputService - ok
13:37:55.0117 0x0b0c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:37:55.0163 0x0b0c  TapiSrv - ok
13:37:55.0195 0x0b0c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
13:37:55.0241 0x0b0c  TBS - ok
13:37:55.0335 0x0b0c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:37:55.0413 0x0b0c  Tcpip - ok
13:37:55.0491 0x0b0c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:37:55.0538 0x0b0c  TCPIP6 - ok
13:37:55.0585 0x0b0c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:37:55.0600 0x0b0c  tcpipreg - ok
13:37:55.0631 0x0b0c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:37:55.0647 0x0b0c  TDPIPE - ok
13:37:55.0678 0x0b0c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:37:55.0694 0x0b0c  TDTCP - ok
13:37:55.0741 0x0b0c  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:37:55.0756 0x0b0c  tdx - ok
13:37:55.0803 0x0b0c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
13:37:55.0819 0x0b0c  TermDD - ok
13:37:55.0881 0x0b0c  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
13:37:55.0912 0x0b0c  TermService - ok
13:37:55.0928 0x0b0c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
13:37:55.0959 0x0b0c  Themes - ok
13:37:56.0006 0x0b0c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
13:37:56.0037 0x0b0c  THREADORDER - ok
13:37:56.0053 0x0b0c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
13:37:56.0099 0x0b0c  TrkWks - ok
13:37:56.0177 0x0b0c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:37:56.0224 0x0b0c  TrustedInstaller - ok
13:37:56.0255 0x0b0c  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:37:56.0271 0x0b0c  tssecsrv - ok
13:37:56.0333 0x0b0c  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:37:56.0333 0x0b0c  TsUsbFlt - ok
13:37:56.0411 0x0b0c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:37:56.0443 0x0b0c  tunnel - ok
13:37:56.0489 0x0b0c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
13:37:56.0489 0x0b0c  uagp35 - ok
13:37:56.0521 0x0b0c  [ 2E22C1FD397A5A9FFEF55E9D1FC96C00, 4646712B3F3AF6188DBCE1A95D92261E8B15E9583FE5DD538EC884F48B51759D ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
13:37:56.0536 0x0b0c  UBHelper - ok
13:37:56.0583 0x0b0c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:37:56.0630 0x0b0c  udfs - ok
13:37:56.0661 0x0b0c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:37:56.0677 0x0b0c  UI0Detect - ok
13:37:56.0692 0x0b0c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:37:56.0708 0x0b0c  uliagpkx - ok
13:37:56.0755 0x0b0c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
13:37:56.0770 0x0b0c  umbus - ok
13:37:56.0817 0x0b0c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
13:37:56.0817 0x0b0c  UmPass - ok
13:37:56.0989 0x0b0c  [ CC3775100ABA633984F73DFAE1F55CAE, 845F129289BB73FD78A6C3B497F17BA973FD691BC9242200F81993417C803FE9 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:37:57.0051 0x0b0c  UNS - ok
13:37:57.0145 0x0b0c  [ F9EC9ACD504D823D9B9CA98A4F8D3CA2, 58DAD5111C598F14CB199FE6A61FA5918F29513B778A8664FD05EFAB3C665D4F ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
13:37:57.0160 0x0b0c  Updater Service - ok
13:37:57.0207 0x0b0c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
13:37:57.0254 0x0b0c  upnphost - ok
13:37:57.0285 0x0b0c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:37:57.0301 0x0b0c  usbccgp - ok
13:37:57.0347 0x0b0c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:37:57.0363 0x0b0c  usbcir - ok
13:37:57.0394 0x0b0c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
13:37:57.0394 0x0b0c  usbehci - ok
13:37:57.0441 0x0b0c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:37:57.0457 0x0b0c  usbhub - ok
13:37:57.0488 0x0b0c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
13:37:57.0503 0x0b0c  usbohci - ok
13:37:57.0550 0x0b0c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:37:57.0566 0x0b0c  usbprint - ok
13:37:57.0628 0x0b0c  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
13:37:57.0644 0x0b0c  usbscan - ok
13:37:57.0675 0x0b0c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:37:57.0691 0x0b0c  USBSTOR - ok
13:37:57.0722 0x0b0c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
13:37:57.0737 0x0b0c  usbuhci - ok
13:37:57.0800 0x0b0c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
13:37:57.0815 0x0b0c  usbvideo - ok
13:37:57.0862 0x0b0c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
13:37:57.0893 0x0b0c  UxSms - ok
13:37:57.0909 0x0b0c  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] VaultSvc        C:\Windows\system32\lsass.exe
13:37:57.0925 0x0b0c  VaultSvc - ok
13:37:57.0971 0x0b0c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:37:57.0987 0x0b0c  vdrvroot - ok
13:37:58.0049 0x0b0c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
13:37:58.0096 0x0b0c  vds - ok
13:37:58.0174 0x0b0c  [ 00C7DF4F50962BA218AB60D32869100B, 035968E4127B24E08FAC26C029B054967562B6096F25EBF445E4DF9852339CF4 ] vflt            C:\Windows\system32\DRIVERS\vfilter.sys
13:37:58.0190 0x0b0c  vflt - ok
13:37:58.0299 0x0b0c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:37:58.0315 0x0b0c  vga - ok
13:37:58.0408 0x0b0c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:37:58.0455 0x0b0c  VgaSave - ok
13:37:58.0580 0x0b0c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
13:37:58.0595 0x0b0c  vhdmp - ok
13:37:58.0689 0x0b0c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:37:58.0705 0x0b0c  viaide - ok
13:37:58.0829 0x0b0c  [ A99CA064AD11266FE7067A79BF78BBB5, B5AFFBA1A9A6E51639A89B9F6C0678E70F73D2BF37D5F88F4AD45DFC6798597D ] vnet            C:\Windows\system32\DRIVERS\virtualnet.sys
13:37:58.0845 0x0b0c  vnet - ok
13:37:58.0939 0x0b0c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:37:58.0939 0x0b0c  volmgr - ok
13:37:59.0141 0x0b0c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:37:59.0157 0x0b0c  volmgrx - ok
13:37:59.0360 0x0b0c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:37:59.0375 0x0b0c  volsnap - ok
13:37:59.0594 0x0b0c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
13:37:59.0609 0x0b0c  vsmraid - ok
13:37:59.0828 0x0b0c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
13:37:59.0906 0x0b0c  VSS - ok
13:37:59.0968 0x0b0c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
13:37:59.0984 0x0b0c  vwifibus - ok
13:37:59.0984 0x0b0c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:38:00.0015 0x0b0c  vwififlt - ok
13:38:00.0046 0x0b0c  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
13:38:00.0062 0x0b0c  vwifimp - ok
13:38:00.0109 0x0b0c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
13:38:00.0155 0x0b0c  W32Time - ok
13:38:00.0187 0x0b0c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
13:38:00.0202 0x0b0c  WacomPen - ok
13:38:00.0249 0x0b0c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:38:00.0280 0x0b0c  WANARP - ok
13:38:00.0296 0x0b0c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:38:00.0327 0x0b0c  Wanarpv6 - ok
13:38:00.0421 0x0b0c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
13:38:00.0467 0x0b0c  WatAdminSvc - ok
13:38:00.0561 0x0b0c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
13:38:00.0608 0x0b0c  wbengine - ok
13:38:00.0639 0x0b0c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:38:00.0655 0x0b0c  WbioSrvc - ok
13:38:00.0701 0x0b0c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:38:00.0733 0x0b0c  wcncsvc - ok
13:38:00.0748 0x0b0c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:38:00.0764 0x0b0c  WcsPlugInService - ok
13:38:00.0795 0x0b0c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
13:38:00.0811 0x0b0c  Wd - ok
13:38:00.0873 0x0b0c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:38:00.0904 0x0b0c  Wdf01000 - ok
13:38:00.0951 0x0b0c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:38:00.0967 0x0b0c  WdiServiceHost - ok
13:38:00.0982 0x0b0c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:38:00.0998 0x0b0c  WdiSystemHost - ok
13:38:01.0045 0x0b0c  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
13:38:01.0060 0x0b0c  WebClient - ok
13:38:01.0107 0x0b0c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:38:01.0154 0x0b0c  Wecsvc - ok
13:38:01.0169 0x0b0c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:38:01.0201 0x0b0c  wercplsupport - ok
13:38:01.0232 0x0b0c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:38:01.0279 0x0b0c  WerSvc - ok
13:38:01.0310 0x0b0c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:38:01.0341 0x0b0c  WfpLwf - ok
13:38:01.0357 0x0b0c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:38:01.0372 0x0b0c  WIMMount - ok
13:38:01.0403 0x0b0c  WinDefend - ok
13:38:01.0419 0x0b0c  WinHttpAutoProxySvc - ok
13:38:01.0497 0x0b0c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:38:01.0544 0x0b0c  Winmgmt - ok
13:38:01.0669 0x0b0c  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
13:38:01.0731 0x0b0c  WinRM - ok
13:38:01.0825 0x0b0c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
13:38:01.0856 0x0b0c  WinUsb - ok
