Böser Trojaner ? (Kein zugriff mehr auf System32 )

skrug10239 · 14.11.2014, 11:36

Hallo.
Ich bin neu hier und begrüße alle alten Hasen hier.

Ich hoffe Jemand kann mir vielleicht helfen.

Ich habe Win7 Ultimate 64 Bit.(HDD 1) Win7 Ultimate Beta (HDD2) WinXP (HDD 3)

Problem ist meine Win7 64 Bit von HDD1 mein Arbeits und Spiele Windows
Seit einiger Zeit machte mein Antivirus (AVG) Probleme, meldete immer wieder Infektionen im Windows Temp verzeichnis.
Dort reingeschaut fand ich immer wieder einen neuen Temp Ordner der aber leer war mit wechselnden kurzen Namen wie Temp1000h8b.

Nachdem ich den Antivir und den Avast und Spypot S&D durchlaufen habe lassen, verschwand dieses Problem.

Ein neues trat auf. Mein Antivirus (Nicht von Avira sondern von AVG) konnte keine Einstellungen mehr behalten. Es konnten keine Änderungen mehr gespeichert werden.
Es lies sich auch der live Schutz nicht mehr deaktivieren.

Da dies nun zu Problemen mit dem Spiel WarThunder führte, hab ich den AVG deinstaliert und Bitdefender instaliert.

Der lief ein paar Stunden ohne Probleme wurde dann aber plötzlich beendet.

Das war Vorgestern.
Dann kam ein Windowsupdate und nach dieser Installation funktionierte mein Netzwerk nicht mehr.

Ich konnte weder lokal den Router ansprechen noch ins Internet.

Also habe ich mein altes XP von einer anderen Platte gestartet und siehe da Internet funzt wieder.

Aber nicht vom Win 7
DNS Dienst wurde nicht gestartet.
Ließ sich auch nicht Manuell starten, da angeblich ein Modul fehlt.

Also gleich mal den entsprechenden Regestrieeintrag angeschaut.

(kann man Screenshots hier posten?)

Dort finden sich einmal

extension REG_EXPAND_SZ %SystemRoot%\System32\dnsext.dll
ServiceDll REG_EXPAND_SZ %SystemRoot%\System32\dnsrslvr.dll
ServiceDllUnloadOnStop REG DWORD 0x000001 (1)
ServiceMain REG_SZ SetAccessPolicy

In meinem Notfall Win7 Ultimate (Einer Beta von damals die immer noch herhalten muss wenn es unter dem normalen Win7 hakt) stehen dort nur

ServiceDll REG_EXPAND_SZ %SystemRoot%\System32\dnsrslvr.dll
ServiceDllUnloadOnStop REG DWORD 0x000001 (1)

Also den Schlüssel auf diese Menge gekürzt und der DNS Dienst ließ sich dann starten.
Aber Netzwerk funktionierte immer nich nicht.

Also neustart des Win7 und immer noch nicht.
Die alten Einträge wiederhinzugefügt und nun bekomme ich fehler 127 wenn ich den DNS starten will.

Prozedur nicht gefunden.

Also wahrscheinlich die Dlls komprimitiert.

Doch nun Überraschung. Ich konnte keine DLL durch eine originale ältere DLL ersetzen.
Ich hatte als Admin keinerlei Berechtigungen im System32 mehr.
Die konnte ich auch nicht mehr setzten. Normalerweise konnte ich sonst mir die Zugriffsrechte selber geben. Habe schon früher mal Dlls austauschen müssen.
Doch nun sind die Kästchen zum verteilen der Zugriffsberechtigungen bei den Ordner System32 verschwunden.

Bei den anderen Ordner sind die da. Nur bei dem nicht mehr.

Auch wenn ich von meinem anderen Win7 (Win 7 Beta) starte (Andere HDD) und dort mit aktiviertem Admin Konto versuche in dem System32 Ordner von Win7 (Win 7 Arbeit)
auch nur eine Dll umzubenennen, verweigert man mir jeden Zugriff. Ein Trustedinstaller müsste mir die Rechte vererben. Auch dort sich die Kästchen im Zugriffsberechtigungs Menü zwar diesmal vorhanden, aber allesamt ausgegraut. Und der Hersteller, Admin und System haben keine Zugriffe mehr.

Meine Frage lautet nun, welcher Schädling, kann einen derart von sämtlichen Zugriffen auf System32 aussperren, das man nichtmal mehr mit einem anderen Win7 sich dort als Admin irgendwelche Zufgriffe wieder herstellen kann, sondern diese Kästchen nun alle ausgegraut sind.

Natürlich kann somit auch kein Virenscanner mehr auf System32 zugreifen, egal von welcher Festplatte ich irgendein Windows starte.

Meine letzte Hoffnung ist eine Knoppix DVD.
Leider habe ich keine Heise CT Life security CD mehr.

Damit hätte ich mit diversen Virenengines, dieses System32 vielleicht mal säubern können.

Was bleibt mir wohl nun übrig ?
Datensichern und HDD formatieren ? Und wie stelle ich fest ob der Schädling nicht schon in dem Datenbackup ist ?
Ist schon ein Jahr her, daß ich den letzten Zugriff auf System32 hatte, der noch einwandfrei funzte.

Mir wäre aber auch schon mit Informationen zu diesem Schädling geholfen.
Oder Programmen die sowas aufspüren können.

Mein Autostart ist übrigens immer beschnitten.
Ich starte grundsätzlich keine Toolbars und sonstigen Müll.

Ich schmeiße regelmäßig alles wieder aus den Einträgen raus. Nur Virenscanner und Windows Dienste starten.
Das reduziert die Bootzeit und veringert Probleme durch die ganzen APple, Adobe und sontigen Toolbars, angeblichen Helferlein, Googleupdaters usw. Achja und den Spybot lasse ich drin. Der immunisiert regelmäßig mein System.
Aber den habe ich jetzt auch rausgeschmissen um zu sehen ob er das Problem ist.

Ist er nicht.
Ich habe ein leeres Startmenu und nur die nötigsten Windowsdiesnte gestartet. NIX. Immer noch kein Netzwerk
Abgesicherter Modus mit Netzwerkunterstützung = gleiches Problem.

Ich weiß nicht mehr weiter...
Was helfen Malwarescanner, wenn auch die keinen Zugriff auf die System32 erhalten.

Gibts einen der trotzdem dort scannen kann ?

Gruß.

Ich müsste noch erwähnen, es eilt etwas mit dem Thema, da weder mein Win 7 Beta noch mein WinXP nicht die sichersten sind.

Trotz Virenscanner
Beide Betriebsysteme werden ja nicht mehr durch neue Windowsupdates gepflegt.

Ich kann aber nur mit diesen noch ins Internet und hier schreiben.

schrauber · 14.11.2014, 11:44

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

skrug10239 · 14.11.2014, 12:40

Danke, werde ich machen.

Dauert aber was, da ich von dem einen Windows nicht ins internet kann und grade noch einen antimalware scanner über mein Win7 Beta laufen lasse.

schrauber · 15.11.2014, 11:36

ok.

skrug10239 · 16.11.2014, 22:57

So ich habe mal die beiden Logs hier eingefügt.

Ich hoffe die helfen weiter.

Interessanterweise habe ich den DNS Dienst wieder zum laufen bekommen, habe aber immer noch keinerlei Netzwerk egal ob lokal oder internet.

Der Internetexplorer läßt sich nicht starten.

Firefox und Chrome dagegen schon.

System32 Ordner ist weiterhin für Admin gesperrt.

Es werden nicht mal die Kästchen angezeigt, wo man sehen kann was wer machen darf.

Gruß

FRST TXT

Anhang 70870

Addition.TXT
Anhang 70871

schrauber · 17.11.2014, 13:57

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

skrug10239 · 18.11.2014, 00:03

Ok, dann poste ich hier erst mal den Log von der FRST
FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-11-2014 02
Ran by Stefan (administrator) on STEFAN-PC on 14-11-2014 17:43:45
Running from K:\DLL
Loaded Profile: Stefan (Available profiles: Stefan)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Englisch (USA)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-3450674695-669472531-1269977080-1001\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x9D000000
HKU\S-1-5-21-3450674695-669472531-1269977080-1001\...\MountPoints2: {619e5d26-84a5-11e1-b4c0-806e6f6e6963} - R:\Autorun.exe
HKU\S-1-5-21-3450674695-669472531-1269977080-1001\...\MountPoints2: {619e5d27-84a5-11e1-b4c0-806e6f6e6963} - U:\Autorun.exe
HKU\S-1-5-18\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
Lsa: [Authentication Packages] msv1_0 relog_ap
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x952BB1650B51CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - {C3694EFB-7200-4948-B427-BA4EA1C52FEC} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} ->  No File
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Toolbar: HKU\S-1-5-21-3450674695-669472531-1269977080-1001 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
DPF: HKLM-x32 {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} hxxp://download.gigabyte.com.tw/object/Dldrv.ocx
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll (AVG Secure Search)
Winsock: Missing Catalog5 entry, broken internet access. <===== ATTENTION.
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

FireFox:
========
FF ProfilePath: C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\0isv935c.default
FF Homepage: hxxp://www.google.de/
FF Keyword.URL: 
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.0\\npsitesafety.dll No File
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\0isv935c.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\0isv935c.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\0isv935c.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\0isv935c.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\0isv935c.default\searchplugins\nation-secure-search.xml
FF SearchPlugin: C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\0isv935c.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ddg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\nation-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Free YouTube Download (Free Studio) Menu - C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\0isv935c.default\Extensions\{ACAA31B-EEBA-48e4-AD47-84E31C44796C} [2011-08-03]
FF Extension: Bitdefender QuickScan - C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\05c.default\Extensions\{e001c731-5e37-4538-a5cb-816736a2360} [2012-06-28]
FF Extension: WEB.DE MailCheck - C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\05c.default\Extensions\toolbar@web.de.xpi [2012-03-01]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEAC-0016-0000-0033-ABCDEFFDCBA} [2012-07-10]
FF HKLM-x32\...\Firefox\Extensions: [{690342A-8307-11DF-A508-4AE2FD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF HKLM-x32\...\Firefox\Extensions: [{F003DA8-8256-4b37-A6C4-350FA4494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-07-03]
FF HKLM-x32\...\Firefox\Extensions: [{23fcf51-4958-4f00-80a3-ae97e717d8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-09-03]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Nation toolbar\FireFoxExt\18.1.0.443
FF Extension: AVG Nation toolbar - C:\ProgramData\AVG Nation toolbar\FireFoxExt\18.1.0.443 [2014-04-27]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdivx32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Nero Kwik Media Helper) - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U33) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.330.3) - C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
CHR Plugin: (Windows LiveÂ™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Profile: C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (Logitech SetPoint) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfbkimjbdd [2013-08-30]
CHR Extension: (WEB.DE MailCheck) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcglijlllo [2013-10-12]
CHR Extension: (Google Wallet) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmieda [2013-08-30]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-08-17]
CHR HKLM-x32\...\Chrome\Extension: [edaibbiobgpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2013-07-03]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbfgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-07-26]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 ASDR; C:\Windows\SysWOW64\ASDR.exe [61440 2010-09-14] () [File not signed] (Asus Smart Dr.)
S4 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 5\DfSdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
S4 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe [80496 2010-01-28] ()
S4 Futuremark SystemInfo Service; C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [135584 2011-12-09] (Futuremark Corporation)
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [167936 2005-08-08] () [File not signed]
S4 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP1\RpcAgentSrv.exe [95896 2008-12-12] (SiSoftware) [File not signed]
S4 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S4 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S4 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S4 ttdmx6firesvc; C:\Program Files\TerraTec\DMX6FireUSB\ttdmx6firesvc.exe [126976 2011-02-21] (RigiSystems AG) [File not signed]
S2 Update-Service; C:\Windows\SysWOW64\UpdSvc.dll [114000 2011-12-24] (Joosoft.com GmbH)
S4 vToolbarUpdater18.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [1793536 2014-04-27] (AVG Secure Search) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
S3 ASAPIW2K; C:\Windows\SysWOW64\Drivers\ASAPIW2K.sys [11264 2003-11-28] (Pinnacle Systems GmbH) [File not signed]
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [19600 2012-07-03] (AVAST Software)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-04-27] (AVG Technologies)
R2 BrPar; C:\Windows\System32\drivers\BrPar64a.sys [30528 2006-11-06] (Brother Industries Ltd.)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [1266688 2010-09-16] (C-Media Inc)
S3 COMMONFX.DLL; C:\Windows\System32\COMMONFX.DLL [151552 2005-08-03] (Creative Technology Ltd) [File not signed]
S3 CTAUDFX.DLL; C:\Windows\System32\CTAUDFX.DLL [695808 2005-08-03] (Creative Technology Ltd) [File not signed]
S3 CTEAPSFX.DLL; C:\Windows\System32\CTEAPSFX.DLL [208896 2005-08-03] (Creative Technology Ltd) [File not signed]
S3 CTEDSPFX.DLL; C:\Windows\System32\CTEDSPFX.DLL [316928 2005-08-03] (Creative Technology Ltd) [File not signed]
S3 CTEDSPIO.DLL; C:\Windows\System32\CTEDSPIO.DLL [169472 2005-08-03] (Creative Technology Ltd) [File not signed]
S3 CTEDSPSY.DLL; C:\Windows\System32\CTEDSPSY.DLL [356864 2005-08-03] (Creative Technology Ltd) [File not signed]
S3 CTSBLFX.DLL; C:\Windows\System32\CTSBLFX.DLL [676864 2005-08-03] (Creative Technology Ltd) [File not signed]
R1 EIO64; C:\Windows\System32\DRIVERS\EIO64.sys [16384 2011-03-13] (ASUSTeK Computer Inc.)
S3 EMSUSB2; C:\Windows\SysWOW64\DRIVERS\EMSUSB2.sys [9728 2007-01-03] () [File not signed]
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-03-04] ()(Gigabyte)
S3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [23680 2010-09-14] (ASUSTeK Computer Inc.)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-14] (Malwarebytes Corporation)
S3 MEMSWEEP2; C:\Windows\system32\2A6C.tmp [6144 2009-06-18] (Sophos Plc) [File not signed]
R3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [20592 2009-12-17] (Portrait Displays, Inc.)
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [102912 2012-03-15] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [220672 2012-03-15] (Renesas Electronics Corporation)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP1\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 ttdmx6fire; C:\Windows\System32\DRIVERS\ttdmx6fire_x64.sys [438880 2011-03-28] (RigiSystems AG)
S3 ttdmx6fireks; C:\Windows\System32\DRIVERS\ttdmx6fireks_x64.sys [64096 2011-03-28] (RigiSystems AG)
R2 UI5IFS; C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 5\IFS64.sys [37216 2013-05-08] ()
S3 USTOR2K; C:\Windows\System32\DRIVERS\ustor2k.sys [52224 2010-02-22] (Genesys Logic) [File not signed]
R0 vidsflt53; C:\Windows\System32\DRIVERS\vsflt53.sys [141920 2013-04-06] (Acronis)
S3 ALSysIO; \??\C:\Users\Stefan\AppData\Local\Temp\ALSysIO64.sys [X]
S3 cpuz130; \??\C:\Users\Stefan\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]
S3 cpuz132; \??\C:\Users\Stefan\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-14 17:43 - 2014-11-14 17:43 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-14 17:43 - 2014-11-14 17:43 - 00000000 ____D () C:\FRST
2014-11-14 17:42 - 2014-11-14 17:42 - 00001121 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-14 17:42 - 2014-11-14 17:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-14 17:42 - 2014-11-14 17:42 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-14 17:42 - 2014-11-14 17:42 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-11-14 17:42 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-14 17:42 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-14 17:42 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-13 17:16 - 2014-11-13 17:16 - 00097991 _____ () C:\ProgramData\1415895323.bdinstall.bin
2014-11-13 17:15 - 2014-11-13 17:15 - 00037824 _____ () C:\ProgramData\1415895321.bdinstall.bin
2014-11-13 15:19 - 2014-11-13 15:19 - 00000000 ____D () C:\ProgramData\GZ
2014-11-13 15:15 - 2014-11-13 15:15 - 00000000 __SHD () C:\Users\Stefan\AppData\Local\EmieBrowserModeList
2014-11-12 08:27 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 08:27 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 08:27 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 08:27 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 08:27 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 08:27 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 08:27 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 08:27 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 08:27 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 08:27 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 08:27 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 08:27 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 08:26 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 08:26 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 08:26 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 08:26 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 08:26 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 08:26 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 08:26 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 08:26 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 08:26 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 08:26 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 08:26 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 08:26 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 08:26 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 08:26 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 08:26 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 08:26 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 08:26 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 08:26 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 08:26 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 08:26 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 08:26 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 08:26 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 08:26 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 08:26 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 08:26 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 08:26 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 08:26 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 08:26 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 08:26 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 08:26 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 08:26 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 08:26 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 08:26 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 08:26 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 08:26 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 08:26 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 08:26 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 08:26 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 08:26 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 08:26 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 08:26 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 08:26 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 08:26 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 08:26 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 08:25 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 08:25 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 08:25 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 08:25 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 08:25 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 08:25 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 08:25 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 08:25 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 08:25 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 08:25 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 08:25 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 08:25 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 08:25 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 08:25 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 08:25 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 08:25 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 08:25 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 08:25 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 08:25 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 08:25 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 08:25 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-12 08:25 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 08:25 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 08:25 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 08:25 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 08:25 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 08:25 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 08:25 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-12 08:25 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 08:25 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 08:25 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 08:25 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 08:25 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 08:25 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 08:25 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 08:25 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 08:25 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 08:25 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 08:25 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 08:25 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 08:24 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 08:24 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 08:24 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 08:24 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 08:24 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 08:24 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 08:24 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 08:19 - 2014-11-12 08:19 - 00207651 _____ () C:\ProgramData\1415776591.bdinstall.bin
2014-11-12 08:19 - 2009-07-15 01:21 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2014-11-12 08:16 - 2014-11-12 08:16 - 10447328 _____ () C:\Users\Stefan\Downloads\Antivirus_Free_Edition_x64.exe
2014-11-12 08:16 - 2014-11-12 08:16 - 00162208 _____ () C:\Users\Stefan\Downloads\Antivirus_Free_Edition21.exe
2014-11-10 12:25 - 2014-11-10 12:25 - 00000758 _____ () C:\Users\Public\Desktop\WarThunder.lnk
2014-11-10 12:25 - 2014-11-10 12:25 - 00000000 ____D () C:\Users\Stefan\Documents\My Games
2014-11-10 12:25 - 2014-11-10 12:25 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2014-11-10 12:21 - 2014-11-10 12:22 - 04708816 _____ (Gaijin Entertainment ) C:\Users\Stefan\Downloads\wt_launcher_1.0.1.464.exe
2014-11-04 16:12 - 2014-11-04 16:13 - 00001021 _____ () C:\Users\Public\Desktop\IrfanView.lnk
2014-11-04 16:12 - 2014-11-04 16:12 - 00003146 _____ () C:\Windows\System32\Tasks\{A1962650-2337-4232-B418-757CA64E6225}
2014-11-04 16:11 - 2014-11-04 16:11 - 02197648 _____ (Irfan Skiljan) C:\Users\Stefan\Downloads\iview438g_setup.exe
2014-10-30 17:53 - 2014-10-30 17:53 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\MPC-HC
2014-10-30 16:42 - 2014-10-30 16:42 - 00001721 _____ () C:\Users\Stefan\Desktop\MPC-HC x64.lnk
2014-10-30 16:42 - 2014-10-30 16:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2014-10-30 16:41 - 2014-10-30 16:42 - 00000000 ____D () C:\Program Files\MPC-HC
2014-10-30 16:39 - 2014-10-30 16:40 - 12099768 _____ (MPC-HC Team ) C:\Users\Stefan\Downloads\MPC-HC.1.7.7.x64.exe
2014-10-29 11:41 - 2014-10-29 11:41 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Nero
2014-10-28 14:18 - 2014-10-28 14:18 - 00000024 _____ () C:\Windows\91E28EB5F908C1EF.log
2014-10-28 02:52 - 2014-10-28 02:52 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\24124
2014-10-28 02:44 - 2014-10-28 02:44 - 11335472 _____ () C:\Users\Stefan\Downloads\SetupAnyDVD7520.exe
2014-10-27 09:16 - 2014-10-27 09:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 9
2014-10-27 09:14 - 2014-10-27 09:15 - 54689240 _____ (Fengtao Software Inc. ) C:\Users\Stefan\Downloads\DVDFab9171.exe
2014-10-19 03:17 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-19 03:17 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-19 03:17 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-19 03:17 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-19 03:17 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-19 03:17 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-19 03:14 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-19 03:14 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-19 03:13 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-19 03:13 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-19 03:13 - 2014-07-17 03:07 - 01113088 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-19 03:13 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-19 03:13 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-19 03:13 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-19 03:13 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-19 03:13 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-19 03:13 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-19 03:13 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-19 03:13 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-19 03:13 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-14 17:42 - 2010-09-10 17:53 - 01561975 _____ () C:\Windows\WindowsUpdate.log
2014-11-14 17:39 - 2011-03-01 09:18 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-14 17:39 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-14 17:38 - 2012-01-19 15:40 - 00118553 _____ () C:\Windows\setupact.log
2014-11-14 17:36 - 2011-07-22 16:15 - 00000000 ____D () C:\Temp
2014-11-14 09:20 - 2009-07-14 05:45 - 00021616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-14 09:20 - 2009-07-14 05:45 - 00021616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-13 19:47 - 2013-06-14 07:02 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-13 19:10 - 2011-03-01 09:18 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-13 17:43 - 2010-09-10 17:19 - 00000000 __SHD () C:\Recovery
2014-11-13 17:40 - 2009-07-14 06:08 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-13 17:33 - 2011-02-18 09:26 - 00000000 ____D () C:\Windows\pss
2014-11-13 17:17 - 2010-09-10 18:39 - 00895822 _____ () C:\Windows\PFRO.log
2014-11-13 15:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-13 10:35 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-13 10:32 - 2014-08-05 14:47 - 00000000 ____D () C:\Program Files\Mafia
2014-11-13 09:56 - 2009-07-14 05:45 - 00303008 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 09:53 - 2014-05-06 22:20 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-13 09:50 - 2013-06-14 07:02 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-13 09:50 - 2012-04-03 09:15 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-13 09:50 - 2011-05-19 03:44 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-13 03:16 - 2013-08-14 23:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 03:03 - 2010-09-10 18:25 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-12 19:26 - 2012-12-24 12:26 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\TS3Client
2014-11-12 08:17 - 2010-11-13 11:25 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\QuickScan
2014-11-11 11:17 - 2014-05-07 11:59 - 00000000 ____D () C:\ProgramData\AVG2014
2014-11-11 11:17 - 2013-03-22 09:15 - 00000000 ____D () C:\ProgramData\MFAData
2014-11-11 11:17 - 2012-04-25 14:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-11 04:44 - 2010-09-11 20:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-10 23:50 - 2014-08-03 01:27 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-11-10 23:42 - 2014-05-07 11:57 - 00000000 ____D () C:\Users\Stefan\AppData\Local\Avg2014
2014-11-10 23:41 - 2013-03-22 09:20 - 00000000 ___HD () C:\$AVG
2014-11-10 13:11 - 2010-09-13 12:23 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-11-09 14:22 - 2010-09-10 19:27 - 00698906 _____ () C:\Windows\system32\perfh007.dat
2014-11-09 14:22 - 2010-09-10 19:27 - 00150114 _____ () C:\Windows\system32\perfc007.dat
2014-11-09 14:22 - 2009-07-14 06:13 - 01625812 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-07 13:08 - 2012-12-24 12:25 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-11-06 03:37 - 2010-10-14 07:56 - 00014848 _____ () C:\Users\Stefan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-05 10:54 - 2011-06-20 16:43 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-11-04 16:12 - 2010-09-11 08:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2014-11-04 16:12 - 2010-09-11 08:25 - 00000000 ____D () C:\Program Files (x86)\IrfanView
2014-11-04 14:30 - 2010-09-10 18:22 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-29 11:41 - 2011-05-06 07:49 - 00000000 ____D () C:\ProgramData\Nero
2014-10-29 01:26 - 2012-08-17 09:30 - 00002202 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-28 14:18 - 2014-02-25 04:33 - 00000000 ____D () C:\ProgramData\SlySoft
2014-10-28 14:18 - 2014-02-25 04:33 - 00000000 ____D () C:\Program Files (x86)\SlySoft
2014-10-28 14:16 - 2011-07-29 16:36 - 00000125 ___SH () C:\ProgramData\.zreglib
2014-10-28 09:59 - 2011-04-28 09:37 - 00000000 ____D () C:\Users\Stefan\Desktop\Neuer Ordner (2)
2014-10-28 09:58 - 2012-08-30 00:26 - 00000000 ____D () C:\Users\Stefan\Desktop\nero 10 essentials suite 2
2014-10-27 09:17 - 2013-05-26 01:55 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\DVDFab9
2014-10-27 09:17 - 2013-05-23 12:59 - 00000000 ____D () C:\Users\Stefan\Documents\DVDFab9
2014-10-27 09:16 - 2014-02-25 04:11 - 00001014 _____ () C:\Users\Public\Desktop\DVDFab 9.lnk
2014-10-27 09:16 - 2013-05-26 01:55 - 00000000 ____D () C:\Program Files (x86)\DVDFab 9
2014-10-20 22:05 - 2011-03-01 09:18 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-20 22:05 - 2011-03-01 09:18 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-19 15:40 - 2014-08-23 11:08 - 00000000 ____D () C:\Users\Stefan\AppData\Local\Adobe
2014-10-19 03:04 - 2013-07-03 10:53 - 00001596 _____ () C:\Windows\LkmdfCoInst.log
2014-10-19 03:03 - 2013-07-03 10:53 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys

