Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Firefox und IE starten selbständig/automatisch

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 24.03.2016, 15:27   #1
Foxbecks
 
Firefox und IE starten selbständig/automatisch - Standard

Firefox und IE starten selbständig/automatisch



Hallo,

seit einigen Tagen öffnen sich sowohl Firefox als auch IE selbständig mit folgenden Seiten:
techbrowsing.com/?from=land (FF)
serengetiwatch.com (IE)
lookmagazine.us (IE)

Beide Browser habe ich inzwischen jeweils 2-mal bereinigt/restauriert. Danach dauert der automatische Aufruf zwar länger, aber ist immer noch vorhanden.

FRST liess ich in der Mittagspause durchlaufen, hier die logfiles.
(McAfee Total Protection lädt leider nicht das Protokoll-Auswahlmenü. Malwarebytes Anti-Malware ergab gestern abend keine Funde.)


FRST.txt

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von MCS (Administrator) auf PC (24-03-2016 11:42:16)
Gestartet von C:\Users\LM2\Desktop
Geladene Profile: MCS & LM2 (Verfügbare Profile: MCS & LM2 & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\af_proxy_cmd.exe
() C:\Program Files (x86)\Hotspot Shield\bin\openvpn.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\FBWMgr.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\FBW.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\FBW.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\FBW.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSM\McSmtFwk.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\mcods.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-12] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [629280 2009-08-18] ()
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [415232 2009-07-14] (Microsoft Corporation)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] fastprox.dll <==== ACHTUNG
HKU\S-1-5-21-824321664-1275631822-800070043-1000\...409d6c4515e9\InprocServer32: [Default-shell32] C:\$Recycle.Bin\S-1-5-21-824321664-1275631822-800070043-1000\$54f8f72ba65529b5ed394e17c104c399\n. ACHTUNG
HKU\S-1-5-21-824321664-1275631822-800070043-1002\...\MountPoints2: {02034be8-51e2-11e3-a7e7-404e57434402} - F:\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.9B05 PID_0083
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-09-10] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll [2009-09-10] (Egis Technology Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-03-20]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\MCS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk [2016-03-20]
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

ProxyEnable: [S-1-5-21-824321664-1275631822-800070043-1000] => Proxy ist aktiviert.
ProxyServer: [S-1-5-21-824321664-1275631822-800070043-1000] => http=127.0.0.1:8555;https=127.0.0.1:8555
ProxyEnable: [S-1-5-21-824321664-1275631822-800070043-1002] => Proxy ist aktiviert.
ProxyServer: [S-1-5-21-824321664-1275631822-800070043-1002] => http=127.0.0.1:8555;https=127.0.0.1:8555
Hosts: 0.0.0.1	mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{5A4F0A5F-8EA0-44EA-AF9A-AB6E3FBD2D6E}: [DhcpNameServer] 192.168.178.20
Tcpip\..\Interfaces\{B8318698-19AD-41CA-A0B6-3601D211BC45}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{D0016FAC-39B6-489E-8450-F19811AFBB3B}: [DhcpNameServer] 192.168.1.250

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x1301&r=17360410ln07974080f85bh451l364
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x1301&r=17360410ln07974080f85bh451l364
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x1301&r=17360410ln07974080f85bh451l364
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x1301&r=17360410ln07974080f85bh451l364
HKU\S-1-5-21-824321664-1275631822-800070043-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.us.com/?guid={B9D4FB9C-78E2-4FB7-9FDC-67E665BE2937}&serpv=17
HKU\S-1-5-21-824321664-1275631822-800070043-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://search.us.com/?guid={B9D4FB9C-78E2-4FB7-9FDC-67E665BE2937}&serpv=17
URLSearchHook: HKLM-x32 - (Kein Name) - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - Keine Datei
URLSearchHook: HKU\S-1-5-21-824321664-1275631822-800070043-1000 - (Kein Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - Keine Datei
URLSearchHook: HKU\S-1-5-21-824321664-1275631822-800070043-1000 - (Kein Name) - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - Keine Datei
URLSearchHook: HKU\S-1-5-21-824321664-1275631822-800070043-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-824321664-1275631822-800070043-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-824321664-1275631822-800070043-1002 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-824321664-1275631822-800070043-1002 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-824321664-1275631822-800070043-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-824321664-1275631822-800070043-1002 -> DefaultScope {3835E609-A8CF-4825-B229-926AA9A4A2BB} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-824321664-1275631822-800070043-1002 -> {3835E609-A8CF-4825-B229-926AA9A4A2BB} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL => Keine Datei
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-04] (Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2012-01-17] (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-04] (Oracle Corporation)
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\Program Files\McAfee\MSK\mskapbho.dll [2011-03-11] ()
BHO-x32: Kein Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-04] (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2012-01-17] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-04] (Oracle Corporation)
BHO-x32: Freemake.YoutubeButton -> {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2012-01-17] (McAfee, Inc.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2012-01-17] (McAfee, Inc.)
Toolbar: HKU\S-1-5-21-824321664-1275631822-800070043-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2012-01-17] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2012-01-17] (McAfee, Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2012-01-17] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2012-01-17] (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2014-04-25] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2014-04-25] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\MCS\AppData\Roaming\Mozilla\Firefox\Profiles\j44goa5s.default
FF Homepage: hxxps://www.malwarebytes.org/restorebrowser//home?affID=121562
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-14] ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\system32\npDeployJava1.dll [2012-09-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-04] (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2014-04-25] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-04] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2014-04-25] ()
FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\npmvtplugin.dll [2012-05-22] (McAfee, Inc.)
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll [2012-01-17] (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll [2012-03-29] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2013-11-06] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-824321664-1275631822-800070043-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\LM2\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-23] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\MCS\AppData\Roaming\Mozilla\Firefox\Profiles\j44goa5s.default\user.js [2016-03-21]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2010-01-13] (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\MCS\AppData\Roaming\Mozilla\Firefox\Profiles\j44goa5s.default\searchplugins\{7E5616B6-81F9-4339-ADD2-E2F3741ACB85}.xml [2012-12-19]
FF SearchPlugin: C:\Users\MCS\AppData\Roaming\Mozilla\Firefox\Profiles\j44goa5s.default\searchplugins\{9617F2CC-FCFD-44CB-9546-B139B9FD1073}.xml [2012-12-19]
FF SearchPlugin: C:\Users\MCS\AppData\Roaming\Mozilla\Firefox\Profiles\j44goa5s.default\searchplugins\{E48AE8DD-B500-4218-BF0C-415C948569E4}.xml [2012-12-19]
FF Extension: Block LinkBucks - C:\Users\MCS\AppData\Roaming\Mozilla\Firefox\Profiles\j44goa5s.default\Extensions\dgs229@nyu.edu.xpi [2013-01-15] [ist nicht signiert]
FF Extension: Ghostery - C:\Users\MCS\AppData\Roaming\Mozilla\Firefox\Profiles\j44goa5s.default\Extensions\firefox@ghostery.com [2013-05-02] [ist nicht signiert]
FF Extension: JavaScript Deobfuscator - C:\Users\MCS\AppData\Roaming\Mozilla\Firefox\Profiles\j44goa5s.default\Extensions\jsdeobfuscator@adblockplus.org.xpi [2012-12-19] [ist nicht signiert]
FF Extension: Proxilla Glype Proxy Client - C:\Users\MCS\AppData\Roaming\Mozilla\Firefox\Profiles\j44goa5s.default\Extensions\proxilla@kevin.godell.xpi [2012-12-19] [ist nicht signiert]
FF Extension: BetterPrivacy - C:\Users\MCS\AppData\Roaming\Mozilla\Firefox\Profiles\j44goa5s.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2012-12-19] [ist nicht signiert]
FF Extension: Bitdefender QuickScan - C:\Users\MCS\AppData\Roaming\Mozilla\Firefox\Profiles\j44goa5s.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2013-05-02] [ist nicht signiert]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2016-03-20] [ist nicht signiert]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01] [ist nicht signiert]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-16] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-05-02] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com [2013-06-28] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2013-06-28] [ist nicht signiert]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-03-21] [ist nicht signiert]
FF HKU\S-1-5-21-824321664-1275631822-800070043-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] [ist nicht signiert]

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://google.de/"
CHR DefaultSearchKeyword: Default -> google.com_
CHR Profile: C:\Users\MCS\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Freemake Video Downloader) - C:\Users\MCS\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf [2014-10-12]
CHR Extension: (Freemake Youtube Download Button) - C:\Users\MCS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh [2014-10-12]
CHR Extension: (Skype) - C:\Users\MCS\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-03-20]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\MCS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-03-20]
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-06-28]
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2013-06-28]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2012-01-30]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 0170861458800587mcinstcleanup; C:\Windows\TEMP\017086~1.EXE [836168 2014-03-13] (McAfee, Inc.)
S3 becldr3Service; C:\Program Files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [176128 2011-04-19] () [Datei ist nicht signiert]
S4 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2013-09-09] (Research In Motion Limited) [Datei ist nicht signiert]
S4 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
S4 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [625184 2009-04-19] ()
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-10-08] (Freemake) [Datei ist nicht signiert]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-08-26] (Ellora Assets Corp.) [Datei ist nicht signiert]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2442368 2016-02-17] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [103176 2016-02-17] ()
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.292\McCHSvc.exe [293128 2016-02-05] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [603424 2014-10-08] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (Egis Technology Inc.)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [9728 2010-03-22] (Deutsche Telekom AG) [Datei ist nicht signiert]
R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [63488 2010-03-11] (Nalpeiron Ltd.) [Datei ist nicht signiert]
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [207904 2009-04-19] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [583640 2010-08-05] (PC Tools)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2009-06-10] (AVM GmbH)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FXUSBASE; C:\Windows\System32\DRIVERS\fxusbase.sys [694272 2009-06-10] (AVM Berlin)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [37392 2008-09-26] (Paragon Software Group)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-21] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
S3 mferkdk; C:\Windows\System32\drivers\mferkdk.sys [40904 2010-02-17] (McAfee, Inc.)
S3 mfesmfk; C:\Windows\System32\drivers\mfesmfk.sys [49480 2010-02-17] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R1 MPFP; C:\Windows\System32\Drivers\Mpfp.sys [176144 2009-04-09] (McAfee, Inc.)
S3 nmwcdcx64; C:\Windows\System32\drivers\ccdcmbox64.sys [23552 2008-05-02] (Nokia)
S3 nmwcdx64; C:\Windows\System32\drivers\nmwcdx64.sys [173056 2007-06-28] (Nokia)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-06-27] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-03-19] (Anchorfree Inc.)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [45320 2008-09-26] (Windows (R) 2000 DDK provider)
S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerfltx64.sys [8704 2008-05-02] (Windows (R) Codename Longhorn DDK provider)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltx64j.sys [8704 2008-05-02] (Windows (R) Codename Longhorn DDK provider)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-24 11:42 - 2016-03-24 11:45 - 00033224 _____ C:\Users\LM2\Desktop\FRST.txt
2016-03-24 11:40 - 2016-03-24 11:42 - 00000000 ____D C:\FRST
2016-03-24 11:37 - 2016-03-24 11:38 - 02374144 _____ (Farbar) C:\Users\LM2\Desktop\FRST64.exe
2016-03-24 07:23 - 2016-03-24 07:23 - 00000000 ____D C:\Program Files\Common Files\AV
2016-03-24 07:21 - 2016-03-24 07:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-03-22 08:45 - 2016-03-22 08:48 - 00000000 ____D C:\home2
2016-03-22 08:27 - 2016-03-22 08:27 - 01190608 _____ (Adobe Systems Incorporated) C:\Users\MCS\Downloads\flashplayer21_d_install.exe
2016-03-22 08:26 - 2016-03-22 08:26 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-22 08:26 - 2016-03-22 08:26 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-03-22 08:22 - 2016-03-22 08:23 - 43359192 _____ C:\Users\LM2\Downloads\FirefoxSetup45.0.1.exe
2016-03-21 19:02 - 2016-03-21 19:02 - 00287976 _____ C:\Windows\Minidump\032116-18189-01.dmp
2016-03-21 18:25 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2016-03-21 14:41 - 2016-03-21 17:13 - 00000000 ____D C:\AdwCleaner
2016-03-21 14:39 - 2016-03-21 14:39 - 01529344 _____ C:\Users\LM2\Downloads\adwcleaner_5.103.exe
2016-03-21 09:28 - 2016-03-21 09:31 - 00000000 ____D C:\Users\MCS\Documents\Neuer Ordner (3)
2016-03-21 09:08 - 2016-03-21 09:08 - 00000000 ____D C:\Users\LM2\Documents\PDF Files
2016-03-21 08:09 - 2016-03-21 08:09 - 00000000 ____D C:\Users\MCS\AppData\Local\CEF
2016-03-21 07:39 - 2016-03-21 07:39 - 00000000 ____D C:\Users\MCS\Documents\PDF Files
2016-03-21 07:15 - 2016-03-21 07:15 - 00000000 ____D C:\ProgramData\eXPert PDF 5
2016-03-20 22:14 - 2016-03-20 22:14 - 00001028 _____ C:\Users\Public\Desktop\eXPert PDF Creator.lnk
2016-03-20 22:14 - 2016-03-20 22:14 - 00001023 _____ C:\Users\Public\Desktop\eXPert PDF Editor.lnk
2016-03-20 22:14 - 2016-03-20 22:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF eXPerte 5
2016-03-20 22:14 - 2005-06-02 12:40 - 00014336 _____ C:\Windows\SysWOW64\vsmon1.dll
2016-03-20 22:13 - 2016-03-20 22:13 - 00000000 ____D C:\Windows\My Documents
2016-03-20 22:13 - 2016-03-20 22:13 - 00000000 ____D C:\ProgramData\eXPert PDF Jobs
2016-03-20 22:13 - 2016-03-20 22:13 - 00000000 ____D C:\ProgramData\eXPert PDF
2016-03-20 22:13 - 2016-03-20 22:13 - 00000000 ____D C:\Program Files (x86)\Visagesoft
2016-03-20 22:12 - 2016-03-20 22:12 - 00000000 ____D C:\Program Files (x86)\BVRP Software
2016-03-20 22:11 - 2016-03-20 22:11 - 00000000 ____D C:\ProgramData\BVRP Software
2016-03-20 22:09 - 2016-03-20 22:09 - 00002368 _____ C:\Users\Public\Desktop\Paragon Festplatten Manager 8.5 .lnk
2016-03-20 22:09 - 2016-03-20 22:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Festplatten Manager 8.5
2016-03-20 22:09 - 2008-09-26 18:06 - 00037392 _____ (Paragon Software Group) C:\Windows\system32\Drivers\hotcore3.sys
2016-03-20 22:07 - 2016-03-20 22:07 - 00000000 ____D C:\Program Files (x86)\Paragon Software
2016-03-20 21:57 - 2016-03-20 21:57 - 00000978 _____ C:\Users\Public\Desktop\WinSysClean 2009.lnk
2016-03-20 21:57 - 2016-03-20 21:57 - 00000000 __HDC C:\ProgramData\{8C2CFCEE-B9B7-4A60-B6C4-37DA5AA7BAD4}
2016-03-20 21:57 - 2016-03-20 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSysClean
2016-03-20 21:57 - 2016-03-20 21:57 - 00000000 ____D C:\Program Files (x86)\WinSysClean 2009
2016-03-20 19:56 - 2016-03-22 08:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-20 16:44 - 2016-03-20 16:44 - 00001063 _____ C:\Windows\explorer - Verknüpfung.lnk
2016-03-20 15:44 - 2016-03-20 15:44 - 00000000 ____D C:\Users\MCS\AppData\Local\CrashRpt
2016-03-20 15:39 - 2016-03-20 15:39 - 00000000 ___HD C:\MyWinLockerData
2016-03-20 15:08 - 2016-03-20 15:08 - 00000000 ____D C:\Users\LM2\Desktop\McAfee
2016-03-20 15:02 - 2016-03-22 08:57 - 00000000 ____D C:\Users\LM2\Desktop\Desktop2
2016-03-20 13:53 - 2016-03-20 13:53 - 00000000 ____D C:\Users\LM2\AppData\Local\CEF
2016-03-20 13:50 - 2016-03-20 15:45 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-20 13:50 - 2016-03-20 15:44 - 00002051 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-03-20 13:43 - 2016-03-20 13:43 - 00000000 ____D C:\Users\LM2\AppData\Local\CrashRpt
2016-03-19 23:50 - 2016-03-24 07:16 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-03-19 23:06 - 2016-03-21 17:15 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-19 23:06 - 2016-03-20 15:44 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-03-19 23:06 - 2016-03-19 23:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-03-19 23:05 - 2016-03-19 23:43 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-03-19 23:05 - 2016-03-19 23:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-03-19 23:05 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-03-19 23:05 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-03-19 23:05 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-03-19 23:01 - 2016-03-19 23:01 - 22851472 _____ (Malwarebytes ) C:\Users\LM2\Downloads\mbam-setup-2.2.1.1043.exe
2016-03-19 22:53 - 2016-03-19 22:53 - 00985600 _____ C:\Users\LM2\Downloads\MicrosoftFixit50123.msi
2016-03-19 22:49 - 2016-03-19 22:49 - 00302011 _____ C:\Users\LM2\Downloads\WindowsUpdateDiagnostic.diagcab
2016-03-19 22:23 - 2016-03-19 22:23 - 00005618 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-03-19 22:21 - 2016-03-19 23:48 - 00000000 ____D C:\inetpub
2016-03-19 21:30 - 2016-03-19 21:30 - 00000000 ____D C:\ProgramData\OO Software
2016-03-19 21:18 - 2016-03-20 21:51 - 00000000 ____D C:\Anwendungen
2016-03-19 21:11 - 2016-03-19 21:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-24 11:19 - 2010-05-14 02:31 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-24 11:09 - 2012-04-05 11:28 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-24 10:00 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing
2016-03-24 09:29 - 2010-04-22 15:16 - 00000000 ____D C:\ProgramData\TEMP
2016-03-24 07:23 - 2010-09-16 15:08 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-03-24 07:23 - 2009-10-17 03:24 - 00000000 ____D C:\ProgramData\McAfee
2016-03-24 07:23 - 2009-10-17 03:24 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-03-24 07:23 - 2009-07-14 06:13 - 00005844 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-24 07:23 - 2009-07-14 05:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-24 07:23 - 2009-07-14 05:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-24 07:23 - 2006-10-10 09:57 - 08372490 _____ C:\Windows\system32\perfh007.dat
2016-03-24 07:23 - 2006-10-10 09:57 - 02534062 _____ C:\Windows\system32\perfc007.dat
2016-03-24 07:17 - 2010-05-14 02:31 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-24 07:16 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-24 07:16 - 2006-10-10 00:12 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-23 17:41 - 2010-05-20 18:22 - 00000494 ____H C:\Windows\Tasks\Norton Security Scan for MCS.job
2016-03-23 08:09 - 2012-04-14 12:09 - 19910848 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-03-22 19:00 - 2011-03-15 23:30 - 00000262 _____ C:\Windows\Tasks\RMSchedule.job
2016-03-22 08:28 - 2010-04-19 13:05 - 00000000 ____D C:\Users\MCS\AppData\Local\Mozilla
2016-03-22 08:25 - 2012-05-03 18:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-21 19:02 - 2013-12-17 17:35 - 449743870 _____ C:\Windows\MEMORY.DMP
2016-03-21 19:02 - 2010-11-12 20:29 - 00000000 ____D C:\Windows\MiniDump
2016-03-21 14:39 - 2015-01-17 22:17 - 00000000 ____D C:\Users\LM2\dwhelper
2016-03-21 14:17 - 2010-12-22 15:26 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-03-21 11:32 - 2015-06-12 08:29 - 00000691 _____ C:\Windows\wininit.ini
2016-03-21 11:14 - 2010-10-21 16:49 - 00007621 _____ C:\Users\MCS\AppData\Local\Resmon.ResmonCfg
2016-03-21 09:55 - 2015-03-30 14:55 - 00000000 ____D C:\Users\MCS\Documents\Neuer Ordner (2)
2016-03-21 09:39 - 2010-06-25 21:12 - 00000000 ___RD C:\Users\MCS\Documents\Scanned Documents
2016-03-21 09:38 - 2010-08-23 15:03 - 00000000 ___RD C:\Users\MCS\Desktop\Desk
2016-03-21 09:08 - 2013-05-02 13:26 - 00000000 ____D C:\Users\LM2
2016-03-21 08:50 - 2010-11-29 01:28 - 00000000 ____D C:\TEMP
2016-03-21 08:48 - 2011-12-11 20:23 - 00000000 ____D C:\Users\Gast
2016-03-21 08:39 - 2014-12-29 04:53 - 00000000 ____D C:\Users\LM2\Downloads\Neuer Ordner (7)
2016-03-21 08:38 - 2014-12-29 04:53 - 00000000 ____D C:\Users\LM2\Downloads\Neuer Ordner (5)
2016-03-21 08:09 - 2014-11-05 17:07 - 00000000 ____D C:\Users\MCS\AppData\Local\Adobe
2016-03-20 22:12 - 2009-10-17 02:49 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-03-20 22:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-03-20 21:55 - 2010-11-12 20:07 - 00000000 ____D C:\Program Files (x86)\WinSysClean X
2016-03-20 15:45 - 2015-06-12 08:41 - 00002160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2016-03-20 15:45 - 2013-11-16 15:23 - 00002191 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-20 15:45 - 2012-10-09 02:01 - 00002166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Virtual Technician.lnk
2016-03-20 15:45 - 2010-11-19 15:47 - 00001304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
2016-03-20 15:45 - 2010-09-26 15:47 - 00000849 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-03-20 15:45 - 2009-10-17 02:46 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-03-20 15:45 - 2009-07-14 05:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-03-20 15:45 - 2009-07-14 05:57 - 00001330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-03-20 15:45 - 2009-07-14 05:57 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-03-20 15:45 - 2006-10-10 00:26 - 00002569 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk
2016-03-20 15:45 - 2006-10-10 00:26 - 00001193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works-Start.lnk
2016-03-20 15:44 - 2014-10-12 18:48 - 00001203 _____ C:\Users\MCS\Desktop\Any Video Converter.lnk
2016-03-20 15:44 - 2013-11-16 15:23 - 00002179 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-20 15:44 - 2013-11-02 20:41 - 00001052 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2016-03-20 15:44 - 2010-11-12 01:15 - 00001243 _____ C:\Users\MCS\Desktop\DVDVideoSoft Free Studio.lnk
2016-03-20 15:44 - 2010-04-19 12:47 - 00001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Netzmanager.lnk
2016-03-20 15:44 - 2010-04-19 08:44 - 00001443 _____ C:\Users\MCS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-03-20 15:44 - 2010-04-19 08:44 - 00001409 _____ C:\Users\MCS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-03-20 15:44 - 2009-07-14 06:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-03-20 15:44 - 2009-07-14 05:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-03-20 15:07 - 2015-03-19 16:45 - 00000000 ____D C:\Users\MCS\Documents\onlineTV 8
2016-03-20 15:07 - 2015-03-19 16:32 - 00000000 ____D C:\Users\MCS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\concept design
2016-03-20 15:07 - 2015-03-19 16:32 - 00000000 ____D C:\Users\MCS\AppData\Roaming\concept design
2016-03-20 15:07 - 2015-03-19 16:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\concept design
2016-03-20 15:07 - 2015-03-19 16:32 - 00000000 ____D C:\Program Files (x86)\concept design
2016-03-20 14:23 - 2010-04-24 04:15 - 00000000 ____D C:\Program Files (x86)\Winamp
2016-03-20 13:53 - 2013-06-10 20:02 - 00000000 ____D C:\Users\LM2\AppData\Local\Adobe
2016-03-20 13:52 - 2015-07-15 12:06 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-03-20 13:50 - 2009-10-17 03:36 - 00000000 ____D C:\ProgramData\Adobe
2016-03-20 13:50 - 2009-10-17 03:35 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-03-19 23:49 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Branding
2016-03-19 23:48 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2016-03-19 23:48 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\inetsrv
2016-03-19 23:42 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-03-19 23:40 - 2013-06-28 16:35 - 00000000 ____D C:\Program Files (x86)\Delta
2016-03-19 23:40 - 2011-08-08 12:37 - 00000000 _RSHD C:\Win
2016-03-19 23:40 - 2010-04-19 23:22 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-03-19 22:11 - 2013-11-02 20:39 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield
2016-03-19 22:11 - 2012-04-05 11:28 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-19 22:11 - 2012-04-05 11:28 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-19 22:11 - 2011-10-21 18:50 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-19 22:10 - 2013-11-02 20:40 - 00000000 ____D C:\ProgramData\Hotspot Shield
2016-03-19 21:14 - 2010-05-14 02:31 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-03-19 21:14 - 2010-05-14 02:31 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-03-19 21:11 - 2015-10-05 13:52 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-03-19 21:11 - 2014-03-18 14:40 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-03-19 21:07 - 2010-04-19 08:42 - 00000342 _____ C:\Windows\Tasks\McDefragTask.job

