| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
07.05.2014, 19:40
| #1 |
 |  winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? Hallo ein Prob mein vater hat den Anhang einer mail geöffnet und es wurde was installiert...nun lassen sich meine Antivierenprogramme nicht öffnen.... Vielleicht könnt ihr mir ja helfen.Vielen Dank Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-05-2014
Ran by bender90 (administrator) on SVEN on 07-05-2014 20:30:08
Running from C:\Users\bender90\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Yuna Software) C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
() C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\bender90\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
() C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro SafeSync\hrfscore.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
() C:\ProgramData\Windows Manager\winmgr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-06] (Egis Technology Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-12] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [629280 2009-08-18] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [0 ] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM-x32\...\Run: [Live Update 5] => C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe [315392 2012-01-30] ()
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-08-13] (MSI)
HKLM-x32\...\Run: [CommandCenter] => C:\Program Files (x86)\MSI\CommandCenter\StartCommandCenter.exe [809968 2013-09-26] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [Spotify Web Helper] => C:\Users\bender90\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-21] (Spotify Ltd)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1825984 2014-04-24] (Valve Corporation)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe [3344384 2010-12-23] ()
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-04-11] (Raptr, Inc)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [RGSC] => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\RunOnce: [WindowsUpdate] - C:\ProgramData\Windows Manager\winmgr.exe [21158400 2014-05-03] ()
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\CurrentVersion\Windows: [Load] C:\ProgramData\Microsoft.com <===== ATTENTION
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\MountPoints2: {db36818b-b92d-11e0-abaa-00116b983502} - K:\pushinst.exe
IFEO\AvastSvc.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\AvastUI.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avcenter.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avconfig.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgcsrvx.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgidsagent.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgnt.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgrsx.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgwdsvc.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avp.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\bdagent.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\ccuac.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\ComboFix.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\egui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\hijackthis.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\instup.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\keyscrambler.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbam.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamgui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbampt.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamscheduler.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamservice.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MpCmdRun.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MSASCui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MsMpEng.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\msseces.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\rstrui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\spybotsd.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\wireshark.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\zlclient.exe: [Debugger] C:\Windows\system32\Microsoft.com
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA9CCCD5AD521CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKLM-x32 - {609D962F-363E-4443-AFE7-514C6434FBC4} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://startsear.ch/?aff=1&q={searchTerms}
SearchScopes: HKCU - {4327FABE-3C22-4689-8DBF-D226CF777FE9} URL = hxxp://plusnetwork.com/?sp=brw&q={searchTerms}
SearchScopes: HKCU - {609D962F-363E-4443-AFE7-514C6434FBC4} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://startsear.ch/?aff=1&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: IE5BarLauncherBHO Class - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Browser Companion Helper Verifier - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll ( )
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM-x32 - VShareToolBar - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - No File
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - No File
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - No File
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - No File
Handler-x32: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default
FF SearchEngineOrder.1: Web Search
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.facebook.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.116.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.96.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @stonetrip.com/ShiVaWebPlayer,version=1.8.1.0 - C:\Users\bender90\AppData\Roaming\..\LocalLow\StoneTrip\WebPlayer1.8.1\npShiVa3D_1.8.1.dll (Stonetrip)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll (vShare.tv )
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icq-search.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icqplugin-3.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\Plusnetwork.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\startsear.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\ich@maltegoetz.de [2013-12-11]
FF Extension: Rain Alarm Extension - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\rain-alarm@mdiener.de [2014-03-27]
FF Extension: WEB.DE MailCheck - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\toolbar@web.de.xpi [2011-12-19]
FF Extension: NoScript - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-07-19]
FF Extension: Adblock Plus - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-19]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [0 ] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [0 ] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [0 ] (Avira Operations GmbH & Co. KG)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 MsgPlusService; C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [128000 2013-05-07] (Yuna Software)
S3 MSIBIOSData_CC; C:\Program Files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe [2100736 2013-09-11] (MSI)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe [307712 2013-09-16] ()
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\MSICommService.exe [2114560 2013-09-12] ()
S3 MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe [4110336 2013-09-12] ()
R2 MSICTL_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe [1985536 2013-08-15] ()
S3 MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe [2224640 2013-09-11] ()
S3 MSISaveLoad_CC; C:\Program Files (x86)\MSI\CommandCenter\MSISaveLoadService.exe [3957248 2013-07-18] ()
S3 MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe [177152 2013-09-11] ()
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe [503808 2013-09-12] ()
S3 MSIWMI_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIWMIService.exe [182272 2013-08-23] ()
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-08-19] (MSI)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
R3 OnlineStorageService; C:\Program Files\Trend Micro SafeSync\hrfscore.exe [7908664 2012-07-12] (Trend Micro Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-28] ()
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [15888 2013-04-01] (Intel(R) Corporation)
==================== Drivers (Whitelisted) ====================
R3 AcpiCtlDrv; C:\Windows\System32\DRIVERS\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-01] (DT Soft Ltd)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21408 2013-08-01] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21920 2013-08-01] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [25448 2013-01-07] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-08-01] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NTIOLib_MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
R3 NTIOLib_MSIRatio_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NTIOLib_MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation )
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2013-03-12] (Realtek Semiconductor Corporation )
S3 tap0901_openvpn_accl; C:\Windows\System32\DRIVERS\tap0901_openvpn_accl.sys [37912 2012-08-21] (The OpenVPN Project)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-09-17] (Anchorfree Inc.)
S3 NTIOLib_1_0_C; \??\C:\MSI\MSI SUITE\NTIOLib_X64.sys [X]
S3 NTIOLib_1_1_S; \??\C:\MSI\MSI SUITE\Super-Charger\NTIOLib_X64.sys [X]
S3 NTIOLib_FastBoot; \??\C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteComCen; \??\C:\MSI\MSI SUITE\ControlCenter\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteFB; \??\C:\MSI\MSI SUITE\FastBoot\NTIOLib_X64.sys [X]
S3 PCDSRVC{1368CD8C-499695F1-06020101}_0; \??\c:\users\bender90\appdata\local\temp\wvsialvzwkma\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{3368CD8C-528FE905-06020101}_0; \??\c:\users\bender90\appdata\local\temp\8bi4_nfmp78t\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{A368CD8C-0AEEE3CC-06020101}_0; \??\c:\users\bender90\appdata\local\temp\ao_cb0cvvayd\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{A368CD8C-62FE955B-06020101}_0; \??\c:\users\bender90\appdata\local\temp\1kn9s8jfcbti\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{F368CD8C-EEA1AE2B-06020101}_0; \??\c:\users\bender90\appdata\local\temp\j8ecgnp9oixx\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-07 20:28 - 2014-05-07 20:28 - 00047296 _____ () C:\Users\bender90\Downloads\Addition.txt
2014-05-07 20:27 - 2014-05-07 20:30 - 00029066 _____ () C:\Users\bender90\Downloads\FRST.txt
2014-05-07 20:27 - 2014-05-07 20:30 - 00000000 ____D () C:\FRST
2014-05-07 20:26 - 2014-05-07 20:26 - 02063872 _____ (Farbar) C:\Users\bender90\Downloads\FRST64.exe
2014-05-07 19:57 - 2014-05-07 19:57 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-07 19:55 - 2014-05-07 20:26 - 00000000 __SHD () C:\ProgramData\Windows Manager
2014-05-07 19:55 - 2014-05-03 17:07 - 21158400 __RSH (Mirillis Ltd.) C:\Windows\SysWOW64\Microsoft.com
2014-05-07 19:55 - 2014-05-03 17:07 - 21158400 __RSH (Mirillis Ltd.) C:\ProgramData\Microsoft.com
2014-04-30 18:16 - 2014-05-07 19:03 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\UseNeXT
2014-04-30 18:16 - 2014-05-07 18:54 - 00000000 ____D () C:\Users\bender90\Documents\UseNeXT
2014-04-30 18:16 - 2014-04-30 18:16 - 00001861 _____ () C:\Users\bender90\Desktop\UseNeXT by Tangysoft.lnk
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-04-30 18:15 - 2014-04-30 18:15 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\bender90\Downloads\UseNeXTSetup_5.63.exe
2014-04-26 09:03 - 2014-04-26 09:06 - 295347968 _____ (AMD Inc.) C:\Users\bender90\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe
2014-04-08 18:00 - 2014-04-08 18:00 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-08 18:00 - 2014-04-08 18:00 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-08 18:00 - 2014-04-08 18:00 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-08 18:00 - 2014-04-08 18:00 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-08 18:00 - 2014-04-08 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-08 18:00 - 2014-04-08 18:00 - 00000000 ____D () C:\Program Files\Java
