Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: web.de versendet Spam mit meinem Absender

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 16.12.2015, 09:34   #1
George900
 
web.de versendet Spam mit meinem Absender - Ausrufezeichen

web.de versendet Spam mit meinem Absender



Hallo zusammen,

Web.de hat Spam Mails an alle Kontakte mit meinem Absender versendet. Habe daraufhin das Passwort geändert und Avira ohne Funde drüber laufen lassen. Nun habe ich eine Woche später wieder das gleiche Problem. Ein Freund meinte das sei "spoofing" ein andere meinte ich habe evtl einen Trojaner. Benutze Web.de auf Windows PC, iPad und iPhone

Was kann ich tun? Vielen Dank im Voraus.

Alt 16.12.2015, 13:46   #2
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
web.de versendet Spam mit meinem Absender - Standard

web.de versendet Spam mit meinem Absender



Tippe auch auf Spoofing.

Können den Rechner mal anschauen:



Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.



Los geht's:

Schritt 1


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 17.12.2015, 17:04   #3
George900
 
web.de versendet Spam mit meinem Absender - Standard

web.de versendet Spam mit meinem Absender



Hallo Jürgen, danke für deine Hilfe! Hier die Scans:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-12-2015
durchgeführt von Me (Administrator) auf ACERSPACER (17-12-2015 16:53:28)
Gestartet von C:\Users\Me\Downloads
Geladene Profile: UpdatusUser & Me (Verfügbare Profile: UpdatusUser & Me)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Me\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Dropbox, Inc.) C:\Users\Me\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Dropbox, Inc.) C:\Users\Me\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_235.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_235.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11786344 2011-03-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2207848 2011-03-21] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [436224 2010-10-29] ()
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\ssmmgr.exe /autorun
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1067736 2015-10-28] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-2178418379-3476598836-2058176853-1001\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-08-11] (Macrovision Corporation)
HKU\S-1-5-21-2178418379-3476598836-2058176853-1001\...\Run: [Spotify Web Helper] => C:\Users\Me\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2345584 2015-12-07] (Spotify Ltd)
HKU\S-1-5-21-2178418379-3476598836-2058176853-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2178418379-3476598836-2058176853-1001\...\Run: [Dropbox Update] => C:\Users\Me\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
HKU\S-1-5-21-2178418379-3476598836-2058176853-1001\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2015-04-19]
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()
Startup: C:\Users\Me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-14]
ShortcutTarget: Dropbox.lnk -> C:\Users\Me\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

ProxyEnable: [.DEFAULT] => Proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:8897;https=127.0.0.1:8897
Winsock: Catalog5 10 C:\Windows\system32\tnns5j20y.dll Keine Datei 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{72A688A4-A394-4ED3-8DFA-424CDAF6A4E0}: [NameServer] 134.2.3.191 134.2.200.2
Tcpip\..\Interfaces\{B71F7680-D780-4B45-B303-025C4CFD65EA}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-2178418379-3476598836-2058176853-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com/
HKU\S-1-5-21-2178418379-3476598836-2058176853-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-04-04] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: AcroIEToolbarHelper Class -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15] ()
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-04] (Oracle Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15] ()
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\ix1vbfuh.default
FF Session Restore: -> ist aktiviert.
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Keine Datei]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-04-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2178418379-3476598836-2058176853-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Me\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-2178418379-3476598836-2058176853-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Me\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF => nicht gefunden

Chrome: 
=======
CHR Profile: C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-04]
CHR Extension: (Google Drive) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-10]
CHR Extension: (Google-Suche) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Google Docs Offline) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-10]
CHR Extension: (Google Mail) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-06] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 DailytoolsUpdateService; C:\Windows\SysWOW64\update1.dll [352256 2014-07-31] (Dailytools GmbH) [Datei ist nicht signiert]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272688 2012-08-23] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2012-02-08] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2012-02-08] (Hewlett-Packard) [Datei ist nicht signiert]
S4 Samsung UPD Service2; C:\Windows\System32\SUPDSvc2.exe [158208 2012-04-05] (Samsung Electronics) [Datei ist nicht signiert]
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP2\RpcAgentSrv.exe [95896 2009-02-04] (SiSoftware) [Datei ist nicht signiert]
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3342640 2012-08-23] (Intel® Corporation)
S2 Dnscache; %SystemRoot%\System32\pouaned1t.dll [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-06] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-06] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-06] (Avira Operations GmbH & Co. KG)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 PRESONUS_AUDIOBOX_MIDI; C:\Windows\System32\drivers\psabusbm.sys [37496 2009-12-04] (Ploytec GmbH)
S3 PRESONUS_AUDIOBOX_USB; C:\Windows\System32\Drivers\psabusbu.sys [462968 2009-12-04] (Ploytec GmbH)
S3 PRESONUS_AUDIOBOX_WDM; C:\Windows\System32\drivers\psabusba.sys [50808 2009-12-04] (Ploytec GmbH)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP2\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 Secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [11616 2000-11-06] () [Datei ist nicht signiert]
R2 SSPORT; C:\Windows\SysWOW64\Drivers\SSPORT.sys [11576 2009-09-11] (Samsung Electronics)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-03-12] (Cisco Systems, Inc.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-17 16:53 - 2015-12-17 16:55 - 00022373 _____ C:\Users\Me\Downloads\FRST.txt
2015-12-17 16:53 - 2015-12-17 16:53 - 00000000 ____D C:\FRST
2015-12-17 16:52 - 2015-12-17 16:52 - 02370048 _____ (Farbar) C:\Users\Me\Downloads\FRST64.exe
2015-12-14 09:42 - 2015-12-14 09:42 - 00000000 ____D C:\Users\Me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-09 18:42 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-09 18:42 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-09 18:42 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-09 18:42 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-09 18:42 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-09 18:42 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-09 18:42 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-09 18:42 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-09 18:42 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-09 18:42 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-09 18:42 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-09 18:42 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-09 18:42 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-09 18:42 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-09 18:42 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-09 18:42 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-09 18:42 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-09 18:42 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-09 18:42 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 18:42 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 18:42 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-09 18:42 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-09 18:42 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-09 18:42 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-09 18:42 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-09 18:42 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-09 18:42 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-09 18:42 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 18:42 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 18:42 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 18:42 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-09 18:42 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-09 18:42 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 18:42 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-09 18:42 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-09 18:42 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-09 18:42 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-09 18:42 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-09 18:42 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-09 18:42 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-09 18:42 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-09 18:42 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-09 18:42 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-09 18:42 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-09 18:42 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-09 18:42 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-09 18:42 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-09 18:42 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-09 18:42 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-09 18:42 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-09 18:42 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-09 18:42 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-09 18:42 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-09 18:42 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-09 18:42 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 18:42 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-09 18:42 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-09 18:42 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 18:42 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 18:42 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-09 18:42 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-09 18:42 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-09 18:42 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-09 18:42 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 18:42 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 18:42 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-09 18:42 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 18:42 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-09 18:42 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 18:42 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 18:42 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-09 18:42 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-09 18:42 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-09 18:42 - 2015-11-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-09 18:42 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-09 18:42 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 18:42 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-09 18:42 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-09 18:42 - 2015-10-09 00:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-12-09 18:42 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-09 18:42 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-12-09 18:42 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-12-09 18:42 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-12-09 18:42 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-09 18:42 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-09 18:42 - 2015-10-09 00:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-12-09 18:42 - 2015-10-08 20:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-12-09 18:42 - 2015-10-08 19:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-12-09 18:41 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 18:41 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 18:41 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-09 18:41 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-09 18:41 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-09 18:41 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 18:41 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-09 18:41 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 18:41 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 18:41 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 18:41 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 18:41 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-09 18:41 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 18:41 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 18:41 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-09 18:41 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-09 18:41 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 18:41 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-09 18:41 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 18:41 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-09 18:41 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-08 16:29 - 2015-12-08 16:29 - 03026393 _____ C:\Users\Me\Downloads\i-KliC-1-Zusammenfassung & Skript HEATOLOGIE-071215.pdf
2015-12-06 20:33 - 2015-12-06 20:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-05 21:21 - 2015-12-05 21:21 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d12f9a844419d4.job

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-17 16:55 - 2012-10-15 15:25 - 00000000 ____D C:\Users\Me\AppData\Local\Spotify
2015-12-17 16:53 - 2007-07-12 02:48 - 00000000 ____D C:\Windows
2015-12-17 16:41 - 2012-02-06 20:35 - 00000000 ____D C:\Users\Me\AppData\Roaming\Skype
2015-12-17 16:23 - 2009-07-14 05:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-17 16:23 - 2009-07-14 05:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-17 16:20 - 2014-05-16 16:58 - 00002139 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-17 16:16 - 2011-09-23 16:37 - 00714468 _____ C:\Windows\system32\perfh007.dat
2015-12-17 16:16 - 2011-09-23 16:37 - 00154520 _____ C:\Windows\system32\perfc007.dat
2015-12-17 16:16 - 2009-07-14 06:13 - 01649640 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-17 16:16 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-17 16:13 - 2012-11-15 12:22 - 00000000 ___RD C:\Users\Me\Dropbox
2015-12-17 16:13 - 2012-11-15 12:20 - 00000000 ____D C:\Users\Me\AppData\Roaming\Dropbox
2015-12-15 10:49 - 2013-10-27 21:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-15 10:49 - 2012-04-07 17:30 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-15 10:49 - 2011-08-12 09:54 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-14 09:59 - 2011-12-23 11:55 - 00000000 ____D C:\Users\Me\AppData\Roaming\Adobe
2015-12-11 11:35 - 2009-07-14 05:45 - 04898936 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-11 11:32 - 2013-03-13 12:53 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-11 11:32 - 2013-03-13 12:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-11 10:40 - 2011-12-23 11:54 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-11 10:39 - 2013-03-13 12:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-11 10:36 - 2013-08-06 20:25 - 00000000 ____D C:\Windows\system32\MRT
2015-12-11 10:25 - 2011-12-30 10:31 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-08 21:47 - 2012-10-15 15:25 - 00000000 ____D C:\Users\Me\AppData\Roaming\Spotify
2015-12-06 20:33 - 2015-05-07 21:08 - 00001970 _____ C:\Users\Public\Desktop\Avira Antivirus.lnk
2015-12-06 20:31 - 2013-07-29 09:59 - 00162072 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-12-06 20:31 - 2013-07-29 09:59 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-12-06 20:31 - 2013-07-29 09:59 - 00075472 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-12-06 20:30 - 2012-01-19 11:10 - 00000000 ____D C:\Users\Me\Documents\Installationsdateien
2015-12-06 00:33 - 2011-09-23 06:48 - 00000000 ____D C:\Users\UpdatusUser
2015-12-05 21:21 - 2015-10-05 23:00 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0ffb93679ddb2.job
2015-12-02 13:18 - 2010-11-21 04:27 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-11-18 20:10 - 2012-04-06 18:03 - 00000000 ____D C:\Users\Me\AppData\Roaming\vlc

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-12-29 13:15 - 2014-06-04 15:08 - 0000064 _____ () C:\Users\Me\AppData\Roaming\Sandra.ldb
2012-03-03 19:36 - 2014-06-04 10:40 - 11333632 _____ () C:\Users\Me\AppData\Roaming\Sandra.mdb
2014-11-30 16:22 - 2014-11-30 16:22 - 0001456 _____ () C:\Users\Me\AppData\Local\Adobe Save for Web 12.0 Prefs
2012-06-26 14:50 - 2014-05-07 16:56 - 0006144 _____ () C:\Users\Me\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-12-24 21:28 - 2011-12-24 21:28 - 0000017 _____ () C:\Users\Me\AppData\Local\resmon.resmoncfg
2014-04-22 20:34 - 2014-04-22 20:34 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-09-23 07:12 - 2011-09-23 07:14 - 0015636 _____ () C:\ProgramData\ArcadeDeluxe5.log
2011-12-23 12:59 - 2011-12-23 13:00 - 0000032 _____ () C:\ProgramData\PS.log
2012-03-26 13:04 - 2012-03-26 13:04 - 0004910 _____ () C:\ProgramData\qjaxlkio.dss

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\qjaxlkio.dss


Einige Dateien in TEMP:
====================
C:\Users\Me\AppData\Local\Temp\avgnt.exe
C:\Users\Me\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqvxfht.dll
C:\Users\Me\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2013-07-23 11:33

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-12-2015
durchgeführt von Me (2015-12-17 16:55:54)
Gestartet von C:\Users\Me\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2011-12-23 10:44:05)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2178418379-3476598836-2058176853-500 - Administrator - Disabled)
Gast (S-1-5-21-2178418379-3476598836-2058176853-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2178418379-3476598836-2058176853-1004 - Limited - Enabled)
Me (S-1-5-21-2178418379-3476598836-2058176853-1001 - Administrator - Enabled) => C:\Users\Me
UpdatusUser (S-1-5-21-2178418379-3476598836-2058176853-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (Version: 13.2.1 - Hewlett-Packard) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3503 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0519.2011 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Acer Incorporated)
Adobe Acrobat 6.0 Professional - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000001}) (Version: 006.000.000 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{288DB08D-0708-4A94-B055-55B99E39EB62}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.4.634 - Adobe Systems, Inc.)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-2178418379-3476598836-2058176853-1001\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2004696318.48.56.34278770 - Audible, Inc.)
AudioBox USB driver (HKLM\...\USB_AUDIO_DEusb-audio.depresonusAudioBoxUSB) (Version:  - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.8.2.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
Common Desktop Agent (Version: 1.50.0 - OEM) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dojotech Spotify Recorder (HKLM-x32\...\{461179FC-E2AC-4CC8-AA95-82D35FB3E7EA}) (Version: 3.3 - Dojotech Software)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.4 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-2178418379-3476598836-2058176853-1001\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GEAR driver installer for x86 Win2K (HKLM-x32\...\{33286B63-B749-4D54-AA04-5631319B168D}) (Version: 5.005.3 - GEAR Software, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
HP Officejet 6600 - Grundlegende Software für das Gerät (HKLM\...\{F58934BD-F483-43EB-B307-CFFD88B18455}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{90F00673-A276-4A58-B675-B426D39D1E09}) (Version: 15.3.0.0398 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{781A93CD-1608-427D-B7F0-D05C07795B25}) (Version: 2.1.41.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{ECE5B218-A086-4E18-A362-D11181681457}) (Version: 15.03.1000.1637 - Intel Corporation)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
MFC RunTime files (x32 Version: 1.0.0 - Extensoft) Hidden
microKORG SoundEditor (HKLM-x32\...\{EB091860-8C2B-4E49-A543-666373C39E6F}) (Version: 1.00.0000 - KORG Inc.)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Mp3tag v2.52 (HKLM-x32\...\Mp3tag) (Version: v2.52 - Florian Heidenreich)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Native Instruments Guitar Rig 3 (HKLM-x32\...\Native Instruments Guitar Rig 3) (Version:  - Native Instruments)
Native Instruments Kore Player (HKLM-x32\...\Native Instruments Kore Player) (Version:  - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
Native Instruments Service Center (x32 Version: 2.0.6.001 - Native Instruments) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8942 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.8942 - NTI Corporation) Hidden
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-2178418379-3476598836-2058176853-1001\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
NVIDIA Grafiktreiber 268.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.00 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PlexTools Professional XL V3.16 (HKLM-x32\...\{91A1E62C-FC2F-482F-B1A0-DC2E461A78F8}) (Version: 3.16 - Plextor Europe)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PreSonus Studio One (HKLM-x32\...\PreSonus Studio One) (Version: 1.0.0.9920 - PreSonus Audio Electronics)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6339 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.00.37.00 - Samsung Electronics Co., Ltd.)
Samsung ML-331x Series (HKLM-x32\...\Samsung ML-331x Series) (Version:  - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version:  - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shockwave (HKLM-x32\...\Shockwave) (Version:  - )
SiSoftware Sandra Lite 2012.SP2 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 18.30.2012.2 - SiSoftware)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2178418379-3476598836-2058176853-1001\...\Spotify) (Version: 1.0.19.106.gb8a7150f - Spotify AB)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Update Manager (x32 Version: 4.60 - Corel Corporation) Hidden
Virtual DJ - Atomix Productions (HKLM-x32\...\Virtual DJ - Atomix Productions) (Version:  - )
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
Wartung Samsung CLP-320 Series (HKLM-x32\...\Samsung CLP-320 Series) (Version:  - Samsung Electronics Co., Ltd.)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3503 - Acer Incorporated)
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.8500 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Me\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

11-11-2015 11:13:37 Windows Update
12-11-2015 13:07:56 Windows Update
17-11-2015 21:36:16 Windows Update
24-11-2015 18:40:02 Windows Update
28-11-2015 15:31:01 Windows Update
05-12-2015 21:24:00 Windows Update
11-12-2015 10:17:44 Windows Update
15-12-2015 10:59:38 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {086162F2-5858-48C1-BD5F-A7976E0015C5} - System32\Tasks\Acer Registration - Data Sending task => C:\Program Files (x86)\Acer\Registration\GREG.exe [2011-05-11] (Acer Incorporated)
Task: {326717C7-4CC3-4523-9002-37EC8635E412} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {38297AC1-827D-4C7D-853C-2FF727C6421D} - System32\Tasks\{57923386-3FDB-4E04-B1DB-380EFA50F088} => pcalua.exe -a C:\Users\Me\Documents\Installationsdateien\CoD4MWDemoSetup.exe -d C:\Users\Me\Documents\Installationsdateien
Task: {3B61D2C8-22FA-4CED-8EA6-85AC28FAE25F} - System32\Tasks\{EC933A02-CD51-404F-BC78-A7856995CDE8} => pcalua.exe -a C:\Users\Me\Desktop\tagesschau\tagesschau.exe -d C:\Users\Me\Desktop\tagesschau
Task: {48C623D7-76B6-4D1F-90C2-63918011B1E9} - System32\Tasks\AdobeAAMUpdater-1.0-AcerSpacer-Me => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {652C8149-6E4C-4982-A007-959771CF4FC6} - System32\Tasks\{D1E56D54-FA93-40F2-90B2-8F68032C65F5} => pcalua.exe -a "C:\Users\Me\Downloads\setup-s (1).exe" -d C:\Users\Me\Downloads
Task: {65886FC5-8685-4E98-9785-221399A111E9} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
Task: {A8DEA327-3473-4BD9-96E5-0C29DE9E2F92} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-05] (Google Inc.)
Task: {A9C26C9C-B804-4F53-8287-C08C5E0F7C32} - System32\Tasks\{5969B132-586D-4DD8-980F-CD2CE9845640} => pcalua.exe -a C:\Users\Me\Documents\Installationsdateien\setup-s.exe -d C:\Users\Me\Documents\Installationsdateien
Task: {C2B901F5-FDB7-4A3A-8D94-1A5F4D29B73F} - System32\Tasks\{85AD6E14-684F-42B3-800A-4A1EABA20952} => C:\Program Files (x86)\Rockstar Games\Grand Theft Auto San Andreas\gta_sa.exe
Task: {E3974E14-9860-4F3B-82D9-98C292583ACB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-05] (Google Inc.)
Task: {E3CB6400-C1D1-4616-B0DD-E5198052739B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2178418379-3476598836-2058176853-1001UA => C:\Users\Me\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-02-06] (Facebook Inc.)
Task: {F16A8623-DDE0-4722-8F67-DE3C18FFE9CB} - System32\Tasks\{B3D98F55-9B3D-4A7B-94F7-20D5D64413F5} => pcalua.exe -a "C:\Program Files (x86)\PreSonus\Studio One\Uninstall.exe"