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2009-10-17 03:04 - 2009-02-10 20:23 - 0192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico
2013-11-09 12:54 - 2013-11-09 12:54 - 0001847 _____ () C:\Users\MCS\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2010-04-23 15:38 - 2010-05-03 13:45 - 0000362 _____ () C:\Users\MCS\AppData\Roaming\wklnhst.dat
2010-11-30 01:53 - 2012-12-04 15:52 - 0083968 _____ () C:\Users\MCS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-10-21 16:49 - 2016-03-21 11:14 - 0007621 _____ () C:\Users\MCS\AppData\Local\Resmon.ResmonCfg
2009-10-17 03:04 - 2009-07-18 02:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\MCS\OOo_3.2.1_Win_x86_install-wJRE_de.exe


Einige Dateien in TEMP:
====================
C:\Users\LM2\AppData\Local\Temp\DivXSetup.exe
C:\Users\LM2\AppData\Local\Temp\MSETUP4.EXE
C:\Users\LM2\AppData\Local\Temp\RSPUpgradeInstaller.exe
C:\Users\LM2\AppData\Local\Temp\SkypeSetup.exe
C:\Users\MCS\AppData\Local\Temp\contentDATs.exe
C:\Users\MCS\AppData\Local\Temp\dotNetFx40_Full_x86_x64.exe
C:\Users\MCS\AppData\Local\Temp\eXPertPDF_V5_DEU.exe
C:\Users\MCS\AppData\Local\Temp\FreemakeMusicBox_0.9.6.1.exe
C:\Users\MCS\AppData\Local\Temp\FreemakeVideoConverter_3.1.1.4.exe
C:\Users\MCS\AppData\Local\Temp\FreemakeVideoDownloader_3.0.0.4.exe
C:\Users\MCS\AppData\Local\Temp\FreemakeVideoDownloader_3.1.0.2.exe
C:\Users\MCS\AppData\Local\Temp\FreemakeVideoDownloader_3.5.4.0.exe
C:\Users\MCS\AppData\Local\Temp\FreemakeYoutubeMp3Converter_3.5.2.4.exe
C:\Users\MCS\AppData\Local\Temp\GUninstaller.exe
C:\Users\MCS\AppData\Local\Temp\HssInstaller64.exe
C:\Users\MCS\AppData\Local\Temp\InstallFlashPlayer.exe
C:\Users\MCS\AppData\Local\Temp\install_flashplayer11x32au_mssd_aih.exe
C:\Users\MCS\AppData\Local\Temp\install_flashplayer11x32au_mssd_aih_1.exe
C:\Users\MCS\AppData\Local\Temp\install_flashplayer12x32au_ltr5x64d_awc_aih.exe
C:\Users\MCS\AppData\Local\Temp\install_flashplayer14x32au_mssd_aaa_aih.exe
C:\Users\MCS\AppData\Local\Temp\install_flashplayer14x32au_mssd_aaa_aih_1.exe
C:\Users\MCS\AppData\Local\Temp\install_flashplayer15x32au_mssd_aaa_aih.exe
C:\Users\MCS\AppData\Local\Temp\install_flashplayer16x32au_mssa_aaa_aih.exe
C:\Users\MCS\AppData\Local\Temp\install_flashplayer16x32_mssa_aaa_aih.exe
C:\Users\MCS\AppData\Local\Temp\install_flashplayer17x32au_mssa_aaa_aih.exe
C:\Users\MCS\AppData\Local\Temp\install_flashplayer17x32_mssd_aaa_aih.exe
C:\Users\MCS\AppData\Local\Temp\install_reader10_de_mssa_aih.exe
C:\Users\MCS\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\MCS\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\MCS\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\MCS\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\MCS\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\MCS\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\MCS\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\MCS\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\MCS\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\MCS\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\MCS\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe
C:\Users\MCS\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\MCS\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\MCS\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\MCS\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\MCS\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\MCS\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\MCS\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\MCS\AppData\Local\Temp\mgxoschk.dll
C:\Users\MCS\AppData\Local\Temp\MgxVistaTools.dll
C:\Users\MCS\AppData\Local\Temp\MSETUP4.EXE
C:\Users\MCS\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\MCS\AppData\Local\Temp\sqlite3.dll
C:\Users\MCS\AppData\Local\Temp\uninstall.exe
C:\Users\MCS\AppData\Local\Temp\vcredist_x64.exe
C:\Users\MCS\AppData\Local\Temp\vcredist_x86.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2010-10-23 18:26

==================== Ende von FRST.txt ============================
         

Addition.txt

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von MCS (2016-03-24 11:46:12)
Gestartet von C:\Users\LM2\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2010-04-19 07:42:00)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-824321664-1275631822-800070043-500 - Administrator - Disabled)
Gast (S-1-5-21-824321664-1275631822-800070043-501 - Limited - Enabled) => C:\Users\Gast
Konto2 (S-1-5-21-824321664-1275631822-800070043-1005 - Limited - Enabled)
LM2 (S-1-5-21-824321664-1275631822-800070043-1002 - Limited - Enabled) => C:\Users\LM2
MCS (S-1-5-21-824321664-1275631822-800070043-1000 - Administrator - Enabled) => C:\Users\MCS

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Acer Backup Manager (HKLM-x32\...\InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.2.19 - NewTech Infosystems)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.2.0812 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version:  - Oberon Media)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version:  - Oberon Media)
Any Video Converter 5.7.3 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Backup Manager Advance (x32 Version: 2.0.2.19 - NewTech Infosystems) Hidden
BCL easyConverter 3.0 Licensing Module (BCL License) (x32 Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 Loader SDK Module (x32 Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 Module (Loader, BCL License) (x32 Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 Module (RTF, BCL License) (x32 Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 RTF SDK Module (x32 Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 SDK Module (x32 Version: 3.0.18 - BCL Technologies) Hidden
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research in Motion Ltd.)
BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research in Motion Ltd.) Hidden
BlackBerry Device Software Updater (HKLM-x32\...\{334147DC-B3C8-4626-A985-4AEA8A36DAB6}) (Version: 8.0.0.41 - Research In Motion Ltd)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ‪Canon Inc.‬)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG4200 series Benutzerregistrierung (HKLM-x32\...\Canon MG4200 series Benutzerregistrierung) (Version:  - Canon Inc.‎)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.01 - Canon Inc.)
Canon MG4200 series On-screen Manual (HKLM-x32\...\Canon MG4200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version:  - Oberon Media)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Content Manager 2 (HKLM-x32\...\Content Manager 2) (Version: 2.2.1.9986 - Harman Becker Automotive Systems)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version:  - Oberon Media)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
DVDVideoSoft Toolbar (HKLM-x32\...\DVDVideoSoft Toolbar) (Version:  - )
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
Epson Easy Photo Print 2 (HKLM-x32\...\{94FA9FA6-5294-494D-A8F1-1E654CBB5736}) (Version: 2.2.3.1 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
EPSON Stylus SX200 Series Printer Uninstall (HKLM\...\EPSON Stylus SX200 Series) (Version:  - SEIKO EPSON Corporation)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Eumex RNDIS64 Treiber V1.02 (HKLM\...\{293C4FDD-FB80-48F8-8B40-F085392FDAA1}) (Version: 1.02.0000 - Deutsche Telekom)
eXPert PDF 5 (HKLM-x32\...\{A6E92CAB-9E63-46DC-8ABF-0CAFF7B7CD02}) (Version: 5.1.170.0 - Visage Software)
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version:  - Oberon Media)
First Class Flurry (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}) (Version:  - Oberon Media)
Free Audio CD Burner version 1.2 (HKLM-x32\...\Free Audio CD Burner_is1) (Version:  - DVDVideoSoft Limited.)
Free Studio version 4.9.13 (HKLM-x32\...\Free Studio_is1) (Version:  - DVDVideoSoft Limited.)
Freemake Video Converter Version 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.5.4 - Ellora Assets Corporation)
Freemake Youtube Mp3 Converter (HKLM-x32\...\Freemake Youtube Mp3 Converter_is1) (Version: 3.5.2 - Ellora Assets Corporation)
funkwerk Eumex 401 WIN-Tools V1.00 (HKLM-x32\...\InstallShield_{F1C6C824-FF4F-4CD6-9B25-E40F750FC2E8}) (Version: 1.00.0000 - Funkwerk Enterprise Communications GmbH)
funkwerk Eumex 401 WIN-Tools V1.00 (x32 Version: 1.00.0000 - Funkwerk Enterprise Communications GmbH) Hidden
G-Force (HKLM-x32\...\G-Force) (Version: 5.0 - SoundSpectrum)
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Goin Downtown (HKLM-x32\...\{46F45BBF-0516-495E-8230-0C301FA54D2B}) (Version: 1.00.0000 - The Games Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version:  - Oberon Media)
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version:  - Oberon Media)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 1.00.3004 - Acer Incorporated)
Hotspot Shield 5.2.1 (HKLM-x32\...\HotspotShield) (Version: 5.2.1 - AnchorFree Inc.)
Hotspot Shield 5.2.1 Embedded (x32 Version: 5.2.1.0 - Buildbot) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3002 - Acer Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.27 - Irfan Skiljan)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Jigsaw Puzzle Lite (HKLM-x32\...\Jigsaw Puzzle Lite) (Version:  - )
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
MAGIX music maker 2005 e-version (HKLM-x32\...\MAGIX music maker 2005 e-version) (Version: 10.0.0.10 - MAGIX AG)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.292.3 - McAfee, Inc.)
McAfee Total Protection (HKLM-x32\...\MSC) (Version: 12.8.992 - McAfee, Inc.)
McAfee Virtual Technician (HKLM-x32\...\McAfee Virtual Technician) (Version: 6.5.0.2101 - McAfee, Inc.)
MediaCoder 0.7.5.4762 (HKLM-x32\...\MediaCoder) (Version: 0.7.5.4762 - Broad Intelligence)
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version:  - Oberon Media)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM-x32\...\OMUI.de-de) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Morphyre (HKLM-x32\...\MorphyrePro) (Version:  - )
Mozilla Firefox 45.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 de)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1 - Mozilla)
MPC-HC 1.7.7 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.7 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.76.0 - Egis Technology Inc.)
Naviextras Toolbox Prerequesities (HKLM-x32\...\{537575D6-3B96-474C-BD8F-DFF667363DBD}) (Version: 1.0.0 - Nav N Go Ltd.)
Nero 9 Essentials (HKLM-x32\...\{e30fce96-c91b-4f1f-af7b-1bf58fdbbf24}) (Version:  - Nero AG)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.045 - Deutsche Telekom AG)
Netzmanager (Version: 1.045 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 6.84.0.0 - )
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
Norton Security Scan (HKLM-x32\...\NSS) (Version: 2.7.3.34 - Symantec Corporation)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version:  - )
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Update 15.3.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 15.3.33 - NVIDIA Corporation)
OpenOffice.org 3.2 (HKLM-x32\...\{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}) (Version: 3.2.9502 - OpenOffice.org)
Opera 10.62 (HKLM-x32\...\{18E65799-76BD-46EF-9E53-972FE5A40736}) (Version: 10.62 - Opera Software ASA)
Paint.NET v3.5.6 (HKLM\...\{639673E9-D53F-44F4-A046-485C8A6ADA16}) (Version: 3.56.0 - dotPDN LLC)
Paragon Festplatten Manager 8.5  (HKLM\...\{F2981339-823E-4C62-9C6F-6733BAEE9EF5}) (Version: 90.00.0003 - Paragon Software)
PDF2Word Converter Version 1.0.8 (Build 164, 7-PDF) (HKLM-x32\...\PDF2Word Converter (7-PDF)_is1) (Version: PDF2Word Converter - Version 1.0.8 (Build 164) - 7-PDF, Germany - Thorsten Hodes)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.10 - ProtectDisc Software GmbH)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5898 - Realtek Semiconductor Corp.)
Registry Mechanic 10.0 (HKLM-x32\...\Registry Mechanic_is1) (Version: 10.0 - PC Tools)
SecondLifeViewer (HKLM-x32\...\SecondLifeViewer) (Version: 3.7.30.302599 - Linden Research, Inc.)
SecondLifeViewer2 (remove only) (HKLM-x32\...\SecondLifeViewer2) (Version:  - )
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
T-Eumex 2000PC Konfigurationsprogramm (HKLM-x32\...\EumexKonf) (Version:  - )
The Void (HKLM-x32\...\The Void_is1) (Version:  - )
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Unity Web Player (HKU\S-1-5-21-824321664-1275631822-800070043-1002\...\UnityWebPlayer) (Version: 4.6.5f1 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vertus Play With Pictures 1.1.4 (HKLM-x32\...\VertusPlayWithPictures) (Version: 1.1.4 - )
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
WhiteCap (HKLM-x32\...\WhiteCap) (Version: 5.7.1 - SoundSpectrum)
Winamp (HKLM-x32\...\Winamp) (Version: 5.572  - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-824321664-1275631822-800070043-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - T-Home Net  (06/30/2010 6.0.6000.16384) (HKLM\...\7B73EBFEF26F2C40D3AA9D389F5CF2C77121106C) (Version: 06/30/2010 6.0.6000.16384 - T-Home)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
WinSysClean 2009 (HKLM-x32\...\WinSysClean 2009) (Version:  - Ultimate Systems, Inc.)
WinSysClean 2009 (x32 Version: 9.00 - Ultimate Systems, Inc.) Hidden
WinSysClean X (HKLM-x32\...\WinSysClean X) (Version:  - Ultimate Systems, Inc.)
XMedia Recode 2.2.8.4 (HKLM-x32\...\XMedia Recode) (Version: 2.2.8.4 - Sebastian Dörfler)
YOU DON'T KNOW JACK® 3 - Abwärts! (HKLM-x32\...\YDKJG3) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-824321664-1275631822-800070043-1000_Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 -> C:\$Recycle.Bin ()

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {3EFDAC1A-B2AB-49DA-9AE5-D46B68FE5E29} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-17] (Adobe Systems Incorporated)
Task: {3F544950-AE55-4083-A42F-2AE4C79AB10A} - System32\Tasks\{65025408-A96C-4B07-B119-CED50BA20F1A} => C:\Users\Public\Documents\Zeitpunkt\setup.EXE [1998-06-13] ()
Task: {4134E09E-3D71-47EB-8497-87A6A55672B2} - System32\Tasks\{EDB6448C-4649-4674-8AC7-2E9CC77A4A01} => C:\Users\Public\Documents\Zeitpunkt\setup.EXE [1998-06-13] ()
Task: {6F4F7AE5-DB01-4F3B-B94E-D2E936F73A91} - System32\Tasks\{469776B6-8343-4F8A-8C0F-80735710135E} => C:\Users\Public\Documents\Zeitpunkt\setup.EXE [1998-06-13] ()
Task: {7C7E3A57-041E-472F-B307-39B42793AC6F} - System32\Tasks\{8AF82F5E-49C4-4D0B-92F3-EBA4CC180F45} => C:\Users\Public\Documents\Zeitpunkt\setup.EXE [1998-06-13] ()
Task: {85EE0414-296D-4AB6-8972-B070AAFCF406} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-19] (Adobe Systems Incorporated)
Task: {99606C53-16C8-4777-B5CC-B13BC1278CE3} - System32\Tasks\{C4048ED2-8F60-4E32-B041-5636BE403C99} => pcalua.exe -a E:\T-Online_6.0.exe -d E:\
Task: {A1CC79DA-46F7-4D56-952D-0EEC6695B117} - System32\Tasks\RMSmartUpdate => C:\Program Files (x86)\Registry Mechanic\update.exe [2010-08-05] (PC Tools)
Task: {A7790605-8EBD-47FE-9ACA-CAEA9BBC8113} - \Scheduled Update for Ask Toolbar -> Keine Datei <==== ACHTUNG
Task: {A934C173-4E9A-493B-A76A-E22B131191B8} - System32\Tasks\RMSchedule => C:\Program Files (x86)\Registry Mechanic\RegMech.exe [2010-08-05] (PC Tools)
Task: {B9D34789-2C7B-4F58-BCAD-394B3E3B6656} - System32\Tasks\McDefragTask => c:\Program Files (x86)\McAfee\MQC\QcConsol.exe [2009-09-25] (McAfee, Inc.)
Task: {DE4066D5-B14D-44F6-AEDA-05EB51B885DB} - System32\Tasks\Norton Security Scan for MCS => C:\Program Files (x86)\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-06-28] (Symantec Corporation)
Task: {E1804CBA-CD6F-43D8-A030-DE925109C73B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-05] (Google Inc.)
Task: {E4CBBF19-B8E8-4488-ABEF-2B3EE072D616} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-05] (Google Inc.)
Task: {ED30755E-6171-457D-A7FA-57B4A199D164} - System32\Tasks\{5C557541-EF09-4F64-941D-0535279E059E} => C:\Users\Public\Documents\Zeitpunkt\setup.EXE [1998-06-13] ()
Task: {F8DA04B2-7750-4245-B01F-E1470F3C2B76} - System32\Tasks\{5A4E3397-CF8C-4CBC-A41A-1B00B2A42E23} => C:\Users\Public\Documents\Zeitpunkt\setup.EXE [1998-06-13] ()

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\McDefragTask.job => c:\PROGRA~2\mcafee\mqc\QcConsol.exe C:\Windows\system32\defrag.exe
Task: C:\Windows\Tasks\Norton Security Scan for MCS.job => C:\Program Files (x86)\Norton Security Scan\Engine\2.7.3.34\Nss.exe
Task: C:\Windows\Tasks\RMSchedule.job => C:\Program Files (x86)\Registry Mechanic\RegMech.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\MCS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaCoder\MediaCoder CLI Version.lnk -> C:\Program Files (x86)\MediaCoder\opencli.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-11-21 18:45 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2009-04-19 16:34 - 2009-04-19 16:34 - 00207904 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
2009-04-19 16:34 - 2009-04-19 16:34 - 00070176 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll
2009-04-19 16:34 - 2009-04-19 16:34 - 00578080 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll
2009-04-19 16:34 - 2009-04-19 16:34 - 00625184 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
2011-02-26 16:47 - 2010-03-15 11:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2009-08-18 08:27 - 2009-08-18 08:27 - 00629280 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
2016-02-17 20:24 - 2016-02-17 20:24 - 00694416 _____ () C:\Program Files (x86)\Hotspot Shield\bin\openvpn.exe
2016-02-17 20:43 - 2016-02-17 20:43 - 00166528 _____ () C:\Program Files (x86)\Hotspot Shield\bin\CrashRpt1403.dll
2016-02-04 02:52 - 2016-02-04 02:52 - 00280143 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libidn-11.dll
2009-03-27 21:02 - 2009-03-27 21:02 - 01554920 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libeay32.dll
2009-03-27 21:02 - 2009-03-27 21:02 - 00332254 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libssl32.dll
2009-02-03 01:33 - 2009-02-03 01:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 01:55 - 2008-09-29 01:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2009-08-18 08:31 - 2009-08-18 08:31 - 00163840 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Windows:nlsPreferences [0]
AlternateDataStreams: C:\ProgramData\Reprise:yhuwxvwhfkxkcqmbzxjuiqjduvsftifh [0]
AlternateDataStreams: C:\ProgramData\TEMP:0B9176C0 [256]
AlternateDataStreams: C:\ProgramData\TEMP:4CF61E54 [118]
AlternateDataStreams: C:\ProgramData\TEMP:5D7E5A8F [144]
AlternateDataStreams: C:\ProgramData\TEMP:93DE1838 [133]
AlternateDataStreams: C:\ProgramData\TEMP:AB689DEA [294]
AlternateDataStreams: C:\ProgramData\TEMP:ABE89FFE [246]
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [206]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKLM\...\.exe:  =>  <===== ACHTUNG