13:38:01.0903 0x0b0c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:38:01.0949 0x0b0c  Wlansvc - ok
13:38:01.0996 0x0b0c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
13:38:02.0012 0x0b0c  WmiAcpi - ok
13:38:02.0043 0x0b0c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:38:02.0059 0x0b0c  wmiApSrv - ok
13:38:02.0105 0x0b0c  WMPNetworkSvc - ok
13:38:02.0137 0x0b0c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:38:02.0152 0x0b0c  WPCSvc - ok
13:38:02.0215 0x0b0c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:38:02.0230 0x0b0c  WPDBusEnum - ok
13:38:02.0261 0x0b0c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:38:02.0293 0x0b0c  ws2ifsl - ok
13:38:02.0339 0x0b0c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
13:38:02.0355 0x0b0c  wscsvc - ok
13:38:02.0355 0x0b0c  WSearch - ok
13:38:02.0480 0x0b0c  [ 499034D7F1F6AF49F9EE12F8822793CB, 55D591C4861AF66C6B9201BF78808B2ECE7B79D95C6BB07FF0ED87EFE63DD99E ] wuauserv        C:\Windows\system32\wuaueng.dll
13:38:02.0558 0x0b0c  wuauserv - ok
13:38:02.0605 0x0b0c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:38:02.0620 0x0b0c  WudfPf - ok
13:38:02.0667 0x0b0c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:38:02.0683 0x0b0c  WUDFRd - ok
13:38:02.0729 0x0b0c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:38:02.0745 0x0b0c  wudfsvc - ok
13:38:02.0792 0x0b0c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:38:02.0807 0x0b0c  WwanSvc - ok
13:38:02.0839 0x0b0c  ================ Scan global ===============================
13:38:02.0901 0x0b0c  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
13:38:02.0948 0x0b0c  [ E80CA72FA43BF258E72C408CEF9839BE, 06482E80F43AD91F4B9E5919A0C50219382213D59EACF9FBAE7AFD7A321F30D2 ] C:\Windows\system32\winsrv.dll
13:38:02.0948 0x0b0c  [ E80CA72FA43BF258E72C408CEF9839BE, 06482E80F43AD91F4B9E5919A0C50219382213D59EACF9FBAE7AFD7A321F30D2 ] C:\Windows\system32\winsrv.dll
13:38:02.0979 0x0b0c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:38:03.0041 0x0b0c  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
13:38:03.0041 0x0b0c  [ Global ] - ok
13:38:03.0041 0x0b0c  ================ Scan MBR ==================================
13:38:03.0057 0x0b0c  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
13:38:03.0494 0x0b0c  \Device\Harddisk0\DR0 - ok
13:38:03.0494 0x0b0c  ================ Scan VBR ==================================
13:38:03.0494 0x0b0c  [ 00E2B47743910FA0B567789C5C12D27A ] \Device\Harddisk0\DR0\Partition1
13:38:03.0494 0x0b0c  \Device\Harddisk0\DR0\Partition1 - ok
13:38:03.0509 0x0b0c  [ 1D40F7A3995729F24FF52008743FA00B ] \Device\Harddisk0\DR0\Partition2
13:38:03.0509 0x0b0c  \Device\Harddisk0\DR0\Partition2 - ok
13:38:03.0509 0x0b0c  ================ Scan generic autorun ======================
13:38:03.0572 0x0b0c  [ E19B41A5537C96D577DD796439DDDC29, 0B3DCD531207F13A677EEF46FF04C9FABA36308BC3F1041EE624FD946CAB0E10 ] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
13:38:03.0619 0x0b0c  AmIcoSinglun64 - detected UnsignedFile.Multi.Generic ( 1 )
13:38:06.0380 0x0b0c  Detect skipped due to KSN trusted
13:38:06.0380 0x0b0c  AmIcoSinglun64 - ok
13:38:06.0723 0x0b0c  [ 37F1D9DE11A9888D014D5BE966084B34, 992B87FF41A811418C0166B48B5509090F9A66E3CF5B85BB19ED6059A6460C55 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
13:38:07.0066 0x0b0c  RtHDVCpl - ok
13:38:07.0144 0x0b0c  [ 366F1A602121E3FC97A50EB9AD95618F, DFCD9491B73D208F94717DBE549F20F5E6714C736EADBD4D8E524050538AB676 ] C:\Program Files\Apoint2K\Apoint.exe
13:38:07.0175 0x0b0c  Apoint - ok
13:38:07.0253 0x0b0c  [ B34FE21E2DB91CA5D40E98D70FD2A25B, 2AE9F6FB237D48A3B087B37E12E12D6699ABBE415FFC2288F933035EA4FE699D ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
13:38:07.0285 0x0b0c  Acer ePower Management - ok
13:38:07.0363 0x0b0c  [ 2782D83D9B1071E28E2A4D9C6F5307C6, A0AD020D58D4759EB4F4DDF4E8B7397CDEF095ECD2E2804E250DEBA9117B1E30 ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
13:38:07.0363 0x0b0c  BackupManagerTray - detected UnsignedFile.Multi.Generic ( 1 )
13:38:10.0093 0x0b0c  Detect skipped due to KSN trusted
13:38:10.0093 0x0b0c  BackupManagerTray - ok
13:38:10.0171 0x0b0c  [ E439643E61B6CE7F47CC03E6A4590E26, E0C3DD41BD12CAF2AA04E930A30D3C4DF9974AC8769C58A45B744C28F6EF469D ] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
13:38:10.0186 0x0b0c  SuiteTray - ok
13:38:10.0233 0x0b0c  [ 6C695B04E2E29459CDC2E5C0970B883B, CE0CFE5369B9931FF387A2F64B9F7F8E6583CE50789FB703228AC68950F32EA9 ] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
13:38:10.0249 0x0b0c  EgisUpdate - ok
13:38:10.0264 0x0b0c  [ 27964C4676D0F4B34DB7332AFA2B1474, E3A7ED7642A3902C19E96717E9C14267C9A578637338674A2654A018D3D7F65D ] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
13:38:10.0280 0x0b0c  EgisTecPMMUpdate - ok
13:38:10.0358 0x0b0c  [ 77AC8322178FB8F3117CDD3B6DC6E126, 2786198EE920D7788FA0DE376231D4E42AB68F6D5A1E87FAC1F3D7424D1ED493 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
13:38:10.0358 0x0b0c  StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
13:38:20.0435 0x0b0c  StartCCC ( UnsignedFile.Multi.Generic ) - warning
13:38:20.0435 0x0b0c  Force sending object to P2P due to detect: C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
13:38:24.0164 0x0b0c  Object send P2P result: true
13:38:26.0987 0x0b0c  [ B283F9A1DEABD43ACC7481F893CF21E9, D3DE06E20C64917917541F31E132161F4CF9FB26BCB0214B1CEADB0CF7D3FB81 ] C:\Program Files (x86)\Launch Manager\LManager.exe
13:38:27.0034 0x0b0c  LManager - ok
13:38:27.0143 0x0b0c  [ 47C1DE0A890613FFCFF1D67648EEDF90, 5821567D7DD99623257AEA794023EF4200E6E17FD09656B40D97C44A35C701BB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
13:38:27.0190 0x0b0c  Adobe ARM - ok
13:38:27.0253 0x0b0c  [ 12916E0642E92561C98B18A2A2D01B14, 4C28478CFE25E1F29AEF8BA6F2FAF3E6C2B34BF18CA77052813903E10ADDCCD5 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
13:38:27.0268 0x0b0c  SunJavaUpdateSched - ok
13:38:27.0409 0x0b0c  [ 98FAFD82E4F0674D2D7BB3C8FD141D32, 4F44F6B17E40268B8EE0251E6D913157CA1E7CE4C9D9B434262E74F136453A10 ] c:\Progra~2\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
13:38:27.0440 0x0b0c  Adobe Version Cue CS2 - detected UnsignedFile.Multi.Generic ( 1 )
13:38:30.0170 0x0b0c  Detect skipped due to KSN trusted
13:38:30.0170 0x0b0c  Adobe Version Cue CS2 - ok
13:38:30.0295 0x0b0c  [ C1A86A6D6847DEFF009EAE85BA0C1F20, 7DC2A823FA281117B335B74876469C788A5C81534251179BE86F3FB35F1B6D67 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
13:38:30.0326 0x0b0c  avgnt - ok
13:38:30.0529 0x0b0c  [ 4C8962A0DCAEBE9E298ECF0958128F59, 0EBFA6EFAD0196E31E29B23857954E3787B78C70C48BEC25F3FB9D9D685BC1D4 ] C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
13:38:30.0638 0x0b0c  ApnTBMon - ok
13:38:30.0731 0x0b0c  [ A8E69DA21AEEB9DAA55D90E87AC1A549, 175AF750A1DF53555D0CB6C61312CEE37E2CB182873041A8AE38C57EA01DC2F5 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
13:38:30.0747 0x0b0c  Avira SystrayStartTrigger - ok
13:38:30.0981 0x0b0c  [ E5255D63DD01AA9F1CC4355FE366E2D3, 2E28C14DC1FEAE10626D37FF4C1DAE27F3801A40EA973E02E42B48185CBBC89B ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
13:38:31.0199 0x0b0c  LogMeIn Hamachi Ui - ok
13:38:31.0199 0x0b0c  iMesh - ok
13:38:31.0199 0x0b0c  Waiting for KSN requests completion. In queue: 7
13:38:32.0213 0x0b0c  Waiting for KSN requests completion. In queue: 7
13:38:33.0227 0x0b0c  Waiting for KSN requests completion. In queue: 7
13:38:33.0929 0x0868  Object required for P2P: [ 4C8962A0DCAEBE9E298ECF0958128F59 ] C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
13:38:34.0241 0x0b0c  Waiting for KSN requests completion. In queue: 3
13:38:35.0255 0x0b0c  Waiting for KSN requests completion. In queue: 3
13:38:36.0269 0x0b0c  Waiting for KSN requests completion. In queue: 3
13:38:36.0722 0x0868  Object send P2P result: true
13:38:36.0722 0x0868  Object required for P2P: [ E5255D63DD01AA9F1CC4355FE366E2D3 ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
13:38:37.0283 0x0b0c  Waiting for KSN requests completion. In queue: 1
13:38:38.0297 0x0b0c  Waiting for KSN requests completion. In queue: 1
13:38:39.0311 0x0b0c  Waiting for KSN requests completion. In queue: 1
13:38:39.0530 0x0868  Object send P2P result: true
13:38:40.0606 0x0b0c  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.13.202 ), 0x40000 ( disabled : updated )
13:38:40.0637 0x0b0c  Win FW state via NFP2: enabled ( trusted )
13:38:43.0430 0x0b0c  ============================================================
13:38:43.0430 0x0b0c  Scan finished
13:38:43.0430 0x0b0c  ============================================================
13:38:43.0430 0x0e78  Detected object count: 1
13:38:43.0430 0x0e78  Actual detected object count: 1
13:39:02.0540 0x0e78  StartCCC ( UnsignedFile.Multi.Generic ) - skipped by user
13:39:02.0540 0x0e78  StartCCC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:39:14.0115 0x1470  Deinitialize success
         