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Acer Registration - Data Sending task.job => C:\Program Files (x86)\Acer\Registration\GREG.exe
Task: C:\Windows\Tasks\Adobe Acrobat Update Task.job => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2178418379-3476598836-2058176853-1001Core1d0c329f1d119cf.job => C:\Users\Me\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2178418379-3476598836-2058176853-1001Core.job => C:\Users\Me\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FaxApplications.exe_{8D039F13-5B94-4CA6-A51D-0F47230269FB}.job => C:\Program Files\HP\HP Officejet 6600\Bin\FaxApplications.exe
Task: C:\Windows\Tasks\FaxApplications.exe_{E3DBFF99-4498-4C12-B7B7-7EC45B2224AD}.job => C:\Program Files\HP\HP Officejet 6600\Bin\FaxApplications.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf908468f0b019.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cff2c0caf1902d.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d000312e749e04.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d043d6348a49c5.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08ee53281f273.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0c2fc8579143b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e7df67144f26.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0ffb93679ddb2.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d12f9a844419d4.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Officejet 6600.exe_{19EBB66B-7711-4B60-BE7F-10C16B609A03}.job => C:\Program Files\HP\HP Officejet 6600\Bin\HP Officejet 6600.exe
Task: C:\Windows\Tasks\HP Officejet 6600.exe_{D345B6CF-17F0-42CF-9AFE-2164D83AF0EA}.job => C:\Program Files\HP\HP Officejet 6600\Bin\HP Officejet 6600.exey-install -prfn HP Officejet 6600 (Netzwerk) -ePCUrl hxxps:/h30495.www3.hp.com
Task: C:\Windows\Tasks\Launch 29494.job => C:\Program Files (x86)\Audible\Bin\Manager.exe <==== ACHTUNG
Task: C:\Windows\Tasks\ScanToPCActivationApp.exe_{60B8EE71-41FD-4300-8B8A-B881A2B68B48}.job => C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe
Task: C:\Windows\Tasks\ScanToPCActivationApp.exe_{62A726ED-2220-4F97-B3E8-D4FAEACF1892}.job => C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe
Task: C:\Windows\Tasks\Toolbox.exe_{06F55BDC-A003-453C-B2D8-468D53560386}.job => C:\Program Files\HP\HP Officejet 6600\Bin\Toolbox.exe
Task: C:\Windows\Tasks\Toolbox.exe_{ADE22C92-08BD-41D0-B47F-2447233E55B2}.job => C:\Program Files\HP\HP Officejet 6600\Bin\Toolbox.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-04-11 07:26 - 2011-04-11 05:26 - 00034304 _____ () C:\Windows\System32\spd__l.dll
2011-04-11 08:26 - 2011-04-11 06:26 - 00034304 _____ () C:\Windows\System32\spe__l.dll
2012-10-08 17:29 - 2010-09-14 19:31 - 00027648 _____ () C:\Windows\System32\ssi1mlm.dll
2012-06-24 17:45 - 2009-09-12 00:48 - 00027648 _____ () C:\Windows\System32\sst3cl6.dll
2015-02-13 03:20 - 2015-02-13 03:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 03:20 - 2015-02-13 03:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-01-10 14:51 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2011-08-12 10:01 - 2011-06-10 18:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-10-29 02:44 - 2010-10-29 02:44 - 00436224 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2010-10-29 02:45 - 2010-10-29 02:45 - 00050176 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2012-06-24 17:45 - 2010-06-08 03:15 - 00618496 _____ () C:\Windows\Samsung\PanelMgr\SSMMgr.exe
2012-06-24 17:45 - 2009-09-30 21:51 - 00306688 _____ () C:\Windows\Samsung\PanelMgr\caller64.exe
2010-03-23 12:26 - 2010-03-23 12:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2015-12-14 09:41 - 2015-10-31 01:59 - 00034768 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2015-12-14 09:42 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2015-12-14 09:42 - 2015-12-08 22:36 - 00022848 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\Crypto.Random.OSRNG.winrandom.pyd
2015-12-14 09:42 - 2015-12-08 22:36 - 00023352 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\Crypto.Util._counter.pyd
2015-12-14 09:42 - 2015-12-08 22:36 - 00042296 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\Crypto.Cipher._AES.pyd
2015-12-14 09:41 - 2015-10-31 01:59 - 00116688 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-14 09:41 - 2015-10-31 01:59 - 00093640 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-14 09:41 - 2015-10-31 01:59 - 00018376 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 00019760 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-14 09:41 - 2015-10-31 02:00 - 00105928 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\win32api.pyd
2015-12-14 09:41 - 2015-10-31 01:59 - 00392144 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-14 09:41 - 2015-12-08 22:36 - 00381752 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-14 09:41 - 2015-10-31 01:59 - 00692688 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2015-12-14 09:42 - 2015-12-08 22:36 - 00020816 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-14 09:41 - 2015-10-31 02:00 - 00109520 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2015-12-14 09:42 - 2015-12-08 22:36 - 01737032 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2015-12-14 09:42 - 2015-12-08 22:36 - 00020808 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 00020800 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 00021840 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-14 09:42 - 2015-12-08 22:36 - 00038696 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\fastpath.pyd
2015-12-14 09:41 - 2015-10-31 02:00 - 00024528 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-14 09:41 - 2015-10-31 02:00 - 00020936 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-14 09:41 - 2015-10-31 02:00 - 00114640 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 00021320 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-14 09:41 - 2015-10-31 02:00 - 00124880 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\win32file.pyd
2015-12-14 09:41 - 2015-10-31 02:00 - 00030160 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-14 09:41 - 2015-10-31 02:00 - 00043472 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-14 09:41 - 2015-10-31 02:00 - 00175560 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-14 09:41 - 2015-10-31 02:00 - 00028616 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-14 09:41 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-14 09:41 - 2015-10-31 02:00 - 00048592 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\win32service.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 00024392 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2015-12-14 09:42 - 2015-10-31 02:00 - 00036296 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\librsync.dll
2015-12-14 09:41 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\win32profile.pyd
2015-12-14 09:42 - 2015-12-08 22:36 - 00117056 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 00023376 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-14 09:41 - 2015-10-31 01:59 - 00134608 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2015-12-14 09:41 - 2015-10-31 01:59 - 00134088 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2015-12-14 09:42 - 2015-10-31 02:00 - 00240584 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2015-12-14 09:42 - 2015-12-08 22:36 - 00020280 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 00052024 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2015-12-14 09:42 - 2015-12-08 22:36 - 00021304 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\Crypto.Util.strxor.pyd
2015-12-14 09:41 - 2015-10-31 02:00 - 00350152 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2015-12-14 09:42 - 2015-12-08 22:36 - 00084792 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2015-12-14 09:41 - 2015-12-08 22:36 - 01826608 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-14 09:41 - 2015-10-31 02:00 - 00083912 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\sip.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 03891504 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 01950000 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 00519984 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 00133936 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 00225080 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 00207672 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 00024904 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 00486704 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 00357680 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-11-10 15:59 - 2015-10-31 02:01 - 00019920 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-11-10 15:59 - 2015-10-31 02:00 - 00786904 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-11-10 15:59 - 2015-10-31 02:00 - 00063448 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-11-10 15:59 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2014-10-19 15:57 - 2014-10-19 15:57 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\c152a64e30c5b94894d75ac86aa7aad2\IsdiInterop.ni.dll
2011-08-12 09:21 - 2011-04-30 08:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-12-15 10:49 - 2015-12-15 10:49 - 17647296 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll
2015-04-02 16:07 - 2015-12-07 14:36 - 50679920 _____ () C:\Users\Me\AppData\Roaming\Spotify\libcef.dll
2015-04-02 16:07 - 2015-12-07 14:36 - 01882224 _____ () C:\Users\Me\AppData\Roaming\Spotify\libglesv2.dll
2015-04-02 16:07 - 2015-12-07 14:36 - 00082544 _____ () C:\Users\Me\AppData\Roaming\Spotify\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001\...\samsungsetup.com -> hxxp://www.samsungsetup.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2178418379-3476598836-2058176853-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Me\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: CVPND => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: Samsung UPD Service2 => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: vpnagent => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acrobat Assistant.lnk => C:\Windows\pss\Acrobat Assistant.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^vpngui.exe.lnk => C:\Windows\pss\vpngui.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Me^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeBridge => "C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe" -stealth
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AmazonMP3DownloaderHelper => C:\Users\Me\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: Facebook Update => "C:\Users\Me\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{DCD0764F-F2FC-4692-AC00-6182656DB809}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4C66A1DB-2E1D-4DA4-8163-41FAE4C345F5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3888A507-1516-4ED1-821E-977521D6B78C}] => (Allow) LPort=2869
FirewallRules: [{31121F76-DD69-40E4-89B8-C263E364B915}] => (Allow) LPort=1900
FirewallRules: [{70A03D02-C530-4568-B384-44A71E4A26EC}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{2440E1B4-BA41-497F-9494-B7F27A366469}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{67173983-B720-4561-AF65-65947C81FAAB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{6D6B4BDB-B341-4A3F-BF85-813B188DC103}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{4360E9A2-BFA1-432A-AFB1-62B19FD3C0D3}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{38FFF111-2DAD-4981-90A0-1B0118421BD1}] => (Allow) LPort=443
FirewallRules: [{160C3E5B-DB85-4FA4-97A3-2875CF0FBF03}] => (Allow) LPort=443
FirewallRules: [{1E0D1CED-7AD7-4D59-B361-F5E14E6BF74E}] => (Allow) LPort=37674
FirewallRules: [{29192E1F-78CC-44D0-9576-046FD15DE8EA}] => (Allow) LPort=37674
FirewallRules: [{99B8D328-88DF-4D6E-9EBD-EABA82ED446F}] => (Allow) LPort=37675
FirewallRules: [{795A84B9-50D4-4B58-BC2F-E29884FEAADA}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP2\RpcAgentSrv.exe
FirewallRules: [TCP Query User{D5804C4A-C2D7-4607-BA29-BCA2CEC218D7}C:\program files (x86)\microsoft games\age of empires ii\empires2.icd] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.icd
FirewallRules: [UDP Query User{09699E30-25FE-4306-B4C5-EB0F6EFBA167}C:\program files (x86)\microsoft games\age of empires ii\empires2.icd] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.icd
FirewallRules: [TCP Query User{F374A5D2-AF1A-4268-9D89-C341A8ADF458}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{E571176D-D47E-49CB-9485-850139E17D1F}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{3D5553C8-FE66-47DE-A076-A730CE242A95}C:\users\me\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\me\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{46D49C6B-3FDF-421D-A666-06090E41F997}C:\users\me\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\me\appdata\roaming\spotify\spotify.exe
FirewallRules: [{7E018D0B-CED7-4126-A45A-2FB6601F5682}] => (Allow) C:\Users\Me\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{64A268F0-8F39-4A18-B8E4-B21C0917DAF4}] => (Allow) C:\Users\Me\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CFFB08C9-A9DD-4816-A1CF-DCB77D8DDEDE}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{80A7E371-DD6F-4170-802B-985FFE01BAFB}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{3C93C68D-4DC2-4055-972D-624F9D393AF1}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{F42983D5-0B0C-4C10-8F5C-4F498F29438E}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{425F1686-DBD3-4A93-9F59-96CDB5C912EC}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{37D72E33-4981-472C-97B4-94318AA26551}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{B5C3E674-7877-480E-8B36-54DAFDE170FA}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{73A7DA66-F4E3-4EEA-83FF-82C61094F1E0}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{E680CBD5-D43F-4510-93B7-245CBE626240}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{205F534E-E7A0-4247-BDFD-C0E6BEDD9424}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [TCP Query User{FA7073B9-EF0C-4AE4-B848-84A76DBB7ECA}C:\users\me\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\me\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{3D2AFC18-BE25-49BB-B6D9-79BFC39D5400}C:\users\me\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\me\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{E112C2B9-F433-48C2-8C24-230CB996FBCC}C:\windows\splwow64.exe] => (Block) C:\windows\splwow64.exe
FirewallRules: [UDP Query User{E1CB6ED9-B098-4125-9F14-C91E441E396D}C:\windows\splwow64.exe] => (Block) C:\windows\splwow64.exe
FirewallRules: [{0AA077DD-22A6-4C3A-A1F5-15F057F44D9C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{C1A9DDF1-FE90-4EFB-9D17-1E90B639E4AE}C:\users\me\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\me\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{07844394-91E4-4056-B5BA-6D6145A5654F}C:\users\me\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\me\appdata\roaming\spotify\spotify.exe
FirewallRules: [{90A056AA-0019-45D6-935F-71C8B2FFF3B9}] => (Allow) C:\Windows\System32\SUPDSvc2.exe
FirewallRules: [{9EB972F2-02CA-4C34-A63B-171354E1EB15}] => (Allow) C:\Windows\System32\SUPDSvc2.exe
FirewallRules: [{25E9EC80-6F52-4349-AEBF-80B4A6A53B2C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CDE450C4-6767-4C24-AE73-E10B16EA6E68}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CA8287CC-F330-4441-8C9B-D39329864AC4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{367FD1AF-3521-4EBD-9E6B-435BDFB387AB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8C79C8C1-7085-4B5D-B415-187A0223B334}] => (Allow) C:\Users\Me\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [TCP Query User{DA11D6E3-6C63-4E59-A5A4-3EDEB777FDAE}C:\windows\system32\dllhost.exe] => (Allow) C:\windows\system32\dllhost.exe
FirewallRules: [UDP Query User{B1F63E92-7420-4FD8-9549-30E310F80EB1}C:\windows\system32\dllhost.exe] => (Allow) C:\windows\system32\dllhost.exe
FirewallRules: [{7700038E-56C2-47B2-8E25-E527D66A330F}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\FaxApplications.exe
FirewallRules: [{875F4F42-1685-4331-9591-32497764C4E5}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\DigitalWizards.exe
FirewallRules: [{DD52F433-134C-4415-9394-DF4564F791B0}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\SendAFax.exe
FirewallRules: [{6F3825C4-B056-45A8-A5B1-37CADE4B7A7B}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\DeviceSetup.exe
FirewallRules: [{83A87DA7-54C9-4A3F-A14C-064660972A54}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{051AAC93-AC75-401C-884F-47C383F6AA25}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{7639DE8C-0A9C-422A-B748-40B6C1471CAB}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP2\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{79299A60-CCF0-41CC-A6FA-353418BCA514}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3E03380C-BDD0-4411-BB49-268CBC38AC82}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{06974650-A452-450C-8F01-494D9794FFAF}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{F0875E1C-815F-484A-8857-DA9D751F0795}C:\users\me\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light] => (Allow) C:\users\me\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light
FirewallRules: [UDP Query User{4B8F5162-10FF-44D9-A08F-6894F21FEEBA}C:\users\me\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light] => (Allow) C:\users\me\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light
FirewallRules: [{824B8C3D-8CE3-4FCA-9278-EB95275A4B67}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7F8E4A9A-CC59-4073-81E7-FA2DDC8CDE02}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8F422EE3-D484-47D7-B99E-B48E13C02550}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/17/2015 04:11:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/16/2015 06:11:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/16/2015 03:56:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/15/2015 05:19:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/15/2015 10:48:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/14/2015 10:26:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/14/2015 09:38:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/11/2015 10:39:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/11/2015 11:35:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/11/2015 10:09:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (12/17/2015 04:59:32 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: 
%%126

Error: (12/17/2015 04:59:32 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: 
%%126

Error: (12/17/2015 04:59:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: 
%%126

Error: (12/17/2015 04:59:29 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: 
%%126

Error: (12/17/2015 04:59:29 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: 
%%126

Error: (12/17/2015 04:59:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: 
%%126

Error: (12/17/2015 04:59:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: 
%%126

Error: (12/17/2015 04:59:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: 
%%126

Error: (12/17/2015 04:59:25 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: 
%%126

Error: (12/17/2015 04:59:20 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: 
%%126


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 44%
Installierter physikalischer RAM: 8043.86 MB
Verfügbarer physikalischer RAM: 4453 MB
Summe virtueller Speicher: 16085.93 MB
Verfügbarer virtueller Speicher: 12156.14 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:680.54 GB) (Free:430.24 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: FE7DFCF5)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=680.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
__________________

Alt 17.12.2015, 17:30   #4
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
web.de versendet Spam mit meinem Absender - Standard

web.de versendet Spam mit meinem Absender



Hi,

Schritt 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 17.12.2015, 18:28   #5
George900
 