2014-04-08 17:59 - 2014-04-08 17:59 - 30796712 _____ (Oracle Corporation) C:\Users\bender90\Downloads\jre-7u51-windows-x64.exe
2014-04-08 15:49 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-04-08 15:49 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-04-08 15:49 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-04-08 15:49 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-04-08 15:49 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-04-08 15:49 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-04-08 15:49 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-04-08 15:49 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-04-08 15:49 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-04-08 15:49 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-04-08 15:49 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-04-08 15:49 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-04-08 15:49 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-04-08 15:49 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-04-08 15:49 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-04-08 15:49 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-04-08 15:49 - 2013-10-01 22:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-08 15:49 - 2013-10-01 22:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-08 15:44 - 2013-12-21 11:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-08 15:44 - 2013-12-21 10:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-08 15:43 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-08 15:43 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-08 15:43 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-08 15:43 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-08 15:43 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-08 15:43 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-08 15:43 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-08 15:43 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-08 15:43 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-08 15:43 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-08 15:43 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-08 15:43 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-08 15:43 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-08 15:43 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-08 15:43 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-08 15:43 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-08 15:43 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-08 15:43 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-08 15:43 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-08 15:43 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-08 15:43 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-08 15:43 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-08 15:43 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-08 15:43 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-08 15:43 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-08 15:43 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-08 15:43 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-08 15:43 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-08 15:43 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-08 15:43 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-08 15:43 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-08 15:43 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-08 15:43 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-08 15:43 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-08 15:43 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-08 15:43 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-08 15:43 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-08 15:43 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-08 15:43 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-08 15:43 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-08 15:43 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-04-08 15:43 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
==================== One Month Modified Files and Folders =======
2014-05-07 20:30 - 2014-05-07 20:27 - 00029066 _____ () C:\Users\bender90\Downloads\FRST.txt
2014-05-07 20:30 - 2014-05-07 20:27 - 00000000 ____D () C:\FRST
2014-05-07 20:28 - 2014-05-07 20:28 - 00047296 _____ () C:\Users\bender90\Downloads\Addition.txt
2014-05-07 20:26 - 2014-05-07 20:26 - 02063872 _____ (Farbar) C:\Users\bender90\Downloads\FRST64.exe
2014-05-07 20:26 - 2014-05-07 19:55 - 00000000 __SHD () C:\ProgramData\Windows Manager
2014-05-07 20:25 - 2011-06-17 07:45 - 01116030 _____ () C:\Windows\WindowsUpdate.log
2014-05-07 19:59 - 2012-10-29 11:36 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Spotify
2014-05-07 19:57 - 2014-05-07 19:57 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-07 19:54 - 2012-11-09 16:41 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\vlc
2014-05-07 19:53 - 2013-02-08 10:58 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-07 19:50 - 2013-10-30 18:43 - 00000000 ____D () C:\Users\bender90\AppData\Local\CrashDumps
2014-05-07 19:49 - 2012-10-29 11:36 - 00000000 ____D () C:\Users\bender90\AppData\Local\Spotify
2014-05-07 19:40 - 2012-03-30 09:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-07 19:03 - 2014-04-30 18:16 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\UseNeXT
2014-05-07 18:54 - 2014-04-30 18:16 - 00000000 ____D () C:\Users\bender90\Documents\UseNeXT
2014-05-07 17:00 - 2014-02-04 16:45 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Raptr
2014-05-07 13:23 - 2014-03-06 21:49 - 00000000 ____D () C:\ProgramData\PMS
2014-05-07 13:07 - 2009-07-14 06:45 - 00014592 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-07 13:07 - 2009-07-14 06:45 - 00014592 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-07 13:06 - 2011-06-17 17:37 - 00699884 _____ () C:\Windows\system32\perfh007.dat
2014-05-07 13:06 - 2011-06-17 17:37 - 00149766 _____ () C:\Windows\system32\perfc007.dat
2014-05-07 13:06 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-07 13:03 - 2013-05-28 10:52 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C0979D09-93B8-4BB6-A5B3-C8605BA24C41}
2014-05-07 13:01 - 2013-04-16 20:33 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-07 13:00 - 2013-02-08 10:58 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-07 12:59 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-07 12:59 - 2009-07-14 06:51 - 00307820 _____ () C:\Windows\setupact.log
2014-05-05 17:55 - 2011-07-28 18:02 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-05 17:52 - 2011-09-29 11:46 - 00000000 ____D () C:\ProgramData\Origin
2014-05-05 17:52 - 2011-09-29 11:46 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-03 17:07 - 2014-05-07 19:55 - 21158400 __RSH (Mirillis Ltd.) C:\Windows\SysWOW64\Microsoft.com
2014-05-03 17:07 - 2014-05-07 19:55 - 21158400 __RSH (Mirillis Ltd.) C:\ProgramData\Microsoft.com
2014-05-02 18:45 - 2013-10-01 19:57 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Mirillis
2014-05-02 18:45 - 2013-10-01 19:57 - 00000000 ____D () C:\Users\bender90\AppData\Local\Mirillis
2014-05-02 18:45 - 2013-10-01 19:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
2014-05-02 18:44 - 2013-10-01 19:57 - 00000020 _____ () C:\Windows\capsys184523.log
2014-05-02 17:25 - 2011-07-28 18:02 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-05-01 08:39 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-30 18:16 - 2014-04-30 18:16 - 00001861 _____ () C:\Users\bender90\Desktop\UseNeXT by Tangysoft.lnk
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-04-30 18:15 - 2014-04-30 18:15 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\bender90\Downloads\UseNeXTSetup_5.63.exe
2014-04-29 14:38 - 2012-03-30 09:21 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 14:38 - 2012-03-30 09:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 14:38 - 2011-07-28 21:38 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-26 09:06 - 2014-04-26 09:03 - 295347968 _____ (AMD Inc.) C:\Users\bender90\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe
2014-04-17 20:11 - 2014-02-04 16:43 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-04-14 21:03 - 2011-08-02 17:58 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\SoftGrid Client
2014-04-14 19:50 - 2011-08-15 12:09 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\TS3Client
2014-04-09 15:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-08 18:00 - 2014-04-08 18:00 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-08 18:00 - 2014-04-08 18:00 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-08 18:00 - 2014-04-08 18:00 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-08 18:00 - 2014-04-08 18:00 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-08 18:00 - 2014-04-08 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-08 18:00 - 2014-04-08 18:00 - 00000000 ____D () C:\Program Files\Java
2014-04-08 17:59 - 2014-04-08 17:59 - 30796712 _____ (Oracle Corporation) C:\Users\bender90\Downloads\jre-7u51-windows-x64.exe
2014-04-08 17:59 - 2011-07-31 19:21 - 00000000 ____D () C:\Users\bender90\AppData\Local\Adobe
2014-04-08 15:47 - 2011-08-02 17:58 - 01595580 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
Files to move or delete:
====================
C:\Users\bender90\AppData\Roaming\Camdata.ini
C:\Users\bender90\AppData\Roaming\CamLayout.ini
C:\Users\bender90\AppData\Roaming\CamShapes.ini
C:\ProgramData\ldsw_0paos.pad
Some content of TEMP:
====================
C:\Users\bender90\AppData\Local\Temp\13-12_win7_win8_64_dd_ccc_whql.exe
C:\Users\bender90\AppData\Local\Temp\avgnt.exe
C:\Users\bender90\AppData\Local\Temp\detectionapi_rd.dll
C:\Users\bender90\AppData\Local\Temp\detectionui_r.exe
C:\Users\bender90\AppData\Local\Temp\directx10tests_rd.dll
C:\Users\bender90\AppData\Local\Temp\directx11tests_rd.dll
C:\Users\bender90\AppData\Local\Temp\directx9tests_rd.dll
C:\Users\bender90\AppData\Local\Temp\jna1324566697984281769.dll
C:\Users\bender90\AppData\Local\Temp\jna4101322631714976574.dll
C:\Users\bender90\AppData\Local\Temp\jna4383689400269149208.dll
C:\Users\bender90\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\bender90\AppData\Local\Temp\local.dll
C:\Users\bender90\AppData\Local\Temp\MirillisAction!1.18.0.exe
C:\Users\bender90\AppData\Local\Temp\MsgPlusUninstall.exe
C:\Users\bender90\AppData\Local\Temp\raptrpatch.exe
C:\Users\bender90\AppData\Local\Temp\rootsupd.exe
C:\Users\bender90\AppData\Local\Temp\sonarinst.exe
C:\Users\bender90\AppData\Local\Temp\upnp.exe
C:\Users\bender90\AppData\Local\Temp\upx.exe
C:\Users\bender90\AppData\Local\Temp\vlc-2.1.3-win32.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-29 17:23
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-05-2014
Ran by bender90 at 2014-05-07 20:30:21
Running from C:\Users\bender90\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 2 (SP2) (x32 Version: - Microsoft) Hidden
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.1.6731 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.1.6731 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.2.19 - NewTech Infosystems)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3003 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3005 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0812 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3014 - Acer Incorporated)
ACPI Driver Installer (HKLM-x32\...\553E35CD-0415-41bc-B39A-410375E88534) (Version: 2.1 - Intel Corporation)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
aerosoft's - German Airports 3 - Berlin-Tegel X (HKLM-x32\...\{3DAD565E-1275-4EE8-9568-932CB7B75FB8}) (Version: 1.00 - aerosoft)
aerosoft's - German Airports 3 - Hamburg X (HKLM-x32\...\{EA6E7823-9E5B-4EDD-9750-C3C87FDF0460}) (Version: 1.00 - aerosoft)
aerosoft's - Mega Airport Frankfurt X (HKLM-x32\...\{BAEE0C24-C8C2-4820-9DF4-887909F1A286}) (Version: 1.01 - aerosoft)
Aerosoft's - MyTraffic 2010 (HKLM-x32\...\{37F50C53-EDED-4FFE-9877-532A335C5C18}) (Version: 6.00 - Aerosoft)
AIDA64 Extreme Edition v2.70 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 2.70 - FinalWire Ltd.)