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-03-19 21:11 - 00000858 ____A C:\Windows\system32\Drivers\etc\hosts

0.0.0.1	mssplus.mcafee.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-824321664-1275631822-800070043-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\MCS\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-824321664-1275631822-800070043-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\LM2\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.20
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: BlackBerry Device Manager => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: c2cautoupdatesvc => 2
MSCONFIG\Services: c2cpnrsvc => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: IJPLMSVC => 2
MSCONFIG\Services: Nero BackItUp Scheduler 4.0 => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Control Center.lnk => C:\Windows\pss\Control Center.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: EgisTecLiveUpdate => "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
MSCONFIG\startupreg: EPSON Stylus SX200 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEFE.EXE /FU "C:\Users\MCS\AppData\Local\Temp\E_SE32D.tmp" /EF "HKCU"
MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
MSCONFIG\startupreg: SSDMonitor => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
MSCONFIG\startupreg: vspdfprsrv.exe => C:\Program Files (x86)\Visagesoft\eXPert PDF 5\vspdfprsrv.exe --background
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{385130F7-DEA5-4710-B0FB-756A9774849D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Wiederherstellungspunkte =========================

11-10-2015 18:00:46 Windows-Sicherung
19-03-2016 21:18:34 Windows-Sicherung
19-03-2016 22:20:51 Windows Modules Installer
19-03-2016 23:04:03 Installed Microsoft Fix it 50123
20-03-2016 19:02:35 Windows-Sicherung
20-03-2016 22:06:53 Installed Paragon Festplatten Manager 8.5 .
20-03-2016 22:13:41 Installed eXPert PDF 5

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/24/2016 11:26:21 AM) (Source: MsiInstaller) (EventID: 1024) (User: PC)
Description: Produkt: Adobe Acrobat Reader DC - Deutsch - Update "{AC76BA86-7AD7-0000-2550-AC0F0A4E5C00}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (03/24/2016 07:29:18 AM) (Source: MsiInstaller) (EventID: 1024) (User: PC)
Description: Produkt: Adobe Acrobat Reader DC - Deutsch - Update "{AC76BA86-7AD7-0000-2550-AC0F0A4E5C00}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (03/24/2016 07:23:35 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (03/24/2016 07:23:35 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (03/24/2016 07:23:35 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (03/23/2016 04:46:54 PM) (Source: MsiInstaller) (EventID: 1024) (User: PC)
Description: Produkt: Adobe Acrobat Reader DC - Deutsch - Update "{AC76BA86-7AD7-0000-2550-AC0F0A4E5C00}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (03/23/2016 04:40:48 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (03/23/2016 04:40:48 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (03/23/2016 04:40:48 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (03/23/2016 03:01:31 PM) (Source: MsiInstaller) (EventID: 1024) (User: PC)
Description: Produkt: Adobe Acrobat Reader DC - Deutsch - Update "{AC76BA86-7AD7-0000-2550-AC0F0A4E5C00}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127


Systemfehler:
=============
Error: (03/22/2016 06:38:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Anti-Spam Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (03/22/2016 06:38:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee Anti-Spam Service erreicht.

Error: (03/22/2016 06:38:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Proxy Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (03/22/2016 06:38:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee Proxy Service erreicht.

Error: (03/22/2016 06:38:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Personal Firewall Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (03/22/2016 06:38:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee Personal Firewall Service erreicht.

Error: (03/22/2016 06:38:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Home Network" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (03/22/2016 06:38:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee Home Network erreicht.

Error: (03/22/2016 06:37:39 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (03/22/2016 06:37:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Proxy Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


==================== Speicherinformationen =========================== 

Prozessor: AMD Athlon(tm) II X2 240 Processor 
Prozentuale Nutzung des RAM: 57%
Installierter physikalischer RAM: 4094.55 MB
Verfügbarer physikalischer RAM: 1751.71 MB
Summe virtueller Speicher: 8187.29 MB
Verfügbarer virtueller Speicher: 5892.05 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:458.87 GB) (Free:241.73 GB) NTFS
Drive d: (DATA) (Fixed) (Total:458.87 GB) (Free:0.02 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8406D83F)
Partition 1: (Not Active) - (Size=13.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=458.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=458.9 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         


Vielen Dank im voraus,
Marco

Alt 25.03.2016, 08:00   #2
Larusso
/// Selecta Jahrusso
 
Firefox und IE starten selbständig/automatisch - Standard

Firefox und IE starten selbständig/automatisch






Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 25.03.2016, 10:37   #3
Foxbecks
 
Firefox und IE starten selbständig/automatisch - Standard

Firefox und IE starten selbständig/automatisch



Guten Morgen Larusso,
danke für die schnelle Antwort.

TDSSKiller-Log:

Code:
ATTFilter
09:12:38.0641 0x057c  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
09:12:46.0972 0x057c  ============================================================
09:12:46.0972 0x057c  Current date / time: 2016/03/25 09:12:46.0972
09:12:46.0972 0x057c  SystemInfo:
09:12:46.0972 0x057c  
09:12:46.0972 0x057c  OS Version: 6.1.7601 ServicePack: 1.0
09:12:46.0972 0x057c  Product type: Workstation
09:12:46.0972 0x057c  ComputerName: PC
09:12:46.0972 0x057c  UserName: MCS
09:12:46.0972 0x057c  Windows directory: C:\Windows
09:12:46.0972 0x057c  System windows directory: C:\Windows
09:12:46.0972 0x057c  Running under WOW64
09:12:46.0972 0x057c  Processor architecture: Intel x64
09:12:46.0972 0x057c  Number of processors: 2
09:12:46.0972 0x057c  Page size: 0x1000
09:12:46.0972 0x057c  Boot type: Normal boot
09:12:46.0972 0x057c  ============================================================
09:12:50.0872 0x057c  KLMD registered as C:\Windows\system32\drivers\57481262.sys
09:12:51.0418 0x057c  System UUID: {785ABEAE-E12F-9027-ACC2-5435D4F5B128}
09:12:52.0385 0x057c  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:12:52.0400 0x057c  ============================================================
09:12:52.0400 0x057c  \Device\Harddisk0\DR0:
09:12:52.0400 0x057c  MBR partitions:
09:12:52.0400 0x057c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B58800, BlocksNum 0x32000
09:12:52.0400 0x057c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1B8A800, BlocksNum 0x395BD800
09:12:52.0400 0x057c  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3B148000, BlocksNum 0x395BE5B0
09:12:52.0400 0x057c  ============================================================
09:12:52.0432 0x057c  C: <-> \Device\Harddisk0\DR0\Partition2
09:12:52.0478 0x057c  D: <-> \Device\Harddisk0\DR0\Partition3
09:12:52.0478 0x057c  ============================================================
09:12:52.0478 0x057c  Initialize success
09:12:52.0478 0x057c  ============================================================
09:13:25.0940 0x12a4  ============================================================
09:13:25.0940 0x12a4  Scan started
09:13:25.0940 0x12a4  Mode: Manual; SigCheck; TDLFS; 
09:13:25.0940 0x12a4  ============================================================
09:13:25.0940 0x12a4  KSN ping started
09:13:37.0484 0x12a4  KSN ping finished: true
09:13:38.0935 0x12a4  ================ Scan system memory ========================
09:13:38.0935 0x12a4  System memory - ok
09:13:38.0935 0x12a4  ================ Scan services =============================
09:13:39.0091 0x12a4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
09:13:39.0372 0x12a4  1394ohci - ok
09:13:39.0481 0x12a4  [ CF43E9BAEBD41844856D14DBE9C07CD7, C8DE2166B91F74B50EB20D7B588CC7CAAC29F0427D3012140BB7D56A3F4B3450 ] acedrv11        C:\Windows\system32\drivers\acedrv11.sys
09:13:39.0544 0x12a4  acedrv11 - ok
09:13:39.0575 0x12a4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
09:13:39.0606 0x12a4  ACPI - ok
09:13:39.0668 0x12a4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
09:13:39.0746 0x12a4  AcpiPmi - ok
09:13:39.0840 0x12a4  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:13:39.0887 0x12a4  AdobeARMservice - ok
09:13:40.0012 0x12a4  [ 99B993BD0F4C033D832B50D5E83BEBEC, A091635B2B428A51400468353F52D3FF35095460D3FA8CB29E2C4A804D87B845 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:13:40.0043 0x12a4  AdobeFlashPlayerUpdateSvc - ok
09:13:40.0090 0x12a4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
09:13:40.0152 0x12a4  adp94xx - ok
09:13:40.0199 0x12a4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
09:13:40.0246 0x12a4  adpahci - ok
09:13:40.0246 0x12a4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
09:13:40.0261 0x12a4  adpu320 - ok
09:13:40.0292 0x12a4  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:13:40.0339 0x12a4  AeLookupSvc - ok
09:13:40.0370 0x12a4  [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD             C:\Windows\system32\drivers\afd.sys
09:13:40.0433 0x12a4  AFD - ok
09:13:40.0495 0x12a4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
09:13:40.0526 0x12a4  agp440 - ok
09:13:40.0589 0x12a4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
09:13:40.0823 0x12a4  ALG - ok
09:13:40.0870 0x12a4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
09:13:40.0885 0x12a4  aliide - ok
09:13:40.0901 0x12a4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
09:13:40.0901 0x12a4  amdide - ok
09:13:40.0916 0x12a4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
09:13:40.0979 0x12a4  AmdK8 - ok
09:13:41.0010 0x12a4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
09:13:41.0026 0x12a4  AmdPPM - ok
09:13:41.0057 0x12a4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
09:13:41.0104 0x12a4  amdsata - ok
09:13:41.0119 0x12a4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
09:13:41.0135 0x12a4  amdsbs - ok
09:13:41.0150 0x12a4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
09:13:41.0166 0x12a4  amdxata - ok
09:13:41.0197 0x12a4  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
09:13:41.0291 0x12a4  AppID - ok
09:13:41.0322 0x12a4  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
09:13:41.0384 0x12a4  AppIDSvc - ok
09:13:41.0431 0x12a4  [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo         C:\Windows\System32\appinfo.dll
09:13:41.0525 0x12a4  Appinfo - ok
09:13:41.0556 0x12a4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
09:13:41.0572 0x12a4  arc - ok
09:13:41.0618 0x12a4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
09:13:41.0650 0x12a4  arcsas - ok
09:13:41.0696 0x12a4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:13:41.0774 0x12a4  AsyncMac - ok
09:13:41.0821 0x12a4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
09:13:41.0852 0x12a4  atapi - ok
09:13:41.0946 0x12a4  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:13:42.0008 0x12a4  AudioEndpointBuilder - ok
09:13:42.0055 0x12a4  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
09:13:42.0133 0x12a4  AudioSrv - ok
09:13:42.0196 0x12a4  [ 43744F1D3CDE20F3925F10927C9036C2, 47374A71D1A38572B8C247E924C0F3F063A6281743C9B7D818D63CA576B5D289 ] AVMCOWAN        C:\Windows\system32\DRIVERS\AVMCOWAN.sys
09:13:42.0258 0x12a4  AVMCOWAN - ok
09:13:42.0305 0x15e4  Object required for P2P: [ 99B993BD0F4C033D832B50D5E83BEBEC ] AdobeFlashPlayerUpdateSvc
09:13:42.0320 0x12a4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
09:13:42.0383 0x12a4  AxInstSV - ok
09:13:42.0414 0x12a4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
09:13:42.0461 0x12a4  b06bdrv - ok
09:13:42.0492 0x12a4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
09:13:42.0554 0x12a4  b57nd60a - ok
09:13:42.0570 0x15e4  Object send P2P result: true
09:13:42.0601 0x12a4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
09:13:42.0617 0x12a4  BDESVC - ok
09:13:42.0679 0x12a4  [ CB7CE2E47139B620D2B87078165F1AD0, 2859F85C463FD34D659EAFDDFE4DE472D04D3D2D639BE4876E19F5DC775D0BA1 ] becldr3Service  C:\Program Files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe
09:13:42.0773 0x12a4  becldr3Service - detected UnsignedFile.Multi.Generic ( 1 )
09:13:43.0054 0x12a4  Detect skipped due to KSN trusted
09:13:43.0054 0x12a4  becldr3Service - ok
09:13:43.0147 0x12a4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
09:13:43.0225 0x12a4  Beep - ok
09:13:43.0334 0x12a4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
09:13:43.0412 0x12a4  BFE - ok
09:13:43.0459 0x12a4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
09:13:43.0537 0x12a4  BITS - ok
09:13:43.0709 0x12a4  [ 6E984D17526995C8FA9B65FFCE324A63, AFAB5004C333F90AC13769701D253F65EAE23D5B277DAD9C6EA8AF658374B48D ] BlackBerry Device Manager C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
09:13:43.0771 0x12a4  BlackBerry Device Manager - detected UnsignedFile.Multi.Generic ( 1 )
09:13:44.0052 0x12a4  Detect skipped due to KSN trusted
09:13:44.0052 0x12a4  BlackBerry Device Manager - ok
09:13:44.0099 0x12a4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
09:13:44.0146 0x12a4  blbdrive - ok
09:13:44.0161 0x12a4  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:13:44.0192 0x12a4  bowser - ok
09:13:44.0224 0x12a4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:13:44.0255 0x12a4  BrFiltLo - ok
09:13:44.0286 0x12a4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:13:44.0302 0x12a4  BrFiltUp - ok
09:13:44.0333 0x12a4  [ 8EF0D5C41EC907751B8429162B1239ED, 9CC25F1F93FACA6F6CE23F78EB58590C39A2E3C8A3ACDF400E8A9DE0757EADAE ] Browser         C:\Windows\System32\browser.dll
09:13:44.0395 0x12a4  Browser - ok
09:13:44.0426 0x12a4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
09:13:44.0458 0x12a4  Brserid - ok
09:13:44.0473 0x12a4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
09:13:44.0489 0x12a4  BrSerWdm - ok
09:13:44.0520 0x12a4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
09:13:44.0551 0x12a4  BrUsbMdm - ok
09:13:44.0598 0x12a4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
09:13:44.0629 0x12a4  BrUsbSer - ok
09:13:44.0645 0x12a4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
09:13:44.0692 0x12a4  BTHMODEM - ok
09:13:44.0754 0x12a4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
09:13:44.0801 0x12a4  bthserv - ok
09:13:44.0988 0x12a4  [ FECA9F830A5C6BAB9978E6781A26AE2B, CA1681A2F4FA849815B8E823805E078DB9C050CEE86E9E394B2A37B57CC474A6 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
09:13:45.0128 0x12a4  c2cautoupdatesvc - ok
09:13:45.0284 0x12a4  [ 5B33709F7FE59BB625F113EED86AFC5C, 8D29FE242D55526FDEB2CB4009B5DE19C93972E872BE6328AD3305E360A3D44B ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
09:13:45.0425 0x12a4  c2cpnrsvc - ok
09:13:45.0440 0x12a4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:13:45.0487 0x12a4  cdfs - ok
09:13:45.0534 0x12a4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
09:13:45.0550 0x12a4  cdrom - ok
09:13:45.0690 0x12a4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
09:13:45.0784 0x12a4  CertPropSvc - ok
09:13:45.0830 0x12a4  [ 27468DB367ABCFE855796775DB949AC1, F2DFC8CFBFCDC94798A5ADAAC96001927F9CE316751D42651C3AF1E52F1DC7EF ] cfwids          C:\Windows\system32\drivers\cfwids.sys
09:13:45.0862 0x12a4  cfwids - ok
09:13:45.0893 0x12a4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
09:13:45.0940 0x12a4  circlass - ok
09:13:45.0986 0x12a4  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
09:13:46.0002 0x12a4  CLFS - ok
09:13:46.0080 0x12a4  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:13:46.0127 0x12a4  clr_optimization_v2.0.50727_32 - ok
09:13:46.0142 0x12a4  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:13:46.0158 0x12a4  clr_optimization_v2.0.50727_64 - ok
09:13:46.0252 0x12a4  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:13:46.0298 0x12a4  clr_optimization_v4.0.30319_32 - ok
09:13:46.0361 0x12a4  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:13:46.0392 0x12a4  clr_optimization_v4.0.30319_64 - ok
09:13:46.0408 0x12a4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
09:13:46.0439 0x12a4  CmBatt - ok
09:13:46.0470 0x12a4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
09:13:46.0486 0x12a4  cmdide - ok
09:13:46.0548 0x12a4  [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG             C:\Windows\system32\Drivers\cng.sys
09:13:46.0626 0x12a4  CNG - ok
09:13:46.0673 0x12a4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
09:13:46.0704 0x12a4  Compbatt - ok
09:13:46.0735 0x12a4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
09:13:46.0782 0x12a4  CompositeBus - ok
09:13:46.0813 0x12a4  COMSysApp - ok
09:13:46.0844 0x12a4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
09:13:46.0876 0x12a4  crcdisk - ok
09:13:46.0907 0x12a4  [ 4F5414602E2544A4554D95517948B705, 50121AD32ACF73F541DF3B655020F7B610B3E7B5E8C7B39D37D5958F28CB376E ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:13:46.0954 0x12a4  CryptSvc - ok
09:13:47.0047 0x12a4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:13:47.0156 0x12a4  DcomLaunch - ok
09:13:47.0219 0x12a4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
09:13:47.0312 0x12a4  defragsvc - ok
09:13:47.0344 0x12a4  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:13:47.0453 0x12a4  DfsC - ok
09:13:47.0500 0x12a4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
09:13:47.0593 0x12a4  Dhcp - ok
09:13:47.0624 0x12a4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
09:13:47.0718 0x12a4  discache - ok
09:13:47.0796 0x12a4  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
09:13:47.0827 0x12a4  Disk - ok
09:13:47.0858 0x12a4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:13:47.0905 0x12a4  Dnscache - ok
09:13:47.0952 0x12a4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
09:13:48.0014 0x12a4  dot3svc - ok
09:13:48.0046 0x12a4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
09:13:48.0092 0x12a4  DPS - ok
09:13:48.0124 0x12a4  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:13:48.0139 0x12a4  drmkaud - ok
09:13:48.0202 0x12a4  [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:13:48.0248 0x12a4  DXGKrnl - ok
09:13:48.0280 0x12a4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
09:13:48.0326 0x12a4  EapHost - ok
09:13:48.0482 0x12a4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
09:13:48.0732 0x12a4  ebdrv - ok
09:13:48.0794 0x12a4  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS             C:\Windows\System32\lsass.exe
09:13:48.0841 0x12a4  EFS - ok
09:13:48.0935 0x12a4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
09:13:49.0044 0x12a4  ehRecvr - ok
09:13:49.0091 0x12a4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
09:13:49.0138 0x12a4  ehSched - ok
09:13:49.0169 0x12a4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
09:13:49.0200 0x12a4  elxstor - ok
09:13:49.0231 0x12a4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
09:13:49.0278 0x12a4  ErrDev - ok
09:13:49.0325 0x12a4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
09:13:49.0418 0x12a4  EventSystem - ok
09:13:49.0450 0x12a4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
09:13:49.0528 0x12a4  exfat - ok
09:13:49.0543 0x12a4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:13:49.0606 0x12a4  fastfat - ok
09:13:49.0652 0x12a4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
09:13:49.0730 0x12a4  Fax - ok
09:13:49.0746 0x12a4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
09:13:49.0762 0x12a4  fdc - ok
09:13:49.0777 0x12a4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
09:13:49.0840 0x12a4  fdPHost - ok
09:13:49.0871 0x12a4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:13:49.0918 0x12a4  FDResPub - ok
09:13:49.0949 0x12a4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:13:49.0980 0x12a4  FileInfo - ok
09:13:49.0996 0x12a4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:13:50.0042 0x12a4  Filetrace - ok
09:13:50.0042 0x12a4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
09:13:50.0058 0x12a4  flpydisk - ok
09:13:50.0089 0x12a4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:13:50.0105 0x12a4  FltMgr - ok
09:13:50.0152 0x12a4  [ 5C4CB4086FB83115B153E47ADD961A0C, 0C3AB7D04BEB3A8FDE00B0C86E6FE064B1CEBB3E4DE1A29CD27830806FA300B3 ] FontCache       C:\Windows\system32\FntCache.dll
09:13:50.0214 0x12a4  FontCache - ok
09:13:50.0276 0x12a4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:13:50.0308 0x12a4  FontCache3.0.0.0 - ok
09:13:50.0432 0x12a4  [ A9FF65EA14E4CABFCC1BB8ECE111A249, D5FCAE29E75AE2DF1BC748FEAEE732A3163DF22DBD2766732E86D330A107E861 ] ForceWare Intelligent Application Manager (IAM) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
09:13:50.0542 0x12a4  ForceWare Intelligent Application Manager (IAM) - ok
09:13:50.0838 0x12a4  [ CBCB6192173880B191E1BD9C9D1FA1DE, 1520657DD626975BFFDF8153C723F0EB7231EA11F2DBAA709B775A175F2C2832 ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
09:13:50.0854 0x12a4  Freemake Improver - detected UnsignedFile.Multi.Generic ( 1 )
09:13:51.0275 0x12a4  Freemake Improver ( UnsignedFile.Multi.Generic ) - warning
09:13:51.0446 0x12a4  [ 65C2D3C4BAE4C0EF1CD92BBC8BB57F2B, F5A95289AA93B3FCB5FA75F488330CA7DE07F4E99876F94321C7D8E02B87336C ] FreemakeVideoCapture C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
09:13:51.0462 0x12a4  FreemakeVideoCapture - detected UnsignedFile.Multi.Generic ( 1 )
09:13:51.0743 0x12a4  Detect skipped due to KSN trusted
09:13:51.0743 0x12a4  FreemakeVideoCapture - ok
09:13:51.0868 0x12a4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
09:13:51.0899 0x12a4  FsDepends - ok
09:13:51.0930 0x12a4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:13:51.0946 0x12a4  Fs_Rec - ok
09:13:52.0008 0x12a4  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
09:13:52.0039 0x12a4  fvevol - ok
09:13:52.0117 0x12a4  [ 39B6FD2F3185EC07B827CDC9D97BF397, B3D5A6DB4B8C1F70CB28CD48232C1E3EA54449F5CC602A0DCDA356A9630D6266 ] FXUSBASE        C:\Windows\system32\DRIVERS\fxusbase.sys
09:13:52.0273 0x12a4  FXUSBASE - ok
09:13:52.0304 0x12a4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
09:13:52.0336 0x12a4  gagp30kx - ok
09:13:52.0382 0x12a4  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
09:13:52.0492 0x12a4  gpsvc - ok
09:13:52.0616 0x12a4  [ 816FD5A6F3C2F3D600900096632FC60E, D92401C4B56663F8A12B6390562608A125713408B00266C53844129679E48E9C ] Greg_Service    C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
09:13:52.0648 0x12a4  Greg_Service - ok
09:13:52.0788 0x12a4  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:13:52.0804 0x12a4  gupdate - ok
09:13:52.0866 0x12a4  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:13:52.0882 0x12a4  gupdatem - ok
09:13:52.0897 0x12a4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
09:13:52.0928 0x12a4  hcw85cir - ok
09:13:52.0991 0x12a4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:13:53.0053 0x12a4  HdAudAddService - ok
09:13:53.0147 0x12a4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
09:13:53.0225 0x12a4  HDAudBus - ok
09:13:53.0240 0x12a4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
09:13:53.0287 0x12a4  HidBatt - ok
09:13:53.0303 0x12a4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
09:13:53.0318 0x12a4  HidBth - ok
09:13:53.0334 0x12a4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
09:13:53.0381 0x12a4  HidIr - ok
09:13:53.0412 0x12a4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
09:13:53.0506 0x12a4  hidserv - ok
09:13:53.0537 0x12a4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
09:13:53.0552 0x12a4  HidUsb - ok
09:13:53.0630 0x12a4  [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK      C:\Windows\system32\drivers\HipShieldK.sys
09:13:53.0677 0x12a4  HipShieldK - ok
09:13:53.0724 0x12a4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:13:53.0802 0x12a4  hkmsvc - ok
09:13:53.0849 0x12a4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:13:53.0896 0x12a4  HomeGroupListener - ok
09:13:53.0942 0x12a4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:13:53.0989 0x12a4  HomeGroupProvider - ok
09:13:54.0114 0x12a4  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
09:13:54.0161 0x12a4  HomeNetSvc - ok
09:13:54.0223 0x12a4  [ 8D7F72F3B1CDCFDD038E0C069DBBDD89, 20E01FD81FB3B5E9EF0885F28F3D5C59D31AF01D403E99A880723CFF06B865CF ] hotcore3        C:\Windows\system32\DRIVERS\hotcore3.sys
09:13:54.0254 0x12a4  hotcore3 - ok
09:13:54.0317 0x12a4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
09:13:54.0348 0x12a4  HpSAMD - ok
09:13:54.0566 0x12a4  [ 8D18D6FCCBEA517524581A6F9E5AD675, C992FECF9FFB5AC7F2273781C33290E6F21AFA7F94055363E56EE883B3605AA4 ] hshld           C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
09:13:54.0660 0x12a4  hshld - ok
09:13:54.0722 0x12a4  [ 0063ACEBB5BBE8C563A6ADB09155E644, BC7C9AFB83F5345065BB070A5D992DCE13CB35027D8FE402B338D775C896317B ] HssDRV6         C:\Windows\system32\DRIVERS\hssdrv6.sys
09:13:54.0769 0x12a4  HssDRV6 - ok
09:13:54.0832 0x12a4  [ B64DC8EEB3D73D5FAF0857E4A25416EB, DD7F222C1663636E824A5497CD54B7109226E2A00A54660B7D1807B1EB1BA468 ] HssTrayService  C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
09:13:54.0863 0x12a4  HssTrayService - ok
09:13:54.0956 0x12a4  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:13:55.0050 0x12a4  HTTP - ok
09:13:55.0081 0x12a4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
09:13:55.0097 0x12a4  hwpolicy - ok
09:13:55.0128 0x12a4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
09:13:55.0144 0x12a4  i8042prt - ok
09:13:55.0175 0x12a4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
09:13:55.0206 0x12a4  iaStorV - ok
09:13:55.0300 0x12a4  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:13:55.0378 0x12a4  idsvc - ok
09:13:55.0409 0x12a4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
09:13:55.0409 0x12a4  iirsp - ok
09:13:55.0518 0x12a4  [ EDCCC8C13B1EB882F77BA0ABB84566E7, DB299C1D2CFC197CF2FE69358F5EEDE94DCC4C919AF5D2CDFFF0DE476612C988 ] IJPLMSVC        C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
09:13:55.0534 0x12a4  IJPLMSVC - ok
09:13:55.0705 0x12a4  [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT          C:\Windows\System32\ikeext.dll
09:13:55.0783 0x12a4  IKEEXT - ok
09:13:55.0986 0x12a4  [ BC64B75E8E0A0B8982AB773483164E72, BF7CB0DEAAF78E20EA56B50FC177E99538FC4F29DA018D98E4286D122789435D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:13:56.0126 0x12a4  IntcAzAudAddService - ok
09:13:56.0158 0x12a4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
09:13:56.0158 0x12a4  intelide - ok
09:13:56.0189 0x12a4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
09:13:56.0204 0x12a4  intelppm - ok
09:13:56.0236 0x12a4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
09:13:56.0298 0x12a4  IPBusEnum - ok
09:13:56.0329 0x12a4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:13:56.0376 0x12a4  IpFilterDriver - ok
09:13:56.0438 0x12a4  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:13:56.0548 0x12a4  iphlpsvc - ok
09:13:56.0594 0x12a4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
09:13:56.0641 0x12a4  IPMIDRV - ok
09:13:56.0672 0x12a4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
09:13:56.0750 0x12a4  IPNAT - ok
09:13:56.0782 0x12a4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:13:56.0813 0x12a4  IRENUM - ok
09:13:56.0828 0x12a4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:13:56.0844 0x12a4  isapnp - ok
09:13:56.0875 0x12a4  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
09:13:56.0922 0x12a4  iScsiPrt - ok
09:13:56.0953 0x12a4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
09:13:56.0953 0x12a4  kbdclass - ok
09:13:57.0000 0x12a4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
09:13:57.0047 0x12a4  kbdhid - ok
09:13:57.0062 0x12a4  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso          C:\Windows\system32\lsass.exe
09:13:57.0078 0x12a4  KeyIso - ok
09:13:57.0094 0x12a4  [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:13:57.0109 0x12a4  KSecDD - ok
09:13:57.0140 0x12a4  [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
09:13:57.0156 0x12a4  KSecPkg - ok
09:13:57.0172 0x12a4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
09:13:57.0218 0x12a4  ksthunk - ok
09:13:57.0250 0x12a4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:13:57.0296 0x12a4  KtmRm - ok
09:13:57.0359 0x12a4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
09:13:57.0437 0x12a4  LanmanServer - ok
09:13:57.0468 0x12a4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:13:57.0562 0x12a4  LanmanWorkstation - ok
09:13:57.0608 0x12a4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:13:57.0655 0x12a4  lltdio - ok
09:13:57.0733 0x12a4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:13:57.0811 0x12a4  lltdsvc - ok
09:13:57.0827 0x12a4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:13:57.0858 0x12a4  lmhosts - ok
09:13:57.0889 0x12a4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
09:13:57.0905 0x12a4  LSI_FC - ok
09:13:57.0920 0x12a4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
09:13:57.0920 0x12a4  LSI_SAS - ok
09:13:57.0936 0x12a4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:13:57.0952 0x12a4  LSI_SAS2 - ok
09:13:57.0952 0x12a4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:13:57.0967 0x12a4  LSI_SCSI - ok
09:13:57.0983 0x12a4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
09:13:58.0045 0x12a4  luafv - ok
09:13:58.0108 0x12a4  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
09:13:58.0139 0x12a4  MBAMProtector - ok
09:13:58.0279 0x12a4  [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
09:13:58.0373 0x12a4  MBAMScheduler - ok
09:13:58.0451 0x12a4  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
09:13:58.0544 0x12a4  MBAMService - ok
09:13:58.0607 0x12a4  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
09:13:58.0622 0x12a4  MBAMSwissArmy - ok
09:13:58.0669 0x12a4  [ 452ACB7A9914398D9E18CCCFFCF92208, 754AF45C19731C356E7E84497B04E0333759AC86DC553BA275EFC09845E43E4D ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
09:13:58.0685 0x12a4  MBAMWebAccessControl - ok
09:13:58.0763 0x12a4  [ F928E5E72BBA15DD0CE9A26E0413D236, D63EFA1408084F524464729C2F3BE16550E07ACE2BF8A00699A8438079AD381B ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
09:13:58.0794 0x12a4  McAfee SiteAdvisor Service - ok
09:13:58.0872 0x12a4  [ 96E7AA538AB0EDECCAB3862BA4B66232, 8AF460093B4DC1FD81C4508A57B6A80A7FB2E1818A3405506B8DB5B521615FB6 ] McAPExe         C:\Program Files\McAfee\MSC\McAPExe.exe
09:13:58.0903 0x12a4  McAPExe - ok
09:13:58.0997 0x12a4  [ 9F09E022819AE3D5E06E3864B0C36821, DDE841E662FC2954FBBF1E3189E25D4C8F41001B3D9A6FBE35BC1999C629B7D2 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.11.292\McCHSvc.exe
09:13:59.0059 0x12a4  McComponentHostService - ok
09:13:59.0137 0x12a4  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
09:13:59.0153 0x12a4  McMPFSvc - ok
09:13:59.0184 0x12a4  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McNaiAnn        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
09:13:59.0200 0x12a4  McNaiAnn - ok
09:13:59.0309 0x12a4  [ C214CC5B78616B44918CE62C8A2AA773, 563D732C54221FCDD5625BFCEAEFBE10937C6C62823B4A6CECA5F7ED6C81D890 ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
09:13:59.0340 0x12a4  McODS - ok
09:13:59.0356 0x12a4  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] mcpltsvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
09:13:59.0371 0x12a4  mcpltsvc - ok
09:13:59.0387 0x12a4  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McProxy         C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
09:13:59.0402 0x12a4  McProxy - ok
09:13:59.0449 0x12a4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
09:13:59.0496 0x12a4  Mcx2Svc - ok
09:13:59.0527 0x12a4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
09:13:59.0543 0x12a4  megasas - ok
09:13:59.0574 0x12a4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
09:13:59.0590 0x12a4  MegaSR - ok
09:13:59.0636 0x12a4  [ D0574EF9490EBD32DFA14D3C16195DE2, 7F5623562E74BD09717103247CE9155F07092BC633B5647ED3C99A95283413B4 ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys
09:13:59.0652 0x12a4  mfeapfk - ok
09:13:59.0699 0x12a4  [ 7B6A4509A2444F5F0689B2579E245177, 95A3A3560E253B7459F1B7C9E4E21008C725BA1A2C5F4E5FBAD1AB383058E2F6 ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
09:13:59.0714 0x12a4  mfeavfk - ok
09:13:59.0839 0x12a4  [ C83EBEE66A2754CEE5B05699A42F728B, 1D739A505AEC1F40CC8CB86D01BDCEC0E29002A609FDA96CEF3531285E8261B9 ] mfecore         C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
09:13:59.0902 0x12a4  mfecore - ok
09:13:59.0980 0x12a4  [ E7C6587AC8FB0BABEF6AB1733AFA8FEC, 1624B8D9C9431A2030B8C8CFAA90F56A9EE4039D2426A521C4102A68D2F8E3CD ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
09:14:00.0011 0x12a4  mfefire - ok
09:14:00.0042 0x12a4  [ 92AD9892D534CA58E020375C94E0307E, 3062625853C759852C5172040C69840315676A01A62EECFC53F55E6379DB190C ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
09:14:00.0073 0x12a4  mfefirek - ok
09:14:00.0167 0x12a4  [ B6622A5B197D021647AE20E0D4C229B9, 15D64928FDB207C183A69E7CFB90BFFBF25F1AB14059EDEFDF021F323025F4E8 ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
09:14:00.0245 0x12a4  mfehidk - ok
09:14:00.0292 0x12a4  [ 93712907DEE6FFBD8A4016ECBB250DCD, FB3673BA495EF1301C4BA75B457493D9B1D5AE52642A04473575CABC1EC6EDFD ] mfencbdc        C:\Windows\system32\DRIVERS\mfencbdc.sys
09:14:00.0323 0x12a4  mfencbdc - ok
09:14:00.0354 0x12a4  [ E97EE1F31F7E5349A06CE089658DA8A1, 8136155C734457E422331B3CBE67927C45FAB10B9B34789A612B58CF0E0E3BEC ] mfencrk         C:\Windows\system32\DRIVERS\mfencrk.sys
09:14:00.0370 0x12a4  mfencrk - ok
09:14:00.0401 0x12a4  [ 624D717B11E5004F68442B5740F17F21, 0E31DEB933D0D8E9CC1416B506C0F202429334883F51E6EF31EED1787B99B2C1 ] mferkdk         C:\Windows\system32\drivers\mferkdk.sys
09:14:00.0416 0x12a4  mferkdk - ok
09:14:00.0448 0x12a4  [ 0CD9DE7B96735F33F078C4EA044E8B34, 3E268825CB4DDBF1DF4E1CC97EECCD27646055CF2D7AF5FBE4783C5F0275076B ] mfesmfk         C:\Windows\system32\drivers\mfesmfk.sys
09:14:00.0463 0x12a4  mfesmfk - ok
09:14:00.0494 0x12a4  [ 64BAFB4E5377056CDD71531097D69F6E, 28B434C1DB9AD930C5A32584C51FE1B3A4526952EBC953DAE775701E270C76C5 ] mfevtp          C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
09:14:00.0510 0x12a4  mfevtp - ok
09:14:00.0588 0x12a4  [ A58F979117A424CDB33C21396887800F, E857E74BB08E49AEDC7EE21C9FDA36053113E04F8D29B9DBC3A2A3F0667915C6 ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
09:14:00.0666 0x12a4  mfewfpk - ok
09:14:00.0728 0x12a4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
09:14:00.0838 0x12a4  MMCSS - ok
09:14:00.0853 0x12a4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
09:14:00.0931 0x12a4  Modem - ok
09:14:00.0994 0x12a4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:14:01.0025 0x12a4  monitor - ok
09:14:01.0056 0x12a4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:14:01.0072 0x12a4  mouclass - ok
09:14:01.0103 0x12a4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
09:14:01.0134 0x12a4  mouhid - ok
09:14:01.0150 0x12a4  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
09:14:01.0181 0x12a4  mountmgr - ok
09:14:01.0274 0x12a4  [ A43F5F2D3D71A902502D61E71A18C265, 9685DABFF80EFFFD28B9B12696BF4821F30989C8441EA0AA3FF0F03ED799AD9D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:14:01.0321 0x12a4  MozillaMaintenance - ok
09:14:01.0368 0x12a4  [ AE2E68527013EB4F761ECCC630F7F1A3, 1BD4453FB2310306E296EB56AA31262260426EB7CB3F0793038B07DF175741AF ] MPFP            C:\Windows\system32\Drivers\Mpfp.sys
09:14:01.0399 0x12a4  MPFP - ok
09:14:01.0446 0x12a4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
09:14:01.0493 0x12a4  mpio - ok
09:14:01.0524 0x12a4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:14:01.0571 0x12a4  mpsdrv - ok
09:14:01.0696 0x12a4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:14:01.0836 0x12a4  MpsSvc - ok
09:14:01.0883 0x12a4  [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:14:01.0930 0x12a4  MRxDAV - ok
09:14:01.0961 0x12a4  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:14:02.0008 0x12a4  mrxsmb - ok
09:14:02.0054 0x12a4  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:14:02.0070 0x12a4  mrxsmb10 - ok
09:14:02.0101 0x12a4  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:14:02.0117 0x12a4  mrxsmb20 - ok
09:14:02.0148 0x12a4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
09:14:02.0164 0x12a4  msahci - ok
09:14:02.0179 0x12a4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
09:14:02.0195 0x12a4  msdsm - ok
09:14:02.0226 0x12a4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
09:14:02.0273 0x12a4  MSDTC - ok
09:14:02.0304 0x12a4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:14:02.0351 0x12a4  Msfs - ok
09:14:02.0366 0x12a4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
09:14:02.0413 0x12a4  mshidkmdf - ok
09:14:02.0444 0x12a4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:14:02.0460 0x12a4  msisadrv - ok
09:14:02.0491 0x12a4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:14:02.0569 0x12a4  MSiSCSI - ok
09:14:02.0569 0x12a4  msiserver - ok
09:14:02.0663 0x12a4  [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
09:14:02.0710 0x12a4  MSK80Service - ok
09:14:02.0725 0x12a4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:14:02.0850 0x12a4  MSKSSRV - ok
09:14:02.0850 0x12a4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:14:02.0897 0x12a4  MSPCLOCK - ok
09:14:02.0897 0x12a4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:14:02.0928 0x12a4  MSPQM - ok
09:14:02.0959 0x12a4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:14:02.0990 0x12a4  MsRPC - ok
09:14:03.0006 0x12a4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
09:14:03.0022 0x12a4  mssmbios - ok
09:14:03.0037 0x12a4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:14:03.0084 0x12a4  MSTEE - ok
09:14:03.0100 0x12a4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
09:14:03.0131 0x12a4  MTConfig - ok
09:14:03.0146 0x12a4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
09:14:03.0162 0x12a4  Mup - ok