web.de versendet Spam mit meinem Absender - Standard

web.de versendet Spam mit meinem Absender



hi, hat geklappt. Hier das Logfile

Code:
ATTFilter
18:21:23.0081 0x1b28  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
18:21:28.0424 0x1b28  ============================================================
18:21:28.0424 0x1b28  Current date / time: 2015/12/17 18:21:28.0424
18:21:28.0424 0x1b28  SystemInfo:
18:21:28.0424 0x1b28  
18:21:28.0424 0x1b28  OS Version: 6.1.7601 ServicePack: 1.0
18:21:28.0424 0x1b28  Product type: Workstation
18:21:28.0424 0x1b28  ComputerName: ACERSPACER
18:21:28.0425 0x1b28  UserName: Me
18:21:28.0425 0x1b28  Windows directory: C:\Windows
18:21:28.0425 0x1b28  System windows directory: C:\Windows
18:21:28.0425 0x1b28  Running under WOW64
18:21:28.0425 0x1b28  Processor architecture: Intel x64
18:21:28.0425 0x1b28  Number of processors: 8
18:21:28.0425 0x1b28  Page size: 0x1000
18:21:28.0425 0x1b28  Boot type: Normal boot
18:21:28.0425 0x1b28  ============================================================
18:21:28.0839 0x1b28  KLMD registered as C:\Windows\system32\drivers\38594427.sys
18:21:29.0464 0x1b28  System UUID: {5EB1403B-F762-6197-60EA-DFA3072BCA69}
18:21:30.0559 0x1b28  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:21:30.0570 0x1b28  ============================================================
18:21:30.0570 0x1b28  \Device\Harddisk0\DR0:
18:21:30.0571 0x1b28  MBR partitions:
18:21:30.0571 0x1b28  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2400800, BlocksNum 0x32000
18:21:30.0571 0x1b28  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2432800, BlocksNum 0x55113000
18:21:30.0571 0x1b28  ============================================================
18:21:30.0592 0x1b28  C: <-> \Device\Harddisk0\DR0\Partition2
18:21:30.0593 0x1b28  ============================================================
18:21:30.0593 0x1b28  Initialize success
18:21:30.0593 0x1b28  ============================================================
18:22:50.0090 0x193c  ============================================================
18:22:50.0090 0x193c  Scan started
18:22:50.0090 0x193c  Mode: Manual; SigCheck; TDLFS; 
18:22:50.0090 0x193c  ============================================================
18:22:50.0090 0x193c  KSN ping started
18:22:53.0005 0x193c  KSN ping finished: true
18:22:54.0449 0x193c  ================ Scan system memory ========================
18:22:54.0449 0x193c  System memory - ok
18:22:54.0452 0x193c  ================ Scan services =============================
18:22:54.0700 0x193c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:22:54.0887 0x193c  1394ohci - ok
18:22:54.0967 0x193c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:22:55.0033 0x193c  ACPI - ok
18:22:55.0093 0x193c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:22:55.0139 0x193c  AcpiPmi - ok
18:22:55.0304 0x193c  [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:22:55.0336 0x193c  AdobeARMservice - ok
18:22:55.0523 0x193c  [ F54564025D2284AE498E51D7C139F971, AAA48F38B81DB894854E8C84DB2E1F5C8447AA982D27C0BB78FF2786D9F80F83 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:22:55.0558 0x193c  AdobeFlashPlayerUpdateSvc - ok
18:22:55.0623 0x193c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
18:22:55.0674 0x193c  adp94xx - ok
18:22:55.0726 0x193c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
18:22:55.0778 0x193c  adpahci - ok
18:22:55.0809 0x193c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
18:22:55.0842 0x193c  adpu320 - ok
18:22:55.0890 0x193c  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:22:55.0938 0x193c  AeLookupSvc - ok
18:22:56.0033 0x193c  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
18:22:56.0084 0x193c  AFD - ok
18:22:56.0119 0x193c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
18:22:56.0141 0x193c  agp440 - ok
18:22:56.0171 0x193c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
18:22:56.0200 0x193c  ALG - ok
18:22:56.0260 0x193c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:22:56.0293 0x193c  aliide - ok
18:22:56.0335 0x193c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
18:22:56.0366 0x193c  amdide - ok
18:22:56.0397 0x193c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
18:22:56.0443 0x193c  AmdK8 - ok
18:22:56.0464 0x193c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
18:22:56.0510 0x193c  AmdPPM - ok
18:22:56.0538 0x193c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:22:56.0582 0x193c  amdsata - ok
18:22:56.0621 0x193c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
18:22:56.0670 0x193c  amdsbs - ok
18:22:56.0690 0x193c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:22:56.0731 0x193c  amdxata - ok
18:22:56.0807 0x193c  [ 18A8E8A19CD826D31D2E74E740220001, C410291201006158D3D71C1DB91287BE518B444D818E6BEB7A1C5EFB79C3FCD5 ] AMPPAL          C:\Windows\system32\DRIVERS\AMPPAL.sys
18:22:56.0861 0x193c  AMPPAL - ok
18:22:56.0889 0x193c  [ 18A8E8A19CD826D31D2E74E740220001, C410291201006158D3D71C1DB91287BE518B444D818E6BEB7A1C5EFB79C3FCD5 ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys
18:22:56.0928 0x193c  AMPPALP - ok
18:22:57.0051 0x193c  [ B4837176B2DBBC8E3D6F31D4853EEAEB, 1860C603D9041612C455B72A29C234BFDC2C58C1CC896045E56D56E6D7A773A8 ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
18:22:57.0237 0x193c  AMPPALR3 - ok
18:22:57.0604 0x193c  [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
18:22:57.0746 0x193c  AntiVirMailService - ok
18:22:57.0921 0x193c  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
18:22:57.0999 0x193c  AntiVirSchedulerService - ok
18:22:58.0161 0x193c  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
18:22:58.0227 0x193c  AntiVirService - ok
18:22:58.0451 0x193c  [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
18:22:58.0632 0x193c  AntiVirWebService - ok
18:22:58.0703 0x193c  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\Windows\system32\drivers\appid.sys
18:22:58.0749 0x193c  AppID - ok
18:22:58.0768 0x193c  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:22:58.0806 0x193c  AppIDSvc - ok
18:22:58.0863 0x193c  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
18:22:59.0033 0x193c  Appinfo - ok
18:22:59.0203 0x193c  [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:22:59.0231 0x193c  Apple Mobile Device Service - ok
18:22:59.0275 0x193c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
18:22:59.0310 0x193c  arc - ok
18:22:59.0336 0x193c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
18:22:59.0366 0x193c  arcsas - ok
18:22:59.0552 0x193c  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:22:59.0652 0x193c  aspnet_state - ok
18:22:59.0688 0x193c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:22:59.0791 0x193c  AsyncMac - ok
18:22:59.0852 0x193c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:22:59.0883 0x193c  atapi - ok
18:23:00.0026 0x193c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:23:00.0116 0x193c  AudioEndpointBuilder - ok
18:23:00.0192 0x193c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:23:00.0306 0x193c  AudioSrv - ok
18:23:00.0446 0x193c  [ 29E019B4607E410BFE4DB778C3300BC5, 32D1A5A5836152BAAA168B4A06AC6F52DBC19150D339B5F87E8E3A1E1EE580C3 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
18:23:00.0489 0x193c  avgntflt - ok
18:23:00.0555 0x193c  [ 1AD2C8F543F261F0AB90AD80767AB21D, 364DA0D0B8A91688CE39FEDF68EB93260819849097444F6A10A3F95CC32F9EA5 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
18:23:00.0614 0x193c  avipbb - ok
18:23:00.0663 0x193c  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
18:23:00.0701 0x193c  avkmgr - ok
18:23:00.0782 0x193c  [ 99672CCD11058D6E2F627473B773F971, 4EF2BCDA4678F9ECE499F216AC0F8105F37D2AB0320064741A8DFB5C39E5048C ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
18:23:00.0823 0x193c  avnetflt - ok
18:23:00.0884 0x193c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:23:00.0932 0x193c  AxInstSV - ok
18:23:01.0004 0x193c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
18:23:01.0060 0x193c  b06bdrv - ok
18:23:01.0098 0x193c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:23:01.0144 0x193c  b57nd60a - ok
18:23:01.0178 0x193c  [ A424CB46A145E5AABF15621550976DF2, B6CA183FD5ED72237D2DC1F599FD04A066C06A717A2CF63AF08D3AA0A227D7BA ] b57xdbd         C:\Windows\system32\drivers\b57xdbd.sys
18:23:01.0209 0x193c  b57xdbd - ok
18:23:01.0236 0x193c  [ BE4E6FD5A898812B85D5817AD9754A9F, 46A7C80283BE53F43A0D73DA3338461024DD002A7CF43660F9C7D640E0C72876 ] b57xdmp         C:\Windows\system32\drivers\b57xdmp.sys
18:23:01.0261 0x193c  b57xdmp - ok
18:23:01.0311 0x193c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:23:01.0351 0x193c  BDESVC - ok
18:23:01.0363 0x193c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:23:01.0455 0x193c  Beep - ok
18:23:01.0533 0x193c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
18:23:01.0624 0x193c  BFE - ok
18:23:01.0705 0x193c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
18:23:01.0837 0x193c  BITS - ok
18:23:01.0887 0x193c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
18:23:01.0919 0x193c  blbdrive - ok
18:23:01.0941 0x1fac  Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService
18:23:01.0992 0x193c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:23:02.0052 0x193c  Bonjour Service - ok
18:23:02.0087 0x193c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:23:02.0123 0x193c  bowser - ok
18:23:02.0153 0x193c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
18:23:02.0187 0x193c  BrFiltLo - ok
18:23:02.0194 0x193c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
18:23:02.0229 0x193c  BrFiltUp - ok
18:23:02.0281 0x193c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
18:23:02.0321 0x193c  Browser - ok
18:23:02.0360 0x193c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:23:02.0413 0x193c  Brserid - ok
18:23:02.0430 0x193c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:23:02.0468 0x193c  BrSerWdm - ok
18:23:02.0477 0x193c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:23:02.0518 0x193c  BrUsbMdm - ok
18:23:02.0528 0x193c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:23:02.0561 0x193c  BrUsbSer - ok
18:23:02.0614 0x193c  [ 0970D8B7151E9113BF8D44CE2E954DF7, D467DFFA1668F3BE29620154A13867568C25211ED823BE6A220D2DEE7E3A1278 ] bScsiMSa        C:\Windows\system32\drivers\bScsiMSa.sys
18:23:02.0650 0x193c  bScsiMSa - ok
18:23:02.0690 0x193c  [ 0C1EEE5AF32402D306874B110DE237EC, B0FE0F3B6A1E2C003E6F4B6330601C43126881262B328D7DD93AC2C0B714DC86 ] bScsiSDa        C:\Windows\system32\DRIVERS\bScsiSDa.sys
18:23:02.0716 0x193c  bScsiSDa - ok
18:23:02.0781 0x193c  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
18:23:02.0813 0x193c  BthEnum - ok
18:23:02.0829 0x193c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
18:23:02.0878 0x193c  BTHMODEM - ok
18:23:02.0918 0x193c  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
18:23:02.0959 0x193c  BthPan - ok
18:23:03.0045 0x193c  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
18:23:03.0114 0x193c  BTHPORT - ok
18:23:03.0169 0x193c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
18:23:03.0269 0x193c  bthserv - ok
18:23:03.0350 0x193c  [ B9D49E4288F56C053B4C12D2F9042948, 5E9C9866FA953526B23AAA05DB23879D3AF55A0909287ED5EB76E010D499B9A4 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
18:23:03.0378 0x193c  BTHSSecurityMgr - ok
18:23:03.0437 0x193c  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
18:23:03.0471 0x193c  BTHUSB - ok
18:23:03.0551 0x193c  [ A0DFB69ADE3444C78B17636FCF28E898, 21B1E76F056C2AFD5DEAFD620D2F90F4F617F8E76A88CEA2196E69D2CFBEE88B ] BTWAMPFL        C:\Windows\system32\DRIVERS\btwampfl.sys
18:23:03.0596 0x193c  BTWAMPFL - ok
18:23:03.0618 0x193c  [ 7CF028CE78696882B327FF13D2DFA534, 624C88C3CB511DE5F8279B7E982632F81FDFCAC8F2B038B69FEB686400E0C4F8 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
18:23:03.0649 0x193c  btwaudio - ok
18:23:03.0705 0x193c  [ 3DEF2370E414B4E299673558BA171A51, 5A0923D9F941ABD34EC9BEE0EB62A62F135CBF128061239CC6EA0E6752791636 ] btwavdt         C:\Windows\system32\DRIVERS\btwavdt.sys
18:23:03.0735 0x193c  btwavdt - ok
18:23:03.0849 0x193c  [ 2E79F03D1DC44426C59D01BFDD3462C0, 3DAD830DCFA9804D02002593776371E886DCC27133872236A5B1B5D3618E59CA ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
18:23:03.0930 0x193c  btwdins - ok
18:23:03.0949 0x193c  [ 346B4051B3D7FF70E8F027869B8ECA6E, 7C0485F592368016C6BAB8B1BC24C89454D4B305C3E6DFB8AAF4CDB26062D4EB ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
18:23:03.0972 0x193c  btwl2cap - ok
18:23:03.0990 0x193c  [ 9937E0E4DFC0030560A6DFE9D3A94B39, 0B9CF1932D4534BD7B1F5D7B7BD5FBF9C8D156838D24ABBDE475E79EEF1150F1 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
18:23:04.0014 0x193c  btwrchid - ok
18:23:04.0053 0x193c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:23:04.0139 0x193c  cdfs - ok
18:23:04.0203 0x193c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:23:04.0255 0x193c  cdrom - ok
18:23:04.0302 0x193c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:23:04.0385 0x193c  CertPropSvc - ok
18:23:04.0408 0x193c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
18:23:04.0451 0x193c  circlass - ok
18:23:04.0516 0x193c  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
18:23:04.0571 0x193c  CLFS - ok
18:23:04.0661 0x193c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:23:04.0693 0x193c  clr_optimization_v2.0.50727_32 - ok
18:23:04.0759 0x193c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:23:04.0786 0x1fac  Object send P2P result: true
18:23:04.0787 0x1fac  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
18:23:04.0809 0x193c  clr_optimization_v2.0.50727_64 - ok
18:23:04.0954 0x193c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:23:05.0077 0x193c  clr_optimization_v4.0.30319_32 - ok
18:23:05.0133 0x193c  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:23:05.0183 0x193c  clr_optimization_v4.0.30319_64 - ok
18:23:05.0238 0x193c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
18:23:05.0269 0x193c  CmBatt - ok
18:23:05.0307 0x193c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:23:05.0345 0x193c  cmdide - ok
18:23:05.0426 0x193c  [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG             C:\Windows\system32\Drivers\cng.sys
18:23:05.0490 0x193c  CNG - ok
18:23:05.0541 0x193c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
18:23:05.0566 0x193c  Compbatt - ok
18:23:05.0582 0x193c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
18:23:05.0619 0x193c  CompositeBus - ok
18:23:05.0627 0x193c  COMSysApp - ok
18:23:05.0652 0x193c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
18:23:05.0691 0x193c  crcdisk - ok
18:23:05.0752 0x193c  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:23:05.0809 0x193c  CryptSvc - ok
18:23:05.0852 0x193c  [ 44BDDEB03C84A1C993C992FFB5700357, 29080E9A434BB2A932783B0B5104BC9E3C514A0FFB387123B75F4F4045E353BC ] CVirtA          C:\Windows\system32\DRIVERS\CVirtA64.sys
18:23:05.0874 0x193c  CVirtA - ok
18:23:06.0093 0x193c  [ 66257CB4E4FB69887CDDC71663741435, A072C2868EC3CB773F1C512C9E07D152920794969E302199E8265CFFFD3EFC2D ] CVPND           C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
18:23:06.0217 0x193c  CVPND - ok
18:23:06.0404 0x193c  [ CC8E52DAA9826064BA464DBE531F2BB5, 28150B5DDB4DB42839EBB4F3672EB575373046B1676938111904290DFF6DEC8E ] CVPNDRVA        C:\Windows\system32\Drivers\CVPNDRVA.sys
18:23:06.0448 0x193c  CVPNDRVA - ok
18:23:06.0454 0x193c  DailytoolsUpdateService - ok
18:23:06.0530 0x193c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:23:06.0632 0x193c  DcomLaunch - ok
18:23:06.0707 0x193c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
18:23:06.0788 0x193c  defragsvc - ok
18:23:06.0818 0x193c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:23:06.0905 0x193c  DfsC - ok
18:23:06.0956 0x193c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:23:06.0994 0x193c  Dhcp - ok
18:23:07.0149 0x193c  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
18:23:07.0271 0x193c  DiagTrack - ok
18:23:07.0305 0x193c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
18:23:07.0389 0x193c  discache - ok
18:23:07.0419 0x193c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
18:23:07.0447 0x193c  Disk - ok
18:23:07.0499 0x193c  [ 05CB5910B3CA6019FC3CCA815EE06FFB, 8FA532ED500BB1F08E8034A6125BDD53B74D5E6AB0A83A6185B07AAFCD90AA82 ] DNE             C:\Windows\system32\DRIVERS\dne64x.sys
18:23:07.0537 0x193c  DNE - ok
18:23:07.0559 0x193c  Dnscache - ok
18:23:07.0588 0x1fac  Object send P2P result: true
18:23:07.0588 0x1fac  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
18:23:07.0603 0x193c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:23:07.0700 0x193c  dot3svc - ok
18:23:07.0730 0x193c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
18:23:07.0810 0x193c  DPS - ok
18:23:07.0850 0x193c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:23:07.0872 0x193c  drmkaud - ok
18:23:07.0930 0x193c  [ 9DD3A22F804697606C2B7FF9E912FF6B, BBE2FC0D554030BA9E3A96CC4A360D61DBCCAA1D81BD7547809F29A3AF0B3A25 ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
18:23:07.0973 0x193c  DsiWMIService - ok
18:23:08.0077 0x193c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:23:08.0223 0x193c  DXGKrnl - ok
18:23:08.0280 0x193c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
18:23:08.0432 0x193c  EapHost - ok
18:23:08.0722 0x193c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
18:23:08.0982 0x193c  ebdrv - ok
18:23:09.0035 0x193c  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS             C:\Windows\System32\lsass.exe
18:23:09.0071 0x193c  EFS - ok
18:23:09.0188 0x193c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:23:09.0280 0x193c  ehRecvr - ok
18:23:09.0317 0x193c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
18:23:09.0371 0x193c  ehSched - ok
18:23:09.0450 0x193c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
18:23:09.0512 0x193c  elxstor - ok
18:23:09.0622 0x193c  [ 48425C93B6F36529707206E4FA680CF3, 328BD59DEDFAD359EF79CCFBC2AD3E9C95657EC616AE0611F5EFEB34B810692A ] ePowerSvc       C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
18:23:09.0718 0x193c  ePowerSvc - ok
18:23:09.0752 0x193c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:23:09.0787 0x193c  ErrDev - ok
18:23:09.0835 0x193c  [ DBAA0C650C9549DC5C599D1E81DEDAAD, C8DF68CDACEF27C91CFD1FE8032A8DAF830D9E77C573C25DE5D41FC3DB824ABA ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
18:23:09.0869 0x193c  ETD - ok
18:23:09.0939 0x193c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
18:23:10.0058 0x193c  EventSystem - ok
18:23:10.0189 0x193c  [ 770B15B8261A444B817F296EC27CE71E, 528E2ADBD22D72E9BD5F37504073AA1EBFFD037B6D4C3AABB4769DE9F1A10A55 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
18:23:10.0253 0x193c  EvtEng - ok
18:23:10.0308 0x193c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:23:10.0436 0x193c  exfat - ok
18:23:10.0490 0x193c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:23:10.0602 0x193c  fastfat - ok
18:23:10.0690 0x193c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
18:23:10.0773 0x193c  Fax - ok
18:23:10.0812 0x193c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
18:23:10.0852 0x193c  fdc - ok
18:23:10.0884 0x193c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
18:23:10.0992 0x193c  fdPHost - ok
18:23:11.0023 0x193c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:23:11.0110 0x193c  FDResPub - ok
18:23:11.0137 0x193c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:23:11.0168 0x193c  FileInfo - ok
18:23:11.0239 0x193c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:23:11.0338 0x193c  Filetrace - ok
18:23:11.0464 0x193c  [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:23:11.0479 0x1fac  Object send P2P result: true
18:23:11.0479 0x1fac  Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService
18:23:11.0530 0x193c  FLEXnet Licensing Service - ok
18:23:11.0571 0x193c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
18:23:11.0601 0x193c  flpydisk - ok
18:23:11.0652 0x193c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:23:11.0697 0x193c  FltMgr - ok
18:23:11.0821 0x193c  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
18:23:11.0929 0x193c  FontCache - ok
18:23:11.0991 0x193c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:23:12.0014 0x193c  FontCache3.0.0.0 - ok
18:23:12.0031 0x193c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:23:12.0057 0x193c  FsDepends - ok
18:23:12.0078 0x193c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:23:12.0107 0x193c  Fs_Rec - ok
18:23:12.0171 0x193c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:23:12.0216 0x193c  fvevol - ok
18:23:12.0237 0x193c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
18:23:12.0273 0x193c  gagp30kx - ok
18:23:12.0360 0x193c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:23:12.0386 0x193c  GEARAspiWDM - ok
18:23:12.0477 0x193c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:23:12.0729 0x193c  gpsvc - ok
18:23:12.0865 0x193c  [ C9B2D1D3F86FD3673EF847DEF73B6F9E, 9D3822A6464F685F770F8D02A8AE623A676888F135E8425C3BAF1CC077429A7F ] GREGService     C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
18:23:12.0891 0x193c  GREGService - ok
18:23:13.0023 0x193c  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:23:13.0070 0x193c  gupdate - ok
18:23:13.0089 0x193c  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:23:13.0125 0x193c  gupdatem - ok
18:23:13.0157 0x193c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:23:13.0187 0x193c  hcw85cir - ok
18:23:13.0232 0x193c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:23:13.0295 0x193c  HdAudAddService - ok
18:23:13.0336 0x193c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
18:23:13.0373 0x193c  HDAudBus - ok
18:23:13.0388 0x193c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
18:23:13.0435 0x193c  HidBatt - ok
18:23:13.0451 0x193c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
18:23:13.0489 0x193c  HidBth - ok
18:23:13.0514 0x193c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
18:23:13.0550 0x193c  HidIr - ok
18:23:13.0580 0x193c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
18:23:13.0680 0x193c  hidserv - ok
18:23:13.0736 0x193c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:23:13.0767 0x193c  HidUsb - ok
18:23:13.0807 0x193c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:23:13.0896 0x193c  hkmsvc - ok
18:23:13.0930 0x193c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:23:13.0974 0x193c  HomeGroupListener - ok
18:23:14.0011 0x193c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:23:14.0072 0x193c  HomeGroupProvider - ok
18:23:14.0105 0x193c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:23:14.0146 0x193c  HpSAMD - ok
18:23:14.0240 0x193c  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:23:14.0297 0x1fac  Object send P2P result: true
18:23:14.0325 0x193c  HTTP - ok
18:23:14.0349 0x193c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:23:14.0386 0x193c  hwpolicy - ok
18:23:14.0421 0x193c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:23:14.0459 0x193c  i8042prt - ok
18:23:14.0518 0x193c  [ 26CF4275034214ECEDD8EC17B0A18A99, 95A08C63971C28F1BC97040C0ADA247E3B43DE7D937B14E33A394B955D0AC8B7 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