Airline Tycoon 2 v1.01 (HKLM-x32\...\AirlineTycoon2_is1) (Version: - Kalypso Media)
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Backup Manager Advance (x32 Version: 2.0.2.19 - NewTech Infosystems) Hidden
Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.4.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.0 - Electronic Arts)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
BrowserCompanion (HKLM-x32\...\BrowserCompanion) (Version: - ) <==== ATTENTION
Call of Duty (HKLM-x32\...\Call of Duty) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CommandCenter (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.0.29 - MSI)
Company of Heroes - FAKEMSI (x32 Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes (HKLM-x32\...\Company of Heroes) (Version: 2.602.0 - THQ Inc.)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0315 - DT Soft Ltd)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media)
EA Installer (HKLM-x32\...\EA Installer.-1797597899) (Version: 2.3.0.74 - Electronic Arts, Inc.)
Emergency 4 Deluxe (HKLM-x32\...\{EDA12670-56B5-4459-BA21-D010F0E3EBA1}) (Version: 1.03.001 - )
Emsisoft HiJackFree 4.5 (HKLM-x32\...\Emsisoft HiJackFree_is1) (Version: 4.5 - Emsi Software GmbH)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.0) (Version: 0.70.0 - ESN Social Software AB)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Free YouTube to MP3 Converter version 3.12.2.430 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.2.430 - DVDVideoSoft Ltd.)
FUSSBALL MANAGER 11 (HKLM-x32\...\FUSSBALL MANAGER 11) (Version: - Electronic Arts)
FUSSBALL MANAGER 12 (HKLM-x32\...\FUSSBALL MANAGER 12) (Version: 1.0.0.3 - Electronic Arts)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version: - Rockstar North / Toronto)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - IO Interactive)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 1.00.3004 - Acer Incorporated)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3001 - Acer Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.10.1372 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{B1AC3709-3E98-4F2C-A84E-4BCA2A452E64}) (Version: 4.2.40.2418 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version: - Intel Corporation)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
K-Lite Codec Pack 9.9.5 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.9.5 - )
Live Update 5 (HKLM-x32\...\{36F6E986-D2D1-403C-8BD3-D95EF7BC705D}}_is1) (Version: 5.0.109 - MSI)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.50 (HKLM\...\Logitech Gaming Software) (Version: 8.50.281 - Logitech Inc.)
MAGIX Foto Manager 8 (HKLM-x32\...\MAGIX Foto Manager 8 D) (Version: 6.0.1.471 - MAGIX AG)
MAGIX Fotobuch 3.6 (HKLM-x32\...\MAGIX Fotobuch) (Version: 3.6 - MAGIX AG)
MAGIX Media Suite (HKLM-x32\...\MAGIX Media Suite D) (Version: 1.13.0.112 - MAGIX AG)
MAGIX Online Druck Service 3.4.3.0 (D) (HKLM-x32\...\MAGIX Online Druck Service D) (Version: 3.4.3.0 - MAGIX AG)
MAGIX Ringtone Maker SE (HKLM-x32\...\MAGIX Ringtone Maker SE D) (Version: 3.1.0.5 - MAGIX AG)
MAGIX Screenshare (HKLM-x32\...\MAGIX_{A7E29614-2CEB-42CE-A696-EF640A9777B2}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare (Version: 4.3.6.1987 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{A77C3BFA-A6C7-420B-8786-71BC063DE5C0}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video easy 4 HD (HKLM-x32\...\MAGIX_{0FD91AEB-C9AF-4BE9-8071-61F46B6AFBB8}) (Version: 4.0.0.30 - MAGIX AG)
MAGIX Video easy 4 HD (Version: 4.0.0.30 - MAGIX AG) Hidden
Medal of Honor Allied Assault (HKLM-x32\...\{0DEA94ED-915A-4834-A87E-388D012C8E02}) (Version: - )
Medal of Honor™ Warfighter (HKLM-x32\...\{1040143F-FEFB-4B90-8E51-E47D40E14C4E}) (Version: 1.0.0.3 - Electronic Arts)
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version: - Oberon Media)
Messenger Plus! for Skype (HKLM-x32\...\Messenger Plus! for Skype) (Version: 1.8.0.125 - Yuna Software)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Flight Simulator X (x32 Version: 10.0.61355.0 - Microsoft Game Studios) Hidden
Microsoft Flight Simulator X Service Pack 1 (x32 Version: 10.0.61355.0 - Microsoft Game Studios) Hidden
Microsoft Flight Simulator X Service Pack 2 (HKLM-x32\...\{E7CC4B85-DC2F-463F-8FEB-E7398E25C19A}) (Version: 10.0.61472.0 - Microsoft Game Studios)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (x32 Version: 3.5.8080.0 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mouse Editor (HKLM-x32\...\InstallShield_{20D0FE9A-816F-4218-9F5E-67B4198052FF}) (Version: 10.12.0003 - Ihr Firmenname)
MOUSE Editor (x32 Version: 10.12.0003 - Ihr Firmenname) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSI Intel Extreme Tuning Utility (HKLM-x32\...\{2301bb34-385a-4a57-877f-c54347957fad}) (Version: 4.0.6.305 - Intel Corporation)
MSI Intel Extreme Tuning Utility (x32 Version: 4.0.6.305 - Intel Corporation) Hidden
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
mufin player (HKLM-x32\...\mufin player D) (Version: 1.0.0.98 - MAGIX AG)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.72.0 - Egis Technology Inc.)
Nero 9 Essentials (HKLM-x32\...\{bd521da1-d38b-47ae-824a-c66007866327}) (Version: - Nero AG)
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.7.201 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.7.201 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.9.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.7.201 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.8.1 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.11.209 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.1.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.16.0.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.10.505 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 3.0.4 - Vitalwerks Internet Solutions LLC)
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4550 - Electronic Arts, Inc.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PDF24 Creator 5.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6959 - Realtek Semiconductor Corp.)
Silent Hunter 5 (HKLM-x32\...\{AC61C594-5F86-4BE9-ABAF-763C6A8E2302}) (Version: 1.0.1 - Ubisoft)
SimCity 4 Deluxe (HKLM-x32\...\{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}) (Version: 1.0.0.0 - Electronic Arts)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 2.0.0.0 - Electronic Arts)
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Star Defender 4 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}) (Version: - Oberon Media)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.019 - MSI)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
The Movies(TM) (HKLM-x32\...\InstallShield_{0556F885-2415-4666-B53E-33727E46AEA1}) (Version: 1.0 - Activision)
The Movies(TM) (x32 Version: 1.0 - Activision) Hidden
TP-LINK TL-WN821N(C)_TL-WN822N_TL-WN823N Driver (HKLM-x32\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Trend Micro SafeSync (HKLM\...\HFRS_is1) (Version: 5.1.0.1173 - Trend Micro)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version: - Tangysoft Ltd.)
Virtual DJ - Atomix Productions (HKLM-x32\...\Virtual DJ - Atomix Productions) (Version: - )
VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
vShare.tv plugin 1.3 (HKLM-x32\...\vShare.tv plugin) (Version: 1.3 - vShare.tv, Inc.) <==== ATTENTION
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3005 - Acer Incorporated)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
==================== Restore Points =========================
29-04-2014 15:30:03 Geplanter Prüfpunkt
07-05-2014 17:00:11 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2009-07-14 04:34 - 2012-03-29 11:24 - 00001395 _RASH C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
149.5.18.172 www.google-analytics.com.
149.5.18.172 ad-emea.doubleclick.net.
149.5.18.172 www.statcounter.com.
108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.
==================== Scheduled Tasks (whitelisted) =============
Task: {08C660F4-40F6-407B-8DF7-E5AB94248F11} - System32\Tasks\task4999894 => C:\Users\bender90\AppData\Local\Temp\cgs8h1.exe <==== ATTENTION
Task: {0978D71D-0AB2-40DD-A28B-CA3BE2FAD6F3} - System32\Tasks\{567795F9-9CD9-4ADB-9564-A9E88AA91319} => K:\Autorun.exe
Task: {214A1F64-5C6B-4600-9B0E-8C0481C12BA8} - System32\Tasks\{CF91E79D-D816-4736-8853-808CC6180726} => K:\Autorun.exe
Task: {532D7A68-9123-4150-80D1-E54921F9D1A7} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2009-07-09] (Acer)
Task: {8888669A-595F-4057-8361-3A478208B163} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08] (Google Inc.)
Task: {935C46DF-4BAB-45DA-86D7-DD74D00238AD} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2637058006-716935516-2651843933-1000
Task: {A000A393-F221-4DEC-8F71-D9F238B4B69E} - System32\Tasks\{5504C86C-4880-46BB-8923-076C4F7D04F7} => E:\setup.exe
Task: {A78A3AEE-CDFB-4112-A8F1-3296EC1A722E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08] (Google Inc.)