__________________

Alt 28.11.2015, 13:53   #4
svener
 
Rechner ist langsamer und zeigt bestimmte Elemente in der Taskleiste nicht mehr an - Standard

Rechner ist langsamer und zeigt bestimmte Elemente in der Taskleiste nicht mehr an



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-11-2015
durchgeführt von Sven (Administrator) auf SV-PC (28-11-2015 13:29:49)
Gestartet von C:\Users\Sven\Desktop
Geladene Profile: Sven (Verfügbare Profile: Sven)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Connectify\ConnectifyService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
() C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
() C:\Program Files\ShrewSoft\VPN Client\iked.exe
() C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(CANON INC.) C:\Program Files (x86)\Canon\ImageTransferUtility\ImageTransferUtility.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Sytems Incorporated) C:\Program Files (x86)\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
() C:\Program Files (x86)\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-23] (Alcor Micro Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9643552 2009-12-11] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [325120 2009-10-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-04-23] (Acer Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [260608 2010-03-09] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-02-01] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201512 2009-12-25] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [401192 2009-12-25] (Egis Technology Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [908368 2010-04-08] (Dritek System Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Adobe Version Cue CS2] => c:\Program Files (x86)\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe [856064 2005-04-06] (Adobe Sytems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-09-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1734544 2015-11-11] (APN)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKU\S-1-5-21-3580373449-2775760489-4167589230-1000\...\Run: [iMesh] => "C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe" --lightmode
HKU\S-1-5-18\...\Run: [Duden Korrektor SysTray] => C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\DKTray.exe [332432 2011-07-14] (Expert System S.p.A.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll [2010-02-01] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll [2010-02-01] (Egis Technology Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Image Transfer Utility.lnk [2015-06-16]
ShortcutTarget: Image Transfer Utility.lnk -> C:\Program Files (x86)\Canon\ImageTransferUtility\ImageTransferUtility.exe (CANON INC.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2012-12-18]
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{0F06FAB6-6847-41D3-8D4A-F0EC00623E84}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8751A103-9CA0-448D-818F-150CFCF9572A}: [NameServer] 141.55.192.51,141.55.192.50

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-3580373449-2775760489-4167589230-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3580373449-2775760489-4167589230-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-3580373449-2775760489-4167589230-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE403
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll [2015-11-11] (APN LLC.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: PDF Architect 3 Helper -> {06E08260-0695-4EC1-A74B-1310D8899D93} -> C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-04-24] (pdfforge GmbH)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll [2015-11-11] (APN LLC.)
BHO-x32: Kein Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Keine Datei
BHO-x32: SwissAcademic.Citavi.Picker.IEPicker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-25] (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-25] (Oracle Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll [2015-11-11] (APN LLC.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll [2015-11-11] (APN LLC.)
Toolbar: HKLM-x32 - PDF Architect 3 Toolbar - {2DFF3579-5AA7-45B9-9328-1D38EA230861} - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll [2015-04-24] (pdfforge GmbH)
Toolbar: HKU\S-1-5-21-3580373449-2775760489-4167589230-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
Toolbar: HKU\S-1-5-21-3580373449-2775760489-4167589230-1000 -> Kein Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  Keine Datei
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\790y69hn.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-10] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-08-08] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-08-25] (DivX,Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-09-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-09-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2013-08-20] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-17] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 3 -> C:\Program Files (x86)\PDF Architect 3\np-previewer.dll [2015-04-24] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-3580373449-2775760489-4167589230-1000: @www.flatcast.com/FlatViewer 5.2 -> C:\Users\Sven\AppData\Roaming\Mozilla\Plugins\NpFv530.dll [2011-09-23] (1 mal 1 Software GmbH)
FF Plugin HKU\S-1-5-21-3580373449-2775760489-4167589230-1000: iMeshPlugin -> C:\Program Files (x86)\iMesh Applications\iMesh\npiMeshPlugin.dll [Keine Datei]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFv530.dll [2011-09-23] (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2012-10-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2012-10-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2012-10-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2012-10-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2012-10-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2012-10-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2012-10-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Sven\AppData\Roaming\mozilla\plugins\NpFv530.dll [2011-09-23] (1 mal 1 Software GmbH)
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2013-04-17] [ist nicht signiert]
FF Extension: YouTube to MP3 - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\790y69hn.default\extensions\youtube2mp3@mondayx.de.xpi [2015-05-31]
FF Extension: NoScript - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\790y69hn.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-11-24]
FF Extension: Adblock Plus - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\790y69hn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-24]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-11-24] [ist nicht signiert]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2015-11-24] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_3_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension
FF Extension: PDF Architect 3 Creator - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension [2015-06-18] [ist nicht signiert]

Chrome: 
=======
CHR Profile: C:\Users\Sven\AppData\Local\Google\Chrome\User Data\default
CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh [2015-05-17]
CHR Extension: (Google Präsentationen) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-17]
CHR Extension: (Google Docs) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-17]
CHR Extension: (Google Drive) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (Wordpress Style Editor) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\default\Extensions\bgdpllcnhcmpfcheafdhimpklhjoommn [2015-05-17]
CHR Extension: (YouTube) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Google-Suche) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Google Tabellen) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-17]
CHR Extension: (Google Docs Offline) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (WhatFont) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2015-08-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR Extension: (Google Mail) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-17]
CHR HKLM\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2015-11-13]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2015-11-13]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-02-06] (Adobe Systems) [Datei ist nicht signiert]
R2 Adobe Version Cue CS2; c:\Program Files (x86)\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe [163840 2005-04-06] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-09-25] (Avira Operations GmbH & Co. KG)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-09-25] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-25] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1147720 2015-10-14] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [198544 2015-11-11] (APN LLC.)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG)
R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [65536 2012-07-07] () [Datei ist nicht signiert]
R2 dtpd; C:\Program Files\ShrewSoft\VPN Client\dtpd.exe [56592 2010-08-17] ()
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [957712 2010-08-17] ()
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [697616 2010-08-17] ()
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-02-01] (Egis Technology Inc.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [250368 2010-03-09] (NewTech Infosystems, Inc.) [Datei ist nicht signiert]
S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2244312 2015-04-24] (pdfforge GmbH)
S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [901336 2015-04-24] (pdfforge GmbH)
R2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [740568 2015-04-24] (pdfforge GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-09-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-27] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-09-25] (Avira Operations GmbH & Co. KG)
R1 cnnctfy2; C:\Windows\System32\DRIVERS\cnnctfy2.sys [31344 2012-07-26] (Connectify)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-22] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2013-12-20] (Duplex Secure Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz130; \??\C:\Users\Sven\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-28 13:29 - 2015-11-28 13:30 - 00026775 _____ C:\Users\Sven\Desktop\FRST.txt
2015-11-28 13:28 - 2015-11-28 13:28 - 02349056 _____ (Farbar) C:\Users\Sven\Desktop\FRST64.exe
2015-11-28 13:25 - 2015-11-28 13:25 - 02349056 _____ (Farbar) C:\Users\Sven\Downloads\FRST64.exe
2015-11-24 20:09 - 2015-11-24 20:09 - 13155552 _____ (Microsoft Corporation) C:\Users\Sven\Downloads\Silverlight_x64 (1).exe
2015-11-24 20:08 - 2015-11-24 20:08 - 13155552 _____ (Microsoft Corporation) C:\Users\Sven\Downloads\Silverlight_x64.exe
2015-11-24 19:44 - 2015-11-24 19:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-22 23:43 - 2015-11-22 23:43 - 00861256 _____ C:\Windows\Minidump\112215-21450-01.dmp
2015-11-19 17:45 - 2015-11-19 17:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-11-19 17:45 - 2015-11-19 17:45 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-11-15 14:29 - 2015-11-15 14:29 - 00772320 _____ C:\Windows\Minidump\111515-22635-01.dmp
2015-11-12 23:35 - 2015-11-12 23:35 - 00003480 ____N C:\bootsqm.dat
2015-11-12 19:43 - 2015-11-28 12:55 - 00000000 ____D C:\Users\Sven\AppData\Local\LogMeIn Hamachi
2015-11-12 19:43 - 2015-11-12 19:43 - 00000000 ____D C:\Users\Sven\AppData\Local\LogMeIn
2015-11-12 19:43 - 2015-11-12 19:43 - 00000000 ____D C:\ProgramData\LogMeIn
2015-11-12 19:43 - 2015-11-12 11:51 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-11-12 19:42 - 2015-11-19 17:45 - 00000930 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-11-12 19:40 - 2015-11-12 19:41 - 08716288 _____ C:\Users\Sven\Downloads\hamachi220383.msi
2015-11-12 19:37 - 2015-11-12 19:37 - 00002186 _____ C:\Users\Public\Desktop\Age of Empires II.lnk
2015-11-12 19:37 - 2015-11-12 19:37 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-11-12 19:37 - 2015-11-12 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2015-11-12 19:32 - 2015-11-12 19:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Games
2015-11-12 19:22 - 2015-11-12 19:22 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2015-11-12 19:20 - 2015-11-12 19:20 - 01466656 _____ C:\Users\Sven\Downloads\Virtual CloneDrive - CHIP-Installer.exe
2015-11-05 23:37 - 2015-11-05 23:37 - 00000000 ____D C:\ProgramData\boost_interprocess