Some content of TEMP:
====================
C:\Users\Stefan\AppData\Local\Temp\AcronisProductUpdateUtility.exe
C:\Users\Stefan\AppData\Local\Temp\AMPing.exe
C:\Users\Stefan\AppData\Local\Temp\AskSLib.dll
C:\Users\Stefan\AppData\Local\Temp\AuConv.dll
C:\Users\Stefan\AppData\Local\Temp\AuConvEx.dll
C:\Users\Stefan\AppData\Local\Temp\AutoRun.exe
C:\Users\Stefan\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Stefan\AppData\Local\Temp\Boot.dll
C:\Users\Stefan\AppData\Local\Temp\BootDriver.dll
C:\Users\Stefan\AppData\Local\Temp\Burn.dll
C:\Users\Stefan\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\Stefan\AppData\Local\Temp\CmdLineExt03.dll
C:\Users\Stefan\AppData\Local\Temp\DataMana.dll
C:\Users\Stefan\AppData\Local\Temp\DevCtrl.dll
C:\Users\Stefan\AppData\Local\Temp\drm_dyndata_7290008.dll
C:\Users\Stefan\AppData\Local\Temp\drm_dyndata_7360010.dll
C:\Users\Stefan\AppData\Local\Temp\drm_dyndata_7390005.dll
C:\Users\Stefan\AppData\Local\Temp\dvdshrink32setup.exe
C:\Users\Stefan\AppData\Local\Temp\DWPUpgradeInstaller.exe
C:\Users\Stefan\AppData\Local\Temp\eauninstall.exe
C:\Users\Stefan\AppData\Local\Temp\FatLib.dll
C:\Users\Stefan\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe
C:\Users\Stefan\AppData\Local\Temp\fsprod.dll
C:\Users\Stefan\AppData\Local\Temp\fssfm.dll
C:\Users\Stefan\AppData\Local\Temp\GetDriverInfo.dll
C:\Users\Stefan\AppData\Local\Temp\grubinst.exe
C:\Users\Stefan\AppData\Local\Temp\HPPSdr.exe
C:\Users\Stefan\AppData\Local\Temp\incredibar_installer.exe
C:\Users\Stefan\AppData\Local\Temp\installChecker.exe
C:\Users\Stefan\AppData\Local\Temp\installerdll2839889.dll
C:\Users\Stefan\AppData\Local\Temp\installerdll763734.dll
C:\Users\Stefan\AppData\Local\Temp\installerdll768741.dll
C:\Users\Stefan\AppData\Local\Temp\InstallManager_BAB_BAB.exe
C:\Users\Stefan\AppData\Local\Temp\install_reader11_de_mssd_aih.exe
C:\Users\Stefan\AppData\Local\Temp\ISOExport.exe
C:\Users\Stefan\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\Stefan\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Stefan\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Stefan\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Stefan\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Stefan\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Stefan\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Stefan\AppData\Local\Temp\LMkRstPt.exe
C:\Users\Stefan\AppData\Local\Temp\MSVCP60.DLL
C:\Users\Stefan\AppData\Local\Temp\patchw32.dll
C:\Users\Stefan\AppData\Local\Temp\preconfig.exe
C:\Users\Stefan\AppData\Local\Temp\RecLib.dll
C:\Users\Stefan\AppData\Local\Temp\rootsupd.exe
C:\Users\Stefan\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Stefan\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Stefan\AppData\Local\Temp\sfextra.dll
C:\Users\Stefan\AppData\Local\Temp\SIntf16.dll
C:\Users\Stefan\AppData\Local\Temp\SIntf32.dll
C:\Users\Stefan\AppData\Local\Temp\SIntfNT.dll
C:\Users\Stefan\AppData\Local\Temp\syslinux.exe
C:\Users\Stefan\AppData\Local\Temp\T4uinst.exe
C:\Users\Stefan\AppData\Local\Temp\tdll.dll
C:\Users\Stefan\AppData\Local\Temp\temp.exe
C:\Users\Stefan\AppData\Local\Temp\UserRes.dll
C:\Users\Stefan\AppData\Local\Temp\UserResEx.dll
C:\Users\Stefan\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Stefan\AppData\Local\Temp\vcredist_x86.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-05 15:17

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Und hier mal das LOG vom Aditional

dditional scan result of Farbar Recovery Scan Tool (x64) Version: 13-11-2014 02
Ran by Stefan at 2014-11-14 17:46:04
Running from K:\DLL
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.08 - GIGABYTE)
7-Zip 9.16 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0916-000001000000}) (Version: 9.16.00.0 - Igor Pavlov)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.03) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Artweaver Free 3.1 (HKLM-x32\...\{96A9A1C8-FBAD-4703-ABF1-E93AA8FE85A0}_is1) (Version: 3.1 - Boris Eyrich Software)
Ashampoo Burning Studio 2010 Advanced (HKLM-x32\...\Ashampoo Burning Studio 2010 Advanced_is1) (Version: 9.2.4 - ashampoo GmbH & Co. KG)
Ashampoo UnInstaller 5 v.5.0.3 (HKLM-x32\...\{4209F371-ABC8-B772-DB8E-93F4772F58FA}_is1) (Version: 5.03.00 - Ashampoo GmbH & Co. KG)
ASUS Smart Doctor (HKLM-x32\...\InstallShield_{809D7E6D-915D-4EAD-821F-E13D93F37161}) (Version: 5.66 - ASUSTek COMPUTER INC.)
ASUS Smart Doctor (x32 Version: 5.66 - ASUSTek COMPUTER INC.) Hidden
ASUS Xonar D2 Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - )
ATI Catalyst Install Manager (HKLM\...\{897BE4A7-682B-7375-BBAF-05A44FC2B524}) (Version: 3.0.786.0 - ATI Technologies, Inc.)
ATI Catalyst Registration (x32 Version: 3.00.0000 - ATI Technologies Inc.) Hidden
AVG Nation toolbar (HKLM-x32\...\AVG Nation toolbar) (Version: 18.1.0.443 - InfoSpace)
Brother HL-5240 (HKLM-x32\...\{C815C69E-C6CF-4DDB-926B-7D4F40E02C7B}) (Version: 1.00 - Brother)
ccc-core-static (x32 Version: 2010.0803.2125.36577 - Ihr Firmenname) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - )
Core Temp version 0.99.8 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 0.99.8 - Arthur Liberman)
CPUID CPU-Z 1.59 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Data Lifeguard Diagnostic for Windows 1.22 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
DivX Web Player (HKLM-x32\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.5.0 - DivX,Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
DMX 6Fire USB V1.23.0 (HKLM-x32\...\DMX 6Fire USB) (Version: 1.23.0 - )
Easy Tune 6 B10.0728.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B10.0728.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
EasyBCD 2.0 (HKLM-x32\...\EasyBCD) (Version: 2.0 - NeoSmart Technologies)
EAX Unified (HKLM-x32\...\EAX Unified) (Version: - )
EMS USB Joypad2 (HKLM-x32\...\EMS USB Joypad2) (Version: - )
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Eusing Free Registry Cleaner (HKLM-x32\...\Eusing Free Registry Cleaner) (Version: - Eusing Software)
Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
Exif-Viewer 2.50 (HKLM-x32\...\Exif-Viewer) (Version: 2.50 - Ralf Bibinger)
FileZilla Client 3.6.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
FileZilla Client 3.6.0.2 (HKU\S-1-5-21-3450674695-669472531-1269977080-1001\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
FinePixViewer Ver.5.4 (HKLM-x32\...\{24ED4D80-8294-11D5-96CD-0040266301AD}) (Version: 5.4 - FUJIFILM Corporation)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.6.0 - Futuremark Corporation)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
GnuWin32: Gzip-1.3.12-1 (HKLM-x32\...\Gzip-1.3.12-1_is1) (Version: 1.3.12-1 - GnuWin32)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Hamachi 1.0.3.0 (HKLM-x32\...\Hamachi) (Version: - )
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
High-Definition Video Playback (x32 Version: 11.1.11100.4.196 - Nero AG) Hidden
Ideal DVD to AVI Converter V2.0.7 (HKLM-x32\...\Ideal DVD to AVI Converter_is1) (Version: - Ideal DVD Software, Inc.)
Ideal DVD to MP4 Converter V1.01 (HKLM-x32\...\Ideal DVD to MP4 Converter_is1) (Version: - Ideal DVD Software, Inc.)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.210 - Oracle)
Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)
Java(TM) 6 Update 33 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.330 - Oracle)
LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe)
Logitech SetPoint 6.52 (HKLM\...\sp6) (Version: 6.52.74 - Logitech)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MaxDrive PS2 (HKLM-x32\...\MaxDrive PS2) (Version: - )
Media Player Classic - Home Cinema v1.5.2.3456 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.5.2.3456 - MPC-HC Team)
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1460.0) (Version: 4.0.1460.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 33.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MPC-HC 1.7.7 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.7 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Muziic Player (HKU\S-1-5-21-3450674695-669472531-1269977080-1001\...\Muziic Player) (Version: - )
Nero BurningROM 12 (HKLM-x32\...\{4AC7B4F3-1B75-4BA7-82C4-F9A22B430A3D}) (Version: 12.5.00900 - Nero AG)
Nettoberechnung 2007 v2.97 (HKLM-x32\...\Nettoberechnung 2007 v2.97) (Version: 2.97 - Creative Solutions)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Nvu 1.0 (HKLM-x32\...\Nvu_is1) (Version: 1.0 - Thorsten Fritz)
NXe (HKLM-x32\...\{AE0D8040-98FC-41AA-BBF4-2E194C10EC2E}) (Version: 2004.02.25 - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Opti Drive Control 1.51 (HKLM-x32\...\{80157B54-DB3E-4EE9-8AD8-63A905765FF4}_is1) (Version: - Erik Deppe)
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4550 - Electronic Arts, Inc.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PC Inspector File Recovery (HKLM-x32\...\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}) (Version: 4.0 - )
PC Inspector smart recovery (HKLM-x32\...\{C9A87D86-FDFD-418B-BF96-EF09320973B3}) (Version: 4.50 - )
PCMark 7 (HKLM-x32\...\{75C3C9C0-6CE6-42FA-A0E9-658E8F539124}) (Version: 1.0.4 - Futuremark Corporation)
PCMark Vantage (HKLM-x32\...\{F241EC95-C81A-466E-8006-6B0B364B07A0}) (Version: 1.0.3.1 - Futuremark Corporation)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r4600) (Version: - )
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version: - )
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
PhotoME Beta-Release (HKLM-x32\...\PhotoME Beta-Release_is1) (Version: 0.8ß2 - Jens Duttke)
Pinnacle InstantCD/DVD Suite (HKLM-x32\...\{21351A28-ACFB-463D-A0A0-AC9F5F4D273E}) (Version: 8.3.0 - Pinnacle Systems GmbH)
Pivot Software (x32 Version: 9.03.004 - Portrait Displays, Inc.) Hidden
PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.2414.0 - CyberLink Corporation)
Python 3.3.2 (64-bit) (HKLM\...\{9FA9A2A6-19E4-381A-8AF3-F8CF12F0DCF0}) (Version: 3.3.2150 - Python Software Foundation)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6167 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.41 - Piriform)
SDK (x32 Version: 2.20.009 - Portrait Displays, Inc.) Hidden
Seagate DiscWizard (HKLM-x32\...\{8FB2A014-A0B0-42D8-8E18-9AFC6A6E2814}) (Version: 13.0.14387 - Seagate)
Seagate*DiscWizard (HKLM-x32\...\{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}) (Version: 11.0.8330 - Seagate)
SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.7 - Seagate Technology)
SiSoftware Sandra Lite 2012.SP1 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1) (Version: 18.24.2012.1 - SiSoftware)
SmartControl (HKLM-x32\...\{F4EF231A-7218-41B1-AB84-F5B48B74C50A}) (Version: 2.00.021 - Portrait Displays, Inc.)
Sophos Anti-Rootkit 1.5.0 (HKLM-x32\...\Sophos-AntiRootkit) (Version: 1.5.0 - Sophos Plc)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SUPER © v2011.build.48 (April 23, 2011) Version v2011.build.48 (HKLM-x32\...\{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1) (Version: v2011.build.48 - eRightSoft)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeraCopy 2.27 (HKLM\...\TeraCopy_is1) (Version: - Code Sector)
Total Uninstall 6.4.0 (HKLM\...\Total Uninstall 6_is1) (Version: 6.4.0 - Gavrila Martau)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VDMSound (HKLM-x32\...\VDMSound) (Version: 2.1.0 - Vlad Romascanu)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
War Thunder Launcher 1.0.1.464 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
Win7codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 3.0.9 - Shark007)
Winamp (HKLM-x32\...\Winamp) (Version: 5.601 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
WinUAE 2.4.1 (HKLM-x32\...\WinUAE) (Version: 2.4.1 - Arabuusimiehet)
Wise Registry Cleaner 7.71 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 7.71 - WiseCleaner.com, Inc.)
WISO Steuer-Sparbuch 2013 (HKLM-x32\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
World of Tanks - Common Test (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812CT}_is1) (Version: - Wargaming.net)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1) (Version: - Wargaming.net)
World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813}_is1) (Version: - Wargaming.net)
Xfire (HKLM-x32\...\Xfire) (Version: - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-11-13 17:18 - 00450773 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com

There are 1000 more lines.