09:14:03.0178 0x12a4  [ 6FFECC25B39DC7652A0CEC0ADA9DB589, 927EF066CBBA8353149F8C3B7C4299AC06FED439DA874D25CFB583E5912611A2 ] mwlPSDFilter    C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
09:14:03.0193 0x12a4  mwlPSDFilter - ok
09:14:03.0224 0x12a4  [ 0BEFE32CA56D6EE89D58175725596A85, E36B9E6159AF7F67D549F7178896CCCB8FC3964531B1DA20CBDD465E632D8FCF ] mwlPSDNServ     C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
09:14:03.0224 0x12a4  mwlPSDNServ - ok
09:14:03.0240 0x12a4  [ D43BC633B8660463E446E28E14A51262, C55F235B5E08FAC6D70B0FAC737D714E318A93F8E43FF8095B86A76559AF211D ] mwlPSDVDisk     C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
09:14:03.0256 0x12a4  mwlPSDVDisk - ok
09:14:03.0302 0x12a4  [ 2F139207F618EC2933830227EEFFDDB4, 2942452EC631BF11CCCDA397C756CBBC0337F58B215A3F02DA263818CB3BE9A9 ] MWLService      C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
09:14:03.0318 0x12a4  MWLService - ok
09:14:03.0396 0x12a4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
09:14:03.0490 0x12a4  napagent - ok
09:14:03.0521 0x12a4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:14:03.0568 0x12a4  NativeWifiP - ok
09:14:03.0646 0x12a4  [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:14:03.0817 0x12a4  NDIS - ok
09:14:03.0864 0x12a4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
09:14:03.0926 0x12a4  NdisCap - ok
09:14:03.0942 0x12a4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:14:04.0020 0x12a4  NdisTapi - ok
09:14:04.0036 0x12a4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:14:04.0114 0x12a4  Ndisuio - ok
09:14:04.0160 0x12a4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:14:04.0207 0x12a4  NdisWan - ok
09:14:04.0238 0x12a4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:14:04.0316 0x12a4  NDProxy - ok
09:14:04.0426 0x12a4  [ 7D2633295EB6FF2B938185874884059D, B3A4E52ABCB2E2720D8ADB0B68C222D4AB98E838D40B6A731D15EB1D6C9DEA15 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
09:14:04.0472 0x12a4  Nero BackItUp Scheduler 4.0 - ok
09:14:04.0504 0x12a4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:14:04.0535 0x12a4  NetBIOS - ok
09:14:04.0582 0x12a4  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
09:14:04.0628 0x12a4  NetBT - ok
09:14:04.0644 0x12a4  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon        C:\Windows\system32\lsass.exe
09:14:04.0675 0x12a4  Netlogon - ok
09:14:04.0722 0x12a4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
09:14:04.0769 0x12a4  Netman - ok
09:14:04.0831 0x12a4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
09:14:04.0940 0x12a4  netprofm - ok
09:14:04.0972 0x12a4  [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:14:04.0987 0x12a4  NetTcpPortSharing - ok
09:14:05.0034 0x12a4  [ 450D0D2062C54DDA23583A78C0EB63D9, CEFB192B635222A2C5ADE8C0778E8228B3200DA94ECF870B9AC330557298E709 ] Netzmanager Service C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
09:14:05.0050 0x12a4  Netzmanager Service - detected UnsignedFile.Multi.Generic ( 1 )
09:14:05.0330 0x12a4  Detect skipped due to KSN trusted
09:14:05.0330 0x12a4  Netzmanager Service - ok
09:14:05.0377 0x12a4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
09:14:05.0424 0x12a4  nfrd960 - ok
09:14:05.0440 0x12a4  [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:14:05.0486 0x12a4  NlaSvc - ok
09:14:05.0518 0x12a4  nlsX86cc - ok
09:14:05.0549 0x12a4  [ 216BDF8B1017BB52692C9EE3C1E50597, 7D84CA4A176469B1C3423DE9E930F5CEED68F41F2BC727252B0A23B6CBC4C8EA ] nmwcdcx64       C:\Windows\system32\drivers\ccdcmbox64.sys
09:14:05.0596 0x12a4  nmwcdcx64 - ok
09:14:05.0689 0x12a4  [ AD8C3895155EE8D057F073856B2D5851, F074A9938309F5684C60BE634B3B6F615FE44FD981978D2059307E0EEBEC3D3F ] nmwcdx64        C:\Windows\system32\drivers\nmwcdx64.sys
09:14:05.0798 0x12a4  nmwcdx64 - ok
09:14:05.0923 0x12a4  [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] npf             C:\Windows\system32\drivers\npf.sys
09:14:05.0939 0x12a4  npf - ok
09:14:05.0986 0x12a4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:14:06.0017 0x12a4  Npfs - ok
09:14:06.0032 0x12a4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
09:14:06.0079 0x12a4  nsi - ok
09:14:06.0095 0x12a4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:14:06.0157 0x12a4  nsiproxy - ok
09:14:06.0204 0x12a4  [ C04F5DEF37E55F6A34428B050F44D3D6, 9B1BE8404831453AA89C2081DFA0EAD95696C0F63EAA2D0E8B5AED60A1B3876C ] nSvcIp          C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
09:14:06.0235 0x12a4  nSvcIp - ok
09:14:06.0298 0x12a4  [ A2F74975097F52A00745F9637451FDD8, C681DDBD3382C477C2A030E828B5CFB529CB57C7847BD9AFF25E2A5E58B2DAF3 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:14:06.0422 0x12a4  Ntfs - ok
09:14:06.0500 0x12a4  [ BD691091AC7D9713D8F0B07C6B099E6C, 4A69ED227CCBBCB76F78078CEE42506A875759FFB519CB9C40173EF8ACD6D6D2 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
09:14:06.0532 0x12a4  NTI IScheduleSvc - ok
09:14:06.0563 0x12a4  [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
09:14:06.0578 0x12a4  NTIDrvr - ok
09:14:06.0594 0x12a4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
09:14:06.0625 0x12a4  Null - ok
09:14:06.0656 0x12a4  [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
09:14:06.0688 0x12a4  NVENETFD - ok
09:14:06.0750 0x12a4  [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
09:14:06.0766 0x12a4  NVHDA - ok
09:14:07.0218 0x12a4  [ 2232AE1BB51A96A7381A2CA17DF12E24, 4813E27BC14EB3CBD55AF89B098EA5C8DA4C7FF0B6CCB7AACFC43BC0E578C988 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:14:07.0717 0x12a4  nvlddmkm - ok
09:14:07.0826 0x12a4  [ 0AD267A4674805B61A5D7B911D2A978A, FD4A80BD4BBBC0D820E363EB1566FF878DE4097F2CCA2AC1BEDF75DE343F60E7 ] NVNET           C:\Windows\system32\DRIVERS\nvmf6264.sys
09:14:07.0873 0x12a4  NVNET - ok
09:14:08.0029 0x12a4  [ D6310F79E51D1F997E964E81DD368AEA, 27D0159F45C712C6165FDB9F40823438225555E71BB01E3B55F5B5D7BE15D389 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
09:14:08.0107 0x12a4  NvNetworkService - ok
09:14:08.0170 0x12a4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:14:08.0216 0x12a4  nvraid - ok
09:14:08.0248 0x12a4  [ AFDE3015BB8D76E26BEC3B287C5443A0, 6D4804392149EA9B8BC555D4BEBB84A39DE14E62ACCD7EEBBE21D2D8E37E32B0 ] nvsmu           C:\Windows\system32\DRIVERS\nvsmu.sys
09:14:08.0248 0x12a4  nvsmu - ok
09:14:08.0263 0x12a4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:14:08.0294 0x12a4  nvstor - ok
09:14:08.0310 0x12a4  [ 7C7EEF51979658CE15BBC04F96A77D56, 3363DA5B1C4E22D1B3AC368CB66B22221C435B98FACFA7BAD675B7D46D35F662 ] nvstor64        C:\Windows\system32\DRIVERS\nvstor64.sys
09:14:08.0326 0x12a4  nvstor64 - ok
09:14:08.0388 0x12a4  [ 0FB368E71D9F178BCFC7F0BBA317FECA, 97FA87219E95ED53B5E0B0D3305326DD950EE5CEECDC051E7DC7E9BA05CEB214 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
09:14:08.0404 0x12a4  NvStreamKms - ok
09:14:09.0059 0x12a4  [ AEC2796DF28AB7494A0C688E40D7B38C, B5B495259489B7A49EA4243EEF13BF598EC5791E0FD59FAB4227C906D635D09E ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
09:14:09.0667 0x12a4  NvStreamSvc - ok
09:14:09.0776 0x12a4  [ 2C8DD5A34A81715865D66D7AF39362A6, 62F9D873127921EE2EAA80B73E8994C4BF6DA7EEDACAEA030B8D58E086FD3850 ] nvsvc           C:\Windows\system32\nvvsvc.exe
09:14:09.0854 0x12a4  nvsvc - ok
09:14:09.0870 0x12a4  [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
09:14:09.0901 0x12a4  nvvad_WaveExtensible - ok
09:14:09.0948 0x12a4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:14:09.0964 0x12a4  nv_agp - ok
09:14:10.0026 0x12a4  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:14:10.0057 0x12a4  odserv - ok
09:14:10.0088 0x12a4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
09:14:10.0120 0x12a4  ohci1394 - ok
09:14:10.0151 0x12a4  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:14:10.0166 0x12a4  ose - ok
09:14:10.0182 0x12a4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
09:14:10.0229 0x12a4  p2pimsvc - ok
09:14:10.0276 0x12a4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
09:14:10.0322 0x12a4  p2psvc - ok
09:14:10.0354 0x12a4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
09:14:10.0385 0x12a4  Parport - ok
09:14:10.0400 0x12a4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:14:10.0416 0x12a4  partmgr - ok
09:14:10.0447 0x12a4  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:14:10.0463 0x12a4  PcaSvc - ok
09:14:10.0494 0x12a4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
09:14:10.0510 0x12a4  pci - ok
09:14:10.0510 0x12a4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
09:14:10.0525 0x12a4  pciide - ok
09:14:10.0541 0x12a4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
09:14:10.0556 0x12a4  pcmcia - ok
09:14:10.0728 0x12a4  [ E6E503845208A148A9E3E7FAA63B97A4, A58A125ED70FCE1A9B8B89EA6FF63A600390DEBD937BE9934D8270386A5A8061 ] PCToolsSSDMonitorSvc C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
09:14:10.0790 0x12a4  PCToolsSSDMonitorSvc - ok
09:14:10.0790 0x12a4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
09:14:10.0822 0x12a4  pcw - ok
09:14:10.0900 0x12a4  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:14:10.0978 0x12a4  PEAUTH - ok
09:14:11.0056 0x12a4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
09:14:11.0118 0x12a4  PerfHost - ok
09:14:11.0212 0x12a4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
09:14:11.0336 0x12a4  pla - ok
09:14:11.0383 0x12a4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:14:11.0414 0x12a4  PlugPlay - ok
09:14:11.0446 0x12a4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
09:14:11.0492 0x12a4  PNRPAutoReg - ok
09:14:11.0524 0x12a4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
09:14:11.0555 0x12a4  PNRPsvc - ok
09:14:11.0586 0x12a4  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:14:11.0664 0x12a4  PolicyAgent - ok
09:14:11.0711 0x12a4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
09:14:11.0789 0x12a4  Power - ok
09:14:11.0804 0x12a4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:14:11.0851 0x12a4  PptpMiniport - ok
09:14:11.0867 0x12a4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
09:14:11.0882 0x12a4  Processor - ok
09:14:11.0929 0x12a4  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
09:14:11.0976 0x12a4  ProfSvc - ok
09:14:11.0992 0x12a4  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
09:14:12.0007 0x12a4  ProtectedStorage - ok
09:14:12.0023 0x12a4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
09:14:12.0085 0x12a4  Psched - ok
09:14:12.0148 0x12a4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
09:14:12.0272 0x12a4  ql2300 - ok
09:14:12.0304 0x12a4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
09:14:12.0319 0x12a4  ql40xx - ok
09:14:12.0366 0x12a4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
09:14:12.0382 0x12a4  QWAVE - ok
09:14:12.0397 0x12a4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:14:12.0428 0x12a4  QWAVEdrv - ok
09:14:12.0444 0x12a4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:14:12.0506 0x12a4  RasAcd - ok
09:14:12.0538 0x12a4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
09:14:12.0600 0x12a4  RasAgileVpn - ok
09:14:12.0600 0x12a4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
09:14:12.0647 0x12a4  RasAuto - ok
09:14:12.0678 0x12a4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:14:12.0740 0x12a4  Rasl2tp - ok
09:14:12.0818 0x12a4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
09:14:12.0896 0x12a4  RasMan - ok
09:14:12.0928 0x12a4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:14:12.0959 0x12a4  RasPppoe - ok
09:14:12.0974 0x12a4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:14:13.0068 0x12a4  RasSstp - ok
09:14:13.0099 0x12a4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:14:13.0193 0x12a4  rdbss - ok
09:14:13.0208 0x12a4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
09:14:13.0224 0x12a4  rdpbus - ok
09:14:13.0255 0x12a4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:14:13.0302 0x12a4  RDPCDD - ok
09:14:13.0318 0x12a4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:14:13.0349 0x12a4  RDPENCDD - ok
09:14:13.0364 0x12a4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
09:14:13.0396 0x12a4  RDPREFMP - ok
09:14:13.0427 0x12a4  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:14:13.0458 0x12a4  RDPWD - ok
09:14:13.0489 0x12a4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
09:14:13.0505 0x12a4  rdyboost - ok
09:14:13.0552 0x12a4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:14:13.0614 0x12a4  RemoteAccess - ok
09:14:13.0676 0x12a4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:14:13.0770 0x12a4  RemoteRegistry - ok
09:14:13.0832 0x12a4  [ 010C9C26AF2464023D1F084975E69F80, 52404C1FA02CDBD5787C80F417E770D4C467FA70F58382FCFD17ABD4BDC076DC ] RimUsb          C:\Windows\system32\Drivers\RimUsb_AMD64.sys
09:14:13.0864 0x12a4  RimUsb - ok
09:14:13.0910 0x12a4  [ 344604E6913BD6E4EAEC34AF2E0943D7, 4ADFE13AFECD0F263A27F647FC6BA1AB47B2A28F9D70FCAC90F23D0A2FB8C493 ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
09:14:13.0973 0x12a4  RimVSerPort - ok
09:14:14.0004 0x12a4  [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
09:14:14.0051 0x12a4  ROOTMODEM - ok
09:14:14.0066 0x12a4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
09:14:14.0129 0x12a4  RpcEptMapper - ok
09:14:14.0160 0x12a4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
09:14:14.0176 0x12a4  RpcLocator - ok
09:14:14.0238 0x12a4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
09:14:14.0300 0x12a4  RpcSs - ok
09:14:14.0332 0x12a4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:14:14.0378 0x12a4  rspndr - ok
09:14:14.0378 0x12a4  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs           C:\Windows\system32\lsass.exe
09:14:14.0394 0x12a4  SamSs - ok
09:14:14.0425 0x12a4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:14:14.0441 0x12a4  sbp2port - ok
09:14:14.0472 0x12a4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:14:14.0534 0x12a4  SCardSvr - ok
09:14:14.0566 0x12a4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
09:14:14.0612 0x12a4  scfilter - ok
09:14:14.0706 0x12a4  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
09:14:14.0862 0x12a4  Schedule - ok
09:14:14.0909 0x12a4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:14:14.0971 0x12a4  SCPolicySvc - ok
09:14:15.0002 0x12a4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:14:15.0049 0x12a4  SDRSVC - ok
09:14:15.0112 0x12a4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:14:15.0174 0x12a4  secdrv - ok
09:14:15.0205 0x12a4  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
09:14:15.0268 0x12a4  seclogon - ok
09:14:15.0299 0x12a4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
09:14:15.0346 0x12a4  SENS - ok
09:14:15.0377 0x12a4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
09:14:15.0424 0x12a4  SensrSvc - ok
09:14:15.0455 0x12a4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
09:14:15.0486 0x12a4  Serenum - ok
09:14:15.0517 0x12a4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
09:14:15.0533 0x12a4  Serial - ok
09:14:15.0580 0x12a4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
09:14:15.0626 0x12a4  sermouse - ok
09:14:15.0704 0x12a4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
09:14:15.0767 0x12a4  SessionEnv - ok
09:14:15.0814 0x12a4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
09:14:15.0892 0x12a4  sffdisk - ok
09:14:15.0923 0x12a4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:14:15.0938 0x12a4  sffp_mmc - ok
09:14:15.0938 0x12a4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
09:14:15.0970 0x12a4  sffp_sd - ok
09:14:15.0985 0x12a4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
09:14:16.0001 0x12a4  sfloppy - ok
09:14:16.0032 0x12a4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:14:16.0094 0x12a4  SharedAccess - ok
09:14:16.0126 0x12a4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:14:16.0188 0x12a4  ShellHWDetection - ok
09:14:16.0219 0x12a4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:14:16.0235 0x12a4  SiSRaid2 - ok
09:14:16.0235 0x12a4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
09:14:16.0250 0x12a4  SiSRaid4 - ok
09:14:16.0360 0x12a4  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
09:14:16.0391 0x12a4  SkypeUpdate - ok
09:14:16.0406 0x12a4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:14:16.0453 0x12a4  Smb - ok
09:14:16.0516 0x12a4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:14:16.0594 0x12a4  SNMPTRAP - ok
09:14:16.0672 0x12a4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
09:14:16.0718 0x12a4  spldr - ok
09:14:16.0781 0x12a4  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
09:14:16.0859 0x12a4  Spooler - ok
09:14:17.0015 0x12a4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
09:14:17.0171 0x12a4  sppsvc - ok
09:14:17.0202 0x12a4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
09:14:17.0264 0x12a4  sppuinotify - ok
09:14:17.0311 0x12a4  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:14:17.0358 0x12a4  srv - ok
09:14:17.0374 0x12a4  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:14:17.0420 0x12a4  srv2 - ok
09:14:17.0452 0x12a4  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:14:17.0483 0x12a4  srvnet - ok
09:14:17.0514 0x12a4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:14:17.0561 0x12a4  SSDPSRV - ok
09:14:17.0592 0x12a4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:14:17.0623 0x12a4  SstpSvc - ok
09:14:17.0732 0x12a4  [ D2230317777033CD0456990BFC4994E5, 0F2F559593EAD7AB4596E67E9AE56E5ABF5C945201366CFC972357C22A4F776A ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:14:17.0826 0x12a4  Stereo Service - ok
09:14:17.0857 0x12a4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
09:14:17.0873 0x12a4  stexstor - ok
09:14:17.0935 0x12a4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
09:14:17.0982 0x12a4  stisvc - ok
09:14:18.0013 0x12a4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
09:14:18.0029 0x12a4  swenum - ok
09:14:18.0060 0x12a4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
09:14:18.0138 0x12a4  swprv - ok
09:14:18.0216 0x12a4  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
09:14:18.0325 0x12a4  SysMain - ok
09:14:18.0372 0x12a4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:14:18.0434 0x12a4  TabletInputService - ok
09:14:18.0481 0x12a4  [ DE7179BCF4F557C5CB9C07F90CB3337C, 8ED327C2BFE99AAD2803E1D3A77751890F8D71D830EB5CBBC6A69554C6F2FBAB ] taphss6         C:\Windows\system32\DRIVERS\taphss6.sys
09:14:18.0497 0x12a4  taphss6 - ok
09:14:18.0528 0x12a4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:14:18.0590 0x12a4  TapiSrv - ok
09:14:18.0622 0x12a4  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
09:14:18.0684 0x12a4  TBS - ok
09:14:18.0856 0x12a4  [ ACB82BDA8F46C84F465C1AFA517DC4B9, DE785AC33A0D63699E5E3E85E4C33694A15FBC9B93D432E8865C88E44CDF3E17 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:14:18.0996 0x12a4  Tcpip - ok
09:14:19.0074 0x12a4  [ ACB82BDA8F46C84F465C1AFA517DC4B9, DE785AC33A0D63699E5E3E85E4C33694A15FBC9B93D432E8865C88E44CDF3E17 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
09:14:19.0183 0x12a4  TCPIP6 - ok
09:14:19.0308 0x12a4  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:14:19.0417 0x12a4  tcpipreg - ok
09:14:19.0448 0x12a4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:14:19.0464 0x12a4  TDPIPE - ok
09:14:19.0495 0x12a4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:14:19.0542 0x12a4  TDTCP - ok
09:14:19.0589 0x12a4  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:14:19.0651 0x12a4  tdx - ok
09:14:19.0698 0x12a4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
09:14:19.0714 0x12a4  TermDD - ok
09:14:19.0760 0x12a4  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
09:14:19.0838 0x12a4  TermService - ok
09:14:19.0870 0x12a4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
09:14:19.0932 0x12a4  Themes - ok
09:14:19.0979 0x12a4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
09:14:20.0057 0x12a4  THREADORDER - ok
09:14:20.0072 0x12a4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
09:14:20.0150 0x12a4  TrkWks - ok
09:14:20.0228 0x12a4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:14:20.0338 0x12a4  TrustedInstaller - ok
09:14:20.0384 0x12a4  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:14:20.0447 0x12a4  tssecsrv - ok
09:14:20.0478 0x12a4  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
09:14:20.0525 0x12a4  TsUsbFlt - ok
09:14:20.0572 0x12a4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:14:20.0618 0x12a4  tunnel - ok
09:14:20.0696 0x12a4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
09:14:20.0728 0x12a4  uagp35 - ok
09:14:20.0790 0x12a4  [ 2E22C1FD397A5A9FFEF55E9D1FC96C00, 4646712B3F3AF6188DBCE1A95D92261E8B15E9583FE5DD538EC884F48B51759D ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
09:14:20.0806 0x12a4  UBHelper - ok
09:14:20.0899 0x12a4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:14:20.0962 0x12a4  udfs - ok
09:14:20.0977 0x12a4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:14:20.0993 0x12a4  UI0Detect - ok
09:14:21.0024 0x12a4  [ 071EE31349BBE2C449B8DC48A7260631, 872B5F9AB0F35F150042379D64FA8C0C46CED7C453BFD66BB19E75BF84FD9F03 ] UimBus          C:\Windows\system32\DRIVERS\uimx64.sys
09:14:21.0040 0x12a4  UimBus - ok
09:14:21.0071 0x12a4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:14:21.0071 0x12a4  uliagpkx - ok
09:14:21.0118 0x12a4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
09:14:21.0133 0x12a4  umbus - ok
09:14:21.0164 0x12a4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
09:14:21.0196 0x12a4  UmPass - ok
09:14:21.0242 0x12a4  [ 70DDE3A86DBEB1D6C3C30AD687B1877A, 2DAE797240DB8F521F1C9D1171524790052E186B060D58A1B102FBFFC80CE48E ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
09:14:21.0274 0x12a4  Updater Service - ok
09:14:21.0320 0x12a4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
09:14:21.0383 0x12a4  upnphost - ok
09:14:21.0398 0x12a4  [ F49988FBF59413B974B1380D6F743EBC, 29571E42C056C6CB8D0743C6A6B80D2ACD163850137B5391D1EE076C927F0B4C ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
09:14:21.0445 0x12a4  upperdev - ok
09:14:21.0461 0x12a4  [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
09:14:21.0508 0x12a4  usbccgp - ok
09:14:21.0554 0x12a4  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:14:21.0601 0x12a4  usbcir - ok
09:14:21.0632 0x12a4  [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
09:14:21.0648 0x12a4  usbehci - ok
09:14:21.0679 0x12a4  [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:14:21.0726 0x12a4  usbhub - ok
09:14:21.0742 0x12a4  [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
09:14:21.0773 0x12a4  usbohci - ok
09:14:21.0804 0x12a4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
09:14:21.0835 0x12a4  usbprint - ok
09:14:21.0866 0x12a4  [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
09:14:21.0882 0x12a4  usbscan - ok
09:14:21.0898 0x12a4  [ 4ACEE387FA8FD39F83564FCD2FC234F2, 3D62DE27027B8C032D15EB74F97A14B4EC24E67052C1163862740D6312B2569B ] usbser          C:\Windows\system32\drivers\usbser.sys
09:14:21.0929 0x12a4  usbser - ok
09:14:21.0960 0x12a4  [ 0FE9E048FC762DCAC087CB9EE1680079, CFF8526B712EDE212EF8C2E1F55F687302D75125FFEAA6DBFF48D5FA3188463C ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys
09:14:22.0007 0x12a4  UsbserFilt - ok
09:14:22.0038 0x12a4  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:14:22.0085 0x12a4  USBSTOR - ok
09:14:22.0100 0x12a4  [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
09:14:22.0132 0x12a4  usbuhci - ok
09:14:22.0194 0x12a4  [ 70D05EE263568A742D14E1876DF80532, D49D7B60EE30F2398B8B532F4A4C3F17535485F2BDB9B14AB600E2A4E3F12A6B ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
09:14:22.0256 0x12a4  usb_rndisx - ok
09:14:22.0288 0x12a4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
09:14:22.0397 0x12a4  UxSms - ok
09:14:22.0412 0x12a4  [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc        C:\Windows\system32\lsass.exe
09:14:22.0444 0x12a4  VaultSvc - ok
09:14:22.0475 0x12a4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
09:14:22.0490 0x12a4  vdrvroot - ok
09:14:22.0522 0x12a4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
09:14:22.0568 0x12a4  vds - ok
09:14:22.0631 0x12a4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:14:22.0678 0x12a4  vga - ok
09:14:22.0693 0x12a4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:14:22.0740 0x12a4  VgaSave - ok
09:14:22.0849 0x12a4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
09:14:22.0896 0x12a4  vhdmp - ok
09:14:22.0927 0x12a4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
09:14:22.0943 0x12a4  viaide - ok
09:14:22.0958 0x12a4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:14:22.0958 0x12a4  volmgr - ok
09:14:22.0990 0x12a4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:14:23.0021 0x12a4  volmgrx - ok
09:14:23.0036 0x12a4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:14:23.0052 0x12a4  volsnap - ok
09:14:23.0083 0x12a4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
09:14:23.0099 0x12a4  vsmraid - ok
09:14:23.0192 0x12a4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
09:14:23.0380 0x12a4  VSS - ok
09:14:23.0395 0x12a4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
09:14:23.0442 0x12a4  vwifibus - ok
09:14:23.0473 0x12a4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
09:14:23.0520 0x12a4  W32Time - ok
09:14:23.0536 0x12a4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
09:14:23.0551 0x12a4  WacomPen - ok
09:14:23.0614 0x12a4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
09:14:23.0692 0x12a4  WANARP - ok
09:14:23.0707 0x12a4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:14:23.0754 0x12a4  Wanarpv6 - ok
09:14:23.0816 0x12a4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
09:14:23.0894 0x12a4  wbengine - ok
09:14:23.0926 0x12a4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
09:14:23.0957 0x12a4  WbioSrvc - ok
09:14:23.0988 0x12a4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:14:24.0019 0x12a4  wcncsvc - ok
09:14:24.0050 0x12a4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:14:24.0066 0x12a4  WcsPlugInService - ok
09:14:24.0066 0x12a4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
09:14:24.0082 0x12a4  Wd - ok
09:14:24.0113 0x12a4  [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:14:24.0175 0x12a4  Wdf01000 - ok
09:14:24.0191 0x12a4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:14:24.0238 0x12a4  WdiServiceHost - ok
09:14:24.0238 0x12a4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:14:24.0253 0x12a4  WdiSystemHost - ok
09:14:24.0300 0x12a4  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
09:14:24.0347 0x12a4  WebClient - ok
09:14:24.0378 0x12a4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:14:24.0456 0x12a4  Wecsvc - ok
09:14:24.0487 0x12a4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:14:24.0518 0x12a4  wercplsupport - ok
09:14:24.0550 0x12a4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
09:14:24.0596 0x12a4  WerSvc - ok
09:14:24.0643 0x12a4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
09:14:24.0706 0x12a4  WfpLwf - ok
09:14:24.0721 0x12a4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
09:14:24.0737 0x12a4  WIMMount - ok
09:14:24.0768 0x12a4  WinDefend - ok
09:14:24.0768 0x12a4  WinHttpAutoProxySvc - ok
09:14:24.0830 0x12a4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:14:24.0924 0x12a4  Winmgmt - ok
09:14:25.0049 0x12a4  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
09:14:25.0205 0x12a4  WinRM - ok
09:14:25.0283 0x12a4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
09:14:25.0330 0x12a4  WinUsb - ok
09:14:25.0392 0x12a4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:14:25.0501 0x12a4  Wlansvc - ok
09:14:25.0548 0x12a4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
09:14:25.0564 0x12a4  WmiAcpi - ok
09:14:25.0642 0x12a4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:14:25.0704 0x12a4  wmiApSrv - ok
09:14:25.0751 0x12a4  WMPNetworkSvc - ok
09:14:25.0798 0x12a4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:14:25.0844 0x12a4  WPCSvc - ok
09:14:25.0876 0x12a4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:14:25.0954 0x12a4  WPDBusEnum - ok
09:14:25.0985 0x12a4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:14:26.0047 0x12a4  ws2ifsl - ok
09:14:26.0078 0x12a4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
09:14:26.0125 0x12a4  wscsvc - ok
09:14:26.0125 0x12a4  WSearch - ok
09:14:26.0250 0x12a4  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
09:14:26.0328 0x12a4  wuauserv - ok
09:14:26.0359 0x12a4  [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:14:26.0406 0x12a4  WudfPf - ok
09:14:26.0437 0x12a4  [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
09:14:26.0515 0x12a4  WUDFRd - ok
09:14:26.0546 0x12a4  [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:14:26.0640 0x12a4  wudfsvc - ok
09:14:26.0671 0x12a4  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
09:14:26.0749 0x12a4  WwanSvc - ok
09:14:26.0812 0x12a4  ================ Scan global ===============================
09:14:26.0952 0x12a4  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
09:14:27.0030 0x12a4  [ EB6A48CC998E1090E44E8E7F1009A640, 94001F8AEB2A398E7C267C90183ABED2AFA6FC4C219027C861C6C1329093464A ] C:\Windows\system32\winsrv.dll
09:14:27.0077 0x12a4  [ EB6A48CC998E1090E44E8E7F1009A640, 94001F8AEB2A398E7C267C90183ABED2AFA6FC4C219027C861C6C1329093464A ] C:\Windows\system32\winsrv.dll
09:14:27.0108 0x12a4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
09:14:27.0170 0x12a4  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
09:14:27.0186 0x12a4  [ Global ] - ok
09:14:27.0186 0x12a4  ================ Scan MBR ==================================
09:14:27.0202 0x12a4  [ 70E629B51C16B3C007730C6AE57144C9 ] \Device\Harddisk0\DR0
09:14:29.0900 0x12a4  \Device\Harddisk0\DR0 - ok
09:14:29.0900 0x12a4  ================ Scan VBR ==================================
09:14:29.0900 0x12a4  [ 022497C1B7BCAD2D5CEEA13EDFA891A2 ] \Device\Harddisk0\DR0\Partition1
09:14:29.0932 0x12a4  \Device\Harddisk0\DR0\Partition1 - ok
09:14:29.0932 0x12a4  [ 8D79DB0A48C9A2E89BE766DCD68E826A ] \Device\Harddisk0\DR0\Partition2
09:14:29.0978 0x12a4  \Device\Harddisk0\DR0\Partition2 - ok
09:14:29.0978 0x12a4  [ B32F7E99C3FA539DDD9DC4466052B164 ] \Device\Harddisk0\DR0\Partition3
09:14:29.0978 0x12a4  \Device\Harddisk0\DR0\Partition3 - ok
09:14:29.0978 0x12a4  ================ Scan generic autorun ======================
09:14:30.0119 0x12a4  [ C56AEF21A76A6E2BB36A384B2C96389F, A9C8B90631AB4BBFEAABDE3D854283C5073B8786A263B941FF631531F30B7F9A ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
09:14:30.0197 0x12a4  NvBackend - ok
09:14:30.0244 0x12a4  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
09:14:30.0275 0x12a4  ShadowPlay - ok
09:14:30.0306 0x12a4  [ 8784236EED5079493DA9FC95B28B89F8, E59C349B964F585C27F63FBF7C1B5D7C6CF8CC958BD35100A36D57542DC13972 ] C:\Windows\SYSTEM32\WerFault.exe
09:14:30.0384 0x12a4  *WerKernelReporting - ok
09:14:30.0462 0x12a4  [ D9CB30BF12B3670650C85637EA1AB6EA, AFA4943A853ACE460007D3AFE5D45B4C972BF51777ACF4C0E84684DA6A014131 ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
09:14:30.0493 0x12a4  BackupManagerTray - ok
09:14:30.0587 0x12a4  [ 84F122BFFA0638CE735E891620EF7754, 5A3227301212C4F767258F8207268055B8EA672E82F64CD9CBDCD96858476D7F ] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
09:14:30.0634 0x12a4  Hotkey Utility - ok
09:14:30.0758 0x12a4  [ 04679E0DC30077EC1164BE82F2A2ADC9, E0193F0AE484DED0DD7F81407F0D98AC071F34358B9EA554DE3ADFC3BA1CBD60 ] C:\Program Files\McAfee.com\Agent\mcagent.exe
09:14:30.0790 0x12a4  mcui_exe - ok
09:14:30.0946 0x12a4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
09:14:31.0039 0x12a4  Sidebar - ok
09:14:31.0070 0x12a4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
09:14:31.0102 0x12a4  mctadmin - ok
09:14:31.0148 0x12a4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
09:14:31.0195 0x12a4  Sidebar - ok
09:14:31.0211 0x12a4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
09:14:31.0226 0x12a4  mctadmin - ok
09:14:31.0258 0x12a4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
09:14:31.0336 0x12a4  Sidebar - ok
09:14:31.0336 0x12a4  Waiting for KSN requests completion. In queue: 11
09:14:32.0459 0x12a4  AV detected via SS2: McAfee Anti-Virus und Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x51000 ( enabled : updated )
09:14:32.0459 0x12a4  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x51010 ( enabled )
09:14:32.0521 0x12a4  ============================================================
09:14:32.0521 0x12a4  Scan finished
09:14:32.0521 0x12a4  ============================================================
09:14:32.0537 0x0e84  Detected object count: 1
09:14:32.0537 0x0e84  Actual detected object count: 1
09:15:11.0334 0x0e84  Freemake Improver ( UnsignedFile.Multi.Generic ) - skipped by user
09:15:11.0334 0x0e84  Freemake Improver ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:22:05.0079 0x1424  Deinitialize success
         