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-28 13:29 - 2014-01-19 14:59 - 00000000 ____D C:\FRST
2015-11-28 13:00 - 2009-07-14 05:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-28 13:00 - 2009-07-14 05:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-26 19:40 - 2015-05-17 14:49 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-26 19:37 - 2012-05-11 09:37 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-24 21:03 - 2015-05-17 14:48 - 00000000 __SHD C:\Users\Sven\AppData\Local\EmieUserList
2015-11-24 21:03 - 2015-05-17 14:48 - 00000000 __SHD C:\Users\Sven\AppData\Local\EmieSiteList
2015-11-24 21:03 - 2015-05-17 14:48 - 00000000 __SHD C:\Users\Sven\AppData\Local\EmieBrowserModeList
2015-11-24 19:53 - 2010-12-18 05:54 - 00001324 _____ C:\Windows\WinInit.Ini
2015-11-24 19:48 - 2015-07-28 14:37 - 00000000 ____D C:\Users\Sven\Desktop\Neuer Ordner
2015-11-24 19:38 - 2012-05-07 13:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-22 23:47 - 2009-10-05 22:35 - 00000000 ____D C:\Windows
2015-11-22 23:43 - 2011-01-22 06:42 - 00000000 ____D C:\Windows\Minidump
2015-11-22 18:48 - 2015-02-17 22:25 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-15 13:30 - 2014-12-10 21:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-11-15 13:30 - 2014-12-10 21:46 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-11-15 13:30 - 2012-07-18 21:51 - 00001110 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-11-12 23:36 - 2009-07-14 05:45 - 00405712 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-12 20:53 - 2010-10-26 13:07 - 00110288 _____ C:\Users\Sven\AppData\Local\GDIPFONTCACHEV1.DAT
2015-11-12 20:07 - 2010-10-26 13:07 - 00000000 ____D C:\Users\Sven\AppData\Local\VirtualStore
2015-11-12 19:30 - 2010-09-04 17:11 - 00720484 _____ C:\Windows\system32\perfh007.dat
2015-11-12 19:30 - 2010-09-04 17:11 - 00158454 _____ C:\Windows\system32\perfc007.dat
2015-11-12 19:30 - 2009-07-14 06:13 - 01675386 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-12 19:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-11-11 23:47 - 2015-05-17 14:51 - 00002179 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-11 23:04 - 2015-09-03 10:28 - 00001142 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-11-11 23:04 - 2015-07-27 17:22 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-11 23:04 - 2015-07-27 17:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-10 23:50 - 2010-12-13 05:07 - 00000000 ____D C:\Users\Sven\Documents\Faustball
2015-11-10 21:42 - 2012-05-11 09:37 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-10 21:42 - 2012-05-11 09:37 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-10 21:42 - 2011-12-19 22:24 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-09 19:20 - 2012-08-28 22:56 - 00000000 ____D C:\Users\Sven\Documents\Faustballtraining
2015-11-01 16:10 - 2015-07-28 14:38 - 00000000 ____D C:\Users\Sven\Desktop\Playlist schweiz

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-12-08 13:44 - 2012-12-08 13:44 - 0038423 _____ () C:\Users\Sven\AppData\Roaming\Kommagetrennte Werte (DOS).ADR
2012-12-08 13:47 - 2012-12-08 13:47 - 0012955 _____ () C:\Users\Sven\AppData\Roaming\Kommagetrennte Werte (DOS).CAL
2011-05-29 15:47 - 2011-05-29 15:47 - 0004096 ____H () C:\Users\Sven\AppData\Local\keyfile3.drm
2014-06-13 09:58 - 2014-06-13 10:06 - 0001468 _____ () C:\Users\Sven\AppData\Local\RecConfig.xml
2010-11-06 18:43 - 2013-09-29 21:01 - 0017408 _____ () C:\Users\Sven\AppData\Local\WebpageIcons.db
2011-11-06 19:52 - 2011-11-06 19:52 - 0000000 _____ () C:\Users\Sven\AppData\Local\{3FF4A9D9-6D4D-479F-AC57-8EBD78CA3797}
2011-12-07 23:53 - 2011-12-07 23:53 - 0000000 _____ () C:\Users\Sven\AppData\Local\{DDBC1DCB-DA5C-443C-9F65-CA8822FAB063}
2010-11-28 00:38 - 2010-11-28 00:38 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Einige Dateien in TEMP:
====================
C:\Users\Sven\AppData\Local\Temp\4xnsmz0t.dll
C:\Users\Sven\AppData\Local\Temp\abelssoft.setup.exe
C:\Users\Sven\AppData\Local\Temp\avgnt.exe
C:\Users\Sven\AppData\Local\Temp\cstjkyit.dll
C:\Users\Sven\AppData\Local\Temp\EBU1A82.EXE
C:\Users\Sven\AppData\Local\Temp\EBU340A.DLL
C:\Users\Sven\AppData\Local\Temp\eh5wazlb.dll
C:\Users\Sven\AppData\Local\Temp\fzqujubz.dll
C:\Users\Sven\AppData\Local\Temp\lkqgeibg.dll
C:\Users\Sven\AppData\Local\Temp\Quarantine.exe
C:\Users\Sven\AppData\Local\Temp\WZCPlugin_VISTA.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-22 16:21

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:28-11-2015
durchgeführt von Sven (2015-11-28 13:30:59)
Gestartet von C:\Users\Sven\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2010-10-26 12:06:43)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3580373449-2775760489-4167589230-500 - Administrator - Disabled)
Gast (S-1-5-21-3580373449-2775760489-4167589230-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3580373449-2775760489-4167589230-1005 - Limited - Enabled)
Sven (S-1-5-21-3580373449-2775760489-4167589230-1000 - Administrator - Enabled) => C:\Users\Sven

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

AC3Filter 1.63b (HKLM-x32\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.60 - NewTech Infosystems)
Acer Crystal Eye webcam (HKLM-x32\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 1.0.3.5 - Liteon)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3004 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3011 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{ABEE079E-648E-488B-8301-0C3DB48C1BCE}_is1) (Version: 6.1.0.2 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0423.2010 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Creative Suite 2 (HKLM-x32\...\{0134A1A1-C283-4A47-91A1-92F19F960372}) (Version:  - )
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Reader X (10.1.1) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.1 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
AGISync (HKLM-x32\...\{1617CBFB-EF18-4782-B84F-E1486FF6D4AB}) (Version: 2.6.0 - Hochschule Mittweida)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{6030FCD7-8F1A-427D-AF05-8DD1A2EA2ABA}) (Version: 1.5.17.05094 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.5.17.05094 - Alcor Micro Corp.) Hidden
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.105.2015.1107 - Alps Electric)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version:  - Oberon Media)
Apple Application Support (HKLM-x32\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{8B79B3A9-6E49-5FFB-2017-A822BBDC4992}) (Version: 3.0.758.0 - ATI Technologies, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C2500}) (Version: 12.37.0.2886 - APN, LLC)
Backup Manager Basic (x32 Version: 2.0.0.60 - NewTech Infosystems) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 12.52.03 - Broadcom Corporation)
Brother MFL-Pro Suite DCP-8070D (HKLM-x32\...\{004B8D14-7E3A-490A-ABB3-753535E169E3}) (Version: 1.0.5.0 - Brother Industries, Ltd.)
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version:  - Oberon Media)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.10.4.24 - Canon Inc.)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.14.30.0 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 0.9.52.1 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
ccc-core-static (x32 Version: 2010.0122.858.16002 - Ihr Firmenname) Hidden
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version:  - Oberon Media)
Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.)
Citavi (HKLM-x32\...\{E12C6653-1FF0-4686-ADB8-589C13AE761F}) (Version: 3.4.0.2 - Swiss Academic Software)
Collaboration Data Objects 1.2.1 (HKLM-x32\...\{86EF9EB6-DE10-4ABB-B221-D61972BB3C09}) (Version: 6.5.7821.1 - Microsoft)
Connectify (HKLM\...\Connectify) (Version: 3.5.1.24187 - Connectify)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2529.50 - CyberLink Corp.)
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version:  - Oberon Media)
Dead Space™ (HKLM-x32\...\{4D87DC92-C328-46EC-A7B4-9C88129DC696}) (Version: 1.0.222.0 - Electronic Arts)
DivX-Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.1.2.2 - DivX, Inc. )
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
Duden-Rechtschreibprüfung 30-Tage-Testversion (HKLM-x32\...\{C748FE45-F27A-438A-B490-7C2A7E7AB3F2}) (Version: 8.0 - Bibliographisches Institut GmbH)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
ElsterFormular (HKLM-x32\...\ElsterFormular 13.1.0.8394p) (Version: 13.1.0.8394p - Landesfinanzdirektion Thüringen)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version:  - Oberon Media)
Flatcast Viewer Plugin 5.3.0.784 (HKLM-x32\...\Flatcast Viewer 5.3_is1) (Version:  - 1 mal 1 Software GmbH)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free Sound Recorder v9.7.5 (HKLM-x32\...\Free Sound Recorder_is1) (Version:  - Copyright(C) 2005-2014 FreeSoundRecorder Technologies, Inc.)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 3.21.2.1 - Futuremark Corporation)
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version:  - Oberon Media)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GPL Ghostscript 9.00 (HKLM-x32\...\GPL Ghostscript 9.00) (Version:  - )
Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version:  - Oberon Media)
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version:  - Oberon Media)
ICQ7.2 (HKLM-x32\...\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}) (Version: 7.2 - ICQ)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
iTunes (HKLM\...\{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}) (Version: 10.7.0.21 - Apple Inc.)
Java 7 Update 9 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.90 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
K-Lite Codec Pack 6.0.4 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.0.4 - )
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.8 - Acer Inc.)
Lexware Info Service (HKLM-x32\...\{8AE7E507-BC49-4DF0-A236-26878691AB53}) (Version: 2.90.00.0009 - Haufe-Lexware GmbH & Co.KG)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mein CEWE FOTOBUCH (HKLM-x32\...\Mein CEWE FOTOBUCH) (Version: 6.0.5 - CEWE Stiftung u Co. KGaA)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft Games for Windows - LIVE (HKLM-x32\...\{B45FABE7-D101-4D99-A671-E16DA40AF7F0}) (Version: 3.0.86.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{B578C85A-A84C-4230-A177-C5B2AF565B8C}) (Version: 3.0.17.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version:  - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM-x32\...\OMUI.de-de) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Project Professional 2010 (HKLM-x32\...\Office14.PRJPROR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visio Professional 2010 (HKLM-x32\...\Office14.VISIOR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft_VC100_CRT_x86 (HKLM-x32\...\{6FDDB201-2CA0-42BD-973F-7B2C4A61EA3F}) (Version: 1.0.0 - Microsoft)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyWinLocker (x32 Version: 3.1.206.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.206.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.206.0 - Egis Technology Inc.) Hidden
Nero 11 (HKLM-x32\...\{5CB79EE7-301F-4AE7-A76D-D27BF8942E0A}) (Version: 11.2.00400 - Nero AG)
Nero 2014 (HKLM-x32\...\{F384C1E1-3A16-4073-95C3-7271FE0ED4C2}) (Version: 15.0.02200 - Nero AG)
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG)
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.628 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.628 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6630 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6630 - NewTech Infosystems) Hidden
NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH)
PDF Architect 3 Asian Fonts Pack (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Convert Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Create Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Edit Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Forms Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Insert Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 OCR Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Review Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Secure Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 View Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.211.0 - Tracker Software Products Ltd)
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
QuickSteuer 2012 (HKLM-x32\...\{39AF5C9F-9673-438F-BBF9-47690B989F7F}) (Version: 18.09.00.0003 - Haufe-Lexware GmbH & Co.KG)
QuickSteuer 2013 (HKLM-x32\...\{500342C9-CCD5-4335-89AE-C8A65C0A153B}) (Version: 19.06.00.0003 - Haufe-Lexware GmbH & Co.KG)
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6000 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
SciLor's grooveshark™.com Downloader 0.4.12 (HKLM-x32\...\{DDEAE484-D5FB-49CB-BD47-9512E8ACCA65}_is1) (Version: 0.4.12 - SciLor)
Secure Download Manager (HKLM-x32\...\{B15B400A-19ED-4CC7-B3E4-9295D8470CBE}) (Version: 3.0.3 - e-academy Inc.)
SecureW2 EAP Suite 1.1.3 for Windows (HKLM-x32\...\SecureW2 EAP Suite) (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{58FA40EF-ABA9-4FED-AD3D-318A6073934D}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{359ADBEC-068A-4CC9-9174-77AB8EDB867A}) (Version:  - Microsoft)
Shredder (Version: 2.0.5.0 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.5.0 - Egis Technology Inc.) Hidden
Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version:  - )
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spin & Win (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}) (Version:  - Oberon Media)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: 1.2.2.17811 - Blizzard Entertainment)
Suite Specific (x32 Version: 2.0.0 - Adobe Systems, Incorporated) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
VCRedistSetup (x32 Version: 1.0.0 - Nero AG) Hidden
Virtua Tennis Demo (HKLM-x32\...\{41482020-29DF-11D6-AFCB-0040052179B6}) (Version:  - )
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
welcome (x32 Version: 11.0.22900.0.0 - Nero AG) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.01.3002 - Acer Incorporated)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
YouTube Song Downloader (HKLM-x32\...\{4281435C-AD1D-4C8A-B9C0-3961C11EF142}_is1) (Version: 10.3 - Abelssoft)
Zattoo4 4.0.5 (HKLM-x32\...\Zattoo4) (Version: 4.0.5 - Zattoo Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3580373449-2775760489-4167589230-1000_Classes\CLSID\{939A0D04-0E07-48FE-A463-6623B70C3A96}\localserver32 -> "C:\Users\Sven\AppData\Local\Conduit\ValueApps\IE\64\ValueApps.exe" => Keine Datei