18:23:14.0592 0x193c  iaStor - ok
18:23:14.0656 0x193c  [ E79A8E33BD136D14BAE1FA20EB2EF124, 54AD784570282FEF21021BE76C57EE878EC6FF6423CE2FFC3A4372AF6C3112D4 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:23:14.0681 0x193c  IAStorDataMgrSvc - ok
18:23:14.0744 0x193c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:23:14.0796 0x193c  iaStorV - ok
18:23:14.0902 0x193c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:23:14.0985 0x193c  idsvc - ok
18:23:15.0052 0x193c  IEEtwCollectorService - ok
18:23:15.0853 0x193c  [ 9937600A1584FF00565D5379EB4C9EDB, CF03333E9E7BD940B27194A9CF21ED8A6A10B698B545A898291976F650FC2675 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
18:23:16.0642 0x193c  igfx - ok
18:23:16.0676 0x193c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
18:23:16.0697 0x193c  iirsp - ok
18:23:16.0786 0x193c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
18:23:16.0865 0x193c  IKEEXT - ok
18:23:16.0925 0x193c  [ CADDF0927DAC63EDAE48F5C35A61D87D, C46006461311B1563C1D149B9D60B202F30147265B9D93069B084D03A09D2BEC ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
18:23:16.0947 0x193c  intaud_WaveExtensible - ok
18:23:17.0193 0x193c  [ 1CE438B31551746AB450D8FFA403BDB5, 56000B9A2E9EBCB3D5F1E516EECFC10BEEAC9CBF6E088FC23D9B4B2C7FC9686A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:23:17.0509 0x193c  IntcAzAudAddService - ok
18:23:17.0577 0x193c  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
18:23:17.0647 0x193c  IntcDAud - ok
18:23:17.0699 0x193c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:23:17.0733 0x193c  intelide - ok
18:23:17.0772 0x193c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:23:17.0813 0x193c  intelppm - ok
18:23:17.0858 0x193c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:23:17.0983 0x193c  IPBusEnum - ok
18:23:18.0005 0x193c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:23:18.0141 0x193c  IpFilterDriver - ok
18:23:18.0224 0x193c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:23:18.0338 0x193c  iphlpsvc - ok
18:23:18.0352 0x193c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:23:18.0390 0x193c  IPMIDRV - ok
18:23:18.0405 0x193c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:23:18.0521 0x193c  IPNAT - ok
18:23:18.0629 0x193c  [ A4857E8B1DEB9740FB5ADEDF05ED69E0, 24FC7A188D32B08CE4F10EEEF17F37C45DB5433158A7A97A07D43F6BEE58DFFC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:23:18.0716 0x193c  iPod Service - ok
18:23:18.0775 0x193c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:23:18.0841 0x193c  IRENUM - ok
18:23:18.0847 0x193c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:23:18.0871 0x193c  isapnp - ok
18:23:18.0928 0x193c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:23:18.0973 0x193c  iScsiPrt - ok
18:23:19.0022 0x193c  [ 716F66336F10885D935B08174DC54242, 1992708956A2A45A8870CFCB532F3ABF24B1143B75EF32AB1F59D5D86E65F493 ] iwdbus          C:\Windows\system32\DRIVERS\iwdbus.sys
18:23:19.0046 0x193c  iwdbus - ok
18:23:19.0126 0x193c  [ 455B75C19BF3F1F2EE3AC10E1169826C, C8CE6DE48E0B4621F2851A994261FA787556A27F9868A8859E5E8A8354028257 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
18:23:19.0176 0x193c  k57nd60a - ok
18:23:19.0217 0x193c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:23:19.0256 0x193c  kbdclass - ok
18:23:19.0279 0x193c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:23:19.0316 0x193c  kbdhid - ok
18:23:19.0347 0x193c  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso          C:\Windows\system32\lsass.exe
18:23:19.0387 0x193c  KeyIso - ok
18:23:19.0441 0x193c  [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:23:19.0489 0x193c  KSecDD - ok
18:23:19.0514 0x193c  [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:23:19.0557 0x193c  KSecPkg - ok
18:23:19.0579 0x193c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:23:19.0695 0x193c  ksthunk - ok
18:23:19.0768 0x193c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:23:19.0901 0x193c  KtmRm - ok
18:23:20.0017 0x193c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:23:20.0122 0x193c  LanmanServer - ok
18:23:20.0180 0x193c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:23:20.0281 0x193c  LanmanWorkstation - ok
18:23:20.0361 0x193c  [ B705C7097F9A0EC941D02DCE7C7D426C, 1A137BEA25BF7BA1EF190212CD6E556B53293D6388E9F7E790BF53F641F3CF89 ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
18:23:20.0396 0x193c  Live Updater Service - ok
18:23:20.0432 0x193c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:23:20.0532 0x193c  lltdio - ok
18:23:20.0592 0x193c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:23:20.0748 0x193c  lltdsvc - ok
18:23:20.0772 0x193c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:23:20.0868 0x193c  lmhosts - ok
18:23:20.0935 0x193c  [ D75C4B4A8FE6D7FD74A7EECDBAEC729F, 9BB0A3BE7CCDF62CF0A67CB67019364965F6567BE29BA6D153B8E36F88058302 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:23:20.0998 0x193c  LMS - ok
18:23:21.0053 0x193c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
18:23:21.0088 0x193c  LSI_FC - ok
18:23:21.0100 0x193c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
18:23:21.0143 0x193c  LSI_SAS - ok
18:23:21.0153 0x193c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
18:23:21.0187 0x193c  LSI_SAS2 - ok
18:23:21.0200 0x193c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
18:23:21.0236 0x193c  LSI_SCSI - ok
18:23:21.0282 0x193c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:23:21.0401 0x193c  luafv - ok
18:23:21.0460 0x193c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:23:21.0502 0x193c  Mcx2Svc - ok
18:23:21.0510 0x193c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
18:23:21.0542 0x193c  megasas - ok
18:23:21.0611 0x193c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
18:23:21.0667 0x193c  MegaSR - ok
18:23:21.0722 0x193c  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
18:23:21.0760 0x193c  MEIx64 - ok
18:23:21.0798 0x193c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
18:23:21.0913 0x193c  MMCSS - ok
18:23:21.0933 0x193c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
18:23:22.0023 0x193c  Modem - ok
18:23:22.0054 0x193c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:23:22.0105 0x193c  monitor - ok
18:23:22.0134 0x193c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:23:22.0159 0x193c  mouclass - ok
18:23:22.0187 0x193c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:23:22.0222 0x193c  mouhid - ok
18:23:22.0259 0x193c  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:23:22.0290 0x193c  mountmgr - ok
18:23:22.0395 0x193c  [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:23:22.0431 0x193c  MozillaMaintenance - ok
18:23:22.0477 0x193c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:23:22.0513 0x193c  mpio - ok
18:23:22.0536 0x193c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:23:22.0627 0x193c  mpsdrv - ok
18:23:22.0717 0x193c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:23:22.0870 0x193c  MpsSvc - ok
18:23:22.0927 0x193c  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:23:22.0963 0x193c  MRxDAV - ok
18:23:23.0003 0x193c  [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:23:23.0049 0x193c  mrxsmb - ok
18:23:23.0120 0x193c  [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:23:23.0187 0x193c  mrxsmb10 - ok
18:23:23.0238 0x193c  [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:23:23.0291 0x193c  mrxsmb20 - ok
18:23:23.0341 0x193c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:23:23.0374 0x193c  msahci - ok
18:23:23.0413 0x193c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:23:23.0463 0x193c  msdsm - ok
18:23:23.0499 0x193c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
18:23:23.0563 0x193c  MSDTC - ok
18:23:23.0601 0x193c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:23:23.0745 0x193c  Msfs - ok
18:23:23.0782 0x193c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:23:23.0900 0x193c  mshidkmdf - ok
18:23:23.0945 0x193c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:23:23.0979 0x193c  msisadrv - ok
18:23:24.0017 0x193c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:23:24.0133 0x193c  MSiSCSI - ok
18:23:24.0140 0x193c  msiserver - ok
18:23:24.0160 0x193c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:23:24.0263 0x193c  MSKSSRV - ok
18:23:24.0274 0x193c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:23:24.0372 0x193c  MSPCLOCK - ok
18:23:24.0385 0x193c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:23:24.0484 0x193c  MSPQM - ok
18:23:24.0529 0x193c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:23:24.0609 0x193c  MsRPC - ok
18:23:24.0633 0x193c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
18:23:24.0667 0x193c  mssmbios - ok
18:23:24.0686 0x193c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:23:24.0788 0x193c  MSTEE - ok
18:23:24.0809 0x193c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
18:23:24.0844 0x193c  MTConfig - ok
18:23:24.0866 0x193c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
18:23:24.0903 0x193c  Mup - ok
18:23:24.0990 0x193c  [ 7B5094DF1671E35D2F2EDDBF12D3D77D, 24637DD03A2DF40E4AFD3EF69B5E117C1F83A38AA8E80091D973677FCE8E035E ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
18:23:25.0037 0x193c  MyWiFiDHCPDNS - ok
18:23:25.0102 0x193c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
18:23:25.0272 0x193c  napagent - ok
18:23:25.0334 0x193c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:23:25.0402 0x193c  NativeWifiP - ok
18:23:25.0509 0x193c  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:23:25.0631 0x193c  NDIS - ok
18:23:25.0669 0x193c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:23:25.0785 0x193c  NdisCap - ok
18:23:25.0805 0x193c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:23:25.0902 0x193c  NdisTapi - ok
18:23:25.0918 0x193c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:23:26.0002 0x193c  Ndisuio - ok
18:23:26.0028 0x193c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:23:26.0117 0x193c  NdisWan - ok
18:23:26.0135 0x193c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:23:26.0225 0x193c  NDProxy - ok
18:23:26.0295 0x193c  [ 76C4D5C98A808D8C8E0C46280036FAF8, A808DFA8B6949D44698122CDA43CD01B3B1CD14029B368F1686D023426239B87 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
18:23:26.0308 0x193c  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
18:23:29.0076 0x193c  Detect skipped due to KSN trusted
18:23:29.0076 0x193c  Net Driver HPZ12 - ok
18:23:29.0110 0x193c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:23:29.0224 0x193c  NetBIOS - ok
18:23:29.0266 0x193c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:23:29.0391 0x193c  NetBT - ok
18:23:29.0425 0x193c  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon        C:\Windows\system32\lsass.exe
18:23:29.0458 0x193c  Netlogon - ok
18:23:29.0516 0x193c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
18:23:29.0641 0x193c  Netman - ok
18:23:29.0694 0x193c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:23:29.0730 0x193c  NetMsmqActivator - ok
18:23:29.0751 0x193c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:23:29.0802 0x193c  NetPipeActivator - ok
18:23:29.0855 0x193c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
18:23:29.0978 0x193c  netprofm - ok
18:23:29.0995 0x193c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:23:30.0029 0x193c  NetTcpActivator - ok
18:23:30.0043 0x193c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:23:30.0079 0x193c  NetTcpPortSharing - ok
18:23:30.0873 0x193c  [ 62A8A81674F71B76289E460615A0AC73, 18EC13F46360DB819200F7B77E0F952D43C25FEE91D6CB44C42502F4E3042D74 ] NETwNs64        C:\Windows\system32\DRIVERS\Netwsw00.sys
18:23:31.0726 0x193c  NETwNs64 - ok
18:23:31.0788 0x193c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
18:23:31.0818 0x193c  nfrd960 - ok
18:23:31.0878 0x193c  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:23:31.0919 0x193c  NlaSvc - ok
18:23:31.0945 0x193c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:23:32.0010 0x193c  Npfs - ok
18:23:32.0031 0x193c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
18:23:32.0146 0x193c  nsi - ok
18:23:32.0164 0x193c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:23:32.0319 0x193c  nsiproxy - ok
18:23:32.0523 0x193c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:23:32.0730 0x193c  Ntfs - ok
18:23:32.0814 0x193c  [ 1873214666F6F0A883742DF91FBC48C9, DCF5382CE338D4B5B0C3A3B722A19B6C7BAB59EB7B266FEF04698B79070E2C4B ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
18:23:32.0870 0x193c  NTI IScheduleSvc - ok
18:23:32.0914 0x193c  [ EE3BA1024594D5D09E314F206B94069E, 34C8EC3DF1C3088D8A0442CAA4F5506665AFB2DF016709457ED2AB7DA45F53A6 ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
18:23:32.0944 0x193c  NTIDrvr - ok
18:23:32.0965 0x193c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
18:23:33.0073 0x193c  Null - ok
18:23:33.0120 0x193c  [ 0EBC9D13CD96C15B1B18D8678A609E4B, B10896DE16B0C102DFB3E73A6C11A1982C5B428015DAE1F8776BCEF94A0F75C6 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
18:23:33.0158 0x193c  nusb3hub - ok
18:23:33.0195 0x193c  [ 7BDEC000D56D485021D9C1E63C2F81CA, 7F1303FD0371AF8715BFC38433B730C797170AEF10C7DB845B7B547DA8DBB5D5 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
18:23:33.0240 0x193c  nusb3xhc - ok
18:23:34.0387 0x193c  [ 73DC184AF4D2ADDC41B37344636D2CC7, 6CB0AE9458A8E4DB7833C16238246D5850932462B618054FFBFF9B6B8368924F ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:23:35.0480 0x193c  nvlddmkm - ok
18:23:35.0532 0x193c  [ 477A3CF725C4040F77EB9E2C17B922A0, ED7C3CB741CF3E67F95AA7BBB95FB05EE9B2B8E07CEB3CE2A6866C06D6C9169F ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
18:23:35.0565 0x193c  nvpciflt - ok
18:23:35.0612 0x193c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:23:35.0652 0x193c  nvraid - ok
18:23:35.0669 0x193c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:23:35.0703 0x193c  nvstor - ok
18:23:35.0792 0x193c  [ 6D1056430AFC72A6097409A70A716C15, 6CE87CAEAA2121E161BFAC05F0ED307E6B4E5A8406B6ACF2FF52009A86767B8D ] NVSvc           C:\Windows\system32\nvvsvc.exe
18:23:35.0874 0x193c  NVSvc - ok
18:23:36.0017 0x193c  [ A072423C3812472D326BC774610055CF, 5DD4B491A6FB038842B5D373B9665A4BE16AA92883FA81058B676F79FA058232 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
18:23:36.0177 0x193c  nvUpdatusService - ok
18:23:36.0260 0x193c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:23:36.0296 0x193c  nv_agp - ok
18:23:36.0335 0x193c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:23:36.0374 0x193c  ohci1394 - ok
18:23:36.0438 0x193c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:23:36.0462 0x193c  ose - ok
18:23:36.0840 0x193c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:23:37.0260 0x193c  osppsvc - ok
18:23:37.0336 0x193c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:23:37.0393 0x193c  p2pimsvc - ok
18:23:37.0445 0x193c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
18:23:37.0541 0x193c  p2psvc - ok
18:23:37.0579 0x193c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
18:23:37.0620 0x193c  Parport - ok
18:23:37.0668 0x193c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:23:37.0698 0x193c  partmgr - ok
18:23:37.0746 0x193c  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:23:37.0789 0x193c  PcaSvc - ok
18:23:37.0823 0x193c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
18:23:37.0880 0x193c  pci - ok
18:23:37.0924 0x193c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
18:23:37.0956 0x193c  pciide - ok
18:23:37.0980 0x193c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
18:23:38.0028 0x193c  pcmcia - ok
18:23:38.0044 0x193c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:23:38.0070 0x193c  pcw - ok
18:23:38.0139 0x193c  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:23:38.0213 0x193c  PEAUTH - ok
18:23:38.0333 0x193c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:23:38.0363 0x193c  PerfHost - ok
18:23:38.0505 0x193c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
18:23:38.0749 0x193c  pla - ok
18:23:38.0844 0x193c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:23:38.0946 0x193c  PlugPlay - ok
18:23:39.0005 0x193c  [ D1A4DBB8A29F7FFC78378F47F9EA6B91, 782C7C6AA7A4A772C5E7392EA6D849BBCD159C30DF30918941C0BE058226D765 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
18:23:39.0026 0x193c  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
18:23:41.0714 0x193c  Detect skipped due to KSN trusted
18:23:41.0714 0x193c  Pml Driver HPZ12 - ok
18:23:41.0730 0x193c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:23:41.0758 0x193c  PNRPAutoReg - ok
18:23:41.0801 0x193c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:23:41.0855 0x193c  PNRPsvc - ok
18:23:41.0909 0x193c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:23:42.0027 0x193c  PolicyAgent - ok
18:23:42.0046 0x193c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
18:23:42.0170 0x193c  Power - ok
18:23:42.0220 0x193c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:23:42.0302 0x193c  PptpMiniport - ok
18:23:42.0341 0x193c  [ 87D84513E913011CE408BFA99903965C, DDCB6475E12FD367821F7045C6A50A1E1DB9054A6208D7124476181AB0D53C52 ] PRESONUS_AUDIOBOX_MIDI C:\Windows\system32\drivers\psabusbm.sys
18:23:42.0362 0x193c  PRESONUS_AUDIOBOX_MIDI - ok
18:23:42.0447 0x193c  [ 96D337F025ABAFE7CADDDEC495413895, 84EE29BB89FC8595D42B9A2FE2BAC0D44175B0045991ECA34D05EDBE51F5D3A1 ] PRESONUS_AUDIOBOX_USB C:\Windows\system32\Drivers\psabusbu.sys
18:23:42.0507 0x193c  PRESONUS_AUDIOBOX_USB - ok
18:23:42.0540 0x193c  [ 5F1134087929E1A0D3A8E0BBDEC89A8B, 0E4997D4E1DAC9C6C8604B7551E4460DBBC93D8468936B0F0C694BBDC0F0FEFC ] PRESONUS_AUDIOBOX_WDM C:\Windows\system32\drivers\psabusba.sys
18:23:42.0567 0x193c  PRESONUS_AUDIOBOX_WDM - ok
18:23:42.0589 0x193c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
18:23:42.0625 0x193c  Processor - ok
18:23:42.0694 0x193c  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:23:42.0738 0x193c  ProfSvc - ok
18:23:42.0756 0x193c  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:23:42.0789 0x193c  ProtectedStorage - ok
18:23:42.0838 0x193c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:23:42.0928 0x193c  Psched - ok
18:23:43.0048 0x193c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
18:23:43.0140 0x193c  ql2300 - ok
18:23:43.0155 0x193c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
18:23:43.0180 0x193c  ql40xx - ok
18:23:43.0225 0x193c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
18:23:43.0272 0x193c  QWAVE - ok
18:23:43.0288 0x193c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:23:43.0327 0x193c  QWAVEdrv - ok
18:23:43.0333 0x193c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:23:43.0398 0x193c  RasAcd - ok
18:23:43.0435 0x193c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:23:43.0507 0x193c  RasAgileVpn - ok
18:23:43.0530 0x193c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
18:23:43.0623 0x193c  RasAuto - ok
18:23:43.0649 0x193c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:23:43.0742 0x193c  Rasl2tp - ok
18:23:43.0799 0x193c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
18:23:43.0900 0x193c  RasMan - ok
18:23:43.0916 0x193c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:23:43.0995 0x193c  RasPppoe - ok
18:23:44.0024 0x193c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:23:44.0098 0x193c  RasSstp - ok
18:23:44.0130 0x193c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:23:44.0231 0x193c  rdbss - ok
18:23:44.0252 0x193c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
18:23:44.0288 0x193c  rdpbus - ok
18:23:44.0307 0x193c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:23:44.0374 0x193c  RDPCDD - ok
18:23:44.0389 0x193c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:23:44.0459 0x193c  RDPENCDD - ok
18:23:44.0472 0x193c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:23:44.0535 0x193c  RDPREFMP - ok
18:23:44.0585 0x193c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:23:44.0620 0x193c  RDPWD - ok
18:23:44.0653 0x193c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:23:44.0685 0x193c  rdyboost - ok
18:23:44.0797 0x193c  [ 992E3160D3AB2D8F083B6808D73A4016, BFB0C76A03472827D577783270B01AEADAC32EE644177C2A8027CDC593179E13 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
18:23:44.0823 0x193c  RegSrvc - ok
18:23:44.0855 0x193c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:23:44.0924 0x193c  RemoteAccess - ok
18:23:44.0955 0x193c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:23:45.0031 0x193c  RemoteRegistry - ok
18:23:45.0084 0x193c  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
18:23:45.0121 0x193c  RFCOMM - ok
18:23:45.0155 0x193c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:23:45.0231 0x193c  RpcEptMapper - ok
18:23:45.0263 0x193c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
18:23:45.0288 0x193c  RpcLocator - ok
18:23:45.0330 0x193c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
18:23:45.0421 0x193c  RpcSs - ok
18:23:45.0455 0x193c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:23:45.0525 0x193c  rspndr - ok
18:23:45.0546 0x193c  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs           C:\Windows\system32\lsass.exe
18:23:45.0567 0x193c  SamSs - ok
18:23:45.0637 0x193c  [ B136E29C89CD7234DEC1A4104E5D30CC, 59B534D928EA77B904380679C701EC56A964E5039F69ED1A7372A95E215A9144 ] Samsung UPD Service2 C:\Windows\System32\SUPDSvc2.exe
18:23:45.0657 0x193c  Samsung UPD Service2 - detected UnsignedFile.Multi.Generic ( 1 )
18:23:48.0383 0x193c  Detect skipped due to KSN trusted
18:23:48.0383 0x193c  Samsung UPD Service2 - ok
18:23:48.0455 0x193c  [ 5EFBBFCC6ADAC121C8E2FE76641ED329, 0EAB16C7F54B61620277977F8C332737081A46BC6BBDE50742B6904BDD54F502 ] SANDRA          C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP2\WNt500x64\Sandra.sys
18:23:48.0487 0x193c  SANDRA - ok
18:23:48.0531 0x193c  [ 28D22B00901EE48BB98899ABAD5DA11E, 1947D8A2A83A4FBFEB411CB90A3AD1881337A6F49BC3F3CE0F19BD27F5D769E2 ] SandraAgentSrv  C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP2\RpcAgentSrv.exe
18:23:48.0549 0x193c  SandraAgentSrv - detected UnsignedFile.Multi.Generic ( 1 )
18:23:51.0259 0x193c  Detect skipped due to KSN trusted
18:23:51.0259 0x193c  SandraAgentSrv - ok
18:23:51.0304 0x193c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:23:51.0344 0x193c  sbp2port - ok
18:23:51.0426 0x193c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:23:51.0614 0x193c  SCardSvr - ok
18:23:51.0637 0x193c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:23:51.0715 0x193c  scfilter - ok
18:23:51.0839 0x193c  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
18:23:51.0982 0x193c  Schedule - ok
18:23:52.0022 0x193c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:23:52.0118 0x193c  SCPolicySvc - ok
18:23:52.0147 0x193c  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
18:23:52.0188 0x193c  sdbus - ok
18:23:52.0211 0x193c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:23:52.0259 0x193c  SDRSVC - ok
18:23:52.0332 0x193c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] Secdrv          C:\Windows\system32\drivers\SECDRV.SYS