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0AE4F7E0-0224-4EE9-988C-05BBDF0BB123} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-13] (Adobe Systems Incorporated)
Task: {2206AB58-6F58-42F4-AB56-4A3443949400} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {419F5002-185C-4917-A2A8-671EC37A36E3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {45017A2E-3891-45A8-B551-A6049E0D0BCE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {5D9CE6EE-3B0D-4E13-8AA8-4D15BE7B8FFC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {B91E509F-31F4-43EE-A7EE-993596007A3A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-09-11 08:25 - 2014-11-04 16:13 - 00055808 _____ () C:\Program Files (x86)\IrfanView\Languages\DEUTSCH.DLL

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AntiVirSchedulerService => 2
MSCONFIG\Services: AntiVirService => 2
MSCONFIG\Services: ASDR => 2
MSCONFIG\Services: DfSdkS => 3
MSCONFIG\Services: DTSRVC => 2
MSCONFIG\Services: Futuremark SystemInfo Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: LBTServ => 3
MSCONFIG\Services: LightScribeService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: PdiService => 2
MSCONFIG\Services: RichVideo => 2
MSCONFIG\Services: SandraAgentSrv => 3
MSCONFIG\Services: SDHookService => 2
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
MSCONFIG\Services: SgtSch2Svc => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: ttdmx6firesvc => 2
MSCONFIG\Services: vToolbarUpdater18.1.0 => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ExifLauncher2.lnk => C:\Windows\pss\ExifLauncher2.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WISO Mein Steuer-Sparbuch heute.lnk => C:\Windows\pss\WISO Mein Steuer-Sparbuch heute.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Stefan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DMX 6Fire USB Control Panel.lnk => C:\Windows\pss\DMX 6Fire USB Control Panel.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Stefan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Produktregistrierung.lnk => C:\Windows\pss\Logitech . Produktregistrierung.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Stefan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: AcronisTimounterMonitor => C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AsioReg => REGSVR32 /S CTASIO.DLL
MSCONFIG\startupreg: ATICustomerCare => "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
MSCONFIG\startupreg: bdruninstaller => "C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setupdownloader.exe" /args:"/after_restart"
MSCONFIG\startupreg: Cmaudio8788 => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
MSCONFIG\startupreg: Cmaudio8788GX => C:\Windows\syswow64\HsMgr.exe Envoke
MSCONFIG\startupreg: Cmaudio8788GX64 => C:\Windows\system\HsMgr64.exe Envoke
MSCONFIG\startupreg: DiscWizardMonitor.exe => "C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe"
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: DT PLP => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -PLP
MSCONFIG\startupreg: EvtMgr6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
MSCONFIG\startupreg: LanguageShortcut => "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe"
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NBAgent => "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
MSCONFIG\startupreg: NUSB3MON => "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
MSCONFIG\startupreg: PinnacleDriverCheck => C:\Windows\SysWOW64\PSDrvCheck.exe
MSCONFIG\startupreg: PivotSoftware => "C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl => "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: RUSB3MON => "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe"
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Seagate Scheduler2 Service => "C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: StartCCC => "C:\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Userinit => C:\Users\Stefan\AppData\Roaming\appconf32.exe
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Nation toolbar\vprot.exe"
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-3450674695-669472531-1269977080-500 - Administrator - Disabled)
Guest (S-1-5-21-3450674695-669472531-1269977080-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3450674695-669472531-1269977080-1002 - Limited - Enabled)
Stefan (S-1-5-21-3450674695-669472531-1269977080-1001 - Administrator - Enabled) => C:\Users\Stefan

==================== Faulty Device Manager Devices =============

Name: Acronis Backup Archive Explorer
Description: Acronis Backup Archive Explorer
Class Guid: {1860459d-4692-4825-b761-44a725991050}
Manufacturer: Acronis, Inc.
Service: timounter
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

==================== Event log errors: =========================

Application errors:
==================
Error: (11/13/2014 02:54:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mDicom.exe, Version: 0.7.6.3228, Zeitstempel: 0x50202cb2
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x1328
Startzeit der fehlerhaften Anwendung: 0xmDicom.exe0
Pfad der fehlerhaften Anwendung: mDicom.exe1
Pfad des fehlerhaften Moduls: mDicom.exe2
Berichtskennung: mDicom.exe3

Error: (11/08/2014 11:56:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: worldoftanks.exe, Version: 0.9.4.0, Zeitstempel: 0x54526ea7
Name des fehlerhaften Moduls: MSVCR110.dll, Version: 11.0.51106.1, Zeitstempel: 0x5098858e
Ausnahmecode: 0x40000015
Fehleroffset: 0x000a327c
ID des fehlerhaften Prozesses: 0x71c
Startzeit der fehlerhaften Anwendung: 0xworldoftanks.exe0
Pfad der fehlerhaften Anwendung: worldoftanks.exe1
Pfad des fehlerhaften Moduls: worldoftanks.exe2
Berichtskennung: worldoftanks.exe3

Error: (11/08/2014 03:44:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 33.0.3.5422, Zeitstempel: 0x545b5277
Name des fehlerhaften Moduls: mozalloc.dll, Version: 33.0.3.5422, Zeitstempel: 0x545b2aeb
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x179c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (11/08/2014 03:44:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 33.0.3.5422 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1f5c

Startzeit: 01cffb47a945000b

Endzeit: 17

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: a73bc978-6755-11e4-a694-001fd080fc6a

Error: (10/29/2014 11:44:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Recode.exe, Version: 15.0.25.0, Zeitstempel: 0x50aa6585
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x160c
Startzeit der fehlerhaften Anwendung: 0xRecode.exe0
Pfad der fehlerhaften Anwendung: Recode.exe1
Pfad des fehlerhaften Moduls: Recode.exe2
Berichtskennung: Recode.exe3

Error: (10/29/2014 11:44:26 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Recode.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Reflection.TargetInvocationException
Stack:
at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.DispatcherOperation.InvokeImpl()
at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Windows.Threading.DispatcherOperation.Invoke()
at System.Windows.Threading.Dispatcher.ProcessQueue()
at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
at System.Windows.Threading.Dispatcher.Run()
at System.Windows.Application.RunDispatcher(System.Object)
at System.Windows.Application.RunInternal(System.Windows.Window)
at System.Windows.Application.Run(System.Windows.Window)
at Nero.Recode.App.Main()
at System.AppDomain._nExecuteAssembly(System.Reflection.RuntimeAssembly, System.String[])
at System.AppDomain.ExecuteAssembly(System.String, System.String[])
at <Module>.RunAssemblyWithCommandLine(Char*, Char*, Char*)
at <Module>.RunAssembly(Char*, Char*)

Error: (10/29/2014 11:41:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Recode.exe, Version: 15.0.25.0, Zeitstempel: 0x50aa6585
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x13c8
Startzeit der fehlerhaften Anwendung: 0xRecode.exe0
Pfad der fehlerhaften Anwendung: Recode.exe1
Pfad des fehlerhaften Moduls: Recode.exe2
Berichtskennung: Recode.exe3

Error: (10/29/2014 11:41:20 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Recode.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Reflection.TargetInvocationException
Stack:
at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.DispatcherOperation.InvokeImpl()
at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Windows.Threading.DispatcherOperation.Invoke()
at System.Windows.Threading.Dispatcher.ProcessQueue()
at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
at System.Windows.Threading.Dispatcher.Run()
at System.Windows.Application.RunDispatcher(System.Object)
at System.Windows.Application.RunInternal(System.Windows.Window)
at System.Windows.Application.Run(System.Windows.Window)
at Nero.Recode.App.Main()
at System.AppDomain._nExecuteAssembly(System.Reflection.RuntimeAssembly, System.String[])
at System.AppDomain.ExecuteAssembly(System.String, System.String[])
at <Module>.RunAssemblyWithCommandLine(Char*, Char*, Char*)
at <Module>.RunAssembly(Char*, Char*)

Error: (10/28/2014 04:25:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary AnyDVD.

System Error:
The system cannot find the file specified.
.

Error: (10/23/2014 04:26:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerPlugin_15_0_0_189.exe, Version: 15.0.0.189, Zeitstempel: 0x54233581
Name des fehlerhaften Moduls: FlashPlayerPlugin_15_0_0_189.exe, Version: 15.0.0.189, Zeitstempel: 0x54233581
Ausnahmecode: 0x40000015
Fehleroffset: 0x00017780
ID des fehlerhaften Prozesses: 0x1128
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerPlugin_15_0_0_189.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerPlugin_15_0_0_189.exe1
Pfad des fehlerhaften Moduls: FlashPlayerPlugin_15_0_0_189.exe2
Berichtskennung: FlashPlayerPlugin_15_0_0_189.exe3

System errors:
=============
Error: (11/14/2014 05:39:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update-Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (11/14/2014 05:38:36 PM) (Source: volsnap) (EventID: 29) (User: )
Description: Die Schattenkopien von Volume "G:" wurde während der Ermittlung abgebrochen.

Error: (11/14/2014 09:32:10 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%127

Error: (11/14/2014 09:32:10 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%127

Error: (11/14/2014 09:30:03 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%127

Error: (11/14/2014 09:30:03 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%127

Error: (11/14/2014 09:29:17 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%127

Error: (11/14/2014 09:27:56 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%127

Error: (11/14/2014 09:27:56 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%127

Error: (11/14/2014 09:27:10 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "DNS-Client" wurde mit folgendem Fehler beendet:
%%127

Microsoft Office Sessions:
=========================
Error: (11/13/2014 02:54:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mDicom.exe0.7.6.322850202cb2MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd132801cfff49018dca3dK:\MRT Stefan\microd\mDicom.exeK:\MRT Stefan\microd\MSVCR100.dll9bf9faba-6b3c-11e4-8aed-001fd080fc6a

Error: (11/08/2014 11:56:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: worldoftanks.exe0.9.4.054526ea7MSVCR110.dll11.0.51106.15098858e40000015000a327c71c01cffb8f6e046545C:\Games\World_of_Tanks\worldoftanks.exeC:\Games\Wor ld_of_Tanks\MSVCR110.dll715c35ba-679a-11e4-a694-001fd080fc6a

Error: (11/08/2014 03:44:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.0.3.5422545b5277mozalloc.dll33.0.3.5422545b2aeb8000000300001425179c01cffb5d8bc71e00C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllad1bee8d-6755-11e4-a694-001fd080fc6a

Error: (11/08/2014 03:44:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe33.0.3.54221f5c01cffb47a945000b17C:\Program Files (x86)\Mozilla Firefox\firefox.exea73bc978-6755-11e4-a694-001fd080fc6a

Error: (10/29/2014 11:44:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Recode.exe15.0.25.050aa6585KERNELBASE.dll6.1.7601.1840953159a86e04343520000c42d160c01cff3652b91ceaaF:\Programme\Nero\Nero 2014\Nero Recode\Recode.exeC:\Windows\syswow64\KERNELBASE.dll8db5d074-5f58-11e4-acc7-001fd080fc6a

Error: (10/29/2014 11:44:26 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Recode.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Reflection.TargetInvocationException
Stack:
at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.DispatcherOperation.InvokeImpl()
at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Windows.Threading.DispatcherOperation.Invoke()
at System.Windows.Threading.Dispatcher.ProcessQueue()
at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
at System.Windows.Threading.Dispatcher.Run()
at System.Windows.Application.RunDispatcher(System.Object)
at System.Windows.Application.RunInternal(System.Windows.Window)
at System.Windows.Application.Run(System.Windows.Window)
at Nero.Recode.App.Main()
at System.AppDomain._nExecuteAssembly(System.Reflection.RuntimeAssembly, System.String[])
at System.AppDomain.ExecuteAssembly(System.String, System.String[])
at <Module>.RunAssemblyWithCommandLine(Char*, Char*, Char*)
at <Module>.RunAssembly(Char*, Char*)

Error: (10/29/2014 11:41:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Recode.exe15.0.25.050aa6585KERNELBASE.dll6.1.7601.1840953159a86e04343520000c42d13c801cff364babd25c1F:\Programme\Nero\Nero 2014\Nero Recode\Recode.exeC:\Windows\syswow64\KERNELBASE.dll1e7e2fca-5f58-11e4-acc7-001fd080fc6a

Error: (10/29/2014 11:41:20 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Recode.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Reflection.TargetInvocationException
Stack:
at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.DispatcherOperation.InvokeImpl()
at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Windows.Threading.DispatcherOperation.Invoke()
at System.Windows.Threading.Dispatcher.ProcessQueue()
at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
at System.Windows.Threading.Dispatcher.Run()
at System.Windows.Application.RunDispatcher(System.Object)
at System.Windows.Application.RunInternal(System.Windows.Window)
at System.Windows.Application.Run(System.Windows.Window)
at Nero.Recode.App.Main()
at System.AppDomain._nExecuteAssembly(System.Reflection.RuntimeAssembly, System.String[])
at System.AppDomain.ExecuteAssembly(System.String, System.String[])
at <Module>.RunAssemblyWithCommandLine(Char*, Char*, Char*)
at <Module>.RunAssembly(Char*, Char*)

Error: (10/28/2014 04:25:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary AnyDVD.

System Error:
The system cannot find the file specified.

Error: (10/23/2014 04:26:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: FlashPlayerPlugin_15_0_0_189.exe15.0.0.18954233581FlashPlayerPlugin_15_0_0_189.exe15.0.0.189542335814000001500017780112801cfee355bd0cb92C:\Windows\Sys WOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exeC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe6d898f97-5a64-11e4-9c8c-001fd080fc6a

CodeIntegrity Errors:
===================================
Date: 2014-08-20 11:51:37.774
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume13\Windows\System32\drivers\atikmdag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2014-08-20 11:51:37.586
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume13\Windows\System32\drivers\atikmdag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2014-03-12 11:01:40.638
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume7\Program Files (x86)\Spybot - Search & Destroy 2\pcrelib.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-03-12 11:01:40.368
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume7\Program Files (x86)\Spybot - Search & Destroy 2\pcrelib.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-03-12 11:01:40.105
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume7\Program Files (x86)\Spybot - Search & Destroy 2\pcrelib.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-03-09 12:53:29.534
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume7\Program Files (x86)\Spybot - Search & Destroy 2\pcrelib.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-03-09 12:53:29.273
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume7\Program Files (x86)\Spybot - Search & Destroy 2\pcrelib.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-03-09 12:53:29.016
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume7\Program Files (x86)\Spybot - Search & Destroy 2\pcrelib.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-03-06 16:04:57.499
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume7\Program Files (x86)\Spybot - Search & Destroy 2\pcrelib.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-03-06 16:04:57.209
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume7\Program Files (x86)\Spybot - Search & Destroy 2\pcrelib.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Quad CPU Q9550 @ 2.83GHz
Percentage of memory in use: 18%
Total physical RAM: 8190.3 MB
Available physical RAM: 6644.33 MB
Total Pagefile: 16378.78 MB
Available Pagefile: 14759.58 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Boot 1.5 TB Seagate) (Fixed) (Total:373.47 GB) (Free:13.56 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (1.5 TB Seagate A) (Fixed) (Total:511.9 GB) (Free:15.75 GB) NTFS
Drive e: (1.5 TB Seagate B) (Fixed) (Total:511.9 GB) (Free:8.93 GB) NTFS
Drive f: (Seagate 320 A) (Fixed) (Total:70.97 GB) (Free:5.57 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (WD Boot) (Fixed) (Total:173.52 GB) (Free:78.36 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive h: (2 TB a) (Fixed) (Total:937.85 GB) (Free:266.62 GB) NTFS
Drive i: (BACK MAXT C) (Fixed) (Total:24.71 GB) (Free:1.25 GB) FAT32
Drive j: (Seagate 500 a) (Fixed) (Total:210.94 GB) (Free:5.79 GB) NTFS
Drive k: (2 TB b) (Fixed) (Total:925.17 GB) (Free:220.16 GB) NTFS
Drive l: (WD Back Seagate boot) (Fixed) (Total:549.99 GB) (Free:2.45 GB) NTFS
Drive n: (Backup Maxtor D) (Fixed) (Total:53.7 GB) (Free:5.95 GB) NTFS
Drive o: (Backup Seagate C) (Fixed) (Total:24.28 GB) (Free:1.58 GB) NTFS
Drive p: (Backup Seagate D) (Fixed) (Total:53.32 GB) (Free:1.2 GB) NTFS
Drive q: (Seagate 320 B) (Fixed) (Total:71.1 GB) (Free:5.64 GB) NTFS
Drive s: (Seagate 500 b) (Fixed) (Total:208.98 GB) (Free:15.82 GB) NTFS
Drive t: (2TB Backups A) (Fixed) (Total:908.2 GB) (Free:362.2 GB) NTFS
Drive v: (2TB Backups B) (Fixed) (Total:954.69 GB) (Free:221.66 GB) NTFS
Drive w: (WD Back 200gb) (Fixed) (Total:208 GB) (Free:0.86 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 004A9B80)
Partition 1: (Active) - (Size=71 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=227.1 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C8F87DC5)
Partition 1: (Active) - (Size=173.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=758 GB) - (Type=05)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 7436FE5F)

Partition: GPT Partition Type.

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: 0DEA42AA)
Partition 1: (Active) - (Size=373.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1023.8 GB) - (Type=05)

========================================================
Disk: 4 (Size: 1863 GB) (Disk ID: 0D361C6A)
Partition 1: (Active) - (Size=937.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=925.2 GB) - (Type=OF Extended)

========================================================
Disk: 5 (Size: 465.8 GB) (Disk ID: 00035FB4)
Partition 1: (Active) - (Size=216 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=05)

==================== End Of Log ============================

schrauber · 18.11.2014, 12:54

Wer hat denn bitte den Rechner so per msconfig vergewaltigt?

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

skrug10239 · 19.11.2014, 12:22

Nachdem der DNS nicht starten wollte und das Netzwerk nicht funktionierte, habe ich alle Programme per msconfig in dem Autostart deaktiviert und nur Microsoftdienste starten lassen.

Alle fremddienste wie Apple, Google, Adobe und die unbenannten habe ich erst mal rausgenommen.

Manchmal hilft das. Hier leider hate es keinerlei Effekt.

Ich nehme die normalerweise dann wieder rein und lasse den Computer wieder normal hochfahren.

Hatte ich aber beim erstellen der Logs noch nicht getan.

Wobei ich das nicht als vergewaltigen sehe

Nichts anderes passiert, wenn man bei msconfig auf Diagnosestart klickt.
Auch da werden dann alle Startupeinträge rausgeschmissen und Dienste von Drittherstellern nicht gestartet.