Task: {B7CD19B0-7DBB-4329-8AC1-DB5B49AC89D5} - System32\Tasks\{C14836D9-D315-46CB-B70E-575644EDFF33} => K:\Autorun.exe
Task: {B91D97E3-8B0F-4685-84B2-4919F0FB573F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29] (Adobe Systems Incorporated)
Task: {D981D123-8BE9-4187-B695-7EC28FCBF6FC} - System32\Tasks\{7BDE3F1D-0DF2-4D63-96D0-4B366F3105CB} => K:\setup.exe
Task: {DEF73EDA-A067-403A-B932-8ABC4C9F85A5} - System32\Tasks\{D04D3D78-1584-46E0-8022-649C499199F8} => C:\Windows\system32\msiexec.exe [2010-11-20] (Microsoft Corporation)
Task: {DF58737F-BD31-4C35-9289-3848093C8DEB} - System32\Tasks\{E05891E5-A95E-4388-88EE-FF062B866EB6} => K:\setup.exe
Task: {FB81D614-B6C1-4988-BEED-37F03B347F2E} - System32\Tasks\{C9409708-8F70-4C68-A71C-D1471CA654EB} => K:\Autorun.exe
Task: {FE7796E8-538D-4BAD-A655-CA149DAF981D} - System32\Tasks\{A188004D-74B8-46D7-A735-FE76C35440F0} => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-08-01 17:31 - 2013-08-01 17:31 - 00198120 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-08-01 17:31 - 2013-08-01 17:31 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-08-01 17:31 - 2013-08-01 17:31 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2013-10-17 11:38 - 2013-08-15 16:28 - 01985536 _____ () C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe
2011-07-28 18:02 - 2013-10-28 23:21 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-08-25 19:33 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2010-12-23 11:00 - 2010-12-23 11:00 - 03344384 _____ () C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe
2014-02-04 15:01 - 2013-04-08 16:29 - 00846848 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
2009-08-18 09:27 - 2009-08-18 09:27 - 00629280 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
2014-05-07 19:55 - 2014-05-03 17:07 - 21158400 _____ () C:\ProgramData\Windows Manager\winmgr.exe
2009-02-03 02:33 - 2009-02-03 02:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 02:55 - 2008-09-29 02:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2010-12-02 11:56 - 2010-12-02 11:56 - 00815104 _____ () C:\Program Files (x86)\MOUSE Editor\Data\MouseEditor\Forms\OSD_Text\OSD_Text.dll
2010-10-11 04:13 - 2010-10-11 04:13 - 00087040 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_MouseDeviceManager.dll
2010-11-24 03:11 - 2010-11-24 03:11 - 02535936 _____ () C:\Program Files (x86)\MOUSE Editor\Data\MouseEditor\Forms\ScreenCapture\ScreenCapture.dll
2010-12-02 14:01 - 2010-12-02 14:01 - 00994304 _____ () C:\Program Files (x86)\MOUSE Editor\Data\MouseEditor\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll
2010-09-20 08:18 - 2010-09-20 08:18 - 00085504 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_ZoomControl.dll
2010-09-20 08:18 - 2010-09-20 08:18 - 00054272 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_ScrollbarControl.dll
2010-09-20 08:19 - 2010-09-20 08:19 - 00062976 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_AnalyzeGesturesInRight.dll
2010-11-01 14:16 - 2010-11-01 14:16 - 00062976 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_AnalyzeGesturesInOne.dll
2010-09-20 08:18 - 2010-09-20 08:18 - 00117760 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_Wheel4D.dll
2014-02-04 15:01 - 2013-03-12 21:48 - 01411072 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
2014-02-04 15:01 - 2013-04-02 12:34 - 00193024 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
2014-02-04 15:01 - 2013-04-02 12:34 - 00297472 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJRtl.dll
2009-08-18 09:31 - 2009-08-18 09:31 - 00163840 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-02-22 00:32 - 2014-02-22 00:32 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-02-22 00:32 - 2014-02-22 00:32 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-02-22 00:32 - 2014-02-22 00:32 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-02-22 00:32 - 2014-02-22 00:32 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00124928 _____ () C:\Program Files (x86)\Raptr\_elementtree.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2012-02-06 22:28 - 2012-02-06 22:28 - 00031744 _____ () C:\Program Files (x86)\Raptr\Crypto.Cipher.AES.pyd
2012-02-06 22:28 - 2012-02-06 22:28 - 00010752 _____ () C:\Program Files (x86)\Raptr\Crypto.Random.OSRNG.winrandom.pyd
2012-02-06 22:28 - 2012-02-06 22:28 - 00011264 _____ () C:\Program Files (x86)\Raptr\Crypto.Util._counter.pyd
2011-05-10 21:01 - 2011-05-10 21:01 - 00030208 _____ () C:\Program Files (x86)\Raptr\simplejson._speedups.pyd
2014-02-22 00:32 - 2014-02-22 00:32 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00016384 _____ () C:\Program Files (x86)\Raptr\win32trace.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2013-11-21 02:05 - 2013-11-21 02:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2014-04-29 14:38 - 2014-04-29 14:38 - 16351920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2012-10-27 09:53 - 2012-10-27 09:53 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 01:06 - 2010-11-23 01:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2013-10-17 11:45 - 2013-09-04 07:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-03-19 00:55 - 2014-03-19 00:55 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupreg: HKCU => C:\Windows\windows 7\server.exe
MSCONFIG\startupreg: MessengerPlusForSkypeService => "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"
==================== Faulty Device Manager Devices =============
Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/07/2014 07:53:57 PM) (Source: .NET Runtime) (User: ) (EventID: 1022)
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 6976. Meldungs-ID: [0x2509].
Error: (05/07/2014 07:50:17 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.3.0, Zeitstempel: 0x00000004
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00036fa6
ID des fehlerhaften Prozesses: 0x4fc
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Error: (05/07/2014 07:49:48 PM) (Source: .NET Runtime) (User: ) (EventID: 1022)
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 6680. Meldungs-ID: [0x2509].
Error: (05/07/2014 06:54:36 PM) (Source: SideBySide) (User: ) (EventID: 63)
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (05/07/2014 06:42:54 PM) (Source: .NET Runtime) (User: ) (EventID: 1022)
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 1536. Meldungs-ID: [0x2509].
Error: (05/07/2014 06:40:38 PM) (Source: .NET Runtime) (User: ) (EventID: 1022)
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 1456. Meldungs-ID: [0x2509].
Error: (05/07/2014 06:14:46 PM) (Source: .NET Runtime) (User: ) (EventID: 1022)
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 1064. Meldungs-ID: [0x2509].
Error: (05/07/2014 01:03:11 PM) (Source: .NET Runtime) (User: ) (EventID: 1022)
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 2336. Meldungs-ID: [0x2509].
Error: (05/02/2014 08:08:07 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: mwlshellext.dll, Version: 3.1.72.0, Zeitstempel: 0x4a7b0f60
Ausnahmecode: 0xc000041d
Fehleroffset: 0x000000000000438d
ID des fehlerhaften Prozesses: 0x1f48
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Error: (05/02/2014 08:08:03 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: mwlshellext.dll, Version: 3.1.72.0, Zeitstempel: 0x4a7b0f60
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000438d
ID des fehlerhaften Prozesses: 0x1f48
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
System errors:
=============
Error: (05/07/2014 08:25:22 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT) (EventID: 10000)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126
Error: (05/07/2014 00:59:44 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT) (EventID: 10000)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126
Error: (05/05/2014 05:13:57 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT) (EventID: 10000)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126
Error: (05/02/2014 02:19:45 PM) (Source: Service Control Manager) (User: ) (EventID: 7034)
Description: Dienst "MSISuperIO_CC" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/02/2014 02:19:20 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT) (EventID: 10000)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126
Error: (05/01/2014 08:36:51 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT) (EventID: 10000)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126
Error: (04/30/2014 07:36:40 PM) (Source: DCOM) (User: ) (EventID: 10010)
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}
Error: (04/30/2014 05:44:17 PM) (Source: Service Control Manager) (User: ) (EventID: 7034)
Description: Dienst "MSISuperIO_CC" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (04/30/2014 05:43:34 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT) (EventID: 10000)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126
Error: (04/30/2014 09:35:18 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT) (EventID: 10000)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126
Microsoft Office Sessions:
=========================
Error: (09/09/2013 10:11:08 AM) (Source: Microsoft Office 12 Sessions) (User: ) (EventID: 7001)
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Percentage of memory in use: 15%
Total physical RAM: 16328.07 MB
Available physical RAM: 13817.56 MB
Total Pagefile: 32654.33 MB
Available Pagefile: 29266.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:689.04 GB) (Free:260.91 GB) NTFS
Drive d: (DATA) (Fixed) (Total:689.57 GB) (Free:689.46 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: B2B05A62)
Partition 1: (Not Active) - (Size=19 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=689 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=690 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
07.05.2014, 19:50
| #2 |
| /// the machine /// TB-Ausbilder    | winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? hi,
__________________Revo Uninstaller - Download - Filepony Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION Mit Revo auch Moderat die Reste entfernen lassen. Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
08.05.2014, 08:59
| #3 |
| | winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? und wie gehts das bei dem Programm?