__________________

Alt 26.03.2016, 08:30   #4
Larusso
/// Selecta Jahrusso
 
Firefox und IE starten selbständig/automatisch - Standard

Firefox und IE starten selbständig/automatisch



Hy

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.




Sag mir bitte, ob nach dem Neustart das Problem weiterhin besteht
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 27.03.2016, 15:59   #5
Foxbecks
 
Firefox und IE starten selbständig/automatisch - Standard

Firefox und IE starten selbständig/automatisch



So,
endlich geschafft, ComboFix laufen zu lassen.

Das Problem besteht zwar nicht mehr, aber ComboFix hat sich, trotz genauer Einhaltung der Anleitung, zwischendrin merkwürdig verhalten. Nachdem der Neustart durchgeführt worden ist,
öffneten sich nacheinander jeweils für unter eine Sekunde unzählig oft zum einen das command-Fenster, zum anderen ein Fenster mit der Bezeichnung "Combofix 3.pxe" , bis der PC irgendwann ausging. Nach erneutem Hochfahren erstellte CF dann die Logdatei.

Was lief da schief?


ComboFix-Log:

Code:
ATTFilter
Combofix Logfile:
Code:
ATTFilter
ComboFix 16-03-19.01 - MCS 27.03.2016  13:45:59.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4095.2005 [GMT 2:00]
ausgeführt von:: c:\users\LM2\Desktop\ComboFix.exe
AV: McAfee Anti-Virus und Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee Anti-Virus und Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\Acer GameZone online.ico
c:\users\LM2\AppData\Roaming\.#
c:\users\MCS\AppData\Roaming\.#
c:\users\MCS\OOo_3.2.1_Win_x86_install-wJRE_de.exe
C:\Win
c:\windows\IsUn0407.exe
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
D:\install.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ACEDRV11
-------\Legacy_NPF
-------\Service_acedrv11
-------\Service_npf
.
.
(((((((((((((((((((((((   Dateien erstellt von 2016-02-27 bis 2016-03-27  ))))))))))))))))))))))))))))))
.
.
2016-03-27 11:57 . 2016-03-27 11:57	--------	d-----w-	c:\users\LM\AppData\Local\temp
2016-03-27 11:57 . 2016-03-27 11:57	--------	d-----w-	c:\users\Gast\AppData\Local\temp
2016-03-24 10:40 . 2016-03-24 10:54	--------	d-----w-	C:\FRST
2016-03-24 06:23 . 2016-03-24 06:23	--------	d-----w-	c:\program files\Common Files\AV
2016-03-22 07:45 . 2016-03-22 07:48	--------	d-----w-	C:\home2
2016-03-21 17:25 . 2013-09-23 12:49	197704	----a-w-	c:\windows\system32\drivers\HipShieldK.sys
2016-03-21 13:41 . 2016-03-21 16:13	--------	d-----w-	C:\AdwCleaner
2016-03-21 07:09 . 2016-03-21 07:09	--------	d-----w-	c:\users\MCS\AppData\Local\CEF
2016-03-21 06:15 . 2016-03-21 06:15	--------	d-----w-	c:\programdata\eXPert PDF 5
2016-03-20 21:14 . 2005-06-02 11:40	14336	----a-w-	c:\windows\SysWow64\vsmon1.dll
2016-03-20 21:13 . 2016-03-20 21:13	--------	d-----w-	c:\windows\My Documents
2016-03-20 21:13 . 2016-03-20 21:13	--------	d-----w-	c:\programdata\eXPert PDF
2016-03-20 21:13 . 2016-03-20 21:13	--------	d-----w-	c:\programdata\eXPert PDF Jobs
2016-03-20 21:13 . 2016-03-20 21:13	--------	d-----w-	c:\program files (x86)\Visagesoft
2016-03-20 21:12 . 2016-03-20 21:12	--------	d-----w-	c:\program files (x86)\BVRP Software
2016-03-20 21:11 . 2016-03-20 21:11	--------	d-----w-	c:\programdata\BVRP Software
2016-03-20 21:09 . 2016-03-20 21:09	--------	dc----w-	c:\windows\system32\DRVSTORE
2016-03-20 21:09 . 2008-09-26 17:06	37392	----a-w-	c:\windows\system32\drivers\hotcore3.sys
2016-03-20 21:07 . 2016-03-20 21:07	--------	d-----w-	c:\program files (x86)\Paragon Software
2016-03-20 20:57 . 2016-03-20 20:57	--------	dc-h--w-	c:\programdata\{8C2CFCEE-B9B7-4A60-B6C4-37DA5AA7BAD4}
2016-03-20 20:57 . 2016-03-20 20:57	--------	d-----w-	c:\program files (x86)\WinSysClean 2009
2016-03-20 14:44 . 2016-03-20 14:44	--------	d-----w-	c:\users\MCS\AppData\Local\CrashRpt
2016-03-20 14:39 . 2016-03-20 14:39	--------	d-----w-	C:\MyWinLockerData
2016-03-20 12:53 . 2016-03-20 12:53	--------	d-----w-	c:\users\LM2\AppData\Local\CEF
2016-03-20 12:43 . 2016-03-20 12:43	--------	d-----w-	c:\users\LM2\AppData\Local\CrashRpt
2016-03-19 22:06 . 2016-03-21 16:15	192216	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-03-19 22:05 . 2016-03-25 09:29	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2016-03-19 22:05 . 2016-03-19 22:05	--------	d-----w-	c:\programdata\Malwarebytes
2016-03-19 22:05 . 2016-03-10 13:09	64896	----a-w-	c:\windows\system32\drivers\mwac.sys
2016-03-19 22:05 . 2016-03-10 13:08	140672	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2016-03-19 22:05 . 2016-03-10 13:08	27008	----a-w-	c:\windows\system32\drivers\mbam.sys
2016-03-19 21:35 . 2009-07-14 01:41	101376	----a-w-	c:\windows\system32\Spool\prtprocs\x64\HPZPPWN7.DLL
2016-03-19 21:21 . 2016-03-19 22:48	--------	d-----w-	C:\inetpub
2016-03-19 20:30 . 2016-03-19 20:30	--------	d-----w-	c:\programdata\OO Software
2016-03-19 20:18 . 2016-03-20 20:51	--------	d-----w-	C:\Anwendungen
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-03-27 12:09 . 2012-04-05 10:28	797376	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2016-03-27 12:09 . 2011-10-21 17:50	142528	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{e9e8eb35-ff77-455d-b677-91e5e4fc06c2}]
2010-11-05 01:58	297808	----a-w-	c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-10 13:41	120104	----a-w-	c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-08-12 261888]
"Hotkey Utility"="c:\program files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" [2009-08-18 629280]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2014-04-25 537992]
"mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2014-04-25 537992]
.
c:\users\MCS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Netzmanager.lnk - c:\program files\Netzmanager\netzmanager.exe /Autostart [2010-3-22 1540096]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.11.292\SSScheduler.exe [2016-2-5 334088]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 becldr3Service;BCL EasyConverter SDK 3 Loader;c:\program files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe;c:\program files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [x]
R3 FXUSBASE;AVM FRITZ!X USB;c:\windows\system32\DRIVERS\fxusbase.sys;c:\windows\SYSNATIVE\DRIVERS\fxusbase.sys [x]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.11.292\McCHSvc.exe;c:\program files\McAfee Security Scan\3.11.292\McCHSvc.exe [x]
R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys;c:\windows\SYSNATIVE\DRIVERS\mfencrk.sys [x]
R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys;c:\windows\SYSNATIVE\drivers\ccdcmbox64.sys [x]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\nmwcdx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdx64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R4 BlackBerry Device Manager;BlackBerry Device Manager;c:\program files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe;c:\program files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [x]
R4 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
R4 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S0 hotcore3;Hotcore helper;c:\windows\system32\DRIVERS\hotcore3.sys;c:\windows\SYSNATIVE\DRIVERS\hotcore3.sys [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys;c:\windows\SYSNATIVE\DRIVERS\hssdrv6.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [x]
S2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe [x]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe;c:\program files (x86)\Acer\Registration\GregHSRW.exe [x]
S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\cmw_srv.exe;c:\program files (x86)\Hotspot Shield\bin\cmw_srv.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
S2 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [x]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [x]
S2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [x]
S2 Netzmanager Service;Netzmanager Infrastruktur Informationssystem Dienst;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe ;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe  [x]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\nlssrv32.exe;c:\windows\SYSNATIVE\nlssrv32.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S3 AVMCOWAN;AVM ISDN CoNDIS WAN CAPI Driver;c:\windows\system32\DRIVERS\AVMCOWAN.sys;c:\windows\SYSNATIVE\DRIVERS\AVMCOWAN.sys [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys;c:\windows\SYSNATIVE\DRIVERS\mfencbdc.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-03-19 20:21	1106072	----a-w-	c:\program files (x86)\Google\Chrome\Application\49.0.2623.87\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2015-12-18 15:42	286904	----a-w-	c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
Inhalt des "geplante Tasks" Ordners
.
2016-03-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 12:09]
.
2016-03-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-14 13:18]
.
2016-03-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-14 13:18]
.
2016-03-19 c:\windows\Tasks\McDefragTask.job
- c:\progra~2\mcafee\mqc\QcConsol.exe [2010-04-19 10:22]
.
2016-03-26 c:\windows\Tasks\Norton Security Scan for MCS.job
- c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-05-20 07:48]
.
2016-03-26 c:\windows\Tasks\RMSchedule.job
- c:\program files (x86)\Registry Mechanic\RegMech.exe [2011-03-15 07:46]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-09-10 13:44	137512	----a-w-	c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-07-25 2403104]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-07-25 1283136]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.us.com/?guid={B9D4FB9C-78E2-4FB7-9FDC-67E665BE2937}&serpv=17
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x1301&r=17360410ln07974080f85bh451l364
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x1301&r=17360410ln07974080f85bh451l364
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\MCS\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\MCS\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.178.20
FF - ProfilePath - c:\users\MCS\AppData\Roaming\Mozilla\Firefox\Profiles\j44goa5s.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.malwarebytes.org/restorebrowser//home?affID=121562
FF - prefs.js: network.proxy.type - 4
45
45
45
45
45
45
45
45
45
45
45
45
45
45
45
45
45
45
45
45
45
45
45
45
45
45
45
45
45
45
45
45
45
45
45
45
45
45
45
user_pref(extensions.d b46072be00000000000ions.delta.vrsn, 1.8.21.5);
FF - user.js: browser.startup.homepage - hxxp://search.us.com/?guid={B9D4FB9C-78E2-4FB7-9FDC-67E665BE2937}&serpv=17
FF - user.js: browser.startup.page - 1
FF - user.js: browser.newtab.url - file:///c:\users\MCS\AppData\Local\TNT2\Common\pinnedSearch.htm
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
URLSearchHooks-{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Toolbar-Locked - (no file)
AddRemove-EumexKonf - c:\windows\IsUn0407.exe
AddRemove-Jigsaw Puzzle Lite - c:\program files (x86)\KraiSoft Games\Jigsaw Puzzle Lite\uninstall.exe
AddRemove-MAGIX music maker 2005 e-version - c:\muma05\instslct.exe
AddRemove-WinSysClean X - c:\programdata\{7F3CF31C-60FF-4AF3-A64F-137813483887}\WSC.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_21_0_0_197_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_21_0_0_197_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_21_0_0_197_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_21_0_0_197_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_197.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.21"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_197.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_197.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_197.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
c:\windows\SysWOW64\rundll32.exe
c:\windows\SysWOW64\nlssrv32.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2016-03-27  15:14:27 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2016-03-27 13:14
.
Vor Suchlauf: 21 Verzeichnis(se), 262.188.969.984 Bytes frei
Nach Suchlauf: 27 Verzeichnis(se), 267.250.483.200 Bytes frei
.
- - End Of File - - 5FDE2A5B1AEF7E48060D91990C8B141D
         
--- --- --- 70E629B51C16B3C007730C6AE57144C9


Alt 28.03.2016, 10:06   #6
Larusso
/// Selecta Jahrusso
 
Firefox und IE starten selbständig/automatisch - Standard

Firefox und IE starten selbständig/automatisch



Sieht ganz gut aus

Code:
ATTFilter
FF user.js: detected! => C:\Users\MCS\AppData\Roaming\Mozilla\Firefox\Profiles\j44goa5s.default\user.js [2016-03-21]
         
Hast du diese selber angelegt ?


Starte bitte FRST und drücke auf Untersuchen. Poste die FRST Log bitte hier
__________________
--> Firefox und IE starten selbständig/automatisch

Alt 28.03.2016, 14:03   #7
Foxbecks
 
Firefox und IE starten selbständig/automatisch - Standard

Firefox und IE starten selbständig/automatisch



Die user.js vom 21.03. habe ich nicht selbst angelegt.