==================== Wiederherstellungspunkte =========================

27-10-2015 23:41:18 Windows Update
29-10-2015 22:33:20 Windows Update
29-10-2015 23:17:38 Windows Update
02-11-2015 23:10:38 Windows Update
02-11-2015 23:59:56 Windows Update
05-11-2015 23:34:36 Windows Update
06-11-2015 19:22:39 Windows Update
12-11-2015 19:41:34 Installed LogMeIn Hamachi

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2011-12-31 16:28 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0D090E83-0C0B-4378-90AD-77645A22D52F} - System32\Tasks\{FA47C561-923C-4A84-8AEB-E932DBE81B39} => pcalua.exe -a C:\Users\Sven\Dragonage\DragonAgeDVD1\Setup.exe -d C:\Users\Sven\Dragonage\DragonAgeDVD1
Task: {15D0D7F6-9182-46E1-B7E9-EDDD10687703} - System32\Tasks\{E76BC036-BAD8-459E-8709-37DDFA83F586} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {2DEB10C1-4064-4F0B-90AB-6101BFC656C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-17] (Google Inc.)
Task: {37B0D9C2-ADA3-43B3-9EE1-65C2CF5CB166} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3CA65E52-6344-49EE-AB41-24E9A2A94DED} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-08-20] (Nero AG)
Task: {554860B0-FB6F-4065-8926-2248DAFD6096} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-17] (Google Inc.)
Task: {72766E8E-F549-4DBF-B40D-A7C9BC59781C} - System32\Tasks\{BC4F8653-2C11-4B00-B109-CEC5A428F51E} => pcalua.exe -a "C:\Program Files (x86)\Java\jre6\bin\javacpl.exe" -d C:\Windows\system32
Task: {8CDD26AC-8655-4585-8F7F-8CBA7C8254D0} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {E3C81E0C-F371-461B-8FD8-6400694F327A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-10] (Adobe Systems Incorporated)
Task: {EA4EBF4C-FC78-4368-B594-75A6C5DD1DC4} - System32\Tasks\{78B7564D-5403-4EA8-9E19-D7E6F57BACCB} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.0.0.152.259&amp;LastError=12002
Task: {FBD70B61-72AA-4359-8A27-D87AE170A72A} - System32\Tasks\{3E28F029-7CF0-4177-987C-82C346E01D48} => pcalua.exe -a C:\Users\Sven\Desktop\websync_2.8.1.exe -d C:\Users\Sven\Desktop

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2010-12-22 08:29 - 2010-06-18 05:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2010-11-11 20:37 - 2010-03-15 11:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2012-07-26 13:58 - 2012-07-07 03:35 - 00065536 _____ () C:\Program Files (x86)\Connectify\ConnectifyService.exe
2010-08-17 22:31 - 2010-08-17 22:31 - 00056592 _____ () C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
2010-07-14 07:17 - 2010-07-14 07:17 - 00017920 _____ () C:\Program Files\ShrewSoft\VPN Client\libith.dll
2010-07-14 07:17 - 2010-07-14 07:17 - 00019456 _____ () C:\Program Files\ShrewSoft\VPN Client\libdtp.dll
2010-07-14 07:17 - 2010-07-14 07:17 - 00026624 _____ () C:\Program Files\ShrewSoft\VPN Client\libidb.dll
2010-07-14 07:17 - 2010-07-14 07:17 - 00013312 _____ () C:\Program Files\ShrewSoft\VPN Client\liblog.dll
2010-07-14 07:17 - 2010-07-14 07:17 - 00035328 _____ () C:\Program Files\ShrewSoft\VPN Client\libvflt.dll
2010-07-14 07:17 - 2010-07-14 07:17 - 00119296 _____ () C:\Program Files\ShrewSoft\VPN Client\libip.dll
2010-08-17 22:31 - 2010-08-17 22:31 - 00957712 _____ () C:\Program Files\ShrewSoft\VPN Client\iked.exe
2010-07-14 07:17 - 2010-07-14 07:17 - 00028160 _____ () C:\Program Files\ShrewSoft\VPN Client\libike.dll
2010-07-14 07:18 - 2010-07-14 07:18 - 00040448 _____ () C:\Program Files\ShrewSoft\VPN Client\libvnet.dll
2010-07-14 07:17 - 2010-07-14 07:17 - 00030720 _____ () C:\Program Files\ShrewSoft\VPN Client\libpfk.dll
2010-08-17 22:31 - 2010-08-17 22:31 - 00697616 _____ () C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
2005-04-06 16:53 - 2005-04-06 16:53 - 03502080 _____ () c:\Program Files (x86)\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
2010-01-07 13:42 - 2010-01-07 13:42 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-09-04 07:23 - 2010-09-04 07:23 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2005-04-06 16:52 - 2005-04-06 16:52 - 00028791 _____ () c:\Program Files (x86)\Adobe\Adobe Version Cue CS2\jre\bin\hpi.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00057453 _____ () c:\Program Files (x86)\Adobe\Adobe Version Cue CS2\jre\bin\verify.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00102515 _____ () c:\Program Files (x86)\Adobe\Adobe Version Cue CS2\jre\bin\java.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00053364 _____ () c:\Program Files (x86)\Adobe\Adobe Version Cue CS2\jre\bin\zip.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00057455 _____ () C:\Program Files (x86)\Adobe\Adobe Version Cue CS2\jre\bin\net.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00032880 _____ () C:\Program Files (x86)\Adobe\Adobe Version Cue CS2\jre\bin\nio.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00434255 _____ () c:\Program Files (x86)\Adobe\Adobe Version Cue CS2\bin\ps-rw-vc-v8_58.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 01019904 _____ () c:\Program Files (x86)\Adobe\Adobe Version Cue CS2\bin\ps-vc-v8_58.dll
2012-08-27 20:33 - 2012-08-27 20:33 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-08-27 20:33 - 2012-08-27 20:33 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-07-26 13:58 - 2012-07-07 03:36 - 00088936 _____ () C:\Program Files (x86)\Connectify\NativeLibrary.dll
2011-03-04 12:49 - 2011-03-04 12:49 - 00202752 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2012-07-26 13:58 - 2012-07-07 03:36 - 00034152 _____ () C:\Program Files (x86)\Connectify\DriverLib.dll
2012-07-26 13:58 - 2012-07-07 03:36 - 01017192 _____ () C:\Program Files (x86)\Connectify\ConnectifyNAT.dll
2012-07-26 13:58 - 2012-07-07 03:36 - 00015208 _____ () C:\Program Files (x86)\Connectify\BuildProps.dll
2012-07-26 13:58 - 2012-07-07 03:36 - 00700264 _____ () C:\Program Files (x86)\Connectify\Vendors.dll
2010-03-09 01:18 - 2010-03-09 01:18 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-09-04 16:59 - 2009-05-20 23:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2010-03-09 01:13 - 2010-03-09 01:13 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:93DE1838
AlternateDataStreams: C:\Users\Sven\.DS_Store:AFP_AfpInfo
AlternateDataStreams: C:\Users\Sven\Desktop\.DS_Store:AFP_AfpInfo
AlternateDataStreams: C:\Users\Sven\Desktop\WWi-III:AFP_AfpInfo