__________________zb die datei Task: {08C660F4-40F6-407B-8DF7-E5AB94248F11} - System32\Tasks\task4999894 => C:\Users\bender90\AppData\Local\Temp\cgs8h1.exe <==== ATTENTION finde ich garnicht auf meinen rechner habe heute mal geschaut...also weder antivir noch spybot noch Systemwiederherstellung noch Windows Defender lassen sich starten.Das heißt wohl der Virus blockt die Programme.Aus dem Taskmanager brauch man ihn garnicht löschen er startet dann neu. Gibt es noch irgendein anderes Programm wie man den ohne Windows Neuaufsetzen entfernen kann? TDSSKiller Log Code:
ATTFilter 09:55:10.0213 0x15b8 TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
09:55:14.0919 0x15b8 ============================================================
09:55:14.0920 0x15b8 Current date / time: 2014/05/08 09:55:14.0919
09:55:14.0920 0x15b8 SystemInfo:
09:55:14.0920 0x15b8
09:55:14.0920 0x15b8 OS Version: 6.1.7601 ServicePack: 1.0
09:55:14.0920 0x15b8 Product type: Workstation
09:55:14.0920 0x15b8 ComputerName: SVEN
09:55:14.0920 0x15b8 UserName: bender90
09:55:14.0920 0x15b8 Windows directory: C:\Windows
09:55:14.0920 0x15b8 System windows directory: C:\Windows
09:55:14.0920 0x15b8 Running under WOW64
09:55:14.0920 0x15b8 Processor architecture: Intel x64
09:55:14.0920 0x15b8 Number of processors: 8
09:55:14.0920 0x15b8 Page size: 0x1000
09:55:14.0920 0x15b8 Boot type: Normal boot
09:55:14.0920 0x15b8 ============================================================
09:55:20.0267 0x15b8 KLMD registered as C:\Windows\system32\drivers\04793012.sys
09:55:20.0324 0x15b8 System UUID: {92DE4E6C-AD9F-E64D-3DA8-F38E17A756AD}
09:55:20.0648 0x15b8 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:55:20.0660 0x15b8 ============================================================
09:55:20.0660 0x15b8 \Device\Harddisk0\DR0:
09:55:20.0660 0x15b8 MBR partitions:
09:55:20.0660 0x15b8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x251C800, BlocksNum 0x32000
09:55:20.0660 0x15b8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x254E800, BlocksNum 0x56214000
09:55:20.0660 0x15b8 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x58762800, BlocksNum 0x56324800
09:55:20.0660 0x15b8 ============================================================
09:55:20.0680 0x15b8 C: <-> \Device\Harddisk0\DR0\Partition2
09:55:20.0728 0x15b8 D: <-> \Device\Harddisk0\DR0\Partition3
09:55:20.0728 0x15b8 ============================================================
09:55:20.0728 0x15b8 Initialize success
09:55:20.0728 0x15b8 ============================================================
09:56:22.0822 0x0b60 ============================================================
09:56:22.0822 0x0b60 Scan started
09:56:22.0822 0x0b60 Mode: Manual; SigCheck; TDLFS;
09:56:22.0822 0x0b60 ============================================================
09:56:22.0822 0x0b60 KSN ping started
09:56:36.0466 0x0b60 KSN ping finished: true
09:56:37.0671 0x0b60 ================ Scan system memory ========================
09:56:37.0671 0x0b60 System memory - ok
09:56:37.0671 0x0b60 ================ Scan services =============================
09:56:37.0839 0x0b60 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:56:37.0908 0x0b60 1394ohci - ok
09:56:37.0933 0x0b60 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:56:37.0943 0x0b60 ACPI - ok
09:56:38.0002 0x0b60 [ 2EA3EB3E69B6480AB112E876F3096312, 4A22343D8F261BE90F7287318EAC5B187F49D1C375174E4B526A0F3A27CD8346 ] AcpiCtlDrv C:\Windows\system32\DRIVERS\AcpiCtlDrv.sys
09:56:38.0009 0x0b60 AcpiCtlDrv - ok
09:56:38.0033 0x0b60 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:56:38.0072 0x0b60 AcpiPmi - ok
09:56:38.0273 0x0b60 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:56:38.0279 0x0b60 AdobeARMservice - ok
09:56:38.0405 0x0b60 [ 7C7E868E1D8096ED08D80FF7712BB9D8, EB4438F3CC377728173E018A763F0D0A8D5BBA4A289F554036D06B24030D2D62 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:56:38.0412 0x0b60 AdobeFlashPlayerUpdateSvc - ok
09:56:38.0441 0x0b60 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
09:56:38.0455 0x0b60 adp94xx - ok
09:56:38.0485 0x0b60 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
09:56:38.0496 0x0b60 adpahci - ok
09:56:38.0537 0x0b60 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
09:56:38.0545 0x0b60 adpu320 - ok
09:56:38.0574 0x0b60 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:56:38.0662 0x0b60 AeLookupSvc - ok
09:56:38.0739 0x0b60 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
09:56:38.0815 0x0b60 AFD - ok
09:56:38.0868 0x0b60 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
09:56:38.0874 0x0b60 agp440 - ok
09:56:38.0892 0x0b60 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
09:56:38.0933 0x0b60 ALG - ok
09:56:38.0978 0x0b60 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
09:56:38.0982 0x0b60 aliide - ok
09:56:39.0013 0x0b60 [ 66B54471B5856E314947881E28263A6D, 2D60706B52A2CE98FF806337D62CD010C1DEB2AEDDF899C7B67173928B2D7C4C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
09:56:39.0061 0x0b60 AMD External Events Utility - ok
09:56:39.0064 0x0b60 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
09:56:39.0069 0x0b60 amdide - ok
09:56:39.0101 0x0b60 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
09:56:39.0144 0x0b60 AmdK8 - ok
09:56:39.0643 0x0b60 [ FBB35875FEFE53D4280259842069ED72, B1A1B5799A6C50C244182CD201A1E9FCB7BE3B5ED4BB2E2E6BCF8E1BF53B75DB ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
09:56:39.0890 0x0b60 amdkmdag - ok
09:56:39.0954 0x0b60 [ A32BCAD9377E3B75D034CAFBA463A0AE, F504895D9C9CD1B4607806BCAF15A1CBFBAC2E5824903277A1350C9F35045602 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
09:56:39.0981 0x0b60 amdkmdap - ok
09:56:40.0007 0x0b60 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
09:56:40.0042 0x0b60 AmdPPM - ok
09:56:40.0118 0x0b60 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:56:40.0125 0x0b60 amdsata - ok
09:56:40.0157 0x0b60 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
09:56:40.0165 0x0b60 amdsbs - ok
09:56:40.0174 0x0b60 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:56:40.0178 0x0b60 amdxata - ok
09:56:40.0260 0x0b60 [ 4D282B9C5BB05DF92C9F3977DFB9F916, E6D49ED0D5FA26F2936FC97A0F1DFA38D1066AAF2EEFCE2931AF21B2CBE54CAD ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
09:56:40.0311 0x0b60 AntiVirSchedulerService - ok
09:56:40.0364 0x0b60 [ 65AF41A7A2C5B6693E1B4164E7632C3E, BA1DC45D7BB5307BD418D2BDFDBD1DD593439245A0A3F65FE6287F6F5198B999 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
09:56:40.0372 0x0b60 AntiVirService - ok
09:56:40.0417 0x0b60 [ 3D15C6EDBF84D792ACEBD2289546DBAF, 8E9199028CF4599CE362836CAD4DEC1E033F10335377280A4268E14D0201B1EB ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
09:56:40.0440 0x0b60 AntiVirWebService - ok
09:56:40.0490 0x0b60 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
09:56:40.0619 0x0b60 AppID - ok
09:56:40.0640 0x0b60 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:56:40.0678 0x0b60 AppIDSvc - ok
09:56:40.0707 0x0b60 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
09:56:40.0741 0x0b60 Appinfo - ok
09:56:40.0774 0x0b60 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
09:56:40.0781 0x0b60 arc - ok
09:56:40.0789 0x0b60 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
09:56:40.0796 0x0b60 arcsas - ok
09:56:41.0057 0x0b60 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:56:41.0112 0x0b60 aspnet_state - ok
09:56:41.0138 0x0b60 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:56:41.0181 0x0b60 AsyncMac - ok
09:56:41.0233 0x0b60 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
09:56:41.0237 0x0b60 atapi - ok
09:56:41.0321 0x0b60 [ C22D4905DDDF73EB0349D3B0604234A2, F86220290663FA95F3D8181D41F9D105634A62D50856BCEB174B9675F8DD7669 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
09:56:41.0365 0x0b60 AtiHDAudioService - ok
09:56:41.0391 0x0b60 [ 38467FF83C2B4265D51F418812A91E3C, 93F3C16E3B97EDBE7315CC9B9008D2B77D658EBFF14ECB184D521373E0B193D0 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
09:56:41.0398 0x0b60 AtiHdmiService - ok
09:56:41.0467 0x0b60 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:56:41.0524 0x0b60 AudioEndpointBuilder - ok
09:56:41.0538 0x0b60 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:56:41.0565 0x0b60 AudioSrv - ok
09:56:41.0622 0x0b60 [ 7806BFCD1D7FA5EC23F7324D4EAFD25B, 4EDFD9DE520728AF6578BED0054ED6A4976A7F020F3329EA6681D6E361D9DB2D ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
09:56:41.0628 0x0b60 avgntflt - ok
09:56:41.0691 0x0b60 [ C3A58DBD18786C338126D30BF8C33D72, 4DF4D37AB5139548C2DA4B4C8D6B933A7F4ED001BCA089EFBC8C57EEDE8785A6 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
09:56:41.0698 0x0b60 avipbb - ok
09:56:41.0722 0x0b60 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