Das hält die Bootzeit kurz und verhindert Probleme im Windows durch fehlerhafte Software von Drittanbietern.

Ich kann gut auf die ganzen Toolbars und updater von Google und Apple verzichten. Ich nutze auch kein Itunes oder Quicktime.

Wenn ich was benötige starte ich den Dienst manuell nach. Das macht das System stabiler und die Fehlersuche einfacher, da eine ganze Handvoll von Programmen gar nicht erst gestartet werden und somit nicht mehr als mögliche Fehlerquellen in Betracht kommen.

Eine Frage , hast Du Erfahrung mit Spybot Search&Destroy ?
Kann der Spybot Search & Destroy 2 Teatime Helper mir die System32 gesperrt haben und sich selber dann zerschossen haben nach einem Update ?
Denn auch diesen hatte ich kurz vor dem auftreten meines Problems upgedatet und mein System immunisiert.
Und S&D 2 hat auch eine Funktion wo er unbefugten Zugriff auf die Systemdateien durch Malware verhindert.

Gruß

Update.

Immer noch kein AdminZugriff auf die System Ordner.

Allerdings hat er ein Windowsupdate runtergeladen und installiert.
Auch kann ich Teamspeak 3 starten und auf unseren TS Server verbinden und mit anderen labern.

Hamachi geht auch online.

Also mal Ping ausprobiert.
Kann meinen Router anpingen und bekomme Antwort.

Alle anderen Programme, die eine Internetverbindung brauchen funzen NICHT.

IE wird versucht zu starten bricht aber ab ohne Fehlermeldung.
Chrome und Firefox starten aber können weder zu meinem Router noch ins Internet verbinden.
Netzwerkstatus zeigt an daß ich problemlos mit dem Internet verbunden bin

WoT (World of Tanks) Google Earth, und andere Programme starten zwar, zeigen aber an, daß sie nicht online gehen können, ein fehlerhaftes Netzwerk an.

Warum grade TS läuft .... Ok Hamachi kann ich verstehen, trägt sich als eigener Netzwerkadapter ein und tunnelt sich durch.
Aber da ich nur eine Freie Version habe und Hamachi seit geraumer Zeit kostenpflichtig ist, werden meine Anmeldeversuche vom Hamachi Server zurückgewiesen, aber immerhin, bis dahin kommt er.

TDSSKiller zeigte keine Befunde, alles sauber im Default Scan.
Mit den empfohlenen Einstellungen zeigt er mir nur ein paar Warnungen an, aber keine Rootkits.

Hier das LogFile

Code:

ATTFilter

12:37:49.0891 0x0cf8  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
12:37:49.0894 0x0cf8  ============================================================
12:37:49.0894 0x0cf8  Current date / time: 2014/11/19 12:37:49.0894
12:37:49.0894 0x0cf8  SystemInfo:
12:37:49.0894 0x0cf8  
12:37:49.0895 0x0cf8  OS Version: 6.1.7601 ServicePack: 1.0
12:37:49.0895 0x0cf8  Product type: Workstation
12:37:49.0895 0x0cf8  ComputerName: STEFAN-PC
12:37:49.0895 0x0cf8  UserName: Stefan
12:37:49.0895 0x0cf8  Windows directory: C:\Windows
12:37:49.0895 0x0cf8  System windows directory: C:\Windows
12:37:49.0895 0x0cf8  Running under WOW64
12:37:49.0895 0x0cf8  Processor architecture: Intel x64
12:37:49.0895 0x0cf8  Number of processors: 4
12:37:49.0895 0x0cf8  Page size: 0x1000
12:37:49.0895 0x0cf8  Boot type: Normal boot
12:37:49.0895 0x0cf8  ============================================================
12:37:49.0895 0x0cf8  BG loaded
12:37:50.0608 0x0cf8  System UUID: {817A0C21-2F62-9647-A7A7-3A01FE377D84}
12:37:51.0554 0x0cf8  Drive \Device\Harddisk0\DR0 - Size: 0x4A85C4DE00 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x000000A0
12:37:51.0560 0x0cf8  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0CADE00 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x000000A0
12:37:51.0590 0x0cf8  Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3F161, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x000000A0
12:37:51.0676 0x0cf8  Drive \Device\Harddisk3\DR3 - Size: 0x15D50E5DE00 ( 1397.26 Gb ), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x000000A0
12:37:51.0726 0x0cf8  Drive \Device\Harddisk4\DR4 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x000000A0
12:37:51.0783 0x0cf8  Drive \Device\Harddisk5\DR5 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x000000A0
12:37:51.0786 0x0cf8  ============================================================
12:37:51.0786 0x0cf8  \Device\Harddisk0\DR0:
12:37:51.0796 0x0cf8  MBR partitions:
12:37:51.0796 0x0cf8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x8DF26B2
12:37:51.0808 0x0cf8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0x8DF2730, BlocksNum 0x3170A9C
12:37:51.0820 0x0cf8  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xBF6320B, BlocksNum 0x6B660A3
12:37:51.0836 0x0cf8  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x12AC92ED, BlocksNum 0x308D2E2
12:37:51.0848 0x0cf8  \Device\Harddisk0\DR0\Partition5: MBR, Type 0x7, StartLBA 0x15B5660E, BlocksNum 0x6AA5DB2
12:37:51.0863 0x0cf8  \Device\Harddisk0\DR0\Partition6: MBR, Type 0x7, StartLBA 0x1C5FC3FF, BlocksNum 0x8E312C2
12:37:51.0863 0x0cf8  \Device\Harddisk1\DR1:
12:37:51.0863 0x0cf8  MBR partitions:
12:37:51.0863 0x0cf8  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x15B07E7C
12:37:51.0874 0x0cf8  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x15B07EFA, BlocksNum 0x1A001492
12:37:51.0885 0x0cf8  \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x2FB093CB, BlocksNum 0x44BFC5F6
12:37:51.0885 0x0cf8  \Device\Harddisk2\DR2:
12:37:51.0885 0x0cf8  GPT partitions:
12:37:51.0886 0x0cf8  \Device\Harddisk2\DR2\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {32961983-FDBE-4C22-8F19-5E6E4B1D1BB7}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
12:37:51.0886 0x0cf8  \Device\Harddisk2\DR2\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {760E299D-85D5-40F4-AF22-23BF9FFFD418}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x71868000
12:37:51.0886 0x0cf8  \Device\Harddisk2\DR2\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3375936B-409E-46AC-A3D5-33AC8A2DB583}, Name: Basic data partition, StartLBA 0x718A8800, BlocksNum 0x7755F800
12:37:51.0886 0x0cf8  MBR partitions:
12:37:51.0886 0x0cf8  \Device\Harddisk3\DR3:
12:37:51.0913 0x0cf8  MBR partitions:
12:37:51.0913 0x0cf8  \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2EAEF0F2
12:37:51.0920 0x0cf8  \Device\Harddisk3\DR3\Partition2: MBR, Type 0x7, StartLBA 0x2EAEF170, BlocksNum 0x3FFCBAC9
12:37:51.0965 0x0cf8  \Device\Harddisk3\DR3\Partition3: MBR, Type 0x7, StartLBA 0x6EABAC78, BlocksNum 0x3FFCBAC9
12:37:51.0965 0x0cf8  \Device\Harddisk4\DR4:
12:37:51.0966 0x0cf8  MBR partitions:
12:37:51.0966 0x0cf8  \Device\Harddisk4\DR4\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x753B12FD
12:37:51.0966 0x0cf8  \Device\Harddisk4\DR4\Partition2: MBR, Type 0x7, StartLBA 0x753B137B, BlocksNum 0x73A56146
12:37:51.0966 0x0cf8  \Device\Harddisk5\DR5:
12:37:51.0974 0x0cf8  MBR partitions:
12:37:51.0974 0x0cf8  \Device\Harddisk5\DR5\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1B003EA6
12:37:52.0006 0x0cf8  \Device\Harddisk5\DR5\Partition2: MBR, Type 0x7, StartLBA 0x1D1E3BC8, BlocksNum 0x1AC00520
12:37:52.0006 0x0cf8  ============================================================
12:37:52.0124 0x0cf8  C: <-> \Device\Harddisk3\DR3\Partition1
12:37:52.0364 0x0cf8  D: <-> \Device\Harddisk3\DR3\Partition2
12:37:52.0426 0x0cf8  E: <-> \Device\Harddisk3\DR3\Partition3
12:37:52.0476 0x0cf8  F: <-> \Device\Harddisk0\DR0\Partition1
12:37:52.0492 0x0cf8  I: <-> \Device\Harddisk0\DR0\Partition2
12:37:52.0507 0x0cf8  L: <-> \Device\Harddisk1\DR1\Partition3
12:37:52.0538 0x0cf8  N: <-> \Device\Harddisk0\DR0\Partition3
12:37:52.0577 0x0cf8  O: <-> \Device\Harddisk0\DR0\Partition4
12:37:52.0607 0x0cf8  P: <-> \Device\Harddisk0\DR0\Partition5
12:37:52.0645 0x0cf8  Q: <-> \Device\Harddisk0\DR0\Partition6
12:37:52.0693 0x0cf8  W: <-> \Device\Harddisk1\DR1\Partition2
12:37:52.0710 0x0cf8  G: <-> \Device\Harddisk1\DR1\Partition1
12:37:52.0778 0x0cf8  K: <-> \Device\Harddisk4\DR4\Partition2
12:37:52.0829 0x0cf8  H: <-> \Device\Harddisk4\DR4\Partition1
12:37:52.0847 0x0cf8  V: <-> \Device\Harddisk2\DR2\Partition3
12:37:52.0847 0x0cf8  J: <-> \Device\Harddisk5\DR5\Partition1
12:37:52.0892 0x0cf8  S: <-> \Device\Harddisk5\DR5\Partition2
12:37:52.0915 0x0cf8  T: <-> \Device\Harddisk2\DR2\Partition2
12:37:52.0915 0x0cf8  ============================================================
12:37:52.0915 0x0cf8  Initialize success
12:37:52.0915 0x0cf8  ============================================================
12:38:04.0194 0x0cb0  ============================================================
12:38:04.0194 0x0cb0  Scan started
12:38:04.0194 0x0cb0  Mode: Manual; SigCheck; TDLFS; 
12:38:04.0194 0x0cb0  ============================================================
12:38:04.0194 0x0cb0  KSN ping started
12:38:04.0359 0x0cb0  KSN ping finished: false
12:38:41.0537 0x0cb0  ================ Scan system memory ========================
12:38:41.0537 0x0cb0  System memory - ok
12:38:41.0537 0x0cb0  ================ Scan services =============================
12:38:42.0214 0x0cb0  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:38:42.0417 0x0cb0  1394ohci - ok
12:38:42.0477 0x0cb0  [ E0A8525A951ADDB4655BC2068566407D, 7C08B9DB7C281422FD64219DF81B7064CE16EA53CF00EB1FC33CB0741CE6605F ] 61883           C:\Windows\system32\DRIVERS\61883.sys
12:38:42.0554 0x0cb0  61883 - ok
12:38:42.0646 0x0cb0  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:38:42.0669 0x0cb0  ACPI - ok
12:38:42.0711 0x0cb0  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:38:42.0822 0x0cb0  AcpiPmi - ok
12:38:43.0069 0x0cb0  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:38:43.0083 0x0cb0  AdobeARMservice - ok
12:38:43.0362 0x0cb0  [ D51145F6B0CE987850F13A61DAD5E531, 67CB6AB8C42781FA717CBEF81F3C658747E3B7814383056A56EDA99583FDBFD5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:38:43.0387 0x0cb0  AdobeFlashPlayerUpdateSvc - ok
12:38:43.0496 0x0cb0  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
12:38:43.0514 0x0cb0  adp94xx - ok
12:38:43.0601 0x0cb0  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
12:38:43.0633 0x0cb0  adpahci - ok
12:38:43.0726 0x0cb0  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
12:38:43.0761 0x0cb0  adpu320 - ok
12:38:43.0856 0x0cb0  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:38:44.0193 0x0cb0  AeLookupSvc - ok
12:38:44.0362 0x0cb0  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
12:38:44.0519 0x0cb0  AFD - ok
12:38:44.0564 0x0cb0  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
12:38:44.0573 0x0cb0  agp440 - ok
12:38:44.0584 0x0cb0  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
12:38:44.0649 0x0cb0  ALG - ok
12:38:44.0708 0x0cb0  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:38:44.0718 0x0cb0  aliide - ok
12:38:44.0811 0x0cb0  [ EE048EF96EE7F7FDF1DCE45C9EBBF19A, 8D2B0D34EF947A8FE2E74BD3A0CEC9449F88832138716B10463F38BE8B60055F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:38:44.0853 0x0cb0  AMD External Events Utility - ok
12:38:44.0867 0x0cb0  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:38:44.0874 0x0cb0  amdide - ok
12:38:44.0911 0x0cb0  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
12:38:44.0974 0x0cb0  AmdK8 - ok
12:38:45.0212 0x0cb0  [ 8D8D3E85EFD9DD9718F879A49F9180A4, 7B8605D8AC7EB3FF35D72B4A4BB049C035300E0CD17735E1527310BF70CE472E ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
12:38:45.0398 0x0cb0  amdkmdag - ok
12:38:45.0457 0x0cb0  [ B5EC8AEF50FE15B294EBC6AA3BDA1BE6, 3BF005D615C4075EE33D48D3B1CDD8E6BA91C6E06526D0E6171C178EA719969E ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
12:38:45.0493 0x0cb0  amdkmdap - ok
12:38:45.0507 0x0cb0  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
12:38:45.0552 0x0cb0  AmdPPM - ok
12:38:45.0601 0x0cb0  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:38:45.0613 0x0cb0  amdsata - ok
12:38:45.0632 0x0cb0  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
12:38:45.0644 0x0cb0  amdsbs - ok
12:38:45.0654 0x0cb0  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:38:45.0663 0x0cb0  amdxata - ok
12:38:45.0706 0x0cb0  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
12:38:45.0837 0x0cb0  AppID - ok
12:38:45.0856 0x0cb0  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:38:45.0914 0x0cb0  AppIDSvc - ok
12:38:45.0957 0x0cb0  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
12:38:46.0046 0x0cb0  Appinfo - ok
12:38:46.0092 0x0cb0  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
12:38:46.0153 0x0cb0  AppMgmt - ok
12:38:46.0162 0x0cb0  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
12:38:46.0172 0x0cb0  arc - ok
12:38:46.0188 0x0cb0  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
12:38:46.0201 0x0cb0  arcsas - ok
12:38:46.0204 0x0cb0  ASAPIW2K - ok
12:38:46.0268 0x0cb0  [ 4B720CC508B4FB999A7BF0E6D84F73E1, 948A7EE58E74244B94F08B122C915FB3CFC3467BEB9ACB360AA8373143B3C485 ] ASDR            C:\Windows\SysWOW64\ASDR.exe
12:38:46.0307 0x0cb0  ASDR - detected UnsignedFile.Multi.Generic ( 1 )
12:38:46.0358 0x0cb0  ASDR ( UnsignedFile.Multi.Generic ) - warning
12:38:46.0609 0x0cb0  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:38:46.0767 0x0cb0  aspnet_state - ok
12:38:46.0833 0x0cb0  [ C42D45089FD2EC63D13571362C258DC6, B5935F367C4CB73E5EAEA759D352ED9A39ABEEFFFD3B389BE0D8B668A72967FF ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
12:38:46.0872 0x0cb0  aswKbd - ok
12:38:46.0939 0x0cb0  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:38:46.0973 0x0cb0  AsyncMac - ok
12:38:47.0029 0x0cb0  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:38:47.0056 0x0cb0  atapi - ok
12:38:47.0157 0x0cb0  [ CBE5F8B3E54198F5DFE403A55A95DE08, A0A67A277CAEE39E401BFBE5EA51643EB67A0B5B742B30F24EFC1558BE8999E8 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
12:38:47.0178 0x0cb0  AtiHDAudioService - ok
12:38:47.0918 0x0cb0  [ 8D8D3E85EFD9DD9718F879A49F9180A4, 7B8605D8AC7EB3FF35D72B4A4BB049C035300E0CD17735E1527310BF70CE472E ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
12:38:48.0073 0x0cb0  atikmdag - ok
12:38:48.0171 0x0cb0  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:38:48.0318 0x0cb0  AudioEndpointBuilder - ok
12:38:48.0333 0x0cb0  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:38:48.0352 0x0cb0  AudioSrv - ok
12:38:48.0442 0x0cb0  [ 9FD4BC46784309176AEFA26AA8241DA1, 939F7503A6231E5FD5A3F46BDB97671D62D0CEC8B6EF82BD6B1090C45D9D6E1F ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
12:38:48.0451 0x0cb0  avgtp - ok
12:38:48.0516 0x0cb0  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:38:49.0454 0x0cb0  AxInstSV - ok
12:38:49.0631 0x0cb0  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
12:38:49.0843 0x0cb0  b06bdrv - ok
12:38:49.0951 0x0cb0  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:38:50.0007 0x0cb0  b57nd60a - ok
12:38:50.0108 0x0cb0  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:38:50.0193 0x0cb0  BDESVC - ok
12:38:50.0262 0x0cb0  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:38:50.0321 0x0cb0  Beep - ok
12:38:50.0488 0x0cb0  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
12:38:50.0558 0x0cb0  BFE - ok
12:38:50.0711 0x0cb0  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
12:38:50.0824 0x0cb0  BITS - ok
12:38:50.0902 0x0cb0  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:38:50.0951 0x0cb0  blbdrive - ok
12:38:51.0034 0x0cb0  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:38:51.0067 0x0cb0  bowser - ok
12:38:51.0078 0x0cb0  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:38:51.0121 0x0cb0  BrFiltLo - ok
12:38:51.0157 0x0cb0  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:38:51.0187 0x0cb0  BrFiltUp - ok
12:38:51.0699 0x0cb0  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
12:38:51.0752 0x0cb0  Browser - ok
12:38:51.0804 0x0cb0  [ 91EB9C1FC4A4221CA3CCBD864F815C30, 04F400DB0D0B0C4DF8B30ABBEE035B45223A16E0EEC6D1C1EB0143A2EB3D7328 ] BrPar           C:\Windows\System32\drivers\BrPar64a.sys
12:38:51.0812 0x0cb0  BrPar - ok
12:38:51.0857 0x0cb0  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:38:51.0923 0x0cb0  Brserid - ok
12:38:51.0939 0x0cb0  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:38:51.0964 0x0cb0  BrSerWdm - ok
12:38:51.0992 0x0cb0  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:38:52.0027 0x0cb0  BrUsbMdm - ok
12:38:52.0038 0x0cb0  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:38:52.0058 0x0cb0  BrUsbSer - ok
12:38:52.0071 0x0cb0  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
12:38:52.0098 0x0cb0  BTHMODEM - ok
12:38:52.0138 0x0cb0  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
12:38:52.0284 0x0cb0  bthserv - ok
12:38:52.0303 0x0cb0  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:38:52.0344 0x0cb0  cdfs - ok
12:38:52.0418 0x0cb0  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:38:52.0469 0x0cb0  cdrom - ok
12:38:52.0549 0x0cb0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:38:52.0601 0x0cb0  CertPropSvc - ok
12:38:52.0636 0x0cb0  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
12:38:52.0662 0x0cb0  circlass - ok
12:38:52.0693 0x0cb0  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
12:38:52.0707 0x0cb0  CLFS - ok
12:38:53.0046 0x0cb0  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:38:53.0073 0x0cb0  clr_optimization_v2.0.50727_32 - ok
12:38:53.0171 0x0cb0  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:38:53.0204 0x0cb0  clr_optimization_v2.0.50727_64 - ok
12:38:53.0522 0x0cb0  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:38:53.0826 0x0cb0  clr_optimization_v4.0.30319_32 - ok
12:38:53.0913 0x0cb0  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:38:53.0998 0x0cb0  clr_optimization_v4.0.30319_64 - ok
12:38:54.0027 0x0cb0  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:38:54.0054 0x0cb0  CmBatt - ok
12:38:54.0101 0x0cb0  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:38:54.0111 0x0cb0  cmdide - ok
12:38:54.0318 0x0cb0  [ 3CD27B6666D0A6A71A7B6834DD5C97F7, F6EB0567536F7A747FE2B11FBFE4C1DD496923ACA005F4D55968E9CD218B822E ] cmudaxp         C:\Windows\system32\drivers\cmudaxp.sys
12:38:54.0388 0x0cb0  cmudaxp - ok
12:38:54.0447 0x0cb0  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
12:38:54.0468 0x0cb0  CNG - ok
12:38:54.0488 0x0cb0  [ 7D48C1A9532A1DA3B7CCBDB4727E4472, A32A5960A09BACC08D38C3EBB564AA3FCCD73B59692B6C4BD86A7E5F780D59F0 ] COMMONFX.DLL    C:\Windows\System32\COMMONFX.DLL
12:38:54.0516 0x0cb0  COMMONFX.DLL - detected UnsignedFile.Multi.Generic ( 1 )
12:38:54.0517 0x0cb0  COMMONFX.DLL ( UnsignedFile.Multi.Generic ) - warning
12:38:54.0533 0x0cb0  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:38:54.0542 0x0cb0  Compbatt - ok
12:38:54.0587 0x0cb0  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
12:38:54.0656 0x0cb0  CompositeBus - ok
12:38:54.0658 0x0cb0  COMSysApp - ok
12:38:56.0808 0x0cb0  cpuz130 - ok
12:38:56.0867 0x0cb0  cpuz132 - ok
12:38:57.0792 0x0cb0  [ 262969A3FAB32B9E17E63E2D17A57744, 1EE59EB28688E73D10838C66E0D8E011C8DF45B6B43A4AC5D0B75795CA3EB512 ] cpuz135         C:\Windows\system32\drivers\cpuz135_x64.sys
12:38:57.0800 0x0cb0  cpuz135 - ok
12:38:57.0882 0x0cb0  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
12:38:57.0901 0x0cb0  crcdisk - ok
12:38:57.0952 0x0cb0  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:38:58.0013 0x0cb0  CryptSvc - ok
12:38:58.0091 0x0cb0  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
12:38:58.0148 0x0cb0  CSC - ok
12:38:58.0235 0x0cb0  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
12:38:58.0286 0x0cb0  CscService - ok
12:38:58.0371 0x0cb0  [ 10BEFAA3A8D69FD8D8C3572776984784, 34E0CE8123EF3DFC180FCF086B90A9703AF1A0F6B0A27B2630C465ACDF732E69 ] CTAUDFX.DLL     C:\Windows\System32\CTAUDFX.DLL
12:38:58.0455 0x0cb0  CTAUDFX.DLL - detected UnsignedFile.Multi.Generic ( 1 )
12:38:58.0455 0x0cb0  CTAUDFX.DLL ( UnsignedFile.Multi.Generic ) - warning
12:38:58.0476 0x0cb0  [ E07D540E71954FFF11FF2A0C23525693, 40817C299FD586CE125AD834913338AEF4ADA9BB194295A8833BBF1A0669DB23 ] CTEAPSFX.DLL    C:\Windows\System32\CTEAPSFX.DLL
12:38:58.0495 0x0cb0  CTEAPSFX.DLL - detected UnsignedFile.Multi.Generic ( 1 )
12:38:58.0496 0x0cb0  CTEAPSFX.DLL ( UnsignedFile.Multi.Generic ) - warning
12:38:58.0525 0x0cb0  [ 95EC8E61EA004244D5B717500ACF2CA5, 3BA1200D2024A094A0B4BF370A0B7012D34EE569A55E16DED8EC8B139032135A ] CTEDSPFX.DLL    C:\Windows\System32\CTEDSPFX.DLL
12:38:58.0555 0x0cb0  CTEDSPFX.DLL - detected UnsignedFile.Multi.Generic ( 1 )
12:38:58.0555 0x0cb0  CTEDSPFX.DLL ( UnsignedFile.Multi.Generic ) - warning
12:38:58.0600 0x0cb0  [ B6400F4BF7118EABAFFD3532708D0EA3, A50915D67E42D916918BA10B56D779CE8B28A7A6C99BD8908964EF879EDBF8FC ] CTEDSPIO.DLL    C:\Windows\System32\CTEDSPIO.DLL
12:38:58.0627 0x0cb0  CTEDSPIO.DLL - detected UnsignedFile.Multi.Generic ( 1 )
12:38:58.0627 0x0cb0  CTEDSPIO.DLL ( UnsignedFile.Multi.Generic ) - warning
12:38:58.0653 0x0cb0  [ 72FE0686C2E8590A557DDA0C5F019AD9, 25004570C485FEE5C210D3BD1B0165519E1A31DC4288C4D8D18B7489DC1165F0 ] CTEDSPSY.DLL    C:\Windows\System32\CTEDSPSY.DLL
12:38:58.0676 0x0cb0  CTEDSPSY.DLL - detected UnsignedFile.Multi.Generic ( 1 )
12:38:58.0676 0x0cb0  CTEDSPSY.DLL ( UnsignedFile.Multi.Generic ) - warning
12:38:58.0676 0x0cb0  Force sending object to P2P due to detect: CTEDSPSY.DLL
12:38:58.0677 0x0cb0  Object send P2P result: false
12:38:58.0872 0x0cb0  [ 8DB75899FF3D3720F6F29D8F0D6D5923, BFF9AF31AD7003462548E2E8263D74A47C95C228722BAF22485BAF35B17EA2DB ] CTSBLFX.DLL     C:\Windows\System32\CTSBLFX.DLL
12:38:58.0950 0x0cb0  CTSBLFX.DLL - detected UnsignedFile.Multi.Generic ( 1 )
12:38:58.0950 0x0cb0  CTSBLFX.DLL ( UnsignedFile.Multi.Generic ) - warning
12:38:58.0987 0x0cb0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:38:59.0033 0x0cb0  DcomLaunch - ok
12:38:59.0112 0x0cb0  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:38:59.0153 0x0cb0  defragsvc - ok
12:38:59.0231 0x0cb0  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:38:59.0275 0x0cb0  DfsC - ok
12:38:59.0515 0x0cb0  [ D51B32BA3897F630D99713B74B40D6A2, 5EB136A8248E6FA1316CFA273D9DC8F9C8E8CCB9AC00AE23C1337FBF5F6FDBEC ] DfSdkS          C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 5\DfSdkS64.exe
12:38:59.0600 0x0cb0  DfSdkS - detected UnsignedFile.Multi.Generic ( 1 )
12:38:59.0600 0x0cb0  DfSdkS ( UnsignedFile.Multi.Generic ) - warning
12:38:59.0635 0x0cb0  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:38:59.0680 0x0cb0  Dhcp - ok
12:38:59.0747 0x0cb0  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
12:38:59.0795 0x0cb0  discache - ok
12:38:59.0830 0x0cb0  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
12:38:59.0852 0x0cb0  Disk - ok
12:38:59.0976 0x0cb0  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:39:00.0085 0x0cb0  Dnscache - ok
12:39:00.0143 0x0cb0  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:39:00.0182 0x0cb0  dot3svc - ok
12:39:00.0216 0x0cb0  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
12:39:00.0267 0x0cb0  DPS - ok
12:39:00.0331 0x0cb0  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:39:00.0416 0x0cb0  drmkaud - ok
12:39:00.0512 0x0cb0  [ 6BE0CABF9A92C61545AF965F854B3844, 6B9FE8246BB2EECA715DBC95D136F5547E32AC70B9C5C72ECAD2506E0A438C7E ] DTSRVC          C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
12:39:00.0523 0x0cb0  DTSRVC - ok
12:39:00.0672 0x0cb0  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:39:00.0695 0x0cb0  DXGKrnl - ok
12:39:00.0776 0x0cb0  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
12:39:00.0841 0x0cb0  EapHost - ok
12:39:01.0156 0x0cb0  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
12:39:01.0330 0x0cb0  ebdrv - ok
12:39:01.0375 0x0cb0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
12:39:01.0427 0x0cb0  EFS - ok
12:39:01.0585 0x0cb0  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:39:01.0692 0x0cb0  ehRecvr - ok
12:39:01.0737 0x0cb0  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
12:39:01.0790 0x0cb0  ehSched - ok
12:39:01.0875 0x0cb0  [ 343ADA10D948DB29251F2D9C809AF204, CF69704755EC2643DFD245AE1D4E15D77F306AEB1A576FFA159453DE1A7345CB ] EIO64           C:\Windows\system32\DRIVERS\EIO64.sys
12:39:01.0896 0x0cb0  EIO64 - ok
12:39:01.0916 0x0cb0  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
12:39:01.0936 0x0cb0  elxstor - ok
12:39:01.0965 0x0cb0  EMSUSB2 - ok
12:39:02.0010 0x0cb0  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:39:02.0035 0x0cb0  ErrDev - ok
12:39:02.0106 0x0cb0  [ 84486624268E078255BC7AA47F0960BC, EC2540698B974572F0AC4A93D57C63295BAF66BF50F7416B9DFF5DE790EBDBE7 ] etdrv           C:\Windows\etdrv.sys
12:39:02.0135 0x0cb0  etdrv - ok
12:39:02.0343 0x0cb0  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
12:39:02.0400 0x0cb0  EventSystem - ok
12:39:02.0437 0x0cb0  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:39:02.0478 0x0cb0  exfat - ok
12:39:02.0512 0x0cb0  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:39:02.0598 0x0cb0  fastfat - ok
12:39:02.0731 0x0cb0  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
12:39:02.0816 0x0cb0  Fax - ok
12:39:02.0830 0x0cb0  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:39:02.0873 0x0cb0  fdc - ok
12:39:02.0876 0x0cb0  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
12:39:02.0910 0x0cb0  fdPHost - ok
12:39:02.0931 0x0cb0  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:39:02.0982 0x0cb0  FDResPub - ok
12:39:03.0008 0x0cb0  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:39:03.0017 0x0cb0  FileInfo - ok
12:39:03.0025 0x0cb0  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:39:03.0061 0x0cb0  Filetrace - ok
12:39:03.0087 0x0cb0  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:39:03.0110 0x0cb0  flpydisk - ok
12:39:03.0137 0x0cb0  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:39:03.0148 0x0cb0  FltMgr - ok
12:39:03.0253 0x0cb0  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
12:39:03.0293 0x0cb0  FontCache - ok
12:39:03.0528 0x0cb0  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:39:03.0565 0x0cb0  FontCache3.0.0.0 - ok
12:39:03.0590 0x0cb0  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:39:03.0598 0x0cb0  FsDepends - ok
12:39:03.0637 0x0cb0  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:39:03.0667 0x0cb0  Fs_Rec - ok
12:39:03.0753 0x0cb0  [ 0D015D3584704EC814A58276232F143B, 13290A33FEB4089DBD35259C60FD8BAD648DA2FC9435541FA89C7D9717AA095B ] Futuremark SystemInfo Service C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
12:39:03.0792 0x0cb0  Futuremark SystemInfo Service - ok
12:39:03.0930 0x0cb0  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:39:03.0965 0x0cb0  fvevol - ok
12:39:03.0976 0x0cb0  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
12:39:03.0986 0x0cb0  gagp30kx - ok
12:39:04.0036 0x0cb0  [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv            C:\Windows\gdrv.sys
12:39:04.0045 0x0cb0  gdrv - ok
12:39:04.0186 0x0cb0  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:39:04.0268 0x0cb0  gpsvc - ok