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3580373449-2775760489-4167589230-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: )
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: CVPND => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk => C:\Windows\pss\Adobe Gamma.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Polar WebSync.lnk => C:\Windows\pss\Polar WebSync.lnk.CommonStartup
MSCONFIG\startupreg: Adobe Version Cue CS2 => c:\Progra~2\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BrMfcWnd => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
MSCONFIG\startupreg: Connectify => C:\Program Files (x86)\Connectify\Connectify.exe
MSCONFIG\startupreg: ControlCenter3 => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Duden Korrektor SysTray => C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\DKTray.exe
MSCONFIG\startupreg: FreePDF Assistant => C:\Program Files (x86)\FreePDF_XP\fpassist.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LexwareInfoService => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe /autostart
MSCONFIG\startupreg: lollipop => "c:\users\sven\appdata\local\lollipop\lollipop.exe" lollipop
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: NBAgent => "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{C74E7E11-31A6-4CE0-8828-55978CCAAA09}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{1BBF7245-1D13-4F33-98AA-1CCA8D4201DD}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{721FDCF7-EF17-4399-AB92-5D84EE09F3C3}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{93CA7EF4-EFED-4FF3-84D5-FE6B2C24A902}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{9F0A0F1D-14B1-4E8D-B41D-8B19C4C12CE7}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{C9EAB87B-A56B-41A7-A90F-403D2ECD4B31}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{D4ECD065-D7F2-467D-8F8A-9C1F53E515B7}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{D1D1A599-EF67-46A5-8463-C9F564E28121}] => (Allow) svchost.exe
FirewallRules: [{24FCE8DD-2D87-486C-BBDE-3DDB02B19D7D}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{7FB94262-3C98-40A1-8739-8FC687B626EE}] => (Allow) C:\Program Files (x86)\ICQ7.2\ICQ.exe
FirewallRules: [{49167585-B7E9-4767-BDFA-D325444E6439}] => (Allow) C:\Program Files (x86)\ICQ7.2\ICQ.exe
FirewallRules: [{1712A6C7-659C-4CA2-B2D6-BB994724225C}] => (Allow) C:\Program Files (x86)\ICQ7.2\ICQ.exe
FirewallRules: [{E7325106-F7CC-42CF-BCBD-9BAD4613611D}] => (Allow) C:\Program Files (x86)\ICQ7.2\ICQ.exe
FirewallRules: [{ABD549E1-4165-4661-959D-1BA23BDAB953}] => (Allow) C:\Program Files (x86)\ICQ7.2\aolload.exe
FirewallRules: [{F2CC2A86-A852-490F-97E3-7A139D1F32B9}] => (Allow) C:\Program Files (x86)\ICQ7.2\aolload.exe
FirewallRules: [{7E7C676E-12C7-480D-8BE0-799E694D0D3F}] => (Allow) C:\Program Files (x86)\ICQ7.2\aolload.exe
FirewallRules: [{15A68538-572B-466C-AEB2-8742D3C2B3F2}] => (Allow) C:\Program Files (x86)\ICQ7.2\aolload.exe
FirewallRules: [{481DB98E-4D85-4B0B-AE4A-BF69FB79A592}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2EB54030-B263-4E27-A38F-089177746F8A}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{00BFB481-A793-4917-A0AF-B78A1AAE6F38}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{3F16FF79-29D4-48F6-9B38-6AC57613250A}C:\program files (x86)\icq7.2\icq.exe] => (Allow) C:\program files (x86)\icq7.2\icq.exe
FirewallRules: [UDP Query User{0BAFB910-D484-4FFD-B774-5249DDF91A31}C:\program files (x86)\icq7.2\icq.exe] => (Allow) C:\program files (x86)\icq7.2\icq.exe
FirewallRules: [TCP Query User{E23D211C-B022-41CD-A361-0B132FFA8423}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{FFB863C8-B188-4307-A222-E2374E34333D}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{5E7A9D69-DEE8-4A0A-9F36-9FB9C972B569}C:\program files (x86)\dc++\dcplusplus.exe] => (Allow) C:\program files (x86)\dc++\dcplusplus.exe
FirewallRules: [UDP Query User{48736BC2-361C-4FE9-B66E-CB22E716861A}C:\program files (x86)\dc++\dcplusplus.exe] => (Allow) C:\program files (x86)\dc++\dcplusplus.exe
FirewallRules: [TCP Query User{D2D5B5F2-7A59-4131-8C6E-EC7D5E273255}C:\program files (x86)\connectify\connectify.exe] => (Block) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [UDP Query User{BE8A119E-B287-4C13-A2C8-D9031522B3D6}C:\program files (x86)\connectify\connectify.exe] => (Block) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [{E2170D5B-4CFF-4D31-BED0-4CB2A4C74750}] => (Allow) C:\Program Files (x86)\Connectify\Connectify.exe
FirewallRules: [{BBEE22E6-1565-4801-8C42-180EA77370A4}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{58BDAF1B-4090-4EA2-898B-5F25A35686F3}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{7CAC2478-0E35-43EC-949D-9DE8505C647D}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{D3DB6BDE-BABC-4DA7-8851-72D7DDC18E1C}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{2E7C99F4-482F-4E6D-ABDF-DD69B79AB430}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{561835BD-7A4D-4720-ABF3-518D3B969C91}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{DA6CDC8B-4B86-488B-95CE-7EC230DEFDE3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AE27325D-91F8-4D13-875F-57F5AEACA1B0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{21309629-93B3-459E-A1E4-D19D06C42EC5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{48B869C9-7F95-4ADB-9992-321635613C5C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{38859565-C152-4971-8CD0-F87CBDE9A451}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{6879EC3D-C2E1-483E-A5C6-30B233C723A6}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
FirewallRules: [{7F78C4A2-11A4-4DA6-B56A-513B2915ADA4}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
FirewallRules: [{0E84B9B6-6C7B-42FF-9971-AAFF091ADF7F}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{77464B5B-AC83-4786-AC9D-5930FC2F7A40}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{2BFCC772-6700-4F66-A18E-665C05344E46}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{150346DB-F80C-4370-9D3F-FFDA8E965585}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{E0EB8172-7AB5-430E-A555-4B2E94182908}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D6F2403F-AF42-4F6D-AB47-E3ED5EEDCFCE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{3F31BEE9-B7F7-4DB4-BB3B-E1B4B97DD25B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{413E8C36-22A7-4FCA-B66B-3926DAA5F459}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{B990FD3F-E285-43A2-BD26-D2834A8B6F95}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{EFDDAA27-36B7-4FE8-9960-0AA3F046B2D1}C:\program files (x86)\microsoft games\age of empires ii\empires2.icd] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.icd
FirewallRules: [UDP Query User{F2584B9E-1701-42AB-85B4-ECD3E55BD63A}C:\program files (x86)\microsoft games\age of empires ii\empires2.icd] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.icd
FirewallRules: [TCP Query User{CB25905F-784F-447A-9B5A-732C33589B32}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{59422202-0DF4-48EB-891F-F5CD95FA5A53}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{637C08B9-04BE-4D49-9143-59CD76383A91}] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{6E0ECB61-616D-47FC-B7E1-8FCF790C96F8}] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{D3DD79C9-AABE-40A5-BFE6-CB5835431E70}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{455A2FDF-7DC1-456C-A368-75926B32A5AD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/10/2010 00:05:27 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ArgumentOutOfRangeException
Stapel:
   bei System.Threading.Timer..ctor(System.Threading.TimerCallback, System.Object, Int32, Int32)
   bei System.Timers.Timer.set_Enabled(Boolean)
   bei System.Timers.Timer.Start()
   bei Avira.OE.WinCore.SystemTimersBasedTimer.Start(System.TimeSpan)
   bei Avira.OE.WinCore.DelayedTimer.Start(System.TimeSpan, System.TimeSpan)
   bei Avira.OE.WinCore.RecurrentUserProfileUpdater.StartRecurrentCheck(System.TimeSpan)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize()
   bei Avira.OE.ServiceHost.Program+<>c__DisplayClass1.<OnServiceStart>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (01/10/2010 00:05:16 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ArgumentOutOfRangeException
Stapel:
   bei System.Threading.Timer..ctor(System.Threading.TimerCallback, System.Object, Int32, Int32)
   bei System.Timers.Timer.set_Enabled(Boolean)
   bei System.Timers.Timer.Start()
   bei Avira.OE.WinCore.SystemTimersBasedTimer.Start(System.TimeSpan)
   bei Avira.OE.WinCore.DelayedTimer.Start(System.TimeSpan, System.TimeSpan)
   bei Avira.OE.WinCore.RecurrentUserProfileUpdater.StartRecurrentCheck(System.TimeSpan)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize()
   bei Avira.OE.ServiceHost.Program+<>c__DisplayClass1.<OnServiceStart>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (01/10/2010 00:04:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   13 79.14.82.25.in-addr.arpa. PTR Sv-PC.local.