09:56:41.0727 0x0b60 avkmgr - ok
09:56:41.0766 0x0b60 [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject C:\Windows\system32\drivers\avmeject.sys
09:56:41.0771 0x0b60 avmeject - ok
09:56:41.0822 0x0b60 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:56:41.0884 0x0b60 AxInstSV - ok
09:56:41.0922 0x0b60 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
09:56:41.0964 0x0b60 b06bdrv - ok
09:56:41.0993 0x0b60 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:56:42.0014 0x0b60 b57nd60a - ok
09:56:42.0052 0x0b60 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
09:56:42.0140 0x0b60 BDESVC - ok
09:56:42.0148 0x0b60 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
09:56:42.0187 0x0b60 Beep - ok
09:56:42.0278 0x0b60 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
09:56:42.0342 0x0b60 BFE - ok
09:56:42.0404 0x0b60 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
09:56:42.0455 0x0b60 BITS - ok
09:56:42.0482 0x0b60 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:56:42.0500 0x0b60 blbdrive - ok
09:56:42.0535 0x0b60 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:56:42.0570 0x0b60 bowser - ok
09:56:42.0585 0x0b60 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:56:42.0652 0x0b60 BrFiltLo - ok
09:56:42.0663 0x0b60 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:56:42.0671 0x0b60 BrFiltUp - ok
09:56:42.0717 0x0b60 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
09:56:42.0738 0x0b60 Browser - ok
09:56:42.0760 0x0b60 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:56:42.0798 0x0b60 Brserid - ok
09:56:42.0805 0x0b60 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:56:42.0823 0x0b60 BrSerWdm - ok
09:56:42.0833 0x0b60 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:56:42.0865 0x0b60 BrUsbMdm - ok
09:56:42.0876 0x0b60 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:56:42.0882 0x0b60 BrUsbSer - ok
09:56:42.0891 0x0b60 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
09:56:42.0914 0x0b60 BTHMODEM - ok
09:56:42.0951 0x0b60 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
09:56:42.0999 0x0b60 bthserv - ok
09:56:43.0015 0x0b60 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:56:43.0034 0x0b60 cdfs - ok
09:56:43.0079 0x0b60 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:56:43.0120 0x0b60 cdrom - ok
09:56:43.0172 0x0b60 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
09:56:43.0192 0x0b60 CertPropSvc - ok
09:56:43.0203 0x0b60 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:56:43.0211 0x0b60 circlass - ok
09:56:43.0233 0x0b60 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
09:56:43.0244 0x0b60 CLFS - ok
09:56:43.0289 0x0b60 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:56:43.0296 0x0b60 clr_optimization_v2.0.50727_32 - ok
09:56:43.0319 0x0b60 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:56:43.0328 0x0b60 clr_optimization_v2.0.50727_64 - ok
09:56:43.0405 0x0b60 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:56:43.0467 0x0b60 clr_optimization_v4.0.30319_32 - ok
09:56:43.0500 0x0b60 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:56:43.0510 0x0b60 clr_optimization_v4.0.30319_64 - ok
09:56:43.0557 0x0b60 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:56:43.0578 0x0b60 CmBatt - ok
09:56:43.0623 0x0b60 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:56:43.0628 0x0b60 cmdide - ok
09:56:43.0805 0x0b60 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
09:56:43.0839 0x0b60 CNG - ok
09:56:43.0844 0x0b60 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:56:43.0849 0x0b60 Compbatt - ok
09:56:43.0898 0x0b60 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:56:43.0937 0x0b60 CompositeBus - ok
09:56:43.0954 0x0b60 COMSysApp - ok
09:56:43.0962 0x0b60 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
09:56:43.0968 0x0b60 crcdisk - ok
09:56:44.0007 0x0b60 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:56:44.0045 0x0b60 CryptSvc - ok
09:56:44.0413 0x0b60 [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
09:56:44.0457 0x0b60 cvhsvc - ok
09:56:44.0514 0x0b60 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:56:44.0555 0x0b60 DcomLaunch - ok
09:56:44.0587 0x0b60 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
09:56:44.0625 0x0b60 defragsvc - ok
09:56:44.0668 0x0b60 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:56:44.0701 0x0b60 DfsC - ok
09:56:44.0768 0x0b60 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
09:56:44.0775 0x0b60 dg_ssudbus - ok
09:56:44.0799 0x0b60 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
09:56:44.0840 0x0b60 Dhcp - ok
09:56:44.0871 0x0b60 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
09:56:44.0889 0x0b60 discache - ok
09:56:44.0919 0x0b60 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
09:56:44.0925 0x0b60 Disk - ok
09:56:44.0954 0x0b60 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:56:44.0980 0x0b60 Dnscache - ok
09:56:45.0029 0x0b60 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
09:56:45.0052 0x0b60 dot3svc - ok
09:56:45.0105 0x0b60 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
09:56:45.0142 0x0b60 DPS - ok
09:56:45.0218 0x0b60 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:56:45.0260 0x0b60 drmkaud - ok
09:56:45.0317 0x0b60 [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
09:56:45.0324 0x0b60 dtsoftbus01 - ok
09:56:45.0444 0x0b60 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:56:45.0462 0x0b60 DXGKrnl - ok
09:56:45.0503 0x0b60 [ 761B9EDD97A021AA1922501B7A056635, 5F2BD5B086B3E0E3B11237152E0F3CE6D1CC0F927EC72808D59C4CCC9187A6D0 ] e1yexpress C:\Windows\system32\DRIVERS\e1y62x64.sys
09:56:45.0515 0x0b60 e1yexpress - ok
09:56:45.0538 0x0b60 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
09:56:45.0558 0x0b60 EapHost - ok
09:56:45.0646 0x0b60 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
09:56:45.0781 0x0b60 ebdrv - ok
09:56:45.0830 0x0b60 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe
09:56:45.0863 0x0b60 EFS - ok
09:56:45.0938 0x0b60 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:56:45.0984 0x0b60 ehRecvr - ok
09:56:46.0005 0x0b60 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
09:56:46.0038 0x0b60 ehSched - ok
09:56:46.0078 0x0b60 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
09:56:46.0092 0x0b60 elxstor - ok
09:56:46.0128 0x0b60 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:56:46.0166 0x0b60 ErrDev - ok
09:56:46.0205 0x0b60 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
09:56:46.0242 0x0b60 EventSystem - ok
09:56:46.0262 0x0b60 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
09:56:46.0284 0x0b60 exfat - ok
09:56:46.0297 0x0b60 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:56:46.0331 0x0b60 fastfat - ok
09:56:46.0382 0x0b60 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
09:56:46.0417 0x0b60 Fax - ok
09:56:46.0430 0x0b60 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:56:46.0437 0x0b60 fdc - ok
09:56:46.0446 0x0b60 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
09:56:46.0475 0x0b60 fdPHost - ok
09:56:46.0488 0x0b60 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
09:56:46.0510 0x0b60 FDResPub - ok
09:56:46.0524 0x0b60 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:56:46.0530 0x0b60 FileInfo - ok
09:56:46.0538 0x0b60 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:56:46.0572 0x0b60 Filetrace - ok
09:56:46.0587 0x0b60 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:56:46.0594 0x0b60 flpydisk - ok
09:56:46.0642 0x0b60 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:56:46.0652 0x0b60 FltMgr - ok
09:56:46.0799 0x0b60 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
09:56:46.0853 0x0b60 FontCache - ok
09:56:46.0917 0x0b60 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:56:46.0923 0x0b60 FontCache3.0.0.0 - ok
09:56:46.0935 0x0b60 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:56:46.0941 0x0b60 FsDepends - ok
09:56:46.0978 0x0b60 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:56:46.0983 0x0b60 Fs_Rec - ok
09:56:47.0042 0x0b60 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:56:47.0053 0x0b60 fvevol - ok
09:56:47.0108 0x0b60 [ 444534CBA693DD23C1CC589681E01656, DF8ED7FFA66E0A88EBB58A491A177D8CEB35B08B0911D7A1F4B8865755DC27CE ] FWLANUSB C:\Windows\system32\DRIVERS\fwlanusb.sys
09:56:47.0148 0x0b60 FWLANUSB - ok
09:56:47.0164 0x0b60 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
09:56:47.0171 0x0b60 gagp30kx - ok
09:56:47.0184 0x0b60 [ 7508FCFB8D93556213F530DFFAEDEC45, F43214963DC9B6F11FDFE772CBF4C6388868A31178D24D22309ED9AC2695D3FD ] GearAspiWDM C:\Windows\system32\drivers\GEARAspiWDM.sys
09:56:47.0188 0x0b60 GearAspiWDM - ok
09:56:47.0253 0x0b60 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
09:56:47.0294 0x0b60 gpsvc - ok