12:39:04.0413 0x0cb0  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:39:04.0421 0x0cb0  gupdate - ok
12:39:04.0440 0x0cb0  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:39:04.0446 0x0cb0  gupdatem - ok
12:39:04.0467 0x0cb0  [ 8126331FBD4ED29EB3B356F9C905064D, A58BCE904591DD762410E99960FD956FB579C2CE78FA7BF1406075D29537EF82 ] GVTDrv64        C:\Windows\GVTDrv64.sys
12:39:04.0476 0x0cb0  GVTDrv64 - ok
12:39:04.0560 0x0cb0  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
12:39:04.0566 0x0cb0  hamachi - ok
12:39:04.0943 0x0cb0  [ 72BE101788DD12A08ABF63AF801BE3B7, 9AFE6AB040C239E26B820520470DEDA449F47AAC70C295DC69F90BF8A2CBA69A ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
12:39:04.0990 0x0cb0  Hamachi2Svc - ok
12:39:05.0011 0x0cb0  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:39:05.0062 0x0cb0  hcw85cir - ok
12:39:05.0120 0x0cb0  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:39:05.0157 0x0cb0  HdAudAddService - ok
12:39:05.0212 0x0cb0  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
12:39:05.0242 0x0cb0  HDAudBus - ok
12:39:05.0246 0x0cb0  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
12:39:05.0268 0x0cb0  HidBatt - ok
12:39:05.0292 0x0cb0  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
12:39:05.0320 0x0cb0  HidBth - ok
12:39:05.0335 0x0cb0  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
12:39:05.0365 0x0cb0  HidIr - ok
12:39:05.0415 0x0cb0  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
12:39:05.0458 0x0cb0  hidserv - ok
12:39:05.0522 0x0cb0  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:39:05.0565 0x0cb0  HidUsb - ok
12:39:05.0621 0x0cb0  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:39:05.0660 0x0cb0  hkmsvc - ok
12:39:05.0717 0x0cb0  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:39:05.0760 0x0cb0  HomeGroupListener - ok
12:39:05.0821 0x0cb0  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:39:05.0845 0x0cb0  HomeGroupProvider - ok
12:39:05.0897 0x0cb0  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:39:05.0910 0x0cb0  HpSAMD - ok
12:39:05.0981 0x0cb0  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:39:06.0042 0x0cb0  HTTP - ok
12:39:06.0115 0x0cb0  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:39:06.0123 0x0cb0  hwpolicy - ok
12:39:06.0185 0x0cb0  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
12:39:06.0197 0x0cb0  i8042prt - ok
12:39:06.0298 0x0cb0  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:39:06.0315 0x0cb0  iaStorV - ok
12:39:06.0417 0x0cb0  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:39:06.0425 0x0cb0  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
12:39:06.0425 0x0cb0  IDriverT ( UnsignedFile.Multi.Generic ) - warning
12:39:06.0503 0x0cb0  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:39:06.0528 0x0cb0  idsvc - ok
12:39:06.0547 0x0cb0  IEEtwCollectorService - ok
12:39:06.0611 0x0cb0  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
12:39:06.0620 0x0cb0  iirsp - ok
12:39:06.0698 0x0cb0  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
12:39:06.0771 0x0cb0  IKEEXT - ok
12:39:07.0006 0x0cb0  [ E8017F1662D9142F45CEAB694D013C00, 75EE9DF292C4D980B9461ABEB8810D22DD57EBBAD5A37FE7B046CBAD419EE9E0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:39:07.0052 0x0cb0  IntcAzAudAddService - ok
12:39:07.0138 0x0cb0  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:39:07.0150 0x0cb0  intelide - ok
12:39:07.0167 0x0cb0  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:39:07.0197 0x0cb0  intelppm - ok
12:39:07.0237 0x0cb0  [ A01C412699B6F21645B2885C2BAE4454, EA85BBE63D6F66F7EFEE7007E770AF820D57F914C7F179C5FEE3EF2845F19C41 ] IOMap           C:\Windows\system32\drivers\IOMap64.sys
12:39:07.0246 0x0cb0  IOMap - ok
12:39:07.0310 0x0cb0  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:39:07.0353 0x0cb0  IPBusEnum - ok
12:39:07.0408 0x0cb0  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:39:07.0455 0x0cb0  IpFilterDriver - ok
12:39:07.0517 0x0cb0  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:39:07.0572 0x0cb0  iphlpsvc - ok
12:39:07.0625 0x0cb0  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:39:07.0683 0x0cb0  IPMIDRV - ok
12:39:07.0706 0x0cb0  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:39:07.0751 0x0cb0  IPNAT - ok
12:39:07.0772 0x0cb0  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:39:07.0823 0x0cb0  IRENUM - ok
12:39:07.0870 0x0cb0  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:39:07.0878 0x0cb0  isapnp - ok
12:39:08.0018 0x0cb0  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:39:08.0032 0x0cb0  iScsiPrt - ok
12:39:08.0095 0x0cb0  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:39:08.0102 0x0cb0  kbdclass - ok
12:39:08.0156 0x0cb0  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:39:08.0165 0x0cb0  kbdhid - ok
12:39:08.0178 0x0cb0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
12:39:08.0187 0x0cb0  KeyIso - ok
12:39:08.0231 0x0cb0  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:39:08.0242 0x0cb0  KSecDD - ok
12:39:08.0335 0x0cb0  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:39:08.0347 0x0cb0  KSecPkg - ok
12:39:08.0357 0x0cb0  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:39:08.0392 0x0cb0  ksthunk - ok
12:39:08.0447 0x0cb0  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:39:08.0495 0x0cb0  KtmRm - ok
12:39:08.0568 0x0cb0  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:39:08.0625 0x0cb0  LanmanServer - ok
12:39:08.0670 0x0cb0  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:39:08.0696 0x0cb0  LanmanWorkstation - ok
12:39:08.0913 0x0cb0  [ 70FB6254E29150A7A4A39FDFFD306C33, 23783F90F6A55B0FF506F6D11355F6E04DDFF66309EB029B155F4411B3CBB57A ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
12:39:08.0930 0x0cb0  LBTServ - ok
12:39:08.0980 0x0cb0  [ 1470EF17E02E82E4F43346DF9E9F11E1, 052D5D71F08B17ECA6013F9908369D101186429BA8B4F9D900BEE5B883A867F9 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
12:39:08.0990 0x0cb0  LHidFilt - ok
12:39:09.0117 0x0cb0  [ C34411A244029F1C08687F7C752C4563, 4FC1D6156D760AE8138547262B33677118BD9369F4930F5C5F9BAA2FE6E78EA3 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
12:39:09.0156 0x0cb0  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
12:39:09.0156 0x0cb0  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
12:39:09.0178 0x0cb0  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:39:09.0217 0x0cb0  lltdio - ok
12:39:09.0278 0x0cb0  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:39:09.0320 0x0cb0  lltdsvc - ok
12:39:09.0322 0x0cb0  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:39:09.0346 0x0cb0  lmhosts - ok
12:39:09.0453 0x0cb0  [ 687DBC3FCBB7C60192EF048066336F5C, 335E80F3B8F4A313840AB61D64A9C2E17C712A0DF38FE00DC252E3483AC03DA8 ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
12:39:09.0465 0x0cb0  LMIGuardianSvc - ok
12:39:09.0482 0x0cb0  [ 12814AE119E959437BEA3110F81BD188, 277A9AA641E8C70F4611B1AA0D7C998547BF109FDB117A4F2C0328663D4D7D71 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
12:39:09.0491 0x0cb0  LMouFilt - ok
12:39:09.0502 0x0cb0  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
12:39:09.0512 0x0cb0  LSI_FC - ok
12:39:09.0525 0x0cb0  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
12:39:09.0535 0x0cb0  LSI_SAS - ok
12:39:09.0542 0x0cb0  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:39:09.0552 0x0cb0  LSI_SAS2 - ok
12:39:09.0563 0x0cb0  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:39:09.0575 0x0cb0  LSI_SCSI - ok
12:39:09.0592 0x0cb0  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:39:09.0626 0x0cb0  luafv - ok
12:39:09.0700 0x0cb0  [ 67DC00F1EA2743A9CA4CDA5CA89AD2CB, 73939E4AFBA78B282EFA1AE02A0AA35E750DD33E0CA9CD6F192C650718D8BD6F ] LUsbFilt        C:\Windows\system32\Drivers\LUsbFilt.Sys
12:39:09.0708 0x0cb0  LUsbFilt - ok
12:39:09.0755 0x0cb0  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:39:09.0787 0x0cb0  Mcx2Svc - ok
12:39:09.0823 0x0cb0  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
12:39:09.0832 0x0cb0  megasas - ok
12:39:09.0852 0x0cb0  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
12:39:09.0865 0x0cb0  MegaSR - ok
12:39:09.0911 0x0cb0  [ 1595FECFFBE9EA2417E06D5FD0BFA4C4, 96006C7F19FDC1700EEBA870F96433D3260DEA06AD7215EAD8F1D74C953E1B50 ] MEMSWEEP2       C:\Windows\system32\2A6C.tmp
12:39:09.0940 0x0cb0  MEMSWEEP2 - detected UnsignedFile.Multi.Generic ( 1 )
12:39:09.0940 0x0cb0  MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - warning
12:39:09.0981 0x0cb0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
12:39:10.0017 0x0cb0  MMCSS - ok
12:39:10.0046 0x0cb0  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
12:39:10.0090 0x0cb0  Modem - ok
12:39:10.0155 0x0cb0  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:39:10.0188 0x0cb0  monitor - ok
12:39:10.0223 0x0cb0  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:39:10.0231 0x0cb0  mouclass - ok
12:39:10.0248 0x0cb0  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:39:10.0267 0x0cb0  mouhid - ok
12:39:10.0301 0x0cb0  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:39:10.0311 0x0cb0  mountmgr - ok
12:39:10.0403 0x0cb0  [ DEA022193DF8C88F6E2B3E33D148A5DB, 97DFC47DB83E04A975A1969AA120385463FCAF4E1A9984FD3220442D7026B45A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:39:10.0416 0x0cb0  MozillaMaintenance - ok
12:39:10.0460 0x0cb0  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:39:10.0472 0x0cb0  mpio - ok
12:39:10.0486 0x0cb0  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:39:10.0511 0x0cb0  mpsdrv - ok
12:39:10.0590 0x0cb0  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:39:10.0641 0x0cb0  MpsSvc - ok
12:39:10.0718 0x0cb0  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:39:10.0767 0x0cb0  MRxDAV - ok
12:39:10.0813 0x0cb0  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:39:10.0887 0x0cb0  mrxsmb - ok
12:39:10.0955 0x0cb0  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:39:11.0002 0x0cb0  mrxsmb10 - ok
12:39:11.0053 0x0cb0  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:39:11.0095 0x0cb0  mrxsmb20 - ok
12:39:11.0152 0x0cb0  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:39:11.0161 0x0cb0  msahci - ok
12:39:11.0182 0x0cb0  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:39:11.0192 0x0cb0  msdsm - ok
12:39:11.0208 0x0cb0  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
12:39:11.0240 0x0cb0  MSDTC - ok
12:39:11.0278 0x0cb0  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:39:11.0301 0x0cb0  Msfs - ok
12:39:11.0317 0x0cb0  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:39:11.0370 0x0cb0  mshidkmdf - ok
12:39:11.0447 0x0cb0  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:39:11.0456 0x0cb0  msisadrv - ok
12:39:11.0492 0x0cb0  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:39:11.0533 0x0cb0  MSiSCSI - ok
12:39:11.0536 0x0cb0  msiserver - ok
12:39:11.0550 0x0cb0  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:39:11.0597 0x0cb0  MSKSSRV - ok
12:39:11.0646 0x0cb0  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:39:11.0683 0x0cb0  MSPCLOCK - ok
12:39:11.0697 0x0cb0  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:39:11.0756 0x0cb0  MSPQM - ok
12:39:11.0817 0x0cb0  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:39:11.0832 0x0cb0  MsRPC - ok
12:39:11.0870 0x0cb0  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
12:39:11.0877 0x0cb0  mssmbios - ok
12:39:11.0892 0x0cb0  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:39:11.0928 0x0cb0  MSTEE - ok
12:39:11.0945 0x0cb0  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
12:39:11.0970 0x0cb0  MTConfig - ok
12:39:11.0995 0x0cb0  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
12:39:12.0003 0x0cb0  Mup - ok
12:39:12.0042 0x0cb0  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
12:39:12.0091 0x0cb0  napagent - ok
12:39:12.0142 0x0cb0  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:39:12.0179 0x0cb0  NativeWifiP - ok
12:39:12.0244 0x0cb0  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:39:12.0270 0x0cb0  NDIS - ok
12:39:12.0310 0x0cb0  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:39:12.0347 0x0cb0  NdisCap - ok
12:39:12.0392 0x0cb0  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:39:12.0426 0x0cb0  NdisTapi - ok
12:39:12.0489 0x0cb0  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:39:12.0532 0x0cb0  Ndisuio - ok
12:39:12.0589 0x0cb0  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:39:12.0636 0x0cb0  NdisWan - ok
12:39:12.0684 0x0cb0  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:39:12.0729 0x0cb0  NDProxy - ok
12:39:12.0767 0x0cb0  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:39:12.0802 0x0cb0  NetBIOS - ok
12:39:12.0860 0x0cb0  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:39:12.0887 0x0cb0  NetBT - ok
12:39:12.0901 0x0cb0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
12:39:12.0910 0x0cb0  Netlogon - ok
12:39:12.0964 0x0cb0  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
12:39:13.0036 0x0cb0  Netman - ok
12:39:13.0145 0x0cb0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:39:13.0184 0x0cb0  NetMsmqActivator - ok
12:39:13.0187 0x0cb0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:39:13.0199 0x0cb0  NetPipeActivator - ok
12:39:13.0230 0x0cb0  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
12:39:13.0289 0x0cb0  netprofm - ok
12:39:13.0351 0x0cb0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:39:13.0361 0x0cb0  NetTcpActivator - ok
12:39:13.0369 0x0cb0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:39:13.0380 0x0cb0  NetTcpPortSharing - ok
12:39:13.0426 0x0cb0  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
12:39:13.0545 0x0cb0  nfrd960 - ok
12:39:13.0635 0x0cb0  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:39:13.0672 0x0cb0  NlaSvc - ok
12:39:13.0700 0x0cb0  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:39:13.0794 0x0cb0  Npfs - ok
12:39:13.0802 0x0cb0  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
12:39:13.0846 0x0cb0  nsi - ok
12:39:13.0871 0x0cb0  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:39:13.0909 0x0cb0  nsiproxy - ok
12:39:13.0994 0x0cb0  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:39:14.0124 0x0cb0  Ntfs - ok
12:39:14.0195 0x0cb0  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
12:39:14.0265 0x0cb0  Null - ok
12:39:14.0320 0x0cb0  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:39:14.0344 0x0cb0  nvraid - ok
12:39:14.0409 0x0cb0  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:39:14.0421 0x0cb0  nvstor - ok
12:39:14.0467 0x0cb0  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:39:14.0477 0x0cb0  nv_agp - ok
12:39:14.0540 0x0cb0  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:39:14.0560 0x0cb0  ohci1394 - ok
12:39:14.0610 0x0cb0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:39:14.0660 0x0cb0  p2pimsvc - ok
12:39:14.0785 0x0cb0  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
12:39:14.0800 0x0cb0  p2psvc - ok
12:39:14.0821 0x0cb0  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
12:39:14.0831 0x0cb0  Parport - ok
12:39:14.0886 0x0cb0  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:39:14.0897 0x0cb0  partmgr - ok
12:39:14.0912 0x0cb0  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:39:14.0939 0x0cb0  PcaSvc - ok
12:39:15.0104 0x0cb0  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
12:39:15.0121 0x0cb0  pci - ok
12:39:15.0186 0x0cb0  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:39:15.0200 0x0cb0  pciide - ok
12:39:15.0289 0x0cb0  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
12:39:15.0322 0x0cb0  pcmcia - ok
12:39:15.0361 0x0cb0  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:39:15.0371 0x0cb0  pcw - ok
12:39:15.0439 0x0cb0  [ CD9E4A0D1ABF5DFCAAEAEF22FA324223, 0E1647DBDDCD3129BB1ABF068E2C0A2DD49FBEB91CD8571330BAA72418914654 ] PdiPorts        C:\Windows\system32\DRIVERS\PdiPorts.sys
12:39:15.0446 0x0cb0  PdiPorts - ok
12:39:15.0600 0x0cb0  [ DB7069A1984443EFE38E8E172E9D746A, BAA8E53B10814E57C3ADD33B2AD45A242816091FF08FBF9761DACAB7EEFB4C15 ] PdiService      C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
12:39:15.0621 0x0cb0  PdiService - ok
12:39:15.0641 0x0cb0  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:39:15.0701 0x0cb0  PEAUTH - ok
12:39:15.0834 0x0cb0  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
12:39:15.0961 0x0cb0  PeerDistSvc - ok
12:39:16.0152 0x0cb0  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:39:16.0185 0x0cb0  PerfHost - ok
12:39:16.0409 0x0cb0  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
12:39:16.0482 0x0cb0  pla - ok
12:39:16.0625 0x0cb0  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:39:16.0734 0x0cb0  PlugPlay - ok
12:39:16.0776 0x0cb0  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:39:16.0817 0x0cb0  PNRPAutoReg - ok
12:39:16.0914 0x0cb0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:39:16.0927 0x0cb0  PNRPsvc - ok
12:39:16.0954 0x0cb0  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:39:17.0012 0x0cb0  PolicyAgent - ok
12:39:17.0107 0x0cb0  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
12:39:17.0172 0x0cb0  Power - ok
12:39:17.0221 0x0cb0  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:39:17.0270 0x0cb0  PptpMiniport - ok
12:39:17.0297 0x0cb0  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
12:39:17.0351 0x0cb0  Processor - ok
12:39:17.0425 0x0cb0  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:39:17.0490 0x0cb0  ProfSvc - ok
12:39:17.0499 0x0cb0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:39:17.0507 0x0cb0  ProtectedStorage - ok
12:39:17.0537 0x0cb0  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:39:17.0575 0x0cb0  Psched - ok
12:39:17.0764 0x0cb0  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
12:39:17.0820 0x0cb0  ql2300 - ok
12:39:17.0841 0x0cb0  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
12:39:17.0872 0x0cb0  ql40xx - ok
12:39:17.0931 0x0cb0  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
12:39:18.0044 0x0cb0  QWAVE - ok
12:39:18.0060 0x0cb0  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:39:18.0117 0x0cb0  QWAVEdrv - ok
12:39:18.0164 0x0cb0  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:39:18.0210 0x0cb0  RasAcd - ok
12:39:18.0277 0x0cb0  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:39:18.0322 0x0cb0  RasAgileVpn - ok
12:39:18.0354 0x0cb0  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
12:39:18.0392 0x0cb0  RasAuto - ok
12:39:18.0435 0x0cb0  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:39:18.0477 0x0cb0  Rasl2tp - ok
12:39:18.0537 0x0cb0  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
12:39:18.0587 0x0cb0  RasMan - ok
12:39:18.0620 0x0cb0  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:39:18.0654 0x0cb0  RasPppoe - ok
12:39:18.0680 0x0cb0  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:39:18.0716 0x0cb0  RasSstp - ok
12:39:18.0746 0x0cb0  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:39:18.0794 0x0cb0  rdbss - ok
12:39:18.0824 0x0cb0  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:39:18.0849 0x0cb0  rdpbus - ok
12:39:18.0866 0x0cb0  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:39:18.0932 0x0cb0  RDPCDD - ok
12:39:19.0036 0x0cb0  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
12:39:19.0097 0x0cb0  RDPDR - ok
12:39:19.0145 0x0cb0  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:39:19.0179 0x0cb0  RDPENCDD - ok
12:39:19.0207 0x0cb0  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:39:19.0231 0x0cb0  RDPREFMP - ok
12:39:19.0341 0x0cb0  [ 70CBA1A0C98600A2AA1863479B35CB90, 91A133297921B4955817176251AFC5283DA3C7D2099700C4C92ECC94DBE9A99E ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:39:19.0436 0x0cb0  RdpVideoMiniport - ok
12:39:19.0540 0x0cb0  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:39:19.0630 0x0cb0  RDPWD - ok
12:39:19.0669 0x0cb0  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:39:19.0681 0x0cb0  rdyboost - ok
12:39:19.0780 0x0cb0  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:39:19.0836 0x0cb0  RemoteAccess - ok
12:39:19.0889 0x0cb0  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:39:19.0937 0x0cb0  RemoteRegistry - ok
12:39:20.0026 0x0cb0  [ BD517C7FB119997EFFBE39D5E4B37B05, 4B03555714824FE6C247FA9DF910671D7F1BA18C13DD82E5E7147F7AAB2BF6B1 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
12:39:20.0035 0x0cb0  RichVideo - detected UnsignedFile.Multi.Generic ( 1 )
12:39:20.0036 0x0cb0  RichVideo ( UnsignedFile.Multi.Generic ) - warning
12:39:20.0081 0x0cb0  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:39:20.0131 0x0cb0  RpcEptMapper - ok
12:39:20.0169 0x0cb0  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
12:39:20.0210 0x0cb0  RpcLocator - ok
12:39:20.0285 0x0cb0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
12:39:20.0316 0x0cb0  RpcSs - ok
12:39:20.0374 0x0cb0  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:39:20.0399 0x0cb0  rspndr - ok
12:39:20.0456 0x0cb0  [ ABCB5A38A0D85BDF69B7877E1AD1EED5, 44DF1A92E8FA53677A04C46088B0AD49F1F6A090820BE550A514C4FBFD91444D ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
12:39:20.0495 0x0cb0  RTL8167 - ok
12:39:20.0556 0x0cb0  [ ADC93A9B608729C2F9D22505032497B8, A25059D903C82F048670D9E4B1E947C93EB573161D386DE16A0AA45C3893C647 ] rusb3hub        C:\Windows\system32\DRIVERS\rusb3hub.sys
12:39:20.0592 0x0cb0  rusb3hub - ok
12:39:20.0647 0x0cb0  [ 0F9CF3CA4D93BE07FE2989766597AF41, D7C712738453D3494DAB4641DA8107B3B99F316FE2EDE768773BDD0F58D25DA4 ] rusb3xhc        C:\Windows\system32\DRIVERS\rusb3xhc.sys
12:39:20.0699 0x0cb0  rusb3xhc - ok
12:39:20.0749 0x0cb0  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
12:39:20.0771 0x0cb0  s3cap - ok
12:39:20.0780 0x0cb0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
12:39:20.0789 0x0cb0  SamSs - ok
12:39:21.0052 0x0cb0  [ 5EFBBFCC6ADAC121C8E2FE76641ED329, 0EAB16C7F54B61620277977F8C332737081A46BC6BBDE50742B6904BDD54F502 ] SANDRA          C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP1\WNt500x64\Sandra.sys
12:39:21.0069 0x0cb0  SANDRA - ok
12:39:21.0100 0x0cb0  [ 96F6F3E594D780B7E20FDC94504D4D89, FA8D15326B99CE37F7D0060BA43F5A773583D43ABA32512B7A955FD3E76EA37C ] SandraAgentSrv  C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP1\RpcAgentSrv.exe
12:39:21.0139 0x0cb0  SandraAgentSrv - detected UnsignedFile.Multi.Generic ( 1 )
12:39:21.0140 0x0cb0  SandraAgentSrv ( UnsignedFile.Multi.Generic ) - warning
12:39:21.0179 0x0cb0  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:39:21.0190 0x0cb0  sbp2port - ok
12:39:21.0299 0x0cb0  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:39:21.0387 0x0cb0  SCardSvr - ok
12:39:21.0437 0x0cb0  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:39:21.0476 0x0cb0  scfilter - ok
12:39:21.0781 0x0cb0  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
12:39:21.0841 0x0cb0  Schedule - ok
12:39:21.0909 0x0cb0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:39:21.0931 0x0cb0  SCPolicySvc - ok
12:39:22.0050 0x0cb0  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:39:22.0102 0x0cb0  SDRSVC - ok
12:39:22.0156 0x0cb0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:39:22.0197 0x0cb0  secdrv - ok
12:39:22.0242 0x0cb0  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
12:39:22.0275 0x0cb0  seclogon - ok
12:39:22.0296 0x0cb0  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
12:39:22.0361 0x0cb0  SENS - ok
12:39:22.0375 0x0cb0  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:39:22.0449 0x0cb0  SensrSvc - ok
12:39:22.0490 0x0cb0  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:39:22.0509 0x0cb0  Serenum - ok
12:39:22.0541 0x0cb0  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:39:22.0561 0x0cb0  Serial - ok
12:39:22.0591 0x0cb0  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
12:39:22.0612 0x0cb0  sermouse - ok
12:39:22.0667 0x0cb0  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
12:39:22.0716 0x0cb0  SessionEnv - ok
12:39:22.0766 0x0cb0  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:39:22.0832 0x0cb0  sffdisk - ok
12:39:22.0846 0x0cb0  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:39:22.0869 0x0cb0  sffp_mmc - ok
12:39:22.0887 0x0cb0  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:39:22.0924 0x0cb0  sffp_sd - ok
12:39:22.0980 0x0cb0  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
12:39:23.0050 0x0cb0  sfloppy - ok