Error: (01/10/2010 00:04:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 25.82.14.79:5353   15 79.14.82.25.in-addr.arpa. PTR Sv-PC-2.local.

Error: (01/10/2010 00:04:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   13 105.0.168.192.in-addr.arpa. PTR Sv-PC.local.

Error: (01/10/2010 00:04:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.105:5353   15 105.0.168.192.in-addr.arpa. PTR Sv-PC-2.local.

Error: (01/10/2010 00:03:26 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ArgumentOutOfRangeException
Stapel:
   bei System.Threading.Timer..ctor(System.Threading.TimerCallback, System.Object, Int32, Int32)
   bei System.Timers.Timer.set_Enabled(Boolean)
   bei System.Timers.Timer.Start()
   bei Avira.OE.WinCore.SystemTimersBasedTimer.Start(System.TimeSpan)
   bei Avira.OE.WinCore.DelayedTimer.Start(System.TimeSpan, System.TimeSpan)
   bei Avira.OE.WinCore.RecurrentUserProfileUpdater.StartRecurrentCheck(System.TimeSpan)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize()
   bei Avira.OE.ServiceHost.Program+<>c__DisplayClass1.<OnServiceStart>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (01/10/2010 00:03:00 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ArgumentOutOfRangeException
Stapel:
   bei System.Threading.Timer..ctor(System.Threading.TimerCallback, System.Object, Int32, Int32)
   bei System.Timers.Timer.set_Enabled(Boolean)
   bei System.Timers.Timer.Start()
   bei Avira.OE.WinCore.SystemTimersBasedTimer.Start(System.TimeSpan)
   bei Avira.OE.WinCore.DelayedTimer.Start(System.TimeSpan, System.TimeSpan)
   bei Avira.OE.WinCore.RecurrentUserProfileUpdater.StartRecurrentCheck(System.TimeSpan)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize()
   bei Avira.OE.ServiceHost.Program+<>c__DisplayClass1.<OnServiceStart>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (01/10/2010 00:02:50 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ArgumentOutOfRangeException
Stapel:
   bei System.Threading.Timer..ctor(System.Threading.TimerCallback, System.Object, Int32, Int32)
   bei System.Timers.Timer.set_Enabled(Boolean)
   bei System.Timers.Timer.Start()
   bei Avira.OE.WinCore.SystemTimersBasedTimer.Start(System.TimeSpan)
   bei Avira.OE.WinCore.DelayedTimer.Start(System.TimeSpan, System.TimeSpan)
   bei Avira.OE.WinCore.RecurrentUserProfileUpdater.StartRecurrentCheck(System.TimeSpan)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize()
   bei Avira.OE.ServiceHost.Program+<>c__DisplayClass1.<OnServiceStart>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (01/10/2010 00:02:38 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ArgumentOutOfRangeException
Stapel:
   bei System.Threading.Timer..ctor(System.Threading.TimerCallback, System.Object, Int32, Int32)
   bei System.Timers.Timer.set_Enabled(Boolean)
   bei System.Timers.Timer.Start()
   bei Avira.OE.WinCore.SystemTimersBasedTimer.Start(System.TimeSpan)
   bei Avira.OE.WinCore.DelayedTimer.Start(System.TimeSpan, System.TimeSpan)
   bei Avira.OE.WinCore.RecurrentUserProfileUpdater.StartRecurrentCheck(System.TimeSpan)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize()
   bei Avira.OE.ServiceHost.Program+<>c__DisplayClass1.<OnServiceStart>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()


Systemfehler:
=============
Error: (11/28/2015 01:32:03 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%126

Error: (11/28/2015 01:31:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%126

Error: (11/28/2015 01:31:03 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%126

Error: (11/28/2015 01:30:32 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%126

Error: (11/28/2015 01:30:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%126

Error: (11/28/2015 01:29:32 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%126

Error: (11/28/2015 01:29:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%126

Error: (11/28/2015 01:28:32 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%126

Error: (11/28/2015 01:28:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%126

Error: (11/28/2015 01:27:32 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%126


CodeIntegrity:
===================================
  Date: 2011-12-31 16:26:57.915
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-12-31 16:26:57.853
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-12-26 16:42:24.258
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-12-26 16:25:00.656
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-12-26 15:50:04.118
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-12-26 15:31:42.476
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-12-26 14:48:43.164
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-12-26 14:22:33.972
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-12-26 14:11:37.914
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-12-26 13:59:16.564
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 3956.5 MB
Verfügbarer physikalischer RAM: 2336.52 MB
Summe virtueller Speicher: 7911.2 MB
Verfügbarer virtueller Speicher: 6107.88 MB

==================== Laufwerke ================================

Drive c: (ACER) (Fixed) (Total:284.81 GB) (Free:7.98 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 65FC65FC)
Partition 1: (Not Active) - (Size=13.2 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=284.8 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 28.11.2015, 13:58   #5
M-K-D-B
/// TB-Ausbilder
 
Rechner ist langsamer und zeigt bestimmte Elemente in der Taskleiste nicht mehr an - Standard

Rechner ist langsamer und zeigt bestimmte Elemente in der Taskleiste nicht mehr an



Servus,




Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.



Alt 28.11.2015, 14:44   #6
svener
 
Rechner ist langsamer und zeigt bestimmte Elemente in der Taskleiste nicht mehr an - Standard

Rechner ist langsamer und zeigt bestimmte Elemente in der Taskleiste nicht mehr an



Hallo Matthias,

wie gewünscht das Combofix logfile.