Heute vormittag habe ich das Admin-Konto (MCS) aufgerufen und sofort öffnete sich FF mit der Seite techbrowsing.com

Hier das neue FRST-Log

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von MCS (Administrator) auf PC (28-03-2016 11:43:26)
Gestartet von C:\Users\LM2\Desktop
Geladene Profile: MCS & LM2 (Verfügbare Profile: MCS & LM2 & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-12] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [629280 2009-08-18] ()
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [723904 2016-03-03] (McAfee, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [415232 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-824321664-1275631822-800070043-1002\...\MountPoints2: {02034be8-51e2-11e3-a7e7-404e57434402} - F:\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.9B05 PID_0083
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-09-10] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll [2009-09-10] (Egis Technology Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-03-20]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\MCS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk [2016-03-20]
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.20
Tcpip\..\Interfaces\{5A4F0A5F-8EA0-44EA-AF9A-AB6E3FBD2D6E}: [DhcpNameServer] 192.168.178.20
Tcpip\..\Interfaces\{B8318698-19AD-41CA-A0B6-3601D211BC45}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{D0016FAC-39B6-489E-8450-F19811AFBB3B}: [DhcpNameServer] 192.168.1.250

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-824321664-1275631822-800070043-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x1301&r=17360410ln07974080f85bh451l364
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x1301&r=17360410ln07974080f85bh451l364
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x1301&r=17360410ln07974080f85bh451l364
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-824321664-1275631822-800070043-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.us.com/?guid={B9D4FB9C-78E2-4FB7-9FDC-67E665BE2937}&serpv=17
HKU\S-1-5-21-824321664-1275631822-800070043-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKLM-x32 - (Kein Name) - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - Keine Datei
URLSearchHook: HKU\S-1-5-21-824321664-1275631822-800070043-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-824321664-1275631822-800070043-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-824321664-1275631822-800070043-1002 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-824321664-1275631822-800070043-1002 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-824321664-1275631822-800070043-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-824321664-1275631822-800070043-1002 -> DefaultScope {3835E609-A8CF-4825-B229-926AA9A4A2BB} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-824321664-1275631822-800070043-1002 -> {3835E609-A8CF-4825-B229-926AA9A4A2BB} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL => Keine Datei
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-05] (Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2012-06-21] (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-05] (Oracle Corporation)
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\Program Files\McAfee\MSK\mskapbho.dll [2011-03-11] ()
BHO-x32: Kein Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-05] (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2012-06-21] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-05] (Oracle Corporation)
BHO-x32: Freemake.YoutubeButton -> {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2012-06-21] (McAfee, Inc.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2012-06-21] (McAfee, Inc.)
Toolbar: HKU\S-1-5-21-824321664-1275631822-800070043-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2012-06-21] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2012-06-21] (McAfee, Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2012-06-21] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2012-06-21] (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2016-03-03] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2016-03-03] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\MCS\AppData\Roaming\Mozilla\Firefox\Profiles\j44goa5s.default
FF Homepage: hxxps://www.malwarebytes.org/restorebrowser//home?affID=121562
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll [2016-03-27] ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\system32\npDeployJava1.dll [2012-09-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-05] (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-03-03] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-27] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-05] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-03-03] ()
FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\npmvtplugin.dll [2012-05-22] (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll [2012-03-29] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2013-11-06] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-824321664-1275631822-800070043-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\LM2\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-24] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\MCS\AppData\Roaming\Mozilla\Firefox\Profiles\j44goa5s.default\user.js [2016-03-27]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2010-01-14] (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\MCS\AppData\Roaming\Mozilla\Firefox\Profiles\j44goa5s.default\searchplugins\{7E5616B6-81F9-4339-ADD2-E2F3741ACB85}.xml [2012-12-19]
FF SearchPlugin: C:\Users\MCS\AppData\Roaming\Mozilla\Firefox\Profiles\j44goa5s.default\searchplugins\{9617F2CC-FCFD-44CB-9546-B139B9FD1073}.xml [2012-12-19]
FF SearchPlugin: C:\Users\MCS\AppData\Roaming\Mozilla\Firefox\Profiles\j44goa5s.default\searchplugins\{E48AE8DD-B500-4218-BF0C-415C948569E4}.xml [2012-12-19]
FF Extension: Block LinkBucks - C:\Users\MCS\AppData\Roaming\Mozilla\Firefox\Profiles\j44goa5s.default\Extensions\dgs229@nyu.edu.xpi [2013-01-15] [ist nicht signiert]
FF Extension: Ghostery - C:\Users\MCS\AppData\Roaming\Mozilla\Firefox\Profiles\j44goa5s.default\Extensions\firefox@ghostery.com [2013-05-02] [ist nicht signiert]
FF Extension: JavaScript Deobfuscator - C:\Users\MCS\AppData\Roaming\Mozilla\Firefox\Profiles\j44goa5s.default\Extensions\jsdeobfuscator@adblockplus.org.xpi [2012-12-19] [ist nicht signiert]
FF Extension: Proxilla Glype Proxy Client - C:\Users\MCS\AppData\Roaming\Mozilla\Firefox\Profiles\j44goa5s.default\Extensions\proxilla@kevin.godell.xpi [2012-12-19] [ist nicht signiert]
FF Extension: BetterPrivacy - C:\Users\MCS\AppData\Roaming\Mozilla\Firefox\Profiles\j44goa5s.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2012-12-19] [ist nicht signiert]
FF Extension: Bitdefender QuickScan - C:\Users\MCS\AppData\Roaming\Mozilla\Firefox\Profiles\j44goa5s.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2013-05-02] [ist nicht signiert]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2016-03-20] [ist nicht signiert]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01] [ist nicht signiert]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-16] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-12-29]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\fmdownloader@gmail.com [2013-06-28] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2013-06-28] [ist nicht signiert]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-03-28] [ist nicht signiert]
FF HKU\S-1-5-21-824321664-1275631822-800070043-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] [ist nicht signiert]

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://google.de/"
CHR DefaultSearchKeyword: Default -> google.com_
CHR Profile: C:\Users\MCS\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Freemake Video Downloader) - C:\Users\MCS\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf [2014-10-12]
CHR Extension: (Freemake Youtube Download Button) - C:\Users\MCS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh [2014-10-12]
CHR Extension: (Skype) - C:\Users\MCS\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-03-20]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\MCS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-03-20]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-03-27]
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-06-28]
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2013-06-28]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-03-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 0027641459157438mcinstcleanup; C:\Windows\TEMP\002764~1.EXE [918056 2015-11-27] (McAfee, Inc.)
S3 becldr3Service; C:\Program Files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [176128 2011-04-19] () [Datei ist nicht signiert]
S4 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2013-09-09] (Research In Motion Limited) [Datei ist nicht signiert]
S4 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
S4 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [625184 2009-04-19] ()
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-10-08] (Freemake) [Datei ist nicht signiert]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-08-26] (Ellora Assets Corp.) [Datei ist nicht signiert]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2442368 2016-02-17] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [103176 2016-02-17] ()
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [103472 2012-06-15] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2016-03-03] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.292\McCHSvc.exe [293128 2016-02-05] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe [1696712 2016-02-23] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [681680 2016-02-26] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [234192 2015-11-18] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [380896 2016-01-21] (McAfee, Inc.)
R2 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [275368 2015-11-18] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (Egis Technology Inc.)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [9728 2010-03-22] (Deutsche Telekom AG) [Datei ist nicht signiert]
S2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [63488 2010-03-11] (Nalpeiron Ltd.) [Datei ist nicht signiert]
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [207904 2009-04-19] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [583640 2010-08-05] (PC Tools)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [902112 2015-12-14] (Intel Security, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2009-06-10] (AVM GmbH)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [79248 2015-11-25] (McAfee, Inc.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FXUSBASE; C:\Windows\System32\DRIVERS\fxusbase.sys [694272 2009-06-10] (AVM Berlin)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [37392 2008-09-26] (Paragon Software Group)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-21] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419624 2015-11-25] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351144 2015-11-25] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496368 2015-11-25] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [846080 2015-11-25] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [539496 2015-11-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2015-11-20] (McAfee, Inc.)
S3 mferkdk; C:\Windows\System32\drivers\mferkdk.sys [40904 2010-02-17] (McAfee, Inc.)
S3 mfesmfk; C:\Windows\System32\drivers\mfesmfk.sys [49480 2010-02-17] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [245096 2015-11-25] (McAfee, Inc.)
R1 MPFP; C:\Windows\System32\Drivers\Mpfp.sys [176144 2009-04-09] (McAfee, Inc.)
S3 nmwcdcx64; C:\Windows\System32\drivers\ccdcmbox64.sys [23552 2008-05-02] (Nokia)
S3 nmwcdx64; C:\Windows\System32\drivers\nmwcdx64.sys [173056 2007-06-28] (Nokia)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-06-27] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-03-19] (Anchorfree Inc.)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [45320 2008-09-26] (Windows (R) 2000 DDK provider)
S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerfltx64.sys [8704 2008-05-02] (Windows (R) Codename Longhorn DDK provider)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltx64j.sys [8704 2008-05-02] (Windows (R) Codename Longhorn DDK provider)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 mfeavfk01; \Device\mfeavfk01.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-28 11:35 - 2016-03-28 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-03-27 17:52 - 2015-11-25 07:29 - 00419624 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeaack.sys
2016-03-27 17:48 - 2016-03-27 17:48 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2016-03-27 17:48 - 2016-03-27 17:48 - 00000000 ____D C:\ProgramData\Intel Security
2016-03-27 17:47 - 2016-03-27 17:47 - 00000000 ____D C:\Program Files\Common Files\Intel Security
2016-03-27 15:14 - 2016-03-27 15:14 - 00025473 _____ C:\Users\LM2\Desktop\ComboFix.txt
2016-03-27 13:40 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2016-03-27 13:40 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2016-03-27 13:40 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-03-27 13:40 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-03-27 13:40 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-03-27 13:40 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2016-03-27 13:40 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2016-03-27 13:40 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2016-03-27 13:39 - 2016-03-27 15:14 - 00000000 ____D C:\Qoobox
2016-03-27 13:39 - 2016-03-27 15:11 - 00000000 ____D C:\Windows\erdnt
2016-03-27 13:20 - 2016-03-27 13:20 - 00284440 _____ C:\Windows\Minidump\032716-18860-01.dmp
2016-03-26 17:49 - 2016-03-26 17:49 - 05658151 ____R (Swearware) C:\Users\LM2\Desktop\ComboFix.exe
2016-03-26 04:22 - 2016-03-26 04:22 - 00000000 ____D C:\Users\LM2\Documents\Freemake
2016-03-25 10:12 - 2016-03-25 10:22 - 00217988 _____ C:\Users\LM2\Desktop\TDSSKiller.3.1.0.9_25.03.2016_09.12.38_log.txt
2016-03-25 10:09 - 2016-03-25 10:09 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\LM2\Desktop\tdsskiller.exe
2016-03-24 12:46 - 2016-03-28 11:42 - 00037846 _____ C:\Users\LM2\Desktop\Addition.txt
2016-03-24 12:42 - 2016-03-28 11:43 - 00032626 _____ C:\Users\LM2\Desktop\FRST.txt
2016-03-24 12:40 - 2016-03-28 11:43 - 00000000 ____D C:\FRST
2016-03-24 12:37 - 2016-03-24 12:38 - 02374144 _____ (Farbar) C:\Users\LM2\Desktop\FRST64.exe
2016-03-24 08:23 - 2016-03-24 08:23 - 00000000 ____D C:\Program Files\Common Files\AV
2016-03-22 09:45 - 2016-03-22 09:48 - 00000000 ____D C:\home2
2016-03-22 09:27 - 2016-03-22 09:27 - 01190608 _____ (Adobe Systems Incorporated) C:\Users\MCS\Downloads\flashplayer21_d_install.exe
2016-03-22 09:26 - 2016-03-22 09:26 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-22 09:26 - 2016-03-22 09:26 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-03-22 09:22 - 2016-03-22 09:23 - 43359192 _____ C:\Users\LM2\Downloads\FirefoxSetup45.0.1.exe
2016-03-21 20:02 - 2016-03-21 20:02 - 00287976 _____ C:\Windows\Minidump\032116-18189-01.dmp
2016-03-21 19:25 - 2015-05-19 13:59 - 00207208 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2016-03-21 15:41 - 2016-03-21 18:13 - 00000000 ____D C:\AdwCleaner
2016-03-21 15:39 - 2016-03-21 15:39 - 01529344 _____ C:\Users\LM2\Downloads\adwcleaner_5.103.exe
2016-03-21 10:28 - 2016-03-21 10:31 - 00000000 ____D C:\Users\MCS\Documents\Neuer Ordner (3)
2016-03-21 10:08 - 2016-03-21 10:08 - 00000000 ____D C:\Users\LM2\Documents\PDF Files
2016-03-21 09:09 - 2016-03-21 09:09 - 00000000 ____D C:\Users\MCS\AppData\Local\CEF
2016-03-21 08:39 - 2016-03-21 08:39 - 00000000 ____D C:\Users\MCS\Documents\PDF Files
2016-03-21 08:15 - 2016-03-21 08:15 - 00000000 ____D C:\ProgramData\eXPert PDF 5
2016-03-20 23:14 - 2016-03-20 23:14 - 00001028 _____ C:\Users\Public\Desktop\eXPert PDF Creator.lnk
2016-03-20 23:14 - 2016-03-20 23:14 - 00001023 _____ C:\Users\Public\Desktop\eXPert PDF Editor.lnk
2016-03-20 23:14 - 2016-03-20 23:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF eXPerte 5
2016-03-20 23:14 - 2005-06-02 13:40 - 00014336 _____ C:\Windows\SysWOW64\vsmon1.dll
2016-03-20 23:13 - 2016-03-20 23:13 - 00000000 ____D C:\Windows\My Documents
2016-03-20 23:13 - 2016-03-20 23:13 - 00000000 ____D C:\ProgramData\eXPert PDF Jobs
2016-03-20 23:13 - 2016-03-20 23:13 - 00000000 ____D C:\ProgramData\eXPert PDF
2016-03-20 23:13 - 2016-03-20 23:13 - 00000000 ____D C:\Program Files (x86)\Visagesoft
2016-03-20 23:12 - 2016-03-20 23:12 - 00000000 ____D C:\Program Files (x86)\BVRP Software
2016-03-20 23:11 - 2016-03-20 23:11 - 00000000 ____D C:\ProgramData\BVRP Software
2016-03-20 23:09 - 2016-03-20 23:09 - 00002368 _____ C:\Users\Public\Desktop\Paragon Festplatten Manager 8.5 .lnk
2016-03-20 23:09 - 2016-03-20 23:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Festplatten Manager 8.5
2016-03-20 23:09 - 2008-09-26 19:06 - 00037392 _____ (Paragon Software Group) C:\Windows\system32\Drivers\hotcore3.sys
2016-03-20 23:07 - 2016-03-20 23:07 - 00000000 ____D C:\Program Files (x86)\Paragon Software
2016-03-20 22:57 - 2016-03-20 22:57 - 00000978 _____ C:\Users\Public\Desktop\WinSysClean 2009.lnk
2016-03-20 22:57 - 2016-03-20 22:57 - 00000000 __HDC C:\ProgramData\{8C2CFCEE-B9B7-4A60-B6C4-37DA5AA7BAD4}
2016-03-20 22:57 - 2016-03-20 22:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSysClean
2016-03-20 22:57 - 2016-03-20 22:57 - 00000000 ____D C:\Program Files (x86)\WinSysClean 2009
2016-03-20 20:56 - 2016-03-22 09:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-20 17:44 - 2016-03-20 17:44 - 00001063 _____ C:\Windows\explorer - Verknüpfung.lnk
2016-03-20 16:44 - 2016-03-20 16:44 - 00000000 ____D C:\Users\MCS\AppData\Local\CrashRpt
2016-03-20 16:39 - 2016-03-20 16:39 - 00000000 ____D C:\MyWinLockerData
2016-03-20 16:08 - 2016-03-20 16:08 - 00000000 ____D C:\Users\LM2\Desktop\McAfee
2016-03-20 16:02 - 2016-03-22 09:57 - 00000000 ____D C:\Users\LM2\Desktop\Desktop2
2016-03-20 14:53 - 2016-03-20 14:53 - 00000000 ____D C:\Users\LM2\AppData\Local\CEF
2016-03-20 14:50 - 2016-03-20 16:45 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-20 14:50 - 2016-03-20 16:44 - 00002051 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-03-20 14:43 - 2016-03-20 14:43 - 00000000 ____D C:\Users\LM2\AppData\Local\CrashRpt
2016-03-20 00:50 - 2016-03-28 11:26 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-03-20 00:06 - 2016-03-21 18:15 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-20 00:06 - 2016-03-20 00:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-03-20 00:05 - 2016-03-25 11:29 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-03-20 00:05 - 2016-03-20 00:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-03-20 00:05 - 2016-03-10 15:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-03-20 00:05 - 2016-03-10 15:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-03-20 00:05 - 2016-03-10 15:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-03-20 00:05 - 2016-03-10 15:07 - 09926112 _____ (Malwarebytes) C:\Users\LM2\Desktop\mbam.exe
2016-03-20 00:01 - 2016-03-20 00:01 - 22851472 _____ (Malwarebytes ) C:\Users\LM2\Downloads\mbam-setup-2.2.1.1043.exe
2016-03-19 23:53 - 2016-03-19 23:53 - 00985600 _____ C:\Users\LM2\Downloads\MicrosoftFixit50123.msi
2016-03-19 23:49 - 2016-03-19 23:49 - 00302011 _____ C:\Users\LM2\Downloads\WindowsUpdateDiagnostic.diagcab
2016-03-19 23:23 - 2016-03-19 23:23 - 00005618 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-03-19 23:21 - 2016-03-20 00:48 - 00000000 ____D C:\inetpub
2016-03-19 22:30 - 2016-03-19 22:30 - 00000000 ____D C:\ProgramData\OO Software
2016-03-19 22:18 - 2016-03-20 22:51 - 00000000 ____D C:\Anwendungen
2016-03-19 22:11 - 2016-03-19 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-28 11:35 - 2009-07-14 06:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-28 11:35 - 2009-07-14 06:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-28 11:34 - 2009-07-14 07:13 - 00005844 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-28 11:34 - 2006-10-10 10:57 - 08534300 _____ C:\Windows\system32\perfh007.dat
2016-03-28 11:34 - 2006-10-10 10:57 - 02585608 _____ C:\Windows\system32\perfc007.dat
2016-03-28 11:30 - 2009-10-17 04:24 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-03-28 11:26 - 2010-05-14 03:31 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-28 11:25 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-28 11:25 - 2006-10-10 01:12 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-28 02:19 - 2010-05-14 03:31 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-28 02:09 - 2012-04-05 12:28 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-28 02:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2016-03-27 22:29 - 2010-04-22 16:16 - 00000000 ____D C:\ProgramData\TEMP
2016-03-27 19:57 - 2010-05-20 19:22 - 00000494 ____H C:\Windows\Tasks\Norton Security Scan for MCS.job
2016-03-27 19:00 - 2011-03-16 00:30 - 00000262 _____ C:\Windows\Tasks\RMSchedule.job
2016-03-27 17:54 - 2009-10-17 04:24 - 00000000 ____D C:\ProgramData\McAfee
2016-03-27 17:53 - 2010-09-16 16:08 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-03-27 15:14 - 2010-05-03 14:57 - 00000000 ____D C:\Users\nokia
2016-03-27 15:06 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2016-03-27 14:09 - 2012-04-05 12:28 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-27 14:09 - 2012-04-05 12:28 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-27 14:09 - 2011-10-21 19:50 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-27 13:58 - 2009-07-14 04:34 - 69730304 _____ C:\Windows\system32\config\software.bak
2016-03-27 13:58 - 2009-07-14 04:34 - 30146560 _____ C:\Windows\system32\config\system.bak
2016-03-27 13:58 - 2009-07-14 04:34 - 01048576 _____ C:\Windows\system32\config\default.bak
2016-03-27 13:58 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\security.bak
2016-03-27 13:58 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\sam.bak
2016-03-27 13:56 - 2010-04-19 09:42 - 00000000 ____D C:\Users\MCS
2016-03-27 13:20 - 2013-12-17 18:35 - 443263998 _____ C:\Windows\MEMORY.DMP
2016-03-27 13:20 - 2010-11-12 21:29 - 00000000 ____D C:\Windows\MiniDump
2016-03-22 09:28 - 2010-04-19 14:05 - 00000000 ____D C:\Users\MCS\AppData\Local\Mozilla
2016-03-22 09:25 - 2012-05-03 19:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-21 15:39 - 2015-01-17 23:17 - 00000000 ____D C:\Users\LM2\dwhelper
2016-03-21 15:17 - 2010-12-22 16:26 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-03-21 12:32 - 2015-06-12 09:29 - 00000691 _____ C:\Windows\wininit.ini
2016-03-21 12:14 - 2010-10-21 17:49 - 00007621 _____ C:\Users\MCS\AppData\Local\Resmon.ResmonCfg
2016-03-21 10:55 - 2015-03-30 15:55 - 00000000 ____D C:\Users\MCS\Documents\Neuer Ordner (2)
2016-03-21 10:39 - 2010-06-25 22:12 - 00000000 ___RD C:\Users\MCS\Documents\Scanned Documents
2016-03-21 10:38 - 2010-08-23 16:03 - 00000000 ___RD C:\Users\MCS\Desktop\Desk
2016-03-21 10:08 - 2013-05-02 14:26 - 00000000 ____D C:\Users\LM2
2016-03-21 09:50 - 2010-11-29 02:28 - 00000000 ____D C:\TEMP
2016-03-21 09:48 - 2011-12-11 21:23 - 00000000 ____D C:\Users\Gast
2016-03-21 09:39 - 2014-12-29 05:53 - 00000000 ____D C:\Users\LM2\Downloads\Neuer Ordner (7)
2016-03-21 09:38 - 2014-12-29 05:53 - 00000000 ____D C:\Users\LM2\Downloads\Neuer Ordner (5)
2016-03-21 09:09 - 2014-11-05 18:07 - 00000000 ____D C:\Users\MCS\AppData\Local\Adobe
2016-03-20 23:12 - 2009-10-17 03:49 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-03-20 23:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-03-20 22:55 - 2010-11-12 21:07 - 00000000 ____D C:\Program Files (x86)\WinSysClean X
2016-03-20 16:45 - 2015-06-12 09:41 - 00002160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2016-03-20 16:45 - 2013-11-16 16:23 - 00002191 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-20 16:45 - 2012-10-09 03:01 - 00002166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Virtual Technician.lnk
2016-03-20 16:45 - 2010-11-19 16:47 - 00001304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
2016-03-20 16:45 - 2010-09-26 16:47 - 00000849 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-03-20 16:45 - 2009-10-17 03:46 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-03-20 16:45 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-03-20 16:45 - 2009-07-14 06:57 - 00001330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-03-20 16:45 - 2009-07-14 06:57 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-03-20 16:45 - 2006-10-10 01:26 - 00002569 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk
2016-03-20 16:45 - 2006-10-10 01:26 - 00001193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works-Start.lnk
2016-03-20 16:44 - 2014-10-12 19:48 - 00001203 _____ C:\Users\MCS\Desktop\Any Video Converter.lnk
2016-03-20 16:44 - 2013-11-16 16:23 - 00002179 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-20 16:44 - 2013-11-02 21:41 - 00001052 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2016-03-20 16:44 - 2010-11-12 02:15 - 00001243 _____ C:\Users\MCS\Desktop\DVDVideoSoft Free Studio.lnk
2016-03-20 16:44 - 2010-04-19 13:47 - 00001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Netzmanager.lnk
2016-03-20 16:44 - 2010-04-19 09:44 - 00001443 _____ C:\Users\MCS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-03-20 16:44 - 2010-04-19 09:44 - 00001409 _____ C:\Users\MCS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-03-20 16:44 - 2009-07-14 07:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-03-20 16:44 - 2009-07-14 06:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-03-20 16:07 - 2015-03-19 17:45 - 00000000 ____D C:\Users\MCS\Documents\onlineTV 8
2016-03-20 16:07 - 2015-03-19 17:32 - 00000000 ____D C:\Users\MCS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\concept design
2016-03-20 16:07 - 2015-03-19 17:32 - 00000000 ____D C:\Users\MCS\AppData\Roaming\concept design
2016-03-20 16:07 - 2015-03-19 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\concept design
2016-03-20 16:07 - 2015-03-19 17:32 - 00000000 ____D C:\Program Files (x86)\concept design
2016-03-20 15:23 - 2010-04-24 05:15 - 00000000 ____D C:\Program Files (x86)\Winamp
2016-03-20 14:53 - 2013-06-10 21:02 - 00000000 ____D C:\Users\LM2\AppData\Local\Adobe
2016-03-20 14:52 - 2015-07-15 13:06 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-03-20 14:50 - 2009-10-17 04:36 - 00000000 ____D C:\ProgramData\Adobe
2016-03-20 14:50 - 2009-10-17 04:35 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-03-20 00:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Branding
2016-03-20 00:48 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2016-03-20 00:48 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\inetsrv
2016-03-20 00:42 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-03-20 00:40 - 2013-06-28 17:35 - 00000000 ____D C:\Program Files (x86)\Delta
2016-03-20 00:40 - 2010-04-20 00:22 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-03-19 23:11 - 2013-11-02 21:39 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield
2016-03-19 23:10 - 2013-11-02 21:40 - 00000000 ____D C:\ProgramData\Hotspot Shield
2016-03-19 22:14 - 2010-05-14 03:31 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-03-19 22:14 - 2010-05-14 03:31 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-03-19 22:11 - 2015-10-05 14:52 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-03-19 22:11 - 2014-03-18 15:40 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-03-19 22:07 - 2010-04-19 09:42 - 00000342 _____ C:\Windows\Tasks\McDefragTask.job