18:23:52.0366 0x193c  Secdrv - ok
18:23:52.0380 0x193c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
18:23:52.0471 0x193c  seclogon - ok
18:23:52.0489 0x193c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
18:23:52.0577 0x193c  SENS - ok
18:23:52.0594 0x193c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:23:52.0626 0x193c  SensrSvc - ok
18:23:52.0646 0x193c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
18:23:52.0681 0x193c  Serenum - ok
18:23:52.0715 0x193c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
18:23:52.0758 0x193c  Serial - ok
18:23:52.0782 0x193c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
18:23:52.0810 0x193c  sermouse - ok
18:23:52.0841 0x193c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
18:23:52.0963 0x193c  SessionEnv - ok
18:23:52.0970 0x193c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:23:53.0001 0x193c  sffdisk - ok
18:23:53.0008 0x193c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:23:53.0043 0x193c  sffp_mmc - ok
18:23:53.0054 0x193c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:23:53.0090 0x193c  sffp_sd - ok
18:23:53.0099 0x193c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
18:23:53.0130 0x193c  sfloppy - ok
18:23:53.0182 0x193c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:23:53.0310 0x193c  SharedAccess - ok
18:23:53.0352 0x193c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:23:53.0471 0x193c  ShellHWDetection - ok
18:23:53.0503 0x193c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
18:23:53.0528 0x193c  SiSRaid2 - ok
18:23:53.0554 0x193c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
18:23:53.0588 0x193c  SiSRaid4 - ok
18:23:53.0715 0x193c  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:23:53.0774 0x193c  SkypeUpdate - ok
18:23:53.0824 0x193c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:23:53.0928 0x193c  Smb - ok
18:23:53.0989 0x193c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:23:54.0022 0x193c  SNMPTRAP - ok
18:23:54.0039 0x193c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:23:54.0066 0x193c  spldr - ok
18:23:54.0136 0x193c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
18:23:54.0199 0x193c  Spooler - ok
18:23:54.0440 0x193c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
18:23:54.0793 0x193c  sppsvc - ok
18:23:54.0823 0x193c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:23:54.0917 0x193c  sppuinotify - ok
18:23:54.0959 0x193c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:23:55.0013 0x193c  srv - ok
18:23:55.0059 0x193c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:23:55.0109 0x193c  srv2 - ok
18:23:55.0138 0x193c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:23:55.0173 0x193c  srvnet - ok
18:23:55.0214 0x193c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:23:55.0304 0x193c  SSDPSRV - ok
18:23:55.0357 0x193c  [ 0211AB46B73A2623B86C1CFCB30579AB, 7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4 ] SSPORT          C:\Windows\system32\Drivers\SSPORT.sys
18:23:55.0381 0x193c  SSPORT - ok
18:23:55.0400 0x193c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:23:55.0504 0x193c  SstpSvc - ok
18:23:55.0522 0x193c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
18:23:55.0546 0x193c  stexstor - ok
18:23:55.0609 0x193c  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
18:23:55.0635 0x193c  StillCam - ok
18:23:55.0721 0x193c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
18:23:55.0799 0x193c  stisvc - ok
18:23:55.0821 0x193c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
18:23:55.0851 0x193c  swenum - ok
18:23:55.0981 0x193c  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:23:56.0036 0x193c  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
18:23:58.0779 0x193c  Detect skipped due to KSN trusted
18:23:58.0779 0x193c  SwitchBoard - ok
18:23:58.0839 0x193c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
18:23:58.0976 0x193c  swprv - ok
18:23:59.0126 0x193c  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
18:23:59.0297 0x193c  SysMain - ok
18:23:59.0320 0x193c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:23:59.0387 0x193c  TabletInputService - ok
18:23:59.0426 0x193c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:23:59.0538 0x193c  TapiSrv - ok
18:23:59.0554 0x193c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
18:23:59.0649 0x193c  TBS - ok
18:23:59.0809 0x193c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:23:59.0943 0x193c  Tcpip - ok
18:24:00.0096 0x193c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:24:00.0253 0x193c  TCPIP6 - ok
18:24:00.0289 0x193c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:24:00.0312 0x193c  tcpipreg - ok
18:24:00.0340 0x193c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:24:00.0367 0x193c  TDPIPE - ok
18:24:00.0413 0x193c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:24:00.0435 0x193c  TDTCP - ok
18:24:00.0487 0x193c  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:24:00.0516 0x193c  tdx - ok
18:24:00.0538 0x193c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
18:24:00.0559 0x193c  TermDD - ok
18:24:00.0643 0x193c  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
18:24:00.0701 0x193c  TermService - ok
18:24:00.0737 0x193c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
18:24:00.0786 0x193c  Themes - ok
18:24:00.0817 0x193c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
18:24:00.0889 0x193c  THREADORDER - ok
18:24:00.0913 0x193c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
18:24:00.0989 0x193c  TrkWks - ok
18:24:01.0045 0x193c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:24:01.0153 0x193c  TrustedInstaller - ok
18:24:01.0201 0x193c  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:24:01.0225 0x193c  tssecsrv - ok
18:24:01.0258 0x193c  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:24:01.0281 0x193c  TsUsbFlt - ok
18:24:01.0313 0x193c  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
18:24:01.0336 0x193c  TsUsbGD - ok
18:24:01.0379 0x193c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:24:01.0447 0x193c  tunnel - ok
18:24:01.0470 0x193c  [ FD24F98D2898BE093FE926604BE7DB99, F9851C57A2ED838AC76BB19FE2F62BB81C57DBBE2A2555F738B5D6725D39AD61 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
18:24:01.0489 0x193c  TurboB - ok
18:24:01.0541 0x193c  [ 600B406A04D90F577FEA8A88D7379F08, 77CC8E8AFB6F571A42D916C0B2FEFFD3A7A32A455C78228B407C6C9B6DED8CAD ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
18:24:01.0564 0x193c  TurboBoost - ok
18:24:01.0587 0x193c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
18:24:01.0610 0x193c  uagp35 - ok
18:24:01.0624 0x193c  [ A17D5E1A6DF4EAB0A480F2C490DE4C9D, 1EA835F172B6BF3D7F496E079DF1CDF00122B2110C08D61427582BC9405D2B7B ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
18:24:01.0645 0x193c  UBHelper - ok
18:24:01.0684 0x193c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:24:01.0804 0x193c  udfs - ok
18:24:01.0841 0x193c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:24:01.0900 0x193c  UI0Detect - ok
18:24:01.0936 0x193c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:24:01.0968 0x193c  uliagpkx - ok
18:24:01.0999 0x193c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
18:24:02.0037 0x193c  umbus - ok
18:24:02.0060 0x193c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
18:24:02.0093 0x193c  UmPass - ok
18:24:02.0355 0x193c  [ 758C2CE427C343F780A205E28555C98D, E3413BA433CD26DD61D3257B08B8354478A049A972EFAC53C303690BC71DD7E1 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:24:02.0923 0x193c  UNS - ok
18:24:02.0985 0x193c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
18:24:03.0100 0x193c  upnphost - ok
18:24:03.0160 0x193c  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
18:24:03.0193 0x193c  USBAAPL64 - ok
18:24:03.0269 0x193c  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
18:24:03.0323 0x193c  usbaudio - ok
18:24:03.0377 0x193c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:24:03.0422 0x193c  usbccgp - ok
18:24:03.0491 0x193c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:24:03.0556 0x193c  usbcir - ok
18:24:03.0634 0x193c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
18:24:03.0673 0x193c  usbehci - ok
18:24:03.0731 0x193c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:24:03.0790 0x193c  usbhub - ok
18:24:03.0825 0x193c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:24:03.0858 0x193c  usbohci - ok
18:24:03.0898 0x193c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:24:03.0951 0x193c  usbprint - ok
18:24:03.0977 0x193c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:24:04.0016 0x193c  USBSTOR - ok
18:24:04.0042 0x193c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:24:04.0080 0x193c  usbuhci - ok
18:24:04.0155 0x193c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
18:24:04.0207 0x193c  usbvideo - ok
18:24:04.0247 0x193c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
18:24:04.0362 0x193c  UxSms - ok
18:24:04.0402 0x193c  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc        C:\Windows\system32\lsass.exe
18:24:04.0441 0x193c  VaultSvc - ok
18:24:04.0477 0x193c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:24:04.0514 0x193c  vdrvroot - ok
18:24:04.0600 0x193c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
18:24:04.0787 0x193c  vds - ok
18:24:04.0808 0x193c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:24:04.0862 0x193c  vga - ok
18:24:04.0880 0x193c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:24:04.0976 0x193c  VgaSave - ok
18:24:05.0011 0x193c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:24:05.0057 0x193c  vhdmp - ok
18:24:05.0114 0x193c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:24:05.0143 0x193c  viaide - ok
18:24:05.0214 0x193c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:24:05.0257 0x193c  volmgr - ok
18:24:05.0313 0x193c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:24:05.0378 0x193c  volmgrx - ok
18:24:05.0419 0x193c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:24:05.0471 0x193c  volsnap - ok
18:24:05.0519 0x193c  [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva           C:\Windows\system32\DRIVERS\vpnva64-6.sys
18:24:05.0565 0x193c  vpnva - ok
18:24:05.0621 0x193c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
18:24:05.0669 0x193c  vsmraid - ok
18:24:05.0834 0x193c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
18:24:06.0117 0x193c  VSS - ok
18:24:06.0148 0x193c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:24:06.0192 0x193c  vwifibus - ok
18:24:06.0231 0x193c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:24:06.0310 0x193c  vwififlt - ok
18:24:06.0339 0x193c  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
18:24:06.0389 0x193c  vwifimp - ok
18:24:06.0431 0x193c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
18:24:06.0540 0x193c  W32Time - ok
18:24:06.0578 0x193c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
18:24:06.0608 0x193c  WacomPen - ok
18:24:06.0645 0x193c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:24:06.0743 0x193c  WANARP - ok
18:24:06.0758 0x193c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:24:06.0839 0x193c  Wanarpv6 - ok
18:24:07.0002 0x193c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
18:24:07.0133 0x193c  WatAdminSvc - ok
18:24:07.0267 0x193c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
18:24:07.0397 0x193c  wbengine - ok
18:24:07.0422 0x193c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:24:07.0463 0x193c  WbioSrvc - ok
18:24:07.0494 0x193c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:24:07.0564 0x193c  wcncsvc - ok
18:24:07.0578 0x193c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:24:07.0603 0x193c  WcsPlugInService - ok
18:24:07.0635 0x193c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
18:24:07.0660 0x193c  Wd - ok
18:24:07.0735 0x193c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:24:07.0798 0x193c  Wdf01000 - ok
18:24:07.0846 0x193c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:24:07.0895 0x193c  WdiServiceHost - ok
18:24:07.0903 0x193c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:24:07.0930 0x193c  WdiSystemHost - ok
18:24:07.0979 0x193c  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
18:24:08.0013 0x193c  WebClient - ok
18:24:08.0045 0x193c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:24:08.0137 0x193c  Wecsvc - ok
18:24:08.0157 0x193c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:24:08.0225 0x193c  wercplsupport - ok
18:24:08.0253 0x193c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:24:08.0361 0x193c  WerSvc - ok
18:24:08.0396 0x193c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:24:08.0462 0x193c  WfpLwf - ok
18:24:08.0479 0x193c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:24:08.0507 0x193c  WIMMount - ok
18:24:08.0532 0x193c  WinDefend - ok
18:24:08.0554 0x193c  WinHttpAutoProxySvc - ok
18:24:08.0620 0x193c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:24:08.0705 0x193c  Winmgmt - ok
18:24:08.0861 0x193c  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
18:24:08.0987 0x193c  WinRM - ok
18:24:09.0051 0x193c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
18:24:09.0083 0x193c  WinUsb - ok
18:24:09.0152 0x193c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:24:09.0229 0x193c  Wlansvc - ok
18:24:09.0288 0x193c  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:24:09.0307 0x193c  wlcrasvc - ok
18:24:09.0539 0x193c  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:24:09.0686 0x193c  wlidsvc - ok
18:24:09.0728 0x193c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
18:24:09.0755 0x193c  WmiAcpi - ok
18:24:09.0797 0x193c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:24:09.0836 0x193c  wmiApSrv - ok
18:24:09.0855 0x193c  WMPNetworkSvc - ok
18:24:09.0882 0x193c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:24:09.0905 0x193c  WPCSvc - ok
18:24:09.0919 0x193c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:24:09.0954 0x193c  WPDBusEnum - ok
18:24:09.0973 0x193c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:24:10.0053 0x193c  ws2ifsl - ok
18:24:10.0074 0x193c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
18:24:10.0121 0x193c  wscsvc - ok
18:24:10.0163 0x193c  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
18:24:10.0198 0x193c  WSDPrintDevice - ok
18:24:10.0203 0x193c  WSearch - ok
18:24:10.0382 0x193c  [ 6075791ED85E47A2A2916B1F34582944, 25B5FAD161711875B38BDD014A26FA527C8EE4854D485989D19A72D5EBBA4054 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:24:10.0564 0x193c  wuauserv - ok
18:24:10.0624 0x193c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:24:10.0651 0x193c  WudfPf - ok
18:24:10.0698 0x193c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:24:10.0729 0x193c  WUDFRd - ok
18:24:10.0768 0x193c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:24:10.0793 0x193c  wudfsvc - ok
18:24:10.0836 0x193c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:24:10.0873 0x193c  WwanSvc - ok
18:24:11.0114 0x193c  [ 9FA1347D0E96998C3793F51BB94D7AC3, D4C692E8313B96D03AB5A37C1CF15B7F7D8B76948555B4CFBA1ADA4D3E051C3B ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
18:24:11.0326 0x193c  ZeroConfigService - ok
18:24:11.0384 0x193c  ================ Scan global ===============================
18:24:11.0422 0x193c  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
18:24:11.0468 0x193c  [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
18:24:11.0512 0x193c  [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
18:24:11.0550 0x193c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:24:11.0603 0x193c  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
18:24:11.0618 0x193c  [ Global ] - ok
18:24:11.0619 0x193c  ================ Scan MBR ==================================
18:24:11.0630 0x193c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:24:12.0084 0x193c  \Device\Harddisk0\DR0 - ok
18:24:12.0085 0x193c  ================ Scan VBR ==================================
18:24:12.0090 0x193c  [ 5ABA1C134B4F0D06D112093F1F9CBB7B ] \Device\Harddisk0\DR0\Partition1
18:24:12.0137 0x193c  \Device\Harddisk0\DR0\Partition1 - ok
18:24:12.0143 0x193c  [ A5AB74419F45544A72EA3CEF3CB4CF09 ] \Device\Harddisk0\DR0\Partition2
18:24:12.0183 0x193c  \Device\Harddisk0\DR0\Partition2 - ok
18:24:12.0184 0x193c  ================ Scan generic autorun ======================
18:24:12.0227 0x193c  [ BA9E8BF3E91C14DE99FDB1FA946D07AF, 9C3F5F52EE5B8D02B15EE18AA492FB110547A8DCDA3F8284A614F4E1A30F9BB1 ] C:\Windows\system32\igfxtray.exe
18:24:12.0267 0x193c  IgfxTray - ok
18:24:12.0305 0x193c  [ B20857C91A3E992A5AC93D8625C53CAE, ECB89856B267E2F4930CB7B404B51425C6375A47F864577C1A7B8B255278EC12 ] C:\Windows\system32\hkcmd.exe
18:24:12.0387 0x193c  HotKeysCmds - ok
18:24:12.0433 0x193c  [ 29E120E36791B2E620CC398847C28E12, 7C2904FEDD50F49447FD091D33BB3BFA5A2A684101ADB123BC2C08699320B912 ] C:\Windows\system32\igfxpers.exe
18:24:12.0479 0x193c  Persistence - ok
18:24:12.0484 0x193c  IntelTBRunOnce - ok
18:24:12.0485 0x193c  ETDCtrl - ok
18:24:13.0265 0x193c  [ 2D0838648D185E0B475E83AB1864F403, 3607D775E23C574CDEC6FA32A90114297BB914AAB5CEB9679B36FFFE484F527D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
18:24:14.0044 0x193c  RtHDVCpl - ok
18:24:14.0197 0x193c  [ 7586ACA6DBFBDCD5EBC1776486D53AA4, 1DA51BE57CB6DDCB9DAEA337802DEEE729D56C2548B2BB8909D7FA007A68BBFB ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
18:24:14.0353 0x193c  RtHDVBg - ok
18:24:14.0493 0x193c  [ F0474296AC4E0E6BDE733C1B8513E41A, 2E54894FC1B422F0C520D11166204926D3994A3440037D655C73D66D7118859C ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
18:24:14.0619 0x193c  Power Management - ok
18:24:14.0683 0x193c  [ 4AF66C16236B64296E25BBA15E928108, 66BF272BCAD968BB56BC98AC2870623C20B352679FB78EBD79AFCB53C1EDDDCE ] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
18:24:14.0714 0x193c  CDAServer - detected UnsignedFile.Multi.Generic ( 1 )
18:24:17.0638 0x193c  CDAServer ( UnsignedFile.Multi.Generic ) - warning
18:24:19.0728 0x1c24  Object required for P2P: [ 2D0838648D185E0B475E83AB1864F403 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
18:24:20.0544 0x193c  [ 0D360F06B168A6F37ACA9D9F958245DA, 0F37D510AE0A31503A359F65D5C04CD798B178A3A3E2601DFBAB6534B3C7C23C ] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
18:24:20.0588 0x193c  BackupManagerTray - ok
18:24:20.0692 0x193c  [ 9ABC4E3B00CFA3A47D5569F5B49FE42F, 5D33CCE770BC9BC3AFA544A21F100A7F1E5A36577FDB30884160AC4BFE6A1838 ] C:\Program Files (x86)\Launch Manager\LManager.exe
18:24:20.0794 0x193c  LManager - ok
18:24:20.0845 0x193c  [ 9D51EA92A612B37E76E5E4621650C50A, 00BD61C8527A80C0F684882379A0AC2E5A54E8BBECC797087B960CDC8454C373 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
18:24:20.0871 0x193c  NUSB3MON - ok
18:24:21.0003 0x193c  [ 14017E1CE1583C2C26F69C5BC3D4DBD0, 1D17EC0FF6DF5AF44C82EA6C6806CC940121BC93439D87C5442D7EEEFFA39E3A ] C:\Dolby PCEE4\pcee4.exe
18:24:21.0051 0x193c  Dolby Advanced Audio v2 - ok
18:24:21.0091 0x193c  [ 7D58C9BDF9C0A3955BDCDE7387AD12AC, 89A6C99CF8B0DB1C6455E4C5610ED78F4C095BCA39DFA8E9496C44CBD8C3E1B1 ] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
18:24:21.0117 0x193c  ISUSScheduler - detected UnsignedFile.Multi.Generic ( 1 )
18:24:22.0628 0x1c24  Object send P2P result: true
18:24:23.0837 0x193c  Detect skipped due to KSN trusted
18:24:23.0837 0x193c  ISUSScheduler - ok
18:24:23.0922 0x193c  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:24:24.0018 0x193c  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
18:24:24.0018 0x193c  Detect skipped due to KSN trusted
18:24:24.0018 0x193c  SwitchBoard - ok
18:24:24.0105 0x193c  [ 1A68538C43FD405A06FEBF32F4CEC7DB, 0028DBEB7634B18897635B2C22D724DC27D4A62835FB4265D00221F177A5CBDE ] C:\Windows\Samsung\PanelMgr\ssmmgr.exe
18:24:24.0183 0x193c  Samsung PanelMgr - detected UnsignedFile.Multi.Generic ( 1 )
18:24:27.0128 0x193c  Detect skipped due to KSN trusted
18:24:27.0128 0x193c  Samsung PanelMgr - ok
18:24:27.0484 0x193c  [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
18:24:27.0574 0x193c  avgnt - ok
18:24:27.0645 0x193c  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
18:24:27.0728 0x193c  HP Software Update - ok
18:24:27.0852 0x193c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:24:28.0114 0x193c  Sidebar - ok
18:24:28.0149 0x193c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:24:28.0192 0x193c  mctadmin - ok
18:24:28.0198 0x193c  IsMyWinLockerReboot - ok
18:24:28.0282 0x193c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:24:28.0387 0x193c  Sidebar - ok
18:24:28.0401 0x193c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:24:28.0446 0x193c  mctadmin - ok
18:24:28.0451 0x193c  IsMyWinLockerReboot - ok
18:24:28.0528 0x193c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:24:28.0644 0x193c  Sidebar - ok
18:24:28.0660 0x193c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:24:28.0710 0x193c  mctadmin - ok
18:24:28.0852 0x193c  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
18:24:29.0010 0x193c  Sidebar - ok
18:24:29.0053 0x193c  [ 1C46FC1AB600766B8554580204806E84, 015A5ABFBED6D2A6C22B30805B5529AC5F33E0542D8C97AFD3350214778B8333 ] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
18:24:29.0086 0x193c  ISUSPM Startup - detected UnsignedFile.Multi.Generic ( 1 )
18:24:31.0824 0x193c  Detect skipped due to KSN trusted
18:24:31.0824 0x193c  ISUSPM Startup - ok
18:24:32.0190 0x193c  [ A1BAEE2F2AA71318D08A81EB1AE60F1F, 8CEE7310553205E2047B2168CA7C578FBD80B403D644EC3E2DE7E4CECC9717FC ] C:\Users\Me\AppData\Roaming\Spotify\SpotifyWebHelper.exe
18:24:32.0470 0x193c  Spotify Web Helper - ok
18:24:32.0527 0x193c  [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
18:24:32.0615 0x193c  RESTART_STICKY_NOTES - ok
18:24:32.0727 0x193c  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Me\AppData\Local\Dropbox\Update\DropboxUpdate.exe
18:24:32.0754 0x193c  Dropbox Update - ok
18:24:32.0755 0x193c  Waiting for KSN requests completion. In queue: 12
18:24:33.0755 0x193c  Waiting for KSN requests completion. In queue: 12
18:24:34.0755 0x193c  Waiting for KSN requests completion. In queue: 12
18:24:35.0469 0x17ec  Object required for P2P: [ A1BAEE2F2AA71318D08A81EB1AE60F1F ] C:\Users\Me\AppData\Roaming\Spotify\SpotifyWebHelper.exe
18:24:35.0755 0x193c  Waiting for KSN requests completion. In queue: 3
18:24:36.0755 0x193c  Waiting for KSN requests completion. In queue: 3
18:24:37.0756 0x193c  Waiting for KSN requests completion. In queue: 3
18:24:38.0495 0x17ec  Object send P2P result: true
18:24:38.0811 0x193c  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated )
18:24:38.0932 0x193c  Win FW state via NFP2: enabled ( trusted )
18:24:41.0650 0x193c  ============================================================
18:24:41.0650 0x193c  Scan finished
18:24:41.0650 0x193c  ============================================================
18:24:41.0680 0x1a48  Detected object count: 1
18:24:41.0680 0x1a48  Actual detected object count: 1
18:25:16.0366 0x1a48  CDAServer ( UnsignedFile.Multi.Generic ) - skipped by user
18:25:16.0367 0x1a48  CDAServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
         