12:39:23.0320 0x0cb0  [ B3E652014B28DA6047FF2C917B5D7622, 6C8B8B005B5BC97DF1FE2F4592FE5398AEE027191DB49373ED6DC6036B14607D ] SgtSch2Svc      C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
12:39:23.0395 0x0cb0  SgtSch2Svc - ok
12:39:23.0591 0x0cb0  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:39:23.0646 0x0cb0  SharedAccess - ok
12:39:23.0722 0x0cb0  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:39:23.0771 0x0cb0  ShellHWDetection - ok
12:39:23.0784 0x0cb0  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:39:23.0792 0x0cb0  SiSRaid2 - ok
12:39:23.0804 0x0cb0  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
12:39:23.0814 0x0cb0  SiSRaid4 - ok
12:39:23.0822 0x0cb0  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:39:23.0857 0x0cb0  Smb - ok
12:39:23.0917 0x0cb0  [ 32CDE417100C530964E79C53B4E994CA, 4BEAC22E7016031725F885A6C69AAE40F871074F01F334450773CE77C1E75BC8 ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
12:39:23.0957 0x0cb0  snapman - ok
12:39:23.0992 0x0cb0  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:39:24.0002 0x0cb0  SNMPTRAP - ok
12:39:24.0051 0x0cb0  [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan        C:\Windows\syswow64\speedfan.sys
12:39:24.0075 0x0cb0  speedfan - ok
12:39:24.0091 0x0cb0  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:39:24.0099 0x0cb0  spldr - ok
12:39:24.0259 0x0cb0  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
12:39:24.0301 0x0cb0  Spooler - ok
12:39:24.0421 0x0cb0  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
12:39:24.0520 0x0cb0  sppsvc - ok
12:39:24.0561 0x0cb0  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:39:24.0601 0x0cb0  sppuinotify - ok
12:39:24.0696 0x0cb0  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:39:24.0735 0x0cb0  srv - ok
12:39:24.0784 0x0cb0  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:39:24.0812 0x0cb0  srv2 - ok
12:39:24.0862 0x0cb0  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:39:24.0904 0x0cb0  srvnet - ok
12:39:24.0927 0x0cb0  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:39:24.0954 0x0cb0  SSDPSRV - ok
12:39:24.0966 0x0cb0  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:39:24.0990 0x0cb0  SstpSvc - ok
12:39:25.0121 0x0cb0  [ A993E6FD9549499099461A0B192EEC3F, EC17EBE9A0EF481E704E64D07D257C3380046CBB5D9CAFABA90D21A2B84191FF ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:39:25.0145 0x0cb0  Steam Client Service - ok
12:39:25.0177 0x0cb0  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
12:39:25.0187 0x0cb0  stexstor - ok
12:39:25.0271 0x0cb0  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
12:39:25.0317 0x0cb0  stisvc - ok
12:39:25.0384 0x0cb0  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
12:39:25.0392 0x0cb0  storflt - ok
12:39:25.0430 0x0cb0  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
12:39:25.0439 0x0cb0  storvsc - ok
12:39:25.0482 0x0cb0  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
12:39:25.0490 0x0cb0  swenum - ok
12:39:25.0510 0x0cb0  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
12:39:25.0555 0x0cb0  swprv - ok
12:39:25.0559 0x0cb0  Synth3dVsc - ok
12:39:25.0634 0x0cb0  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
12:39:25.0695 0x0cb0  SysMain - ok
12:39:25.0727 0x0cb0  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:39:25.0766 0x0cb0  TabletInputService - ok
12:39:25.0827 0x0cb0  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:39:25.0887 0x0cb0  TapiSrv - ok
12:39:25.0907 0x0cb0  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
12:39:25.0932 0x0cb0  TBS - ok
12:39:26.0026 0x0cb0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:39:26.0077 0x0cb0  Tcpip - ok
12:39:26.0159 0x0cb0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:39:26.0196 0x0cb0  TCPIP6 - ok
12:39:26.0256 0x0cb0  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:39:26.0265 0x0cb0  tcpipreg - ok
12:39:26.0301 0x0cb0  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:39:26.0361 0x0cb0  TDPIPE - ok
12:39:26.0452 0x0cb0  [ AC1FC18D04B92BAC16CBD85DE2A08A0B, 07758732DEC2EE22F6AA9BEE928E49B577C59BDBD3FD886D31E9F459010F74BE ] tdrpman         C:\Windows\system32\DRIVERS\tdrpman.sys
12:39:26.0484 0x0cb0  tdrpman - ok
12:39:26.0510 0x0cb0  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:39:26.0546 0x0cb0  TDTCP - ok
12:39:26.0582 0x0cb0  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:39:26.0606 0x0cb0  tdx - ok
12:39:26.0617 0x0cb0  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
12:39:26.0625 0x0cb0  TermDD - ok
12:39:26.0704 0x0cb0  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
12:39:26.0769 0x0cb0  TermService - ok
12:39:26.0779 0x0cb0  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
12:39:26.0790 0x0cb0  Themes - ok
12:39:26.0830 0x0cb0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
12:39:26.0854 0x0cb0  THREADORDER - ok
12:39:26.0919 0x0cb0  [ 3E24B7FE52BC455DA8D6E2CC2B4CA23F, 0AC9C626F0ED7F27CCE0236897D44836789331953AA0A73B2A88E4A91CF996B6 ] tifsfilter      C:\Windows\system32\DRIVERS\tifsfilt.sys
12:39:26.0927 0x0cb0  tifsfilter - ok
12:39:27.0010 0x0cb0  [ 6ADC063FD51F03EF0CAB3E716A725BD2, 887DD28D95C4EC374333ED3E6CA9EA9E79B237751A0AB1739CBA1B9B5E740D74 ] timounter       C:\Windows\system32\DRIVERS\timntr.sys
12:39:27.0039 0x0cb0  timounter - ok
12:39:27.0064 0x0cb0  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
12:39:27.0117 0x0cb0  TrkWks - ok
12:39:27.0205 0x0cb0  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:39:27.0232 0x0cb0  TrustedInstaller - ok
12:39:27.0394 0x0cb0  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:39:27.0467 0x0cb0  tssecsrv - ok
12:39:27.0536 0x0cb0  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:39:27.0734 0x0cb0  TsUsbFlt - ok
12:39:27.0737 0x0cb0  tsusbhub - ok
12:39:27.0834 0x0cb0  [ 4844D7420159BE1816F4666DF48E99A2, 84D50A3442CD3A610C46BD279454359E81113390C52F4F871D65AD96A92917CF ] ttdmx6fire      C:\Windows\system32\DRIVERS\ttdmx6fire_x64.sys
12:39:27.0850 0x0cb0  ttdmx6fire - ok
12:39:27.0879 0x0cb0  [ BDD1B012B0218242E8A4832F2208E9F5, 1158E540EC242E7422E7B8E6DFA93A94626B198F6AC9A07ED1706C3FDA425864 ] ttdmx6fireks    C:\Windows\system32\DRIVERS\ttdmx6fireks_x64.sys
12:39:27.0887 0x0cb0  ttdmx6fireks - ok
12:39:27.0939 0x0cb0  ttdmx6firesvc - ok
12:39:28.0027 0x0cb0  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:39:28.0071 0x0cb0  tunnel - ok
12:39:28.0131 0x0cb0  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
12:39:28.0140 0x0cb0  uagp35 - ok
12:39:28.0221 0x0cb0  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:39:28.0251 0x0cb0  udfs - ok
12:39:28.0271 0x0cb0  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:39:28.0282 0x0cb0  UI0Detect - ok
12:39:28.0366 0x0cb0  [ BC32AF0E8A4A6DCCD72D7734E8EF3191, B137A35AC53CCC14BF8F3C86F2F6E0A37720E4E553A3D6E0115F096FCD7F465A ] UI5IFS          C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 5\IFS64.sys
12:39:28.0374 0x0cb0  UI5IFS - ok
12:39:28.0388 0x0cb0  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:39:28.0396 0x0cb0  uliagpkx - ok
12:39:28.0471 0x0cb0  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
12:39:28.0491 0x0cb0  umbus - ok
12:39:28.0506 0x0cb0  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
12:39:28.0533 0x0cb0  UmPass - ok
12:39:28.0553 0x0cb0  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
12:39:28.0580 0x0cb0  UmRdpService - ok
12:39:28.0581 0x0cb0  Update-Service - ok
12:39:28.0619 0x0cb0  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
12:39:28.0670 0x0cb0  upnphost - ok
12:39:28.0734 0x0cb0  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:39:28.0750 0x0cb0  usbccgp - ok
12:39:28.0825 0x0cb0  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:39:28.0850 0x0cb0  usbcir - ok
12:39:28.0888 0x0cb0  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
12:39:28.0928 0x0cb0  usbehci - ok
12:39:28.0965 0x0cb0  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:39:28.0999 0x0cb0  usbhub - ok
12:39:29.0025 0x0cb0  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
12:39:29.0059 0x0cb0  usbohci - ok
12:39:29.0081 0x0cb0  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:39:29.0106 0x0cb0  usbprint - ok
12:39:29.0139 0x0cb0  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:39:29.0156 0x0cb0  USBSTOR - ok
12:39:29.0174 0x0cb0  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
12:39:29.0181 0x0cb0  usbuhci - ok
12:39:29.0211 0x0cb0  [ 88CE07826F25B851E824ED2E57106323, 40F367539B50C4FEA783FE887FFE73D20F27DF66735F3D7AE195F0D0013BF243 ] USTOR2K         C:\Windows\system32\DRIVERS\ustor2k.sys
12:39:29.0235 0x0cb0  USTOR2K - detected UnsignedFile.Multi.Generic ( 1 )
12:39:29.0236 0x0cb0  USTOR2K ( UnsignedFile.Multi.Generic ) - warning
12:39:29.0251 0x0cb0  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
12:39:29.0291 0x0cb0  UxSms - ok
12:39:29.0316 0x0cb0  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
12:39:29.0325 0x0cb0  VaultSvc - ok
12:39:29.0360 0x0cb0  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:39:29.0369 0x0cb0  vdrvroot - ok
12:39:29.0419 0x0cb0  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
12:39:29.0469 0x0cb0  vds - ok
12:39:29.0486 0x0cb0  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:39:29.0499 0x0cb0  vga - ok
12:39:29.0513 0x0cb0  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:39:29.0571 0x0cb0  VgaSave - ok
12:39:29.0574 0x0cb0  VGPU - ok
12:39:29.0645 0x0cb0  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:39:29.0656 0x0cb0  vhdmp - ok
12:39:29.0694 0x0cb0  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:39:29.0703 0x0cb0  viaide - ok
12:39:29.0770 0x0cb0  [ 96A4F56CBBA3DCF5D90CDA1BC218D040, 095F4BC461545028CB3EDBE986A29997B206C812AC6CF8B97097CEC7FE52127D ] vididr          C:\Windows\system32\DRIVERS\vididr.sys
12:39:29.0781 0x0cb0  vididr - ok
12:39:29.0820 0x0cb0  [ C69A784BEC737CD7460EBF3C3834D65E, 3D4CEC9E677FD6B08BE43DC19B3E422D403137E26A3B72443A513CD4AE5F41A2 ] vidsflt53       C:\Windows\system32\DRIVERS\vsflt53.sys
12:39:29.0830 0x0cb0  vidsflt53 - ok
12:39:29.0873 0x0cb0  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
12:39:29.0884 0x0cb0  vmbus - ok
12:39:29.0929 0x0cb0  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
12:39:29.0951 0x0cb0  VMBusHID - ok
12:39:30.0011 0x0cb0  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:39:30.0021 0x0cb0  volmgr - ok
12:39:30.0105 0x0cb0  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:39:30.0120 0x0cb0  volmgrx - ok
12:39:30.0161 0x0cb0  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:39:30.0174 0x0cb0  volsnap - ok
12:39:30.0191 0x0cb0  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
12:39:30.0204 0x0cb0  vsmraid - ok
12:39:30.0266 0x0cb0  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
12:39:30.0366 0x0cb0  VSS - ok
12:39:30.0533 0x0cb0  [ 96C3155C779F977E3F71459E935CFFE2, BE8C90D052E1B8A6E1B642935802C8F770F264A204BD9527CACC7AACA43E0FA7 ] vToolbarUpdater18.1.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe
12:39:30.0634 0x0cb0  vToolbarUpdater18.1.0 - detected UnsignedFile.Multi.Generic ( 1 )
12:39:30.0634 0x0cb0  vToolbarUpdater18.1.0 ( UnsignedFile.Multi.Generic ) - warning
12:39:30.0634 0x0cb0  Force sending object to P2P due to detect: vToolbarUpdater18.1.0
12:39:30.0639 0x0cb0  Object send P2P result: false
12:39:30.0660 0x0cb0  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
12:39:30.0695 0x0cb0  vwifibus - ok
12:39:30.0741 0x0cb0  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
12:39:30.0774 0x0cb0  W32Time - ok
12:39:30.0783 0x0cb0  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
12:39:30.0806 0x0cb0  WacomPen - ok
12:39:30.0821 0x0cb0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:39:30.0876 0x0cb0  WANARP - ok
12:39:30.0880 0x0cb0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:39:30.0903 0x0cb0  Wanarpv6 - ok
12:39:30.0985 0x0cb0  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
12:39:31.0030 0x0cb0  WatAdminSvc - ok
12:39:31.0113 0x0cb0  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
12:39:31.0181 0x0cb0  wbengine - ok
12:39:31.0198 0x0cb0  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:39:31.0214 0x0cb0  WbioSrvc - ok
12:39:31.0290 0x0cb0  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:39:31.0325 0x0cb0  wcncsvc - ok
12:39:31.0341 0x0cb0  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:39:31.0405 0x0cb0  WcsPlugInService - ok
12:39:31.0414 0x0cb0  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
12:39:31.0421 0x0cb0  Wd - ok
12:39:31.0513 0x0cb0  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:39:31.0538 0x0cb0  Wdf01000 - ok
12:39:31.0550 0x0cb0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:39:31.0638 0x0cb0  WdiServiceHost - ok
12:39:31.0640 0x0cb0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:39:31.0654 0x0cb0  WdiSystemHost - ok
12:39:31.0715 0x0cb0  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
12:39:31.0730 0x0cb0  WebClient - ok
12:39:31.0813 0x0cb0  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:39:31.0855 0x0cb0  Wecsvc - ok
12:39:31.0905 0x0cb0  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:39:31.0949 0x0cb0  wercplsupport - ok
12:39:31.0984 0x0cb0  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:39:32.0025 0x0cb0  WerSvc - ok
12:39:32.0050 0x0cb0  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:39:32.0101 0x0cb0  WfpLwf - ok
12:39:32.0134 0x0cb0  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:39:32.0143 0x0cb0  WIMMount - ok
12:39:32.0195 0x0cb0  WinDefend - ok
12:39:32.0228 0x0cb0  WinHttpAutoProxySvc - ok
12:39:32.0341 0x0cb0  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:39:32.0369 0x0cb0  Winmgmt - ok
12:39:32.0461 0x0cb0  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:39:32.0561 0x0cb0  WinRM - ok
12:39:32.0613 0x0cb0  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:39:32.0644 0x0cb0  Wlansvc - ok
12:39:32.0791 0x0cb0  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:39:32.0834 0x0cb0  wlidsvc - ok
12:39:32.0885 0x0cb0  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
12:39:32.0894 0x0cb0  WmiAcpi - ok
12:39:32.0933 0x0cb0  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:39:32.0945 0x0cb0  wmiApSrv - ok
12:39:32.0948 0x0cb0  WMPNetworkSvc - ok
12:39:32.0951 0x0cb0  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:39:32.0979 0x0cb0  WPCSvc - ok
12:39:33.0023 0x0cb0  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:39:33.0034 0x0cb0  WPDBusEnum - ok
12:39:33.0056 0x0cb0  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:39:33.0096 0x0cb0  ws2ifsl - ok
12:39:33.0114 0x0cb0  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
12:39:33.0140 0x0cb0  wscsvc - ok
12:39:33.0143 0x0cb0  WSearch - ok
12:39:33.0269 0x0cb0  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:39:33.0316 0x0cb0  wuauserv - ok
12:39:33.0388 0x0cb0  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:39:33.0425 0x0cb0  WudfPf - ok
12:39:33.0438 0x0cb0  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:39:33.0468 0x0cb0  WUDFRd - ok
12:39:33.0519 0x0cb0  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:39:33.0533 0x0cb0  wudfsvc - ok
12:39:33.0571 0x0cb0  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:39:33.0626 0x0cb0  WwanSvc - ok
12:39:33.0641 0x0cb0  ================ Scan global ===============================
12:39:33.0694 0x0cb0  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:39:33.0731 0x0cb0  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:39:33.0740 0x0cb0  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:39:33.0780 0x0cb0  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:39:33.0855 0x0cb0  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:39:33.0860 0x0cb0  [ Global ] - ok
12:39:33.0861 0x0cb0  ================ Scan MBR ==================================
12:39:33.0884 0x0cb0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:39:34.0100 0x0cb0  \Device\Harddisk0\DR0 - ok
12:39:34.0559 0x0cb0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
12:39:34.0786 0x0cb0  \Device\Harddisk1\DR1 - ok
12:39:34.0788 0x0cb0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
12:39:34.0869 0x0cb0  \Device\Harddisk2\DR2 - ok
12:39:34.0893 0x0cb0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
12:39:35.0141 0x0cb0  \Device\Harddisk3\DR3 - ok
12:39:35.0143 0x0cb0  [ 35C6B2FCDE68FACBEFE0A4A7200BAE58 ] \Device\Harddisk4\DR4
12:39:35.0388 0x0cb0  \Device\Harddisk4\DR4 - ok
12:39:35.0396 0x0cb0  [ 0792F22BCC85CFD3B28324561FFFCABB ] \Device\Harddisk5\DR5
12:39:35.0689 0x0cb0  \Device\Harddisk5\DR5 - ok
12:39:35.0689 0x0cb0  ================ Scan VBR ==================================
12:39:35.0690 0x0cb0  [ 27BE46A04F5ACD12E092E7E2B4DFB468 ] \Device\Harddisk0\DR0\Partition1
12:39:35.0691 0x0cb0  \Device\Harddisk0\DR0\Partition1 - ok
12:39:35.0693 0x0cb0  [ C3D9707D6D61622C47D37B78BDD15376 ] \Device\Harddisk0\DR0\Partition2
12:39:35.0694 0x0cb0  \Device\Harddisk0\DR0\Partition2 - ok
12:39:35.0724 0x0cb0  [ 7A572D33EE30FA67D95CF014C8ABA291 ] \Device\Harddisk0\DR0\Partition3
12:39:35.0725 0x0cb0  \Device\Harddisk0\DR0\Partition3 - ok
12:39:35.0741 0x0cb0  [ 656DE7420BF08F9098FB6F8BE5E97605 ] \Device\Harddisk0\DR0\Partition4
12:39:35.0743 0x0cb0  \Device\Harddisk0\DR0\Partition4 - ok
12:39:35.0751 0x0cb0  [ 12F0E10B6660554C5FFB26EA11E0FC56 ] \Device\Harddisk0\DR0\Partition5
12:39:35.0753 0x0cb0  \Device\Harddisk0\DR0\Partition5 - ok
12:39:35.0766 0x0cb0  [ 8EA8B822E6D7AD49A5F7F0ED26B578A5 ] \Device\Harddisk0\DR0\Partition6
12:39:35.0768 0x0cb0  \Device\Harddisk0\DR0\Partition6 - ok
12:39:35.0769 0x0cb0  [ A14F1F0FBA59AA3012D808ACDC6FDF65 ] \Device\Harddisk1\DR1\Partition1
12:39:35.0799 0x0cb0  \Device\Harddisk1\DR1\Partition1 - ok
12:39:35.0800 0x0cb0  [ 00EE5EC6A6AEB7EEF6588B90967309F9 ] \Device\Harddisk1\DR1\Partition2
12:39:35.0801 0x0cb0  \Device\Harddisk1\DR1\Partition2 - ok
12:39:35.0818 0x0cb0  [ 3312F08714B6AB9CC72DF5EDA6AF00BE ] \Device\Harddisk1\DR1\Partition3
12:39:35.0819 0x0cb0  \Device\Harddisk1\DR1\Partition3 - ok
12:39:35.0820 0x0cb0  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk2\DR2\Partition1
12:39:35.0820 0x0cb0  \Device\Harddisk2\DR2\Partition1 - ok
12:39:35.0823 0x0cb0  [ AA1BE5C71AC8FF0AFF683278F7C42B8A ] \Device\Harddisk2\DR2\Partition2
12:39:35.0879 0x0cb0  \Device\Harddisk2\DR2\Partition2 - ok
12:39:35.0891 0x0cb0  [ 10A62BA37A769330172EB35DCDE0CCC3 ] \Device\Harddisk2\DR2\Partition3
12:39:35.0940 0x0cb0  \Device\Harddisk2\DR2\Partition3 - ok
12:39:35.0968 0x0cb0  [ EF64315D0C7E3F60C061A4D1F7AB1E39 ] \Device\Harddisk3\DR3\Partition1
12:39:36.0040 0x0cb0  \Device\Harddisk3\DR3\Partition1 - ok
12:39:36.0041 0x0cb0  [ 20282A864D952CD072467612EC89F286 ] \Device\Harddisk3\DR3\Partition2
12:39:36.0108 0x0cb0  \Device\Harddisk3\DR3\Partition2 - ok
12:39:36.0124 0x0cb0  [ 85511C1D921AFD8F62D30CC4E2D34F3E ] \Device\Harddisk3\DR3\Partition3
12:39:36.0189 0x0cb0  \Device\Harddisk3\DR3\Partition3 - ok
12:39:36.0191 0x0cb0  [ 46DD2EE72F51FF53FDFA6425CEE41C15 ] \Device\Harddisk4\DR4\Partition1
12:39:36.0244 0x0cb0  \Device\Harddisk4\DR4\Partition1 - ok
12:39:36.0245 0x0cb0  [ F04CA3680D1E0E1E035BB063743203FA ] \Device\Harddisk4\DR4\Partition2
12:39:36.0290 0x0cb0  \Device\Harddisk4\DR4\Partition2 - ok
12:39:36.0321 0x0cb0  [ 4330FC4822D0D500E3C0295D749B9C1F ] \Device\Harddisk5\DR5\Partition1
12:39:36.0428 0x0cb0  \Device\Harddisk5\DR5\Partition1 - ok
12:39:36.0461 0x0cb0  [ 58E40124849417E24D15E9037E38F9CF ] \Device\Harddisk5\DR5\Partition2
12:39:36.0506 0x0cb0  \Device\Harddisk5\DR5\Partition2 - ok
12:39:36.0506 0x0cb0  ================ Scan generic autorun ======================
12:39:36.0796 0x0cb0  [ 798DF4955D7DE4552706B3ECB65B3C80, C0DD4999D8E5505EBC5ADB2B458339BA1444FE897C8568E872C9F8CCF7C5360B ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:39:36.0975 0x0cb0  RtHDVCpl - ok
12:39:36.0991 0x0cb0  AsioReg - ok
12:39:37.0078 0x0cb0  [ D63797E8E7781EE1500A810CB6194FA6, 5C96DA00B98F0776E6174EBB7D4D6DB634838E130D8581E11811831D2C57B119 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
12:39:37.0086 0x0cb0  SunJavaUpdateSched - ok
12:39:37.0215 0x0cb0  [ CFEDDB638643C9B4DDD1570EB17D7C16, 8EA72FAD24BA0DE4E207773CAADF6BAE7055C6B27E3E3D1B8B74EE726872054A ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
12:39:37.0279 0x0cb0  LogMeIn Hamachi Ui - ok
12:39:37.0390 0x0cb0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:39:37.0484 0x0cb0  Sidebar - ok
12:39:37.0529 0x0cb0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:39:37.0554 0x0cb0  mctadmin - ok
12:39:37.0590 0x0cb0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:39:37.0619 0x0cb0  Sidebar - ok
12:39:37.0624 0x0cb0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:39:37.0636 0x0cb0  mctadmin - ok
12:39:37.0758 0x0cb0  [ C368EA4E7312AF32FAD85967777121F4, CE5C7F80E4C24F65D7824BF1EE59E46EF47F39900BDBEE402D8EBD6E8BB2F382 ] C:\Program Files (x86)\Steam\steam.exe
12:39:37.0790 0x0cb0  Steam - ok
12:39:37.0996 0x0cb0  [ 24B1666FD14CC71C7B0679AC61625B90, 4243F0B91BF9EAB365BBC724F5984FEB3AD74DF91EAF15F36A44DEA0AEDB7D20 ] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
12:39:38.0068 0x0cb0  msnmsgr - ok
12:39:38.0233 0x0cb0  [ 4C8942B8721813E5C8874D47112DCF73, 85869B814417397D92A028CF841FC7B1B41E5D53EFF3470DED664484709C9FBA ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
12:39:38.0303 0x0cb0  LightScribe Control Panel - ok
12:39:38.0374 0x0cb0  [ 4C8942B8721813E5C8874D47112DCF73, 85869B814417397D92A028CF841FC7B1B41E5D53EFF3470DED664484709C9FBA ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
12:39:38.0420 0x0cb0  LightScribe Control Panel - ok
12:39:38.0489 0x0cb0  Win FW state via NFP2: disabled
12:39:38.0489 0x0cb0  ============================================================
12:39:38.0489 0x0cb0  Scan finished
12:39:38.0489 0x0cb0  ============================================================
12:39:38.0495 0x0570  Detected object count: 16
12:39:38.0495 0x0570  Actual detected object count: 16
12:39:49.0553 0x0570  ASDR ( UnsignedFile.Multi.Generic ) - skipped by user
12:39:49.0553 0x0570  ASDR ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:39:49.0554 0x0570  COMMONFX.DLL ( UnsignedFile.Multi.Generic ) - skipped by user
12:39:49.0554 0x0570  COMMONFX.DLL ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:39:49.0554 0x0570  CTAUDFX.DLL ( UnsignedFile.Multi.Generic ) - skipped by user
12:39:49.0554 0x0570  CTAUDFX.DLL ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:39:49.0555 0x0570  CTEAPSFX.DLL ( UnsignedFile.Multi.Generic ) - skipped by user
12:39:49.0555 0x0570  CTEAPSFX.DLL ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:39:49.0555 0x0570  CTEDSPFX.DLL ( UnsignedFile.Multi.Generic ) - skipped by user
12:39:49.0555 0x0570  CTEDSPFX.DLL ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:39:49.0557 0x0570  CTEDSPIO.DLL ( UnsignedFile.Multi.Generic ) - skipped by user
12:39:49.0557 0x0570  CTEDSPIO.DLL ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:39:49.0557 0x0570  CTEDSPSY.DLL ( UnsignedFile.Multi.Generic ) - skipped by user
12:39:49.0557 0x0570  CTEDSPSY.DLL ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:39:49.0558 0x0570  CTSBLFX.DLL ( UnsignedFile.Multi.Generic ) - skipped by user
12:39:49.0558 0x0570  CTSBLFX.DLL ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:39:49.0559 0x0570  DfSdkS ( UnsignedFile.Multi.Generic ) - skipped by user
12:39:49.0559 0x0570  DfSdkS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:39:49.0559 0x0570  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
12:39:49.0559 0x0570  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:39:49.0560 0x0570  LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
12:39:49.0560 0x0570  LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:39:49.0560 0x0570  MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - skipped by user
12:39:49.0560 0x0570  MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:39:49.0562 0x0570  RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
12:39:49.0562 0x0570  RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:39:49.0562 0x0570  SandraAgentSrv ( UnsignedFile.Multi.Generic ) - skipped by user
12:39:49.0562 0x0570  SandraAgentSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:39:49.0563 0x0570  USTOR2K ( UnsignedFile.Multi.Generic ) - skipped by user
12:39:49.0563 0x0570  USTOR2K ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:39:49.0563 0x0570  vToolbarUpdater18.1.0 ( UnsignedFile.Multi.Generic ) - skipped by user
12:39:49.0563 0x0570  vToolbarUpdater18.1.0 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:41:48.0685 0x0cc0  Deinitialize success