09:56:47.0381 0x0b60 [ 816FD5A6F3C2F3D600900096632FC60E, D92401C4B56663F8A12B6390562608A125713408B00266C53844129679E48E9C ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
09:56:47.0400 0x0b60 Greg_Service - ok
09:56:47.0522 0x0b60 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:56:47.0527 0x0b60 gupdate - ok
09:56:47.0542 0x0b60 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:56:47.0547 0x0b60 gupdatem - ok
09:56:47.0612 0x0b60 [ 98405343D7DCD330FE1B08C8F4C3900C, 31D086E2A7B9209A6CEAAFF1E2B4371C11C5455267138E4F2D43FC758BB6165B ] HCW85BDA C:\Windows\system32\drivers\HCW85BDA.sys
09:56:47.0690 0x0b60 HCW85BDA - ok
09:56:47.0704 0x0b60 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:56:47.0757 0x0b60 hcw85cir - ok
09:56:47.0830 0x0b60 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:56:47.0863 0x0b60 HdAudAddService - ok
09:56:47.0893 0x0b60 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:56:47.0913 0x0b60 HDAudBus - ok
09:56:47.0929 0x0b60 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
09:56:47.0946 0x0b60 HidBatt - ok
09:56:47.0963 0x0b60 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
09:56:47.0983 0x0b60 HidBth - ok
09:56:47.0996 0x0b60 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:56:48.0013 0x0b60 HidIr - ok
09:56:48.0039 0x0b60 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
09:56:48.0073 0x0b60 hidserv - ok
09:56:48.0121 0x0b60 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:56:48.0134 0x0b60 HidUsb - ok
09:56:48.0181 0x0b60 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:56:48.0203 0x0b60 hkmsvc - ok
09:56:48.0264 0x0b60 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:56:48.0287 0x0b60 HomeGroupListener - ok
09:56:48.0326 0x0b60 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:56:48.0349 0x0b60 HomeGroupProvider - ok
09:56:48.0392 0x0b60 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:56:48.0398 0x0b60 HpSAMD - ok
09:56:48.0463 0x0b60 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:56:48.0505 0x0b60 HTTP - ok
09:56:48.0540 0x0b60 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:56:48.0545 0x0b60 hwpolicy - ok
09:56:48.0570 0x0b60 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:56:48.0577 0x0b60 i8042prt - ok
09:56:48.0636 0x0b60 [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
09:56:48.0644 0x0b60 IAANTMON - ok
09:56:48.0681 0x0b60 [ 1D004CB1DA6323B1F55CAEF7F94B61D9, 8FFFB429BA46938724BBB87AB9B3EC77EA17C4B893BABDBDD38309F02963D405 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
09:56:48.0692 0x0b60 iaStor - ok
09:56:48.0711 0x0b60 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:56:48.0723 0x0b60 iaStorV - ok
09:56:48.0780 0x0b60 [ D9A9FFC89F61CAD4AD9EF31FBB17E634, F81184889B30DA8947F22A9C9ED5C542295ED70F0A1C27D1C91BAC21F4BCD987 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
09:56:48.0787 0x0b60 ICCS - ok
09:56:48.0853 0x0b60 [ 55004F2386405B28471E09C2373ED0E0, 4B706A725EC17650CCFE0D0D944FC187B4C943D8241B847F2B8C65A3A1145885 ] ICCWDT C:\Windows\system32\DRIVERS\ICCWDT.sys
09:56:48.0858 0x0b60 ICCWDT - ok
09:56:48.0902 0x0b60 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
09:56:48.0916 0x0b60 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
09:56:51.0636 0x0b60 Detect skipped due to KSN trusted
09:56:51.0636 0x0b60 IDriverT - ok
09:56:51.0728 0x0b60 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:56:51.0749 0x0b60 idsvc - ok
09:56:51.0789 0x0b60 IEEtwCollectorService - ok
09:56:52.0213 0x0b60 [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
09:56:52.0382 0x0b60 igfx - ok
09:56:52.0405 0x0b60 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
09:56:52.0410 0x0b60 iirsp - ok
09:56:52.0469 0x0b60 [ 39F3C7E218CE9118106D166F09AE1352, B78ADFC87AACF868D62A7FB0971B8786C1315A9B4D34D3E3159AD3F24D78AD62 ] ikbevent C:\Windows\system32\DRIVERS\ikbevent.sys
09:56:52.0473 0x0b60 ikbevent - ok
09:56:52.0628 0x0b60 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
09:56:52.0682 0x0b60 IKEEXT - ok
09:56:52.0705 0x0b60 [ 404906005D768E48BF16218B420249C7, 78409A077F244FCAC806180384C240F3BB1FF7ECF02EDB5E5D3188F458AB23D1 ] imsevent C:\Windows\system32\DRIVERS\imsevent.sys
09:56:52.0710 0x0b60 imsevent - ok
09:56:52.0731 0x0b60 [ 3F2BB021CB280880F8C1B7A6FEF9B447, CEC0BF9D6C9CF6E6A9F9B4E656BD47208AC977EDDC11C1C3BCD07EB50BABC017 ] INETMON C:\Windows\System32\Drivers\INETMON.sys
09:56:52.0736 0x0b60 INETMON - ok
09:56:52.0857 0x0b60 [ E9740A3BC0AE6EA035FF7ECE3A1B27B6, 4CA3E094B0057E143955DE5D41C3344688B6D2C4FFC0417235FF46312B600F99 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:56:52.0908 0x0b60 IntcAzAudAddService - ok
09:56:53.0161 0x0b60 [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
09:56:53.0204 0x0b60 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
09:56:55.0869 0x0b60 Detect skipped due to KSN trusted
09:56:55.0869 0x0b60 Intel(R) Capability Licensing Service Interface - ok
09:56:56.0039 0x0b60 [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
09:56:56.0115 0x0b60 Intel(R) Capability Licensing Service TCP IP Interface - ok
09:56:56.0175 0x0b60 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
09:56:56.0192 0x0b60 intelide - ok
09:56:56.0228 0x0b60 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:56:56.0257 0x0b60 intelppm - ok
09:56:56.0350 0x0b60 [ 94E0CB0750C3E09E34257A4BEA582EED, BE6B3F1AEA73AADFCF36BB950D1F6DE1D988280114483615A92DDA1A74D72F76 ] iocbios2 C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys
09:56:56.0368 0x0b60 iocbios2 - ok
09:56:56.0397 0x0b60 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:56:56.0432 0x0b60 IPBusEnum - ok
09:56:56.0470 0x0b60 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:56:56.0531 0x0b60 IpFilterDriver - ok
09:56:56.0567 0x0b60 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:56:56.0616 0x0b60 iphlpsvc - ok
09:56:56.0659 0x0b60 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:56:56.0680 0x0b60 IPMIDRV - ok
09:56:56.0697 0x0b60 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:56:56.0751 0x0b60 IPNAT - ok
09:56:56.0770 0x0b60 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:56:56.0822 0x0b60 IRENUM - ok
09:56:56.0837 0x0b60 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:56:56.0847 0x0b60 isapnp - ok
09:56:56.0864 0x0b60 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:56:56.0876 0x0b60 iScsiPrt - ok
09:56:56.0919 0x0b60 [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT C:\Windows\system32\DRIVERS\ISCTD64.sys
09:56:56.0937 0x0b60 ISCT - ok
09:56:56.0997 0x0b60 [ 5215D12B13FC2BC7717AA4884846D34F, B97B8FFC6FB212398BF772C08B318411EA70B683B816906F30EF35DEB5B1C130 ] ISCTAgent C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
09:56:57.0015 0x0b60 ISCTAgent - ok
09:56:57.0063 0x0b60 [ 78D369F8A81A341109FBA1DB64B4C512, E584F693255CCBF7006E7D35984149CF599BB0849A8F02EFDD6223DF0D606049 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
09:56:57.0081 0x0b60 iusb3hcs - ok
09:56:57.0103 0x0b60 [ 5B632ABA038CE2E2D5D2D1115C6B26D1, 605A8FFA704E4369CF9D17DF8630DC9E196B8920D47F1CC5151759E60B234C1F ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
09:56:57.0120 0x0b60 iusb3hub - ok
09:56:57.0246 0x0b60 [ EA841584EF59528D11F20355770E427E, 515737761BB2A0A233F4AD141E28D93E3B9789320A15B7D5FB3DB5AC3CD8E249 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
09:56:57.0272 0x0b60 iusb3xhc - ok
09:56:57.0359 0x0b60 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
09:56:57.0385 0x0b60 jhi_service - ok
09:56:57.0402 0x0b60 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:56:57.0411 0x0b60 kbdclass - ok
09:56:57.0474 0x0b60 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:56:57.0494 0x0b60 kbdhid - ok
09:56:57.0508 0x0b60 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe
09:56:57.0518 0x0b60 KeyIso - ok
09:56:57.0576 0x0b60 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:56:57.0600 0x0b60 KSecDD - ok
09:56:57.0611 0x0b60 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:56:57.0622 0x0b60 KSecPkg - ok
09:56:57.0641 0x0b60 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:56:57.0678 0x0b60 ksthunk - ok
09:56:57.0715 0x0b60 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
09:56:57.0751 0x0b60 KtmRm - ok
09:56:57.0815 0x0b60 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:56:57.0893 0x0b60 LanmanServer - ok
09:56:57.0948 0x0b60 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:56:58.0010 0x0b60 LanmanWorkstation - ok
09:56:58.0080 0x0b60 [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
09:56:58.0108 0x0b60 LGBusEnum - ok
09:56:58.0158 0x0b60 [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
09:56:58.0173 0x0b60 LGVirHid - ok
09:56:58.0204 0x0b60 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:56:58.0255 0x0b60 lltdio - ok