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-11-09 13:54 - 2013-11-09 13:54 - 0001847 _____ () C:\Users\MCS\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2010-04-23 16:38 - 2010-05-03 14:45 - 0000362 _____ () C:\Users\MCS\AppData\Roaming\wklnhst.dat
2010-11-30 02:53 - 2012-12-04 16:52 - 0083968 _____ () C:\Users\MCS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-10-21 17:49 - 2016-03-21 12:14 - 0007621 _____ () C:\Users\MCS\AppData\Local\Resmon.ResmonCfg
2009-10-17 04:04 - 2009-07-18 03:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2010-10-23 19:26

==================== Ende von FRST.txt ============================
         

Alt 28.03.2016, 16:50   #8
Larusso
/// Selecta Jahrusso
 
Firefox und IE starten selbständig/automatisch - Standard

Firefox und IE starten selbständig/automatisch



Hy.
Das gute ist, die spuren einer früheren Infektion sind schon mal weg. Jetzt gehen wir dem eigentlichen Problem auf den Grund.

Kennst du diese Datei ?
C:\Users\Public\Documents\Zeitpunkt\setup.EXE

Wenn nicht, bitte folgendes

Bitte lasse die Datei aus der Code-Box bei Virustotal überprüfen.
  • Klicke auf Wählen Sie eine
  • Kopiere nun folgendes in die Suchleiste
    Code:
    ATTFilter
    C:\Users\Public\Documents\Zeitpunkt\setup.EXE
             
  • und klicke auf Öffnen.
  • Klicke auf Scannen!.
  • Warte bitte bis die Datei vollständig hochgeladen wurde. Solltest Du folgende Meldung bekommen
    Zitat:
    Diese Datei wurde bereits von VirusTotal analysiert...
    klicke auf Neu analysieren.
  • Warte bis dir das Analysedatum angezeigt wird und der Scan abgeschlossen ist.
  • Kopiere den Link aus deiner Adresszeile und poste ihn hier.



Hinweis: Registry Cleaner

Ich sehe, dass du sogenannte Registry Cleaner installiert hast.
In deinem Fall
Registry Mechanic
.

Wir raten von der Verwendung jeglicher Art von Registry Cleaner ab.

Der Grund ist ganz einfach:
Die Registry ist das Hirn des Systems. Funktioniert das Hirn nicht, funktioniert der Rest nicht mehr wirklich.
Man sollte nicht unnötigerweise an der Registry rumbasteln. Schon ein kleiner Fehler kann gravierende Folgen haben und auch Programme machen manchmal Fehler.
Zerstörst du die Registry, zerstörst du Windows.

Zudem ist der Nutzen zur Performancesteigerung umstritten und meist kaum im wahrnehmbaren Bereich.

Ich würde dir empfehlen, Registry Cleaner nicht weiterhin zu verwenden und über
Start --> Systemsteuerung --> Software (bei Windows XP)
Start --> Systemsteuerung --> Programme und Funktionen (bei Vista / Win 7)
zu deinstallieren.



Downloade dir bitte Shortcut Cleaner (by Grinler) auf deinen Desktop.
  • Starte die sc-cleaner.exe mit einem Doppelclick.
  • Bestätige die Meldung Shortcut Cleaner Finished am Ende des Suchlaufs mit Ok.
  • Eine Logdatei wird sich öffnen (sc-cleaner.txt).
  • Poste den Inhalt mit deiner nächsten Antwort.



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
HKLM\...\.exe:  =>  <===== ACHTUNG

AlternateDataStreams: C:\Windows:nlsPreferences [0]
AlternateDataStreams: C:\ProgramData\Reprise:yhuwxvwhfkxkcqmbzxjuiqjduvsftifh [0]
AlternateDataStreams: C:\ProgramData\TEMP:0B9176C0 [256]
AlternateDataStreams: C:\ProgramData\TEMP:4CF61E54 [118]
AlternateDataStreams: C:\ProgramData\TEMP:5D7E5A8F [144]
AlternateDataStreams: C:\ProgramData\TEMP:93DE1838 [133]
AlternateDataStreams: C:\ProgramData\TEMP:AB689DEA [294]
AlternateDataStreams: C:\ProgramData\TEMP:ABE89FFE [246]
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [206]
Task: C:\Windows\Tasks\RMSchedule.job => C:\Program Files (x86)\Registry Mechanic\RegMech.exe
Task: {A7790605-8EBD-47FE-9ACA-CAEA9BBC8113} - \Scheduled Update for Ask Toolbar -> Keine Datei <==== ACHTUNG
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-824321664-1275631822-800070043-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-824321664-1275631822-800070043-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.us.com/?guid={B9D4FB9C-78E2-4FB7-9FDC-67E665BE2937}&serpv=17
URLSearchHook: HKLM-x32 - (Kein Name) - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - Keine Datei
BHO-x32: Kein Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Keine Datei
FF user.js: detected! => C:\Users\MCS\AppData\Roaming\Mozilla\Firefox\Profiles\j44goa5s.default\user.js [2016-03-27]
EmptyTemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.






ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 28.03.2016, 23:08   #9
Foxbecks
 
Firefox und IE starten selbständig/automatisch - Standard

Firefox und IE starten selbständig/automatisch



Endlich durch!


virustotal-URL

Code:
ATTFilter
https://www.virustotal.com/de/file/69e25a6f9da674fba3c0535e8e9846f5c5dcc74296d9115548ed4050695cd6c6/analysis/1459179653/
         

sc-cleaner Log

Code:
ATTFilter
Shortcut Cleaner 1.3.9 by Lawrence Abrams (Grinler)
hxxp://www.bleepingcomputer.com/
Copyright 2008-2016 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
 hxxp://www.bleepingcomputer.com/download/shortcut-cleaner/

Windows Version: Windows 7 Home Premium Service Pack 1
Program started at: 03/28/2016 05:45:15 PM.

Scanning for registry hijacks:

 * No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Users\MCS\AppData\Roaming\Microsoft\Windows\Start Menu\

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

Searching C:\Users\MCS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Users\Public\Desktop\

Searching C:\Users\MCS\Desktop\

Searching C:\Users\Public\Desktop\


0 bad shortcuts found.

Program finished at: 03/28/2016 05:45:19 PM
Execution time: 0 hours(s), 0 minute(s), and 3 seconds(s)
         

Fixlog.txt

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von MCS (2016-03-28 17:34:56) Run:1
Gestartet von C:\Users\LM2\Desktop
Geladene Profile: MCS & LM2 (Verfügbare Profile: MCS & LM2 & Gast)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
HKLM\...\.exe:  =>  <===== ACHTUNG

AlternateDataStreams: C:\Windows:nlsPreferences [0]
AlternateDataStreams: C:\ProgramData\Reprise:yhuwxvwhfkxkcqmbzxjuiqjduvsftifh [0]
AlternateDataStreams: C:\ProgramData\TEMP:0B9176C0 [256]
AlternateDataStreams: C:\ProgramData\TEMP:4CF61E54 [118]
AlternateDataStreams: C:\ProgramData\TEMP:5D7E5A8F [144]
AlternateDataStreams: C:\ProgramData\TEMP:93DE1838 [133]
AlternateDataStreams: C:\ProgramData\TEMP:AB689DEA [294]
AlternateDataStreams: C:\ProgramData\TEMP:ABE89FFE [246]
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [206]
Task: C:\Windows\Tasks\RMSchedule.job => C:\Program Files (x86)\Registry Mechanic\RegMech.exe
Task: {A7790605-8EBD-47FE-9ACA-CAEA9BBC8113} - \Scheduled Update for Ask Toolbar -> Keine Datei <==== ACHTUNG
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-824321664-1275631822-800070043-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-824321664-1275631822-800070043-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.us.com/?guid={B9D4FB9C-78E2-4FB7-9FDC-67E665BE2937}&serpv=17
URLSearchHook: HKLM-x32 - (Kein Name) - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - Keine Datei
BHO-x32: Kein Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Keine Datei
FF user.js: detected! => C:\Users\MCS\AppData\Roaming\Mozilla\Firefox\Profiles\j44goa5s.default\user.js [2016-03-27]
EmptyTemp:
         
*****************

HKLM\Software\Classes\.exe\\Default => Wert erfolgreich wiederhergestellt
"C:\Windows" => ":nlsPreferences" ADS nicht gefunden.
C:\ProgramData\Reprise => ":yhuwxvwhfkxkcqmbzxjuiqjduvsftifh" ADS erfolgreich entfernt.
C:\ProgramData\TEMP => ":0B9176C0" ADS erfolgreich entfernt.
C:\ProgramData\TEMP => ":4CF61E54" ADS erfolgreich entfernt.
C:\ProgramData\TEMP => ":5D7E5A8F" ADS erfolgreich entfernt.
C:\ProgramData\TEMP => ":93DE1838" ADS erfolgreich entfernt.
C:\ProgramData\TEMP => ":AB689DEA" ADS erfolgreich entfernt.
C:\ProgramData\TEMP => ":ABE89FFE" ADS erfolgreich entfernt.
C:\ProgramData\TEMP => ":D1B5B4F1" ADS erfolgreich entfernt.
C:\Windows\Tasks\RMSchedule.job => nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A7790605-8EBD-47FE-9ACA-CAEA9BBC8113}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7790605-8EBD-47FE-9ACA-CAEA9BBC8113}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar => Schlüssel nicht gefunden. 
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Schlüssel erfolgreich entfernt
"HKU\S-1-5-21-824321664-1275631822-800070043-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Schlüssel erfolgreich entfernt
HKU\S-1-5-21-824321664-1275631822-800070043-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Wert erfolgreich wiederhergestellt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} => Wert erfolgreich entfernt
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}" => Schlüssel erfolgreich entfernt
HKCR\Wow6432Node\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => Schlüssel nicht gefunden. 
C:\Users\MCS\AppData\Roaming\Mozilla\Firefox\Profiles\j44goa5s.default\user.js => erfolgreich verschoben
EmptyTemp: => 350.5 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 17:36:04 ====
         

JRT.txt
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.4 (03.14.2016)
Operating System: Windows 7 Home Premium x64 
Ran by MCS (Administrator) on 28.03.2016 at 17:55:43,14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 16 

Successfully deleted: C:\Users\MCS\AppData\Local\crashrpt (Folder) 
Successfully deleted: C:\Users\MCS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh (Folder) 
Successfully deleted: C:\Users\MCS\AppData\Roaming\registry mechanic (Folder) 
Successfully deleted: C:\Users\Public\Desktop\hotspot shield.lnk (Shortcut) 
Successfully deleted: C:\Windows\wininit.ini (File) 
Successfully deleted: C:\Program Files (x86)\delta (Folder) 
Successfully deleted: C:\Program Files (x86)\registry mechanic (Folder) 
Successfully deleted: C:\Users\MCS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ACRW6M8A (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\MCS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EXPIYISR (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\MCS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MQ7FGOJG (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\MCS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OZSYP4DB (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\prefetch\FREEMAKEERRORREPORTER.EXE-FB3BD252.pf (File) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ACRW6M8A (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EXPIYISR (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MQ7FGOJG (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OZSYP4DB (Temporary Internet Files Folder) 



Registry: 4 

Successfully deleted: HKLM\Software\Google\Chrome\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh (Registry Key) 
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\0305431459175979mcinstcleanup (Registry Key) 
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e9e8eb35-ff77-455d-b677-91e5e4fc06c2} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e9e8eb35-ff77-455d-b677-91e5e4fc06c2} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.03.2016 at 18:01:03,05
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

ESET log.txt

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=e79150117829b14bbc518e50f0a8d639
# end=init
# utc_time=2016-03-28 04:03:01
# local_time=2016-03-28 06:03:01 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 28787
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=e79150117829b14bbc518e50f0a8d639
# end=updated
# utc_time=2016-03-28 04:16:07
# local_time=2016-03-28 06:16:07 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=e79150117829b14bbc518e50f0a8d639
# engine=28787
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-03-28 08:50:35
# local_time=2016-03-28 10:50:35 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='*McAfee*'
# compatibility_mode=5132 16777214 100 97 41090 187183599 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 66 85 91667473 210828085 0 0
# scanned=395215
# found=7
# cleaned=7
# scan_time=16467
sh=359D977D432E4F90FE627B2717144AE873990AC4 ft=1 fh=63c7b0ee3e7f229d vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung (gelöscht)" ac=C fn="C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\DVDVideoSoftTB.exe.vir"
sh=0FEC8D08A5F976C1A12BD368628DEB99942BB901 ft=1 fh=bb5c240993263018 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\AdwCleaner\FileQuarantine\C\Users\MCS\AppData\Local\Temp\OCS\ocs_v6r.exe.vir"
sh=2073BD2308164E9A5150EB3B4B0850FCF2CBFDE3 ft=1 fh=27e76fa1368fbb65 vn="Variante von Win32/InstallCore.ADV.gen evtl. unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\home2\home\FileZilla_3.exe"
sh=EA1DCCFE31F16E86624A32D49EEF84E83F12ADBE ft=1 fh=245478fe4fa5a7b4 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\MCS\Downloads\anonymox-10-fx-Downloader.exe"
sh=600771D2910928E3CEFE3B24E8F97C8DB4CF326C ft=1 fh=8a8ff7b6c3c6013d vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung (gelöscht)" ac=C fn="C:\Users\MCS\Downloads\FreeYouTubeToMp3Converter33.exe"
sh=A0574F62169752DBB35E1C459C9410C14B659E86 ft=1 fh=ff5d31bdd4b56416 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\MCS\Downloads\stealthy-24-fx-Downloader.exe"
sh=D0439EC17F40F2554D7621D2CC8EB76C9BBDF588 ft=1 fh=a1d70e4e6837fd7a vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\MCS\Downloads\uebersicht-Downloader.exe"
         

Alt 29.03.2016, 10:33   #10
Larusso
/// Selecta Jahrusso
 
Firefox und IE starten selbständig/automatisch - Standard

Firefox und IE starten selbständig/automatisch



Starten sich die Browser immer noch ?
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 29.03.2016, 12:30   #11
Foxbecks
 
Firefox und IE starten selbständig/automatisch - Standard

Firefox und IE starten selbständig/automatisch



Leider ja.

Gestern abend nach dem ESET-Scan lief alles ohne Komplikationen, heute morgen fing es jedoch wieder damit an. Dieses Mal bei beiden lookmagazine.us

Bezüglich Deiner gestrigen Frage, was diese setup.exe von "Zeitpunkt" betrifft:
Das ist irgendsoeine Beratungssoftware, die mir mal mein Vater vor einigen Jahren installiert hat. Meines Wissens wurde sie aber nur zwei oder drei mal benutzt damals.


Was lässt sich denn aus der Vielzahl meiner Logs schliessen? Habe ich evtl. einen Fehler gemacht oder mich nicht korrekt an die Anleitungen gehalten?
Oder liegt es am Surfverhalten meiner Mitbewohner? Diesen Rechner hier benützen 3 Personen.


Und nochmals vielen Dank für Deine Mühen.

MfG,
Marco

Alt 29.03.2016, 14:13   #12
Larusso
/// Selecta Jahrusso
 
Firefox und IE starten selbständig/automatisch - Standard

Firefox und IE starten selbständig/automatisch



Hy.

Dann muss ich mal etwas graben. Was ich vorher wissen muss, ob das in allen Userprofilen vorkommt.
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 29.03.2016, 18:25   #13
Foxbecks
 
Firefox und IE starten selbständig/automatisch - Standard

Firefox und IE starten selbständig/automatisch



Also,
bei MCS/Admin nur FF.
Bei LM2 erst FF, was aber "abgewürgt" wird, da es 2 verschiedene (selbst angelegte) Profile gibt und FF erst einmal die Auswahl eines Profils verlangt, woraufhin sich dann einige Sekunden später der IE öffnet.
Beim Gastkonto öffnet sich nur der IE.

(MCS und LM2 haben FF als Standartbrowser...)

Alt 30.03.2016, 09:23   #14
Larusso
/// Selecta Jahrusso
 
Firefox und IE starten selbständig/automatisch - Standard

Firefox und IE starten selbständig/automatisch



Also grundsätzlich bei allen.

Gut, dann müssen wir suchen.
Führe bitte einmal einen Clean Boot, wie hier beschrieben aus:
Clean Boot - Probleme beim Systemstart diagnostizieren

Tritt das Problem auch hier auf ?
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Antwort

Themen zu Firefox und IE starten selbständig/automatisch
browser, converter, dnsapi.dll, excel, expert pdf, festplatte, firefox, flash player, google, helper, home, hotspot, installation, microsoft fix it, mozilla, mp3, phishing, proxy, registry, scan, security, siteadvisor, software, starten, svchost.exe, symantec, system, usb, windows



Ähnliche Themen: Firefox und IE starten selbständig/automatisch


  1. Firefox öffnet selbständig Tabs mit Werbung und Gewinnspielen
    Log-Analyse und Auswertung - 14.03.2016 (24)
  2. Firefox startet automatisch und ruft selbständig Internetseiten auf
    Plagegeister aller Art und deren Bekämpfung - 15.01.2015 (2)
  3. Firefox öffnet selbständig Game Seiten
    Log-Analyse und Auswertung - 08.08.2014 (17)
  4. Tastatur hängt und Cursor wechselt selbständig (im firefox)
    Plagegeister aller Art und deren Bekämpfung - 16.05.2014 (16)
  5. Firefox öffnet selbständig neuen Tab zu Systweak/Reg cleaner pro
    Plagegeister aller Art und deren Bekämpfung - 25.02.2014 (11)
  6. Win7: Firefox öffnet selbständig Tabs mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 29.11.2013 (7)
  7. Firefox-Tab mit Sponsorship öffnet sich selbständig
    Log-Analyse und Auswertung - 04.08.2013 (11)
  8. Firefox öffnet selbständig Werbetabs
    Plagegeister aller Art und deren Bekämpfung - 12.07.2013 (5)
  9. Firefox öffnet selbständig Tabs und ist sehr instabil.
    Plagegeister aller Art und deren Bekämpfung - 29.12.2012 (17)
  10. Firefox öffnete selbständig Tab, der einen Sicherheitsscan vortäuschte
    Plagegeister aller Art und deren Bekämpfung - 11.10.2010 (6)
  11. Virus öffnet selbständig Tabs in Firefox
    Plagegeister aller Art und deren Bekämpfung - 25.08.2010 (25)
  12. Firefox öffnet selbständig (Werbe-)Fenster
    Log-Analyse und Auswertung - 07.11.2009 (6)
  13. PC lahmt und Firefox öffnet selbständig neue Fenster
    Log-Analyse und Auswertung - 06.01.2009 (0)
  14. Firefox öffnet automatisch unsichtbare ( nur im Taskmanager zu sehen Firefox.exe )
    Plagegeister aller Art und deren Bekämpfung - 27.01.2007 (1)
  15. Firefox arbeitet selbständig
    Log-Analyse und Auswertung - 31.03.2006 (7)
  16. firefox öffnet selbständig browserfenster
    Log-Analyse und Auswertung - 21.01.2006 (9)
  17. IExplorer und Firefox öffnen selbständig irgendwelche Seiten
    Log-Analyse und Auswertung - 05.09.2005 (1)

Zum Thema Firefox und IE starten selbständig/automatisch - Hallo, seit einigen Tagen öffnen sich sowohl Firefox als auch IE selbständig mit folgenden Seiten: techbrowsing.com/?from=land (FF) serengetiwatch.com (IE) lookmagazine.us (IE) Beide Browser habe ich inzwischen jeweils 2-mal bereinigt/restauriert. Danach - Firefox und IE starten selbständig/automatisch...
Archiv
Du betrachtest: Firefox und IE starten selbständig/automatisch auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.