skrug10239 · 19.11.2014, 14:09

Ich hoffe die Heise Desinfect DVD kommt heute endlich an. Damit werde ich das Laufwerk auch mal scannen um zu sehen was der so findet.

Schlau werde ich aus der ganzen Sache nicht.
Internetverbindung steht. Netzwerkadapter sind online. Windows Updates lädt er im Hintergrund runter. Teamspeak verbindet sich mit dem Server.
Aber sonst funtz nix mit dem Netzwerk. Alles tot.
Irgendein Dienst muss es sich doch da zerlegt haben.
Habe schon viel gesehen und meistens lies es sich durch Rootkits-Scanner, Virenscanner usw. beheben.
Klar eine Neuinstallation macht uns Beiden jetzt am wenigsten Arbeit und dir am wenigsten Mühe, doch verliere ich dadurch viele Daten, muss alle Programme neu installieren und ich weiß nicht was die Ursache für den ganzen Schlamassel war und laufe in Gefahr dieses Programm wieder zu installieren und dann fängt es wieder von vorne an.

Ich hoffe du bleibst noch was bei der Stange und kannst mir helfen den Grund für dieses Problem zu finden (Jaja, klar das größte Problem sitzt vor dem Monitor und nennt sich User

das weiß ich.

)

Gruß

Achso, vergessen zu erwähnen, das alle alten Systemwiederherstellungspunkte weg sind.

Sonst hätte ich gerne mein System erst mal auf einen früheren Zeitpunkt zurückgesetzt.

Aufgrund der Komplexität des Problemes, und der selektiven Art und weise wie es arbeitet, habe ich mehr die Vermutung nicht eine Malware oder Trojaner zu haben, die ja recht unauffällig arbeiten, sondern eher Verdacht auf eine unglückliche gescheiterte Windows update Funktion die mit dem Bitdefender und dem Spybot kollidiert ist und ein Update gründlich daneben ging.

Weil bisher konnte ich auf diesen Laufwerk keine Malware finden.

Zudem ich regelmäßig auffällige Einträge im Autostart per Msconfig deaktiviere und nur AVAST, AVG, S&D, und unverzichtbares starten lasse.

schrauber · 19.11.2014, 19:11

Zitat:

Wobei ich das nicht als vergewaltigen sehe

Ok, wenn man nen Clean Boot macht geht das in Ordnung. Ich hab das aber auch schon in Logs gesehen ohne dass derjenige eigentlich wusste was er da macht

Zitat:

Eine Frage , hast Du Erfahrung mit Spybot Search&Destroy ?

Ja. Früher cool, heute überflüssig, da ist MBAM um welten besser.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

cmd: netsh winsock reset

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Guggst Du Internet

Wir sind dann aber noch nicht fertig.

skrug10239 · 21.11.2014, 08:42

Werde ich gleich machen mit dem FIX.

läuft aber noch Die Linux Desinfect von Heise (Nur scannen ohne was zu verändern) Nach 7 Stunden analysiert es jetzt die Logs.

Hoffe da kommt was raus. Obwohl ich weiterhin eher Windows Update im Verdacht habe, denn genau nach einem Autom. Winupdate ging nach dem Neustart nix mehr mit Internet und Netzwerk über Browser.

Ich poste dann auch die Logs von Avira und Bitdefender.
Der Kaspersky dauert mir zu lang, den lasse ich die Nacht laufen wenn ich schlafe. Lahme Engine von denen.

Hatte mal für eine EDV Soft und Hardware Firma gearbeitet vor etlichen Jahren.
Ich kann dir sagen was sich da bei manchen Leuten im Startmenü angesammelt hat.....
Da war dann die ganze Taskleiste voll mit Icons und die wunderten sich, das ihr Rechner plötzlich so langsam geworden ist.

Alles angeklickt und installiert was die im Netz gefunden hatten und das zu Zeiten von Singlecore und 512 MB Arbeitsspeicher unter Windows 98
Einmal kurz Startmenü entrümpelt und Akrakadabra die Kiste lief wieder flüßig. Bis nach 4 Wochen wieder alles zugemüllt war

Damals kam ich gut mit Icesword und S&D zurecht und ab und zu Regcleaner.
Das waren so die Tools mit denen man gut arbeiten konnte.
Trojaner und Bots waren da noch nicht so clever Programiert wie heute.

Update
Logfiles sind da von der Linux Desinfect.

Avira:

/media/Boot 1.5 TB Seagate/Users/Stefan/Downloads/dev-bm26/DEViANCE/game.dat
TR/Patched.Ren.Gen2

/media/Boot 1.5 TB Seagate/Program Files (x86)/Electronic Arts/The Battle for Middle-earth IIorg/The Battle for Middle-earth (tm) IIozzz/game.dat
TR/Patched.Ren.Gen2

/media/Boot 1.5 TB Seagate/Users/Stefan/AppData/Local/Temp/InstallShare13846/gutscheinfilter_q.exe
AVIRA (ADWARE/GFilter.Gen2) Bitdefender (Gen:Trojan.Heur2.FU.xmX@aaMuivv)

Hm, auch nix.
Die beiden Gamedats sind nix anderes als NoCD Patches, weil ich meine Spiele von Original CD instaliere und dann die CD/DVDs in den Schrank lege, damit da nix rankommt. (Steam ist da schon weiter und braucht keine DVDs mehr weshalb ich aktuelle Spiele darüber beziehe.)

Da die beiden Spiele alt sind und von mir schon seit 2 Jahren nicht mehr gestartet wurden fallen die Game.Dats als Ursache weg.
Wobei der Avira natürlich das gemeldet hatte und nicht der Bitdefender.
Avira nutze ich eigentlich nicht mehr, weil der gezielt Jagd auf NoCd Patches macht.
Soefern man weiß woher die kommen und andere Scanner drüberlaufen läßt die ohne Befund bleiben, ist man "relativ" sicher. Restrisiko bleibt immer.
Da der Bitdefender die beiden in Ruhe gelassen hat.....

Den Gutscheinfilter...Hm keine Ahnung woher ich den mal installiert hatte oder ob der nicht durch irgendein Browser Plugin nachinstalliert wurde.
Werde den mal bebachten und später löschen.

Werde die drei Dateien mit einem .vir am ende versehen um die als Ursache auszuschliesen.

So habe mal den Winsock als Admin resetet. Aber ohne Erfolg.

Dann mal mit netsh int ipv4 reset versucht.
aber immer noch kein TCP/IP und IE startet immer noch nicht.

Kann zwar im Netzwerk drucken, tunneln aber alle IP Zugriffe funktionieren nicht.

Jetzt habe ich mal alle WinUpdates runtergeschmissen, nach deren Neustart die Probleme anfingen.

Muss gleich rebooten.

Hier das Log fom FRST FIX.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-11-2014
Ran by Stefan at 2014-11-20 06:22:41 Run:1
Running from K:\DLL
Loaded Profile: Stefan (Available profiles: Stefan & Admin & Administrator)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
cmd: netsh winsock reset

*****************

========= netsh winsock reset =========

Hat leider nix geholfen, auch manuell unter CMD versucht als Admin.

Update von 19:00 Uhr
Ich habe grade WIn 7 ultimate 64bit auf eine neue Festplatte installiert.

erstmal lief alles wunderbar und er begann die Updates runterzuladen, aber als ich dann Avast und Chrome installiert hatte war mein Internet wieder weg.

Allerdings blieb das lokale Netzwerk funktionsfähig und ich hatte vollen Routerzugriff.

Nachdem ich dann Chrome deinstalliert hatte, läufts wieder rund und es werden weiter updates runtergeladen. 167 stück von Windows.

Bin gespannt ob er danach noch rund läuft und werde die Nacht mal den Chrome von meinen anderen alten Win7 entfernen.

Mal schauen ob es was bringt.

Update 19:05 Uhr
und wieder Internet weg. Aber durch Router Reboot wieder Verbindung bekommen.
Nicht das jetzt noch der Router spinnt.

Update heute 08:30 Uhr

Die NoCD Patches alle gelöscht. keine Veränderung am Problem.

Habe aber einen Hinweis bei Heise gefunden.
Dort hat das Windows Update der letzten Tage bei Rechner die Win 8.1 und Avast drauf hatten zu schweren Problemen geführt.

Anscheinend ist wohl mit dem Windowsupdate Mist gebaut worden und betrifft nicht nur Win 8 sondern wohl auch Win 7 und einige Anitvierenscanner, da ja auch Internetschwierigkeiten bei meinem neuen Windows 7 auf der neuen Platte auftauchten, als das Update installiert worden ist.
Allerdings hatte ich da nun einen anderen Virenscanner, sodaß ein Kaltstart der Netzwerkhardware das Problem beim neuen Windows behoben hat.

Das alte Win7 funzt weiterhin nicht richtig. Trotz Deinstallation des Windows Updates.
Trotz Deinstallation und Neuinstallation von meinen Firefox.
Da hat das Update wohl einiges angerichtet.

Gibts ein Programm was da mal mittels Logfile mir zeigen kann, was dort zerschossen wurde ?

Gruß

schrauber · 22.11.2014, 08:50

Du kannst das All in One Repair laufen lassen.

Lade Dir bitte Windows Repair - All in one von tweaking.com hier herunter und installiere es.
Deaktiviere bitte (wenn möglich) Dein Antivirusprogramm.
Bedenke, dass die einzelnen Reparaturen einige Zeit benötigen. Starte keine anderen Anwendungen in dieser Zeit.
Starte das Programm und führe die Punkte 1-5 durch. (Siehe Bildanleitung)
Achte darauf, dass bei Dir die Häkchen so gesetzt sind wie unter Punkt 4.
Setze auch ein Häkchen bei "Restart/Shutdown System" und klicke "Restart System" an bevor Du Punkt 5 durchführst.

skrug10239 · 25.11.2014, 07:34

Hab es mal laufen lassen.
Wurden einige kleiner Fehler mit CHKDSK behoben.

Systemdateien wurden repariert.
Die ganzen Minireparaturen erfolgraich durchgeführt.

Keine Besserung.

Internetexplorer will immer noch nicht starten und immer noch kein Netzwerk übers TCP/IP Protokoll.

Ich boote den PC nochmal im Abgesicherten Modus und lasse das Programm dann nochmal durchlaufen.
Mal schauen ob es was bringt.

Mir ist so etwas bisher noch nie untergekommen. Man sollte eigentlich meinen, solch ein Problem lasse sich reparieren.

Gruß

schrauber · 25.11.2014, 17:51

Ich würde jetzt einfach nen Inplace Upgrade per Scheibe machen. Dann muss es eigentlich gehen.

15.11.2014, 11:36	#4
schrauber /// the machine /// TB-Ausbilder	Böser Trojaner ? (Kein zugriff mehr auf System32 ) ok. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

25.11.2014, 17:51	#15
schrauber /// the machine /// TB-Ausbilder	Böser Trojaner ? (Kein zugriff mehr auf System32 ) Ich würde jetzt einfach nen Inplace Upgrade per Scheibe machen. Dann muss es eigentlich gehen. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Böser Trojaner ? (Kein zugriff mehr auf System32 )

Plagegeister aller Art und deren Bekämpfung: Böser Trojaner ? (Kein zugriff mehr auf System32 )