Alt 17.12.2015, 18:43   #6
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
web.de versendet Spam mit meinem Absender - Standard

web.de versendet Spam mit meinem Absender



Gut, dann bitte die folgenden Tools genau nach Anweisung:

Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 2

  • Download und Anleitung
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass Deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3



Bitte starte FRST erneut, markiere auch die checkbox und drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________
--> web.de versendet Spam mit meinem Absender

Alt 17.12.2015, 21:01   #7
George900
 
web.de versendet Spam mit meinem Absender - Standard

web.de versendet Spam mit meinem Absender



Hi, ich hoff ich hab alle log dateien zusammen:

AdwCleaner:

Code:
ATTFilter
# AdwCleaner v5.025 - Bericht erstellt am 17/12/2015 um 18:54:03
# Aktualisiert am 13/12/2015 von Xplode
# Datenbank : 2015-12-13.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Me - ACERSPACER
# Gestartet von : C:\Users\Me\Desktop\AdwCleaner_5.025.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****

[-] Dienst Gelöscht : DailytoolsUpdateService

***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Program Files (x86)\Search
[-] Ordner Gelöscht : C:\ProgramData\VideoConverter
[-] Ordner Gelöscht : C:\Users\Me\AppData\Local\apn
[-] Ordner Gelöscht : C:\Users\Me\AppData\Local\Video Converter

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Windows\SysWOW64\update1.dll

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****

[-] Geplante Aufgabe Gelöscht : Launch 29494

***** [ Registrierungsdatenbank ] *****

[-] Wert Gelöscht : HKLM\SOFTWARE\microsoft\windows nt\currentversion\svchost [DailytoolsInstallerService]
[-] Wert Gelöscht : HKLM\SOFTWARE\microsoft\windows nt\currentversion\svchost [DailytoolsUpdateService]
[-] Wert Gelöscht : HKLM\SOFTWARE\microsoft\windows nt\currentversion\svchost [Update-Service-Installer-Service]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{94952EC4-DB66-3F32-BE4C-F0BB875EA98E}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{58124A0B-DC32-4180-9BFF-E0E21AE34026}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{94952EC4-DB66-3F32-BE4C-F0BB875EA98E}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Joosoft.com
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739

***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [13232 Bytes] ##########
         
MBAM:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 17.12.2015
Suchlaufzeit: 19:10
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.12.17.04
Rootkit-Datenbank: v2015.12.16.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Me

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 429631
Abgelaufene Zeit: 1 Std., 26 Min., 30 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
FRST:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-12-2015
durchgeführt von Me (Administrator) auf ACERSPACER (17-12-2015 20:53:44)
Gestartet von C:\Users\Me\Desktop
Geladene Profile: UpdatusUser & Me &  (Verfügbare Profile: UpdatusUser & Me)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Me\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Users\Me\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Dropbox, Inc.) C:\Users\Me\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11786344 2011-03-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2207848 2011-03-21] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [436224 2010-10-29] ()
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\ssmmgr.exe /autorun
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1067736 2015-10-28] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-2178418379-3476598836-2058176853-1001\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-08-11] (Macrovision Corporation)
HKU\S-1-5-21-2178418379-3476598836-2058176853-1001\...\Run: [Spotify Web Helper] => C:\Users\Me\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2345584 2015-12-07] (Spotify Ltd)
HKU\S-1-5-21-2178418379-3476598836-2058176853-1001\...\Run: [Dropbox Update] => C:\Users\Me\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
HKU\S-1-5-21-2178418379-3476598836-2058176853-1001\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
HKU\S-1-5-21-2178418379-3476598836-2058176853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-08-11] (Macrovision Corporation)
HKU\S-1-5-21-2178418379-3476598836-2058176853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Me\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2345584 2015-12-07] (Spotify Ltd)
HKU\S-1-5-21-2178418379-3476598836-2058176853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dropbox Update] => C:\Users\Me\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
HKU\S-1-5-21-2178418379-3476598836-2058176853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2015-04-19]
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()
Startup: C:\Users\Me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-14]
ShortcutTarget: Dropbox.lnk -> C:\Users\Me\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 10 C:\Windows\system32\tnns5j20y.dll Keine Datei 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{72A688A4-A394-4ED3-8DFA-424CDAF6A4E0}: [NameServer] 134.2.3.191 134.2.200.2
Tcpip\..\Interfaces\{B71F7680-D780-4B45-B303-025C4CFD65EA}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-2178418379-3476598836-2058176853-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com/
HKU\S-1-5-21-2178418379-3476598836-2058176853-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
HKU\S-1-5-21-2178418379-3476598836-2058176853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com/
HKU\S-1-5-21-2178418379-3476598836-2058176853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-04-04] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: AcroIEToolbarHelper Class -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15] ()
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-04] (Oracle Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15] ()
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\ix1vbfuh.default
FF Session Restore: -> ist aktiviert.
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Keine Datei]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-04-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2178418379-3476598836-2058176853-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Me\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-2178418379-3476598836-2058176853-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Me\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-2178418379-3476598836-2058176853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Me\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-2178418379-3476598836-2058176853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Me\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF => nicht gefunden

Chrome: 
=======
CHR Profile: C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-04]
CHR Extension: (Google Drive) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-10]
CHR Extension: (Google-Suche) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Google Docs Offline) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-10]
CHR Extension: (Google Mail) - C:\Users\Me\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-06] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272688 2012-08-23] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2012-02-08] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2012-02-08] (Hewlett-Packard) [Datei ist nicht signiert]
S4 Samsung UPD Service2; C:\Windows\System32\SUPDSvc2.exe [158208 2012-04-05] (Samsung Electronics) [Datei ist nicht signiert]
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP2\RpcAgentSrv.exe [95896 2009-02-04] (SiSoftware) [Datei ist nicht signiert]
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3342640 2012-08-23] (Intel® Corporation)
S2 Dnscache; %SystemRoot%\System32\pouaned1t.dll [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-06] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-06] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-06] (Avira Operations GmbH & Co. KG)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-17] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
S3 PRESONUS_AUDIOBOX_MIDI; C:\Windows\System32\drivers\psabusbm.sys [37496 2009-12-04] (Ploytec GmbH)
S3 PRESONUS_AUDIOBOX_USB; C:\Windows\System32\Drivers\psabusbu.sys [462968 2009-12-04] (Ploytec GmbH)
S3 PRESONUS_AUDIOBOX_WDM; C:\Windows\System32\drivers\psabusba.sys [50808 2009-12-04] (Ploytec GmbH)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP2\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 Secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [11616 2000-11-06] () [Datei ist nicht signiert]
R2 SSPORT; C:\Windows\SysWOW64\Drivers\SSPORT.sys [11576 2009-09-11] (Samsung Electronics)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-03-12] (Cisco Systems, Inc.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-17 20:53 - 2015-12-17 20:54 - 00024160 _____ C:\Users\Me\Desktop\FRST.txt
2015-12-17 20:52 - 2015-12-17 20:52 - 00001213 _____ C:\mbam.txt
2015-12-17 19:01 - 2015-12-17 19:10 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-17 19:00 - 2015-12-17 19:03 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-12-17 19:00 - 2015-12-17 19:02 - 00001070 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-12-17 19:00 - 2015-12-17 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-12-17 19:00 - 2015-12-17 19:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-17 19:00 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-17 19:00 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-17 19:00 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-17 18:58 - 2015-12-17 18:59 - 22908888 _____ (Malwarebytes ) C:\Users\Me\Desktop\mbam-setup-2.2.0.1024.exe
2015-12-17 18:51 - 2015-12-17 18:54 - 00000000 ____D C:\AdwCleaner
2015-12-17 18:49 - 2015-12-17 18:49 - 01740288 _____ C:\Users\Me\Desktop\AdwCleaner_5.025.exe
2015-12-17 18:21 - 2015-12-17 18:29 - 00232740 _____ C:\Users\Me\Desktop\TDSSKiller.3.1.0.9_17.12.2015_18.21.23_log.txt
2015-12-17 18:20 - 2015-12-17 18:20 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Me\Desktop\tdsskiller.exe
2015-12-17 16:55 - 2015-12-17 16:59 - 00054734 _____ C:\Users\Me\Downloads\Addition.txt
2015-12-17 16:53 - 2015-12-17 20:53 - 00000000 ____D C:\FRST
2015-12-17 16:53 - 2015-12-17 16:59 - 00041356 _____ C:\Users\Me\Downloads\FRST.txt
2015-12-17 16:52 - 2015-12-17 16:52 - 02370048 _____ (Farbar) C:\Users\Me\Desktop\FRST64.exe
2015-12-14 09:42 - 2015-12-14 09:42 - 00000000 ____D C:\Users\Me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-09 18:42 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-09 18:42 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-09 18:42 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-09 18:42 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-09 18:42 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-09 18:42 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-09 18:42 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-09 18:42 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-09 18:42 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-09 18:42 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-09 18:42 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-09 18:42 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-09 18:42 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-09 18:42 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-09 18:42 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-09 18:42 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-09 18:42 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-09 18:42 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-09 18:42 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 18:42 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 18:42 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-09 18:42 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-09 18:42 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-09 18:42 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-09 18:42 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-09 18:42 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-09 18:42 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-09 18:42 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 18:42 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 18:42 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 18:42 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-09 18:42 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-09 18:42 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 18:42 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-09 18:42 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-09 18:42 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-09 18:42 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-09 18:42 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-09 18:42 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-09 18:42 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-09 18:42 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-09 18:42 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-09 18:42 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-09 18:42 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-09 18:42 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-09 18:42 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-09 18:42 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-09 18:42 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-09 18:42 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-09 18:42 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-09 18:42 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-09 18:42 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-09 18:42 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-09 18:42 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-09 18:42 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 18:42 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-09 18:42 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-09 18:42 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 18:42 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 18:42 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-09 18:42 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-09 18:42 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-09 18:42 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-09 18:42 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 18:42 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 18:42 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-09 18:42 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 18:42 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-09 18:42 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 18:42 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 18:42 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-09 18:42 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-09 18:42 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-09 18:42 - 2015-11-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-09 18:42 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-09 18:42 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 18:42 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-09 18:42 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-09 18:42 - 2015-10-09 00:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-12-09 18:42 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-09 18:42 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-12-09 18:42 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-12-09 18:42 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-12-09 18:42 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-09 18:42 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-09 18:42 - 2015-10-09 00:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-12-09 18:42 - 2015-10-08 20:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-12-09 18:42 - 2015-10-08 19:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-12-09 18:41 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 18:41 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 18:41 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-09 18:41 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-09 18:41 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-09 18:41 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 18:41 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-09 18:41 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 18:41 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 18:41 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 18:41 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 18:41 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-09 18:41 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 18:41 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 18:41 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-09 18:41 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-09 18:41 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 18:41 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-09 18:41 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 18:41 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-09 18:41 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-08 16:29 - 2015-12-08 16:29 - 03026393 _____ C:\Users\Me\Downloads\i-KliC-1-Zusammenfassung & Skript HEATOLOGIE-071215.pdf
2015-12-06 20:33 - 2015-12-06 20:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-05 21:21 - 2015-12-05 21:21 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d12f9a844419d4.job