Code:
ATTFilter
ComboFix 15-11-27.01 - Sven 28.11.2015  14:17:02.3.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3956.2483 [GMT 1:00]
ausgeführt von:: c:\users\Sven\Desktop\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\SecureW2
c:\program files (x86)\SecureW2\Uninstall.exe
c:\programdata\Duden
c:\programdata\Duden\DKReg.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2\TTLS Manager.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2\Uninstall.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
c:\users\Sven\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\Sven\AppData\Local\TempDIR
c:\users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SecureW2
c:\windows\wininit.ini
c:\windows\WindowsUpdate.log . . . . Nicht in der Lage zu löschen
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-10-28 bis 2015-11-28  ))))))))))))))))))))))))))))))
.
.
2015-11-19 16:45 . 2015-11-19 16:45	--------	d-----w-	c:\program files (x86)\LogMeIn Hamachi
2015-11-12 18:43 . 2015-11-12 10:51	34720	---ha-w-	c:\windows\system32\hamachi.sys
2015-11-12 18:43 . 2015-11-28 13:34	--------	d-----w-	c:\users\Sven\AppData\Local\LogMeIn Hamachi
2015-11-12 18:43 . 2015-11-12 18:43	--------	d-----w-	c:\users\Sven\AppData\Local\LogMeIn
2015-11-12 18:43 . 2015-11-12 18:43	--------	d-----w-	c:\programdata\LogMeIn
2015-11-12 18:32 . 2015-11-12 18:32	--------	d-----w-	c:\program files (x86)\Microsoft Games
2015-11-12 18:22 . 2015-11-12 18:22	--------	d-----w-	c:\program files (x86)\Elaborate Bytes
2015-11-05 22:37 . 2015-11-05 22:37	--------	d-----w-	c:\programdata\boost_interprocess
2015-11-03 22:07 . 2015-10-13 09:47	11140960	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{3CAB9416-FAB0-4AF2-9405-F13C0CB98305}\mpengine.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-11-22 17:48 . 2015-02-17 21:25	192216	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-11-10 20:42 . 2012-05-11 08:37	780488	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-11-10 20:42 . 2011-12-19 21:24	142536	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-10-05 08:50 . 2014-12-10 20:46	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-10-05 08:50 . 2014-12-10 20:46	109272	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-10-05 08:50 . 2011-03-29 14:02	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-09-25 08:15 . 2013-08-07 08:44	74952	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2015-09-25 08:15 . 2013-08-07 08:44	163544	----a-w-	c:\windows\system32\drivers\avgntflt.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}]
2015-04-24 10:22	38104	----a-w-	c:\program files (x86)\PDF Architect 3\creator-ie-helper.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
2015-11-11 12:24	11152	----a-w-	c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{41564952-412D-5637-00A7-7A786E7484D7}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" [2015-11-11 11152]
"{2DFF3579-5AA7-45B9-9328-1D38EA230861}"= "c:\program files (x86)\PDF Architect 3\creator-ie-plugin.dll" [2015-04-24 496344]
.
[HKEY_CLASSES_ROOT\clsid\{41564952-412d-5637-00a7-7a786e7484d7}]
.
[HKEY_CLASSES_ROOT\clsid\{2dff3579-5aa7-45b9-9328-1d38ea230861}]
[HKEY_CLASSES_ROOT\PDFIEPlugin.PDFIEConverter.1]
[HKEY_CLASSES_ROOT\TypeLib\{882BBDC8-4C5D-46A7-8333-5F4E819666F4}]
[HKEY_CLASSES_ROOT\PDFIEPlugin.PDFIEConverter]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-02-01 18:03	120176	----a-w-	c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-03-08 260608]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-02-01 337264]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2009-12-25 201512]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2009-12-25 401192]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-01-22 98304]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-04-08 908368]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"Adobe Version Cue CS2"="c:\progra~2\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe" [2005-04-06 856064]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-09-25 782520]
"ApnTBMon"="c:\program files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [2015-11-11 1734544]
"Avira SystrayStartTrigger"="c:\program files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe" [2015-10-14 66320]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2015-11-12 5565448]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Duden Korrektor SysTray"="c:\program files (x86)\Duden\Duden-Rechtschreibprüfung\DKTray.exe" [2011-07-14 332432]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Image Transfer Utility.lnk - c:\program files (x86)\Canon\ImageTransferUtility\ImageTransferUtility.exe [2014-4-8 3189760]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 AntiVirMailService;Avira Email-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe [x]
R2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
R2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 cpuz130;cpuz130;c:\users\Sven\AppData\Local\Temp\cpuz130\cpuz_x64.sys;c:\users\Sven\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 PDF Architect 3 CrashHandler;PDF Architect 3 CrashHandler;c:\program files (x86)\PDF Architect 3\crash-handler-ws.exe;c:\program files (x86)\PDF Architect 3\crash-handler-ws.exe [x]
R3 PDF Architect 3;PDF Architect 3;c:\program files (x86)\PDF Architect 3\ws.exe;c:\program files (x86)\PDF Architect 3\ws.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 vnet;Shrew Soft Virtual Adapter;c:\windows\system32\DRIVERS\virtualnet.sys;c:\windows\SYSNATIVE\DRIVERS\virtualnet.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys;c:\windows\SYSNATIVE\DRIVERS\NBVol.sys [x]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys;c:\windows\SYSNATIVE\DRIVERS\NBVolUp.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 cnnctfy2;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy2.sys;c:\windows\SYSNATIVE\DRIVERS\cnnctfy2.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S1 vflt;Shrew Soft Lightweight Filter;c:\windows\system32\DRIVERS\vfilter.sys;c:\windows\SYSNATIVE\DRIVERS\vfilter.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 APNMCP;Ask Aktualisierungsdienst;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [x]
S2 Avira.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 Connectify;Connectify;c:\program files (x86)\Connectify\ConnectifyService.exe;c:\program files (x86)\Connectify\ConnectifyService.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 dtpd;ShrewSoft DNS Proxy Daemon;c:\program files\ShrewSoft\VPN Client\dtpd.exe;c:\program files\ShrewSoft\VPN Client\dtpd.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 iked;ShrewSoft IKE Daemon;c:\program files\ShrewSoft\VPN Client\iked.exe;c:\program files\ShrewSoft\VPN Client\iked.exe [x]
S2 ipsecd;ShrewSoft IPSEC Daemon;c:\program files\ShrewSoft\VPN Client\ipsecd.exe;c:\program files\ShrewSoft\VPN Client\ipsecd.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
S2 PDF Architect 3 Creator;PDF Architect 3 Creator;c:\program files (x86)\PDF Architect 3\creator-ws.exe;c:\program files (x86)\PDF Architect 3\creator-ws.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-11-11 22:40	997704	----a-w-	c:\program files (x86)\Google\Chrome\Application\46.0.2490.86\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-11-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-11 20:42]
.
2015-11-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-05-17 13:49]
.
2015-11-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-05-17 13:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
2015-11-11 12:24	12688	----a-w-	c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{41564952-412D-5637-00A7-7A786E7484D7}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll" [2015-11-11 12688]
.
[HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-02-01 18:06	137584	----a-w-	c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-22 323584]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-11 9643552]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-10-22 325120]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-04-23 861216]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
mCustomizeSearch = hxxp://www.google.com/
mSearchAssistant = hxxp://www.google.com/
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{8751A103-9CA0-448D-818F-150CFCF9572A}: NameServer = 141.55.192.51,141.55.192.50
FF - ProfilePath - c:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\790y69hn.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-iMesh - c:\program files (x86)\iMesh Applications\iMesh\iMesh.exe
HKLM_Wow6432Node-ActiveSetup-6de2ed6f-0b56-4d57-b0f0-551ec8cbb27f - c:\programdata\Duden\dkreg.exe
HKLM_Wow6432Node-ActiveSetup-{07e84f41-11d5-4615-aaf6-368df0762b41} - c:\programdata\Duden\dkreg.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-SecureW2 EAP Suite - c:\program files (x86)\SecureW2\Uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_245_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_245_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_245_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_245_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_245.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.19"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_245.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_245.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_245.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\progra~2\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Cisco Systems\VPN Client\cvpnd.exe
c:\program files (x86)\Connectify\ConnectifyD.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\progra~2\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
c:\program files (x86)\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-11-28  14:42:33 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-11-28 13:42
ComboFix2.txt  2011-12-31 16:46
.
Vor Suchlauf: 20 Verzeichnis(se), 10.684.776.448 Bytes frei
Nach Suchlauf: 26 Verzeichnis(se), 12.544.692.224 Bytes frei
.
- - End Of File - - C588FD47DBDC6889ACE56CCA48D7C812
         

Alt 28.11.2015, 15:00   #7
M-K-D-B
/// TB-Ausbilder
 
Rechner ist langsamer und zeigt bestimmte Elemente in der Taskleiste nicht mehr an - Standard

Rechner ist langsamer und zeigt bestimmte Elemente in der Taskleiste nicht mehr an



Servus,






Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.

Alt 30.11.2015, 23:54   #8
svener
 
Rechner ist langsamer und zeigt bestimmte Elemente in der Taskleiste nicht mehr an - Standard

Rechner ist langsamer und zeigt bestimmte Elemente in der Taskleiste nicht mehr an



Hallo Matthias,

bin derzeit unterwegs. Sobald ich die genannten Maßnahmen durchführen kann. Melde ich mich wieder!

Beste Grüße
Sven

Alt 01.12.2015, 14:01   #9
M-K-D-B
/// TB-Ausbilder
 
Rechner ist langsamer und zeigt bestimmte Elemente in der Taskleiste nicht mehr an - Standard

Rechner ist langsamer und zeigt bestimmte Elemente in der Taskleiste nicht mehr an



Servus Sven,

ok, bis dann.

Alt 05.12.2015, 12:28   #10
M-K-D-B
/// TB-Ausbilder
 
Rechner ist langsamer und zeigt bestimmte Elemente in der Taskleiste nicht mehr an - Standard

Rechner ist langsamer und zeigt bestimmte Elemente in der Taskleiste nicht mehr an



Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!

Antwort

Themen zu Rechner ist langsamer und zeigt bestimmte Elemente in der Taskleiste nicht mehr an
angezeigt, antivir, bestimmte, community, datum, elemente, freue, hilfe, langsam, langsamer, liebe, netzwerkverbindung, nicht, nicht mehr, rechner, rechner sehr langsam, schafft, sehr langsam, selbstständig, starte, starten., taskleiste, würde



Ähnliche Themen: Rechner ist langsamer und zeigt bestimmte Elemente in der Taskleiste nicht mehr an


  1. Bestimmte Internetseiten öffnen sich nicht mehr - xml Verarbeitungsfehler: unerwarteter Parser-Status - wird angezeigt
    Plagegeister aller Art und deren Bekämpfung - 21.10.2015 (10)
  2. windows 8.1 mein Rechner fährt nicht mehr hoch, sondern zeigt unmittelbar eine graphische Strichzeichnungen, die sich farblich verändert.
    Plagegeister aller Art und deren Bekämpfung - 26.12.2014 (7)
  3. Kann auch bestimmte Internetseiten nicht mehr öffnen
    Plagegeister aller Art und deren Bekämpfung - 15.03.2014 (7)
  4. Ich kann bestimmte Internetseiten nicht mehr öffnen z.B. ebay, amazon... - es gibt keine Fehlermeldung!
    Plagegeister aller Art und deren Bekämpfung - 10.03.2014 (5)
  5. Bestimmte Internetseiten gehen auf einmal(!) nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 12.04.2013 (2)
  6. Systemstart nicht richtig, taskleiste farbänderung, rechner langsam
    Plagegeister aller Art und deren Bekämpfung - 24.01.2013 (29)
  7. merkwürdige Systemstart-Elemente, Bluescreens und mehr
    Plagegeister aller Art und deren Bekämpfung - 19.09.2012 (5)
  8. Trojaner, Virus, Malware Rechner zeigt keine Daten mehr, leeren Desktop
    Plagegeister aller Art und deren Bekämpfung - 26.01.2012 (4)
  9. Trojaner, Virus, Malware Rechner zeigt keine Daten mehr, leeren Desktop
    Alles rund um Windows - 25.01.2012 (1)
  10. Bestimmte Internetseiten öffnen sich nicht mehr - aber ohne Fehlermeldung!
    Log-Analyse und Auswertung - 05.08.2011 (7)
  11. TSSTcorp CDDVDW TS-L633L ATA Device liest eine bestimmte DVD nicht mehr
    Netzwerk und Hardware - 24.07.2010 (1)
  12. Kann bestimmte Internetseite nicht mehr erreichen...erbitte Kontrolle meiner Log-file
    Log-Analyse und Auswertung - 28.07.2009 (1)
  13. kann eine bestimmte Internetseite nicht mehr öffnen - Virus???
    Plagegeister aller Art und deren Bekämpfung - 12.08.2008 (10)
  14. Hilfe! Kann bestimmte Seiten nicht mehr öffnen!
    Plagegeister aller Art und deren Bekämpfung - 26.06.2008 (1)
  15. IE6 und 7 - bestimmte Active X elemente aktivieren/deaktivieren
    Alles rund um Windows - 27.06.2007 (3)
  16. Bestimmte Bilder werden nicht mehr geladen / Browerunabhängig
    Plagegeister aller Art und deren Bekämpfung - 05.02.2007 (5)
  17. bestimmte Programme lassen sich nicht mehr öffne u.a..
    Plagegeister aller Art und deren Bekämpfung - 02.07.2005 (2)

Zum Thema Rechner ist langsamer und zeigt bestimmte Elemente in der Taskleiste nicht mehr an - Liebe Community, seit geraumer Zeit fährt mein Rechner sehr langsam hoch. Weiterhin werden bestimmte Elemente wie die Netzwerkverbindung in der Taskleiste nicht mehr angezeigt und mein Antivir lässt sich auch - Rechner ist langsamer und zeigt bestimmte Elemente in der Taskleiste nicht mehr an...
Archiv
Du betrachtest: Rechner ist langsamer und zeigt bestimmte Elemente in der Taskleiste nicht mehr an auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.