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-17 19:16 - 2009-07-14 05:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-17 19:16 - 2009-07-14 05:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-17 19:08 - 2011-09-23 16:37 - 00714468 _____ C:\Windows\system32\perfh007.dat
2015-12-17 19:08 - 2011-09-23 16:37 - 00154520 _____ C:\Windows\system32\perfc007.dat
2015-12-17 19:08 - 2009-07-14 06:13 - 01649640 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-17 19:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-17 19:06 - 2012-11-15 12:22 - 00000000 ___RD C:\Users\Me\Dropbox
2015-12-17 19:06 - 2012-11-15 12:20 - 00000000 ____D C:\Users\Me\AppData\Roaming\Dropbox
2015-12-17 18:50 - 2012-02-06 20:35 - 00000000 ____D C:\Users\Me\AppData\Roaming\Skype
2015-12-17 17:51 - 2012-10-15 15:25 - 00000000 ____D C:\Users\Me\AppData\Local\Spotify
2015-12-17 17:16 - 2012-10-15 15:25 - 00000000 ____D C:\Users\Me\AppData\Roaming\Spotify
2015-12-17 16:57 - 2007-07-12 02:48 - 00000000 ____D C:\Windows
2015-12-17 16:20 - 2014-05-16 16:58 - 00002139 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-15 10:49 - 2013-10-27 21:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-15 10:49 - 2012-04-07 17:30 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-15 10:49 - 2011-08-12 09:54 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-14 09:59 - 2011-12-23 11:55 - 00000000 ____D C:\Users\Me\AppData\Roaming\Adobe
2015-12-11 11:35 - 2009-07-14 05:45 - 04898936 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-11 11:32 - 2013-03-13 12:53 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-11 11:32 - 2013-03-13 12:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-11 10:40 - 2011-12-23 11:54 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-11 10:39 - 2013-03-13 12:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-11 10:36 - 2013-08-06 20:25 - 00000000 ____D C:\Windows\system32\MRT
2015-12-11 10:25 - 2011-12-30 10:31 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-06 20:33 - 2015-05-07 21:08 - 00001970 _____ C:\Users\Public\Desktop\Avira Antivirus.lnk
2015-12-06 20:31 - 2013-07-29 09:59 - 00162072 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-12-06 20:31 - 2013-07-29 09:59 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-12-06 20:31 - 2013-07-29 09:59 - 00075472 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-12-06 20:30 - 2012-01-19 11:10 - 00000000 ____D C:\Users\Me\Documents\Installationsdateien
2015-12-06 00:33 - 2011-09-23 06:48 - 00000000 ____D C:\Users\UpdatusUser
2015-12-05 21:21 - 2015-10-05 23:00 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0ffb93679ddb2.job
2015-12-02 13:18 - 2010-11-21 04:27 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-11-18 20:10 - 2012-04-06 18:03 - 00000000 ____D C:\Users\Me\AppData\Roaming\vlc

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-12-29 13:15 - 2014-06-04 15:08 - 0000064 _____ () C:\Users\Me\AppData\Roaming\Sandra.ldb
2012-03-03 19:36 - 2014-06-04 10:40 - 11333632 _____ () C:\Users\Me\AppData\Roaming\Sandra.mdb
2014-11-30 16:22 - 2014-11-30 16:22 - 0001456 _____ () C:\Users\Me\AppData\Local\Adobe Save for Web 12.0 Prefs
2012-06-26 14:50 - 2014-05-07 16:56 - 0006144 _____ () C:\Users\Me\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-12-24 21:28 - 2011-12-24 21:28 - 0000017 _____ () C:\Users\Me\AppData\Local\resmon.resmoncfg
2014-04-22 20:34 - 2014-04-22 20:34 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-09-23 07:12 - 2011-09-23 07:14 - 0015636 _____ () C:\ProgramData\ArcadeDeluxe5.log
2011-12-23 12:59 - 2011-12-23 13:00 - 0000032 _____ () C:\ProgramData\PS.log
2012-03-26 13:04 - 2012-03-26 13:04 - 0004910 _____ () C:\ProgramData\qjaxlkio.dss

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\qjaxlkio.dss


Einige Dateien in TEMP:
====================
C:\Users\Me\AppData\Local\Temp\avgnt.exe
C:\Users\Me\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqvxfht.dll
C:\Users\Me\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Me\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2013-07-23 11:33

==================== Ende von FRST.txt ============================
         
Addition:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-12-2015
durchgeführt von Me (2015-12-17 20:54:56)
Gestartet von C:\Users\Me\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-12-23 10:44:05)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2178418379-3476598836-2058176853-500 - Administrator - Disabled)
Gast (S-1-5-21-2178418379-3476598836-2058176853-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2178418379-3476598836-2058176853-1004 - Limited - Enabled)
Me (S-1-5-21-2178418379-3476598836-2058176853-1001 - Administrator - Enabled) => C:\Users\Me
UpdatusUser (S-1-5-21-2178418379-3476598836-2058176853-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (Version: 13.2.1 - Hewlett-Packard) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3503 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0519.2011 - Acer Incorporated)
Adobe Acrobat 6.0 Professional - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000001}) (Version: 006.000.000 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{288DB08D-0708-4A94-B055-55B99E39EB62}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.4.634 - Adobe Systems, Inc.)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-2178418379-3476598836-2058176853-1001\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-2178418379-3476598836-2058176853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2004696318.48.56.34278770 - Audible, Inc.)
AudioBox USB driver (HKLM\...\USB_AUDIO_DEusb-audio.depresonusAudioBoxUSB) (Version:  - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.8.2.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
Common Desktop Agent (Version: 1.50.0 - OEM) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dojotech Spotify Recorder (HKLM-x32\...\{461179FC-E2AC-4CC8-AA95-82D35FB3E7EA}) (Version: 3.3 - Dojotech Software)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.4 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-2178418379-3476598836-2058176853-1001\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-2178418379-3476598836-2058176853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GEAR driver installer for x86 Win2K (HKLM-x32\...\{33286B63-B749-4D54-AA04-5631319B168D}) (Version: 5.005.3 - GEAR Software, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
HP Officejet 6600 - Grundlegende Software für das Gerät (HKLM\...\{F58934BD-F483-43EB-B307-CFFD88B18455}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{90F00673-A276-4A58-B675-B426D39D1E09}) (Version: 15.3.0.0398 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{781A93CD-1608-427D-B7F0-D05C07795B25}) (Version: 2.1.41.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{ECE5B218-A086-4E18-A362-D11181681457}) (Version: 15.03.1000.1637 - Intel Corporation)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
MFC RunTime files (x32 Version: 1.0.0 - Extensoft) Hidden
microKORG SoundEditor (HKLM-x32\...\{EB091860-8C2B-4E49-A543-666373C39E6F}) (Version: 1.00.0000 - KORG Inc.)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Mp3tag v2.52 (HKLM-x32\...\Mp3tag) (Version: v2.52 - Florian Heidenreich)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Native Instruments Guitar Rig 3 (HKLM-x32\...\Native Instruments Guitar Rig 3) (Version:  - Native Instruments)
Native Instruments Kore Player (HKLM-x32\...\Native Instruments Kore Player) (Version:  - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
Native Instruments Service Center (x32 Version: 2.0.6.001 - Native Instruments) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8942 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.8942 - NTI Corporation) Hidden
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-2178418379-3476598836-2058176853-1001\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-2178418379-3476598836-2058176853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
NVIDIA Grafiktreiber 268.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.00 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PlexTools Professional XL V3.16 (HKLM-x32\...\{91A1E62C-FC2F-482F-B1A0-DC2E461A78F8}) (Version: 3.16 - Plextor Europe)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PreSonus Studio One (HKLM-x32\...\PreSonus Studio One) (Version: 1.0.0.9920 - PreSonus Audio Electronics)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6339 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.00.37.00 - Samsung Electronics Co., Ltd.)
Samsung ML-331x Series (HKLM-x32\...\Samsung ML-331x Series) (Version:  - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version:  - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shockwave (HKLM-x32\...\Shockwave) (Version:  - )
SiSoftware Sandra Lite 2012.SP2 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 18.30.2012.2 - SiSoftware)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2178418379-3476598836-2058176853-1001\...\Spotify) (Version: 1.0.19.106.gb8a7150f - Spotify AB)
Spotify (HKU\S-1-5-21-2178418379-3476598836-2058176853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.19.106.gb8a7150f - Spotify AB)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Update Manager (x32 Version: 4.60 - Corel Corporation) Hidden
Virtual DJ - Atomix Productions (HKLM-x32\...\Virtual DJ - Atomix Productions) (Version:  - )
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
Wartung Samsung CLP-320 Series (HKLM-x32\...\Samsung CLP-320 Series) (Version:  - Samsung Electronics Co., Ltd.)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3503 - Acer Incorporated)
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.8500 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Me\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Me\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

11-11-2015 11:13:37 Windows Update
12-11-2015 13:07:56 Windows Update
17-11-2015 21:36:16 Windows Update
24-11-2015 18:40:02 Windows Update
28-11-2015 15:31:01 Windows Update
05-12-2015 21:24:00 Windows Update
11-12-2015 10:17:44 Windows Update
15-12-2015 10:59:38 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {086162F2-5858-48C1-BD5F-A7976E0015C5} - System32\Tasks\Acer Registration - Data Sending task => C:\Program Files (x86)\Acer\Registration\GREG.exe [2011-05-11] (Acer Incorporated)
Task: {326717C7-4CC3-4523-9002-37EC8635E412} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {38297AC1-827D-4C7D-853C-2FF727C6421D} - System32\Tasks\{57923386-3FDB-4E04-B1DB-380EFA50F088} => pcalua.exe -a C:\Users\Me\Documents\Installationsdateien\CoD4MWDemoSetup.exe -d C:\Users\Me\Documents\Installationsdateien
Task: {3B61D2C8-22FA-4CED-8EA6-85AC28FAE25F} - System32\Tasks\{EC933A02-CD51-404F-BC78-A7856995CDE8} => pcalua.exe -a C:\Users\Me\Desktop\tagesschau\tagesschau.exe -d C:\Users\Me\Desktop\tagesschau
Task: {48C623D7-76B6-4D1F-90C2-63918011B1E9} - System32\Tasks\AdobeAAMUpdater-1.0-AcerSpacer-Me => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {652C8149-6E4C-4982-A007-959771CF4FC6} - System32\Tasks\{D1E56D54-FA93-40F2-90B2-8F68032C65F5} => pcalua.exe -a "C:\Users\Me\Downloads\setup-s (1).exe" -d C:\Users\Me\Downloads
Task: {65886FC5-8685-4E98-9785-221399A111E9} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
Task: {A8DEA327-3473-4BD9-96E5-0C29DE9E2F92} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-05] (Google Inc.)
Task: {A9C26C9C-B804-4F53-8287-C08C5E0F7C32} - System32\Tasks\{5969B132-586D-4DD8-980F-CD2CE9845640} => pcalua.exe -a C:\Users\Me\Documents\Installationsdateien\setup-s.exe -d C:\Users\Me\Documents\Installationsdateien
Task: {C2B901F5-FDB7-4A3A-8D94-1A5F4D29B73F} - System32\Tasks\{85AD6E14-684F-42B3-800A-4A1EABA20952} => C:\Program Files (x86)\Rockstar Games\Grand Theft Auto San Andreas\gta_sa.exe
Task: {E3974E14-9860-4F3B-82D9-98C292583ACB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-05] (Google Inc.)
Task: {E3CB6400-C1D1-4616-B0DD-E5198052739B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2178418379-3476598836-2058176853-1001UA => C:\Users\Me\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-02-06] (Facebook Inc.)
Task: {F16A8623-DDE0-4722-8F67-DE3C18FFE9CB} - System32\Tasks\{B3D98F55-9B3D-4A7B-94F7-20D5D64413F5} => pcalua.exe -a "C:\Program Files (x86)\PreSonus\Studio One\Uninstall.exe"

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Acer Registration - Data Sending task.job => C:\Program Files (x86)\Acer\Registration\GREG.exe
Task: C:\Windows\Tasks\Adobe Acrobat Update Task.job => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2178418379-3476598836-2058176853-1001Core1d0c329f1d119cf.job => C:\Users\Me\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2178418379-3476598836-2058176853-1001Core.job => C:\Users\Me\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FaxApplications.exe_{8D039F13-5B94-4CA6-A51D-0F47230269FB}.job => C:\Program Files\HP\HP Officejet 6600\Bin\FaxApplications.exe
Task: C:\Windows\Tasks\FaxApplications.exe_{E3DBFF99-4498-4C12-B7B7-7EC45B2224AD}.job => C:\Program Files\HP\HP Officejet 6600\Bin\FaxApplications.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf908468f0b019.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cff2c0caf1902d.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d000312e749e04.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d043d6348a49c5.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08ee53281f273.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0c2fc8579143b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e7df67144f26.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0ffb93679ddb2.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d12f9a844419d4.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Officejet 6600.exe_{19EBB66B-7711-4B60-BE7F-10C16B609A03}.job => C:\Program Files\HP\HP Officejet 6600\Bin\HP Officejet 6600.exe
Task: C:\Windows\Tasks\HP Officejet 6600.exe_{D345B6CF-17F0-42CF-9AFE-2164D83AF0EA}.job => C:\Program Files\HP\HP Officejet 6600\Bin\HP Officejet 6600.exey-install -prfn HP Officejet 6600 (Netzwerk) -ePCUrl hxxps:/h30495.www3.hp.com
Task: C:\Windows\Tasks\ScanToPCActivationApp.exe_{60B8EE71-41FD-4300-8B8A-B881A2B68B48}.job => C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe
Task: C:\Windows\Tasks\ScanToPCActivationApp.exe_{62A726ED-2220-4F97-B3E8-D4FAEACF1892}.job => C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe
Task: C:\Windows\Tasks\Toolbox.exe_{06F55BDC-A003-453C-B2D8-468D53560386}.job => C:\Program Files\HP\HP Officejet 6600\Bin\Toolbox.exe
Task: C:\Windows\Tasks\Toolbox.exe_{ADE22C92-08BD-41D0-B47F-2447233E55B2}.job => C:\Program Files\HP\HP Officejet 6600\Bin\Toolbox.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-04-11 07:26 - 2011-04-11 05:26 - 00034304 _____ () C:\Windows\System32\spd__l.dll
2011-04-11 08:26 - 2011-04-11 06:26 - 00034304 _____ () C:\Windows\System32\spe__l.dll
2012-10-08 17:29 - 2010-09-14 19:31 - 00027648 _____ () C:\Windows\System32\ssi1mlm.dll
2012-06-24 17:45 - 2009-09-12 00:48 - 00027648 _____ () C:\Windows\System32\sst3cl6.dll
2015-02-13 03:20 - 2015-02-13 03:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 03:20 - 2015-02-13 03:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-08-12 10:01 - 2011-06-10 18:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-10-29 02:44 - 2010-10-29 02:44 - 00436224 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2010-10-29 02:45 - 2010-10-29 02:45 - 00050176 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2012-06-24 17:45 - 2010-06-08 03:15 - 00618496 _____ () C:\Windows\Samsung\PanelMgr\SSMMgr.exe
2012-06-24 17:45 - 2009-09-30 21:51 - 00306688 _____ () C:\Windows\Samsung\PanelMgr\caller64.exe
2010-03-23 12:26 - 2010-03-23 12:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2015-12-14 09:41 - 2015-10-31 01:59 - 00034768 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2015-12-14 09:42 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2015-12-14 09:42 - 2015-12-08 22:36 - 00022848 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\Crypto.Random.OSRNG.winrandom.pyd
2015-12-14 09:42 - 2015-12-08 22:36 - 00023352 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\Crypto.Util._counter.pyd
2015-12-14 09:42 - 2015-12-08 22:36 - 00042296 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\Crypto.Cipher._AES.pyd
2015-12-14 09:41 - 2015-10-31 01:59 - 00116688 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-14 09:41 - 2015-10-31 01:59 - 00093640 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-14 09:41 - 2015-10-31 01:59 - 00018376 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 00019760 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-14 09:41 - 2015-10-31 02:00 - 00105928 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\win32api.pyd
2015-12-14 09:41 - 2015-10-31 01:59 - 00392144 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-14 09:41 - 2015-12-08 22:36 - 00381752 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-14 09:41 - 2015-10-31 01:59 - 00692688 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2015-12-14 09:42 - 2015-12-08 22:36 - 00020816 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-14 09:41 - 2015-10-31 02:00 - 00109520 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2015-12-14 09:42 - 2015-12-08 22:36 - 01737032 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2015-12-14 09:42 - 2015-12-08 22:36 - 00020808 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 00020800 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 00021840 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-14 09:42 - 2015-12-08 22:36 - 00038696 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\fastpath.pyd
2015-12-14 09:41 - 2015-10-31 02:00 - 00024528 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-14 09:41 - 2015-10-31 02:00 - 00020936 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-14 09:41 - 2015-10-31 02:00 - 00114640 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 00021320 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-14 09:41 - 2015-10-31 02:00 - 00124880 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\win32file.pyd
2015-12-14 09:41 - 2015-10-31 02:00 - 00030160 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-14 09:41 - 2015-10-31 02:00 - 00043472 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-14 09:41 - 2015-10-31 02:00 - 00175560 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-14 09:41 - 2015-10-31 02:00 - 00028616 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-14 09:41 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-14 09:41 - 2015-10-31 02:00 - 00048592 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\win32service.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 00024392 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2015-12-14 09:42 - 2015-10-31 02:00 - 00036296 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\librsync.dll
2015-12-14 09:41 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\win32profile.pyd
2015-12-14 09:42 - 2015-12-08 22:36 - 00117056 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 00023376 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-14 09:41 - 2015-10-31 01:59 - 00134608 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2015-12-14 09:41 - 2015-10-31 01:59 - 00134088 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2015-12-14 09:42 - 2015-10-31 02:00 - 00240584 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2015-12-14 09:42 - 2015-12-08 22:36 - 00020280 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 00052024 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2015-12-14 09:42 - 2015-12-08 22:36 - 00021304 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\Crypto.Util.strxor.pyd
2015-12-14 09:41 - 2015-10-31 02:00 - 00350152 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2015-12-14 09:42 - 2015-12-08 22:36 - 00084792 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2015-12-14 09:41 - 2015-12-08 22:36 - 01826608 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-14 09:41 - 2015-10-31 02:00 - 00083912 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\sip.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 03891504 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 01950000 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 00519984 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 00133936 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 00225080 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 00207672 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 00024904 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 00486704 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2015-12-14 09:41 - 2015-12-08 22:36 - 00357680 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-11-10 15:59 - 2015-10-31 02:01 - 00019920 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-11-10 15:59 - 2015-10-31 02:00 - 00786904 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-11-10 15:59 - 2015-10-31 02:00 - 00063448 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-11-10 15:59 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\Me\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2014-10-19 15:57 - 2014-10-19 15:57 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\c152a64e30c5b94894d75ac86aa7aad2\IsdiInterop.ni.dll
2011-08-12 09:21 - 2011-04-30 08:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001\...\samsungsetup.com -> hxxp://www.samsungsetup.com
IE trusted site: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\samsungsetup.com -> hxxp://www.samsungsetup.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2178418379-3476598836-2058176853-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Me\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2178418379-3476598836-2058176853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Me\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: CVPND => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: Samsung UPD Service2 => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: vpnagent => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acrobat Assistant.lnk => C:\Windows\pss\Acrobat Assistant.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^vpngui.exe.lnk => C:\Windows\pss\vpngui.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Me^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeBridge => "C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe" -stealth
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AmazonMP3DownloaderHelper => C:\Users\Me\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: Facebook Update => "C:\Users\Me\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{DCD0764F-F2FC-4692-AC00-6182656DB809}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4C66A1DB-2E1D-4DA4-8163-41FAE4C345F5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3888A507-1516-4ED1-821E-977521D6B78C}] => (Allow) LPort=2869
FirewallRules: [{31121F76-DD69-40E4-89B8-C263E364B915}] => (Allow) LPort=1900
FirewallRules: [{70A03D02-C530-4568-B384-44A71E4A26EC}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{2440E1B4-BA41-497F-9494-B7F27A366469}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{67173983-B720-4561-AF65-65947C81FAAB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{6D6B4BDB-B341-4A3F-BF85-813B188DC103}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{4360E9A2-BFA1-432A-AFB1-62B19FD3C0D3}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{38FFF111-2DAD-4981-90A0-1B0118421BD1}] => (Allow) LPort=443
FirewallRules: [{160C3E5B-DB85-4FA4-97A3-2875CF0FBF03}] => (Allow) LPort=443
FirewallRules: [{1E0D1CED-7AD7-4D59-B361-F5E14E6BF74E}] => (Allow) LPort=37674
FirewallRules: [{29192E1F-78CC-44D0-9576-046FD15DE8EA}] => (Allow) LPort=37674
FirewallRules: [{99B8D328-88DF-4D6E-9EBD-EABA82ED446F}] => (Allow) LPort=37675
FirewallRules: [{795A84B9-50D4-4B58-BC2F-E29884FEAADA}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP2\RpcAgentSrv.exe
FirewallRules: [TCP Query User{D5804C4A-C2D7-4607-BA29-BCA2CEC218D7}C:\program files (x86)\microsoft games\age of empires ii\empires2.icd] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.icd
FirewallRules: [UDP Query User{09699E30-25FE-4306-B4C5-EB0F6EFBA167}C:\program files (x86)\microsoft games\age of empires ii\empires2.icd] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.icd
FirewallRules: [TCP Query User{F374A5D2-AF1A-4268-9D89-C341A8ADF458}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{E571176D-D47E-49CB-9485-850139E17D1F}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{3D5553C8-FE66-47DE-A076-A730CE242A95}C:\users\me\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\me\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{46D49C6B-3FDF-421D-A666-06090E41F997}C:\users\me\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\me\appdata\roaming\spotify\spotify.exe
FirewallRules: [{7E018D0B-CED7-4126-A45A-2FB6601F5682}] => (Allow) C:\Users\Me\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{64A268F0-8F39-4A18-B8E4-B21C0917DAF4}] => (Allow) C:\Users\Me\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CFFB08C9-A9DD-4816-A1CF-DCB77D8DDEDE}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{80A7E371-DD6F-4170-802B-985FFE01BAFB}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{3C93C68D-4DC2-4055-972D-624F9D393AF1}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{F42983D5-0B0C-4C10-8F5C-4F498F29438E}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{425F1686-DBD3-4A93-9F59-96CDB5C912EC}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{37D72E33-4981-472C-97B4-94318AA26551}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{B5C3E674-7877-480E-8B36-54DAFDE170FA}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{73A7DA66-F4E3-4EEA-83FF-82C61094F1E0}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{E680CBD5-D43F-4510-93B7-245CBE626240}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{205F534E-E7A0-4247-BDFD-C0E6BEDD9424}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [TCP Query User{FA7073B9-EF0C-4AE4-B848-84A76DBB7ECA}C:\users\me\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\me\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{3D2AFC18-BE25-49BB-B6D9-79BFC39D5400}C:\users\me\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\me\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{E112C2B9-F433-48C2-8C24-230CB996FBCC}C:\windows\splwow64.exe] => (Block) C:\windows\splwow64.exe
FirewallRules: [UDP Query User{E1CB6ED9-B098-4125-9F14-C91E441E396D}C:\windows\splwow64.exe] => (Block) C:\windows\splwow64.exe
FirewallRules: [{0AA077DD-22A6-4C3A-A1F5-15F057F44D9C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{C1A9DDF1-FE90-4EFB-9D17-1E90B639E4AE}C:\users\me\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\me\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{07844394-91E4-4056-B5BA-6D6145A5654F}C:\users\me\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\me\appdata\roaming\spotify\spotify.exe
FirewallRules: [{90A056AA-0019-45D6-935F-71C8B2FFF3B9}] => (Allow) C:\Windows\System32\SUPDSvc2.exe
FirewallRules: [{9EB972F2-02CA-4C34-A63B-171354E1EB15}] => (Allow) C:\Windows\System32\SUPDSvc2.exe
FirewallRules: [{25E9EC80-6F52-4349-AEBF-80B4A6A53B2C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CDE450C4-6767-4C24-AE73-E10B16EA6E68}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CA8287CC-F330-4441-8C9B-D39329864AC4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{367FD1AF-3521-4EBD-9E6B-435BDFB387AB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8C79C8C1-7085-4B5D-B415-187A0223B334}] => (Allow) C:\Users\Me\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [TCP Query User{DA11D6E3-6C63-4E59-A5A4-3EDEB777FDAE}C:\windows\system32\dllhost.exe] => (Allow) C:\windows\system32\dllhost.exe
FirewallRules: [UDP Query User{B1F63E92-7420-4FD8-9549-30E310F80EB1}C:\windows\system32\dllhost.exe] => (Allow) C:\windows\system32\dllhost.exe
FirewallRules: [{7700038E-56C2-47B2-8E25-E527D66A330F}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\FaxApplications.exe
FirewallRules: [{875F4F42-1685-4331-9591-32497764C4E5}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\DigitalWizards.exe
FirewallRules: [{DD52F433-134C-4415-9394-DF4564F791B0}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\SendAFax.exe
FirewallRules: [{6F3825C4-B056-45A8-A5B1-37CADE4B7A7B}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\DeviceSetup.exe
FirewallRules: [{83A87DA7-54C9-4A3F-A14C-064660972A54}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{051AAC93-AC75-401C-884F-47C383F6AA25}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{7639DE8C-0A9C-422A-B748-40B6C1471CAB}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP2\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{79299A60-CCF0-41CC-A6FA-353418BCA514}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3E03380C-BDD0-4411-BB49-268CBC38AC82}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{06974650-A452-450C-8F01-494D9794FFAF}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{F0875E1C-815F-484A-8857-DA9D751F0795}C:\users\me\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light] => (Allow) C:\users\me\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light
FirewallRules: [UDP Query User{4B8F5162-10FF-44D9-A08F-6894F21FEEBA}C:\users\me\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light] => (Allow) C:\users\me\appdata\local\temp\jivexviewer\jre\bin\jivex[dv] light
FirewallRules: [{824B8C3D-8CE3-4FCA-9278-EB95275A4B67}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7F8E4A9A-CC59-4073-81E7-FA2DDC8CDE02}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8F422EE3-D484-47D7-B99E-B48E13C02550}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/17/2015 07:04:34 PM) (Source: ESENT) (EventID: 454) (User: )
Description: DllHost (4532) WebCacheLocal: Bei Datenbankwiederherstellung trat ein unerwarteter Fehler -501 auf.

Error: (12/17/2015 07:04:34 PM) (Source: ESENT) (EventID: 465) (User: )
Description: DllHost (4532) WebCacheLocal: Während des Soft Recovery-Vorgangs wurde eine Beschädigung von Protokolldatei C:\Users\Me\AppData\Local\Microsoft\Windows\WebCache\V01.log festgestellt. Der Datensatz mit der fehlerhaften Prüfsumme befindet sich an Position END. Daten, die nicht mit dem Füllmuster der Protokolldatei übereinstimmen, traten zuerst in Sektor 117 (0x00000075) auf. Diese Protokolldatei wurde beschädigt und ist unbrauchbar.

Error: (12/17/2015 07:04:34 PM) (Source: ESENT) (EventID: 465) (User: )
Description: DllHost (4532) WebCacheLocal: Während des Soft Recovery-Vorgangs wurde eine Beschädigung von Protokolldatei C:\Users\Me\AppData\Local\Microsoft\Windows\WebCache\V01.log festgestellt. Der Datensatz mit der fehlerhaften Prüfsumme befindet sich an Position END. Daten, die nicht mit dem Füllmuster der Protokolldatei übereinstimmen, traten zuerst in Sektor 117 (0x00000075) auf. Diese Protokolldatei wurde beschädigt und ist unbrauchbar.

Error: (12/17/2015 07:04:34 PM) (Source: ESENT) (EventID: 465) (User: )
Description: DllHost (4532) WebCacheLocal: Während des Soft Recovery-Vorgangs wurde eine Beschädigung von Protokolldatei C:\Users\Me\AppData\Local\Microsoft\Windows\WebCache\V01.log festgestellt. Der Datensatz mit der fehlerhaften Prüfsumme befindet sich an Position END. Daten, die nicht mit dem Füllmuster der Protokolldatei übereinstimmen, traten zuerst in Sektor 117 (0x00000075) auf. Diese Protokolldatei wurde beschädigt und ist unbrauchbar.

Error: (12/17/2015 07:04:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/17/2015 07:01:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 2.3.125.0, Zeitstempel: 0x5612a56b
Name des fehlerhaften Moduls: mbam.exe, Version: 2.3.125.0, Zeitstempel: 0x5612a56b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001e7740
ID des fehlerhaften Prozesses: 0x1654
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (12/17/2015 06:56:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/17/2015 04:11:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/16/2015 06:11:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/16/2015 03:56:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (12/17/2015 08:56:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: 
%%126

Error: (12/17/2015 08:56:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: 
%%126

Error: (12/17/2015 08:56:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: 
%%126

Error: (12/17/2015 08:56:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: 
%%126

Error: (12/17/2015 08:56:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: 
%%126

Error: (12/17/2015 08:56:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: 
%%126

Error: (12/17/2015 08:56:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: 
%%126

Error: (12/17/2015 08:56:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: 
%%126

Error: (12/17/2015 08:56:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: 
%%126

Error: (12/17/2015 08:56:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet: 
%%126


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 8043.86 MB
Verfügbarer physikalischer RAM: 5232.3 MB
Summe virtueller Speicher: 16085.93 MB
Verfügbarer virtueller Speicher: 12935.3 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:680.54 GB) (Free:430.07 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: FE7DFCF5)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=680.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 17.12.2015, 21:26   #8
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
web.de versendet Spam mit meinem Absender - Standard

web.de versendet Spam mit meinem Absender



Jetzt bitte Suchscan durchführen:

Schritt 1

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 18.12.2015, 19:24   #9
George900
 
web.de versendet Spam mit meinem Absender - Standard

web.de versendet Spam mit meinem Absender



hi, hier die Logdatei:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=57adda33a04e644fadd474c0c01d2556
# end=init
# utc_time=2015-12-18 01:42:19
# local_time=2015-12-18 02:42:19 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 27260
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=57adda33a04e644fadd474c0c01d2556
# end=updated
# utc_time=2015-12-18 01:48:44
# local_time=2015-12-18 02:48:44 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=57adda33a04e644fadd474c0c01d2556
# engine=27260
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-18 06:08:29
# local_time=2015-12-18 07:08:29 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 288457 202091959 0 0
# scanned=296989
# found=4
# cleaned=0
# scan_time=15584
sh=250AD920C538EBAC63102E368FB642EE33AD0593 ft=1 fh=8e020e8f8829bf65 vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Me\Documents\Installationsdateien\FreeYouTubeToMP3Converter_3.11.17.exe"
sh=1C971C46B6F17007D76D0B9F06F7A0232A87A28C ft=1 fh=bd5ec1d96ff4196e vn="Win32/SoftonicDownloader.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Me\Documents\Installationsdateien\SoftonicDownloader_fuer_tagesschau-bildschirmschoner.exe"
sh=08997CC3C7BBB513847F6B768B4D80AEDFC9425E ft=1 fh=a3418631f3b480a4 vn="Win32/SoftonicDownloader.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Me\Documents\Installationsdateien\SoftonicDownloader_fuer_zdf-heute-bildschirmschoner.exe"
sh=B47CD2A67D44C5E2CCC6E37BB9A761E666D54976 ft=1 fh=c4e942f4afa06765 vn="Variante von Win32/Downloader.JooSoft.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Me\Documents\Installationsdateien\vlc-1.1.11-win32.exe"
         

Alt 18.12.2015, 20:04   #10
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
web.de versendet Spam mit meinem Absender - Standard

web.de versendet Spam mit meinem Absender



Die Funde von ESET sind alle irrelevant.

Schritt 1



Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:
Code:
ATTFilter
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
Winsock: Catalog5 10 C:\Windows\system32\tnns5j20y.dll Keine Datei 
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
C:\Windows\system32\pouaned1t.dll 
C:\ProgramData\qjaxlkio.dss
EmptyTemp:
         
Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet.
  • Starte FRST und drücke auf den Entfernen-Button.
  • Das Tool erstellt eine "Fixlog.txt" -Datei.
  • Poste mir bitte deren Inhalt.

Java 8 Update 40 bitte deinstallieren und mit der aktuellen Version bei Bedarf ersetzen.
Flash für den IE ebenfalls updaten.




Wir haben es geschafft!
Die Logs sehen für mich im Moment sauber aus.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.
Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen.




Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.



Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken (z.B. hier) in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.

Meine Kauf-Empfehlung:


ESET Smart Security

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware scannen.

Optional:
NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 19.12.2015, 16:57   #11
George900
 
web.de versendet Spam mit meinem Absender - Standard

web.de versendet Spam mit meinem Absender



Vielen, Vielen Dank hier noch die Logdatei:

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-12-2015
durchgeführt von Me (2015-12-19 16:32:25) Run:1
Gestartet von C:\Users\Me\Desktop
Geladene Profile: UpdatusUser & Me (Verfügbare Profile: UpdatusUser & Me)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
Winsock: Catalog5 10 C:\Windows\system32\tnns5j20y.dll Keine Datei 
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2178418379-3476598836-2058176853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
C:\Windows\system32\pouaned1t.dll 
C:\ProgramData\qjaxlkio.dss
EmptyTemp:
*****************

Prozess erfolgreich geschlossen.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000010" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich wiederhergestellt
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Schlüssel nicht gefunden. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich wiederhergestellt
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Schlüssel erfolgreich entfernt
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Schlüssel nicht gefunden. 
HKU\S-1-5-21-2178418379-3476598836-2058176853-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich entfernt
HKU\S-1-5-21-2178418379-3476598836-2058176853-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert nicht gefunden.
"C:\Windows\system32\pouaned1t.dll" => nicht gefunden.
C:\ProgramData\qjaxlkio.dss => erfolgreich verschoben
EmptyTemp: => 1016.6 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 16:36:20 ====
         


noch ne Frage: war jetzt eine Schadsoftware drauf, die das mit den Mails ausgelöst haben könnte?

Alt 19.12.2015, 17:13   #12
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
web.de versendet Spam mit meinem Absender - Standard

web.de versendet Spam mit meinem Absender



Nein, meiner Meinung nach nicht.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 28.12.2015, 10:44   #13
George900
 
web.de versendet Spam mit meinem Absender - Standard

web.de versendet Spam mit meinem Absender



Hi, jetzt wurden wieder Spam mails von dem Account verschickt. Als ich beim Web.de Support angerufen hab sagte man meine Kontaktdaten Stimmen nich überein. Habe auch keinen Zugriff. Mehr auf mein Web.de konto. (PW und Daten von extern geändert?) Soll ich den PC mal platt machen? Oder ist es wahrscheinlicher dass der PC sauber ist und einfach mein Mail Account gehackt wurde?

Alt 28.12.2015, 17:54   #14
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
web.de versendet Spam mit meinem Absender - Standard

web.de versendet Spam mit meinem Absender



Naja, web.de wird doch sicher die Login-Daten (IP) protokollieren? Bei anderen Anbietern wird man ja auch sofort benachrichtigt, wenn suspekte Anmeldungen stattgefunden haben.
Da würde ich mal nachfragen.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Antwort

Themen zu web.de versendet Spam mit meinem Absender
absender, alle kontakte, andere, avira, freund, funde, geändert, hallo zusammen, iphone, kontakte, laufe, laufen, mails, meinem, passwort, passwort geändert, spam, spam mails, spam mails von meiner adresse verschickt, spoofing, troja, versendet, web.de, windows, woche, zusammen



Ähnliche Themen: web.de versendet Spam mit meinem Absender


  1. Spam von meinem Arcor Account versendet
    Plagegeister aller Art und deren Bekämpfung - 07.11.2015 (28)
  2. Kontakte aus meinem Yahoo Adressbuch erhalten Spam-Emails von meinem Account
    Plagegeister aller Art und deren Bekämpfung - 23.06.2014 (11)
  3. Yahoo versendet Spam Mails mit meinem Mail-Konto
    Log-Analyse und Auswertung - 09.06.2014 (15)
  4. Spam E-Mails mit ständig neuem Absender und Betreff
    Überwachung, Datenschutz und Spam - 07.05.2014 (2)
  5. Wird von meinem PC SPAM versendet oder nicht?
    Plagegeister aller Art und deren Bekämpfung - 30.04.2014 (9)
  6. SPAM MAILS vom gleichen Provider aber unterschiedlichen Absender Adressen - daher keine Möglichkeit Absender zu sperren
    Log-Analyse und Auswertung - 08.08.2013 (3)
  7. GMX versendet Spam-E-Mails unter meinen Namen an Leute aus meinem Adressbuch!
    Plagegeister aller Art und deren Bekämpfung - 24.03.2013 (11)
  8. Bekomme spam , der Absender ist der Name eines Kollegen, aber nicht von ihm...
    Diskussionsforum - 16.09.2012 (7)
  9. Freunde haben Spammail mit meinem Absender erhalten (Offer.Bundler.ST und TR/Crypt.XPACK.Gen 2)
    Plagegeister aller Art und deren Bekämpfung - 25.06.2012 (36)
  10. seltsame Mails mit meinem gmx Absender werden versendet
    Plagegeister aller Art und deren Bekämpfung - 18.06.2012 (1)
  11. Yahoo-Mail-Account versendet Spam-Mails an Kontakte aus meinem Adressbuch
    Plagegeister aller Art und deren Bekämpfung - 24.03.2012 (3)
  12. Hotmail (MSN) versendet SPAM-Mails in meinem Namen
    Plagegeister aller Art und deren Bekämpfung - 03.03.2012 (1)
  13. spam-mail über mein web.de-account versendet, spam-mail auch im gesendet Ordner
    Log-Analyse und Auswertung - 16.11.2011 (3)
  14. "Jemand" hat E-Mail mit meinem Absender an meine Kontakte verschickt
    Log-Analyse und Auswertung - 03.11.2011 (8)
  15. PC versendet Spam
    Mülltonne - 15.08.2011 (7)
  16. AOL hat Spam von meinem Account aus versendet
    Log-Analyse und Auswertung - 20.04.2011 (2)
  17. Wurm-Mail mit meinem Absender!?
    Plagegeister aller Art und deren Bekämpfung - 28.10.2003 (2)

Zum Thema web.de versendet Spam mit meinem Absender - Hallo zusammen, Web.de hat Spam Mails an alle Kontakte mit meinem Absender versendet. Habe daraufhin das Passwort geändert und Avira ohne Funde drüber laufen lassen. Nun habe ich eine Woche - web.de versendet Spam mit meinem Absender...
Archiv
Du betrachtest: web.de versendet Spam mit meinem Absender auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.