09:56:58.0283 0x0b60 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:56:58.0322 0x0b60 lltdsvc - ok
09:56:58.0345 0x0b60 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:56:58.0365 0x0b60 lmhosts - ok
09:56:58.0450 0x0b60 [ 6A35B295812CE7064CFBCD9F254169CF, 561DD131FED6F90686D8C031B45B87B6D065C7E0C8804AEFCDE239725AAEE43E ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:56:58.0474 0x0b60 LMS - ok
09:56:58.0510 0x0b60 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
09:56:58.0520 0x0b60 LSI_FC - ok
09:56:58.0535 0x0b60 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
09:56:58.0545 0x0b60 LSI_SAS - ok
09:56:58.0567 0x0b60 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:56:58.0576 0x0b60 LSI_SAS2 - ok
09:56:58.0583 0x0b60 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:56:58.0594 0x0b60 LSI_SCSI - ok
09:56:58.0607 0x0b60 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
09:56:58.0648 0x0b60 luafv - ok
09:56:58.0720 0x0b60 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:56:58.0751 0x0b60 Mcx2Svc - ok
09:56:58.0779 0x0b60 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
09:56:58.0796 0x0b60 megasas - ok
09:56:58.0817 0x0b60 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
09:56:58.0831 0x0b60 MegaSR - ok
09:56:58.0846 0x0b60 [ 926C135CFB0C75B32FB714B5C0C58FAA, AF627CD125794B69D450D298D5608D357F2C91FB89EBFAA0DA2A0F07C6A304A8 ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
09:56:58.0855 0x0b60 MEIx64 - ok
09:56:58.0865 0x0b60 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
09:56:58.0904 0x0b60 MMCSS - ok
09:56:58.0938 0x0b60 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
09:56:58.0957 0x0b60 Modem - ok
09:56:58.0979 0x0b60 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:56:59.0005 0x0b60 monitor - ok
09:56:59.0088 0x0b60 [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
09:56:59.0102 0x0b60 MotioninJoyXFilter - ok
09:56:59.0116 0x0b60 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:56:59.0122 0x0b60 mouclass - ok
09:56:59.0131 0x0b60 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:56:59.0140 0x0b60 mouhid - ok
09:56:59.0182 0x0b60 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:56:59.0209 0x0b60 mountmgr - ok
09:56:59.0293 0x0b60 [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:56:59.0314 0x0b60 MozillaMaintenance - ok
09:56:59.0354 0x0b60 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
09:56:59.0370 0x0b60 mpio - ok
09:56:59.0419 0x0b60 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:56:59.0465 0x0b60 mpsdrv - ok
09:56:59.0611 0x0b60 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:56:59.0681 0x0b60 MpsSvc - ok
09:56:59.0723 0x0b60 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:56:59.0780 0x0b60 MRxDAV - ok
09:56:59.0807 0x0b60 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:56:59.0862 0x0b60 mrxsmb - ok
09:56:59.0921 0x0b60 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:56:59.0940 0x0b60 mrxsmb10 - ok
09:56:59.0958 0x0b60 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:56:59.0988 0x0b60 mrxsmb20 - ok
09:57:00.0035 0x0b60 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
09:57:00.0056 0x0b60 msahci - ok
09:57:00.0086 0x0b60 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:57:00.0098 0x0b60 msdsm - ok
09:57:00.0115 0x0b60 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
09:57:00.0154 0x0b60 MSDTC - ok
09:57:00.0187 0x0b60 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:57:00.0212 0x0b60 Msfs - ok
09:57:00.0370 0x0b60 [ A67125BDB2C0120E459FE77F0078E2B3, 8576ACDBAACC6DA3284B8BBBCEED4B18B689EB2875E0BB674EEF00FFBAE5548E ] MsgPlusService C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
09:57:00.0385 0x0b60 MsgPlusService - detected UnsignedFile.Multi.Generic ( 1 )
09:57:03.0135 0x0b60 Detect skipped due to KSN trusted
09:57:03.0135 0x0b60 MsgPlusService - ok
09:57:03.0168 0x0b60 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:57:03.0206 0x0b60 mshidkmdf - ok
09:57:03.0684 0x0b60 [ 9CEBDD8D9E37156A567D33AC97899219, 9A08F7D65C6E1F5B44DBDE66406815597D921D697FAF2013FAB0FAA5572FF6A2 ] MSIBIOSData_CC C:\Program Files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe
09:57:03.0781 0x0b60 MSIBIOSData_CC - detected UnsignedFile.Multi.Generic ( 1 )
09:57:06.0426 0x0b60 Detect skipped due to KSN trusted
09:57:06.0426 0x0b60 MSIBIOSData_CC - ok
09:57:06.0499 0x0b60 [ CF9F2C29EBD7611B2FA8B703D5FC79D6, 05DF592BE0FA7369CCB5F4628B994949C53BE113DE2052EE85A83FAAA6E59282 ] MSIClock_CC C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe
09:57:06.0518 0x0b60 MSIClock_CC - detected UnsignedFile.Multi.Generic ( 1 )
09:57:09.0396 0x0b60 MSIClock_CC ( UnsignedFile.Multi.Generic ) - warning
09:57:09.0396 0x0b60 Force sending object to P2P due to detect: C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe
09:57:12.0145 0x0b60 Object send P2P result: true
09:57:14.0913 0x0b60 [ CE903E18B2E1B2DB62A461787240429E, 7543C440167B5632F85BFD0A514AC514DF0B452264DC473788F744816ED24161 ] MSICOMM_CC C:\Program Files (x86)\MSI\CommandCenter\MSICommService.exe
09:57:15.0019 0x0b60 MSICOMM_CC - detected UnsignedFile.Multi.Generic ( 1 )
09:57:17.0654 0x0b60 MSICOMM_CC ( UnsignedFile.Multi.Generic ) - warning
09:57:20.0476 0x0b60 [ 5F19B14DCD0F5DBFEF778F3EA3026A1E, 2FA2B530D7DFCD670327A5A6E7AEA8617CBEE9764695A1DDB53923EEEB08CF80 ] MSICPU_CC C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe
09:57:20.0684 0x0b60 MSICPU_CC - detected UnsignedFile.Multi.Generic ( 1 )
09:57:23.0413 0x0b60 MSICPU_CC ( UnsignedFile.Multi.Generic ) - warning
09:57:26.0162 0x0b60 [ 4FB55D77B2A96921D0AB7E3DAEE8AD83, 0E363E56A16A7546403541FD6823A03F587D04B7AE09B6FE59157050022A66F2 ] MSICTL_CC C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe
09:57:26.0241 0x0b60 MSICTL_CC - detected UnsignedFile.Multi.Generic ( 1 )
09:57:28.0879 0x0b60 MSICTL_CC ( UnsignedFile.Multi.Generic ) - warning
09:57:31.0763 0x0b60 [ DEC52680ED6728A3CD5191674B6CC7B4, 94413B41510BD7C7226EA587303EC3320D68847FCDC30A59F48A69EAE387A1B6 ] MSIDDR_CC C:\Program Files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe
09:57:31.0864 0x0b60 MSIDDR_CC - detected UnsignedFile.Multi.Generic ( 1 )
09:57:34.0596 0x0b60 MSIDDR_CC ( UnsignedFile.Multi.Generic ) - warning
09:57:49.0328 0x0b60 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:57:49.0334 0x0b60 msisadrv - ok
09:57:49.0459 0x0b60 [ C41A29D2EEF3390877558D07D74DB2CE, FB181712DE192F2AADAE1070DA3AA73B7B7602E8B74E0C4EB1D9E13C45AACD3A ] MSISaveLoad_CC C:\Program Files (x86)\MSI\CommandCenter\MSISaveLoadService.exe
09:57:49.0605 0x0b60 MSISaveLoad_CC - detected UnsignedFile.Multi.Generic ( 1 )
09:57:52.0335 0x0b60 Detect skipped due to KSN trusted
09:57:52.0336 0x0b60 MSISaveLoad_CC - ok
09:57:52.0398 0x0b60 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:57:52.0442 0x0b60 MSiSCSI - ok
09:57:52.0444 0x0b60 msiserver - ok
09:57:52.0495 0x0b60 [ 23D3D2BAF2686E8C25EFD1AD8DDF2E42, DAD5F4055533334D7D242BF2D2BF6FAF26FDDAB1BBACE90D04EE03B334374297 ] MSISMB_CC C:\Program Files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe
09:57:52.0513 0x0b60 MSISMB_CC - detected UnsignedFile.Multi.Generic ( 1 )
09:57:55.0152 0x0b60 MSISMB_CC ( UnsignedFile.Multi.Generic ) - warning
09:57:57.0881 0x0b60 [ 9025C16F6AE806FB34EB333FF3A31C66, 282CCA3385463F412B28E651E1FFBEB6DF646E32958E95F5F11293DDBE41FEC8 ] MSISuperIO_CC C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe
09:57:57.0896 0x0b60 MSISuperIO_CC - detected UnsignedFile.Multi.Generic ( 1 )
09:58:00.0557 0x0b60 MSISuperIO_CC ( UnsignedFile.Multi.Generic ) - warning
09:58:03.0276 0x0b60 [ 580CFFAC7E0A0FFB34B4A755653BF31A, A958AD4BF12603D6CA31F12C1C0443176BDC5A614F3653575F7F42AEB079C03F ] MSIWMI_CC C:\Program Files (x86)\MSI\CommandCenter\MSIWMIService.exe
09:58:03.0283 0x0b60 MSIWMI_CC - detected UnsignedFile.Multi.Generic ( 1 )
09:58:06.0010 0x0b60 Detect skipped due to KSN trusted
09:58:06.0010 0x0b60 MSIWMI_CC - ok
09:58:06.0118 0x0b60 [ C92F541E27885AF79DA641418E74672D, FDC4543A3DA3394DEAB8D8A5FF9298427CF06E8E385294BB8D25216DD1887EBD ] MSI_SuperCharger C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
09:58:06.0127 0x0b60 MSI_SuperCharger - ok
09:58:06.0158 0x0b60 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:58:06.0201 0x0b60 MSKSSRV - ok
09:58:06.0216 0x0b60 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:58:06.0254 0x0b60 MSPCLOCK - ok
09:58:06.0266 0x0b60 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:58:06.0306 0x0b60 MSPQM - ok
09:58:06.0356 0x0b60 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:58:06.0371 0x0b60 MsRPC - ok
09:58:06.0383 0x0b60 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:58:06.0390 0x0b60 mssmbios - ok
09:58:06.0400 0x0b60 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:58:06.0428 0x0b60 MSTEE - ok
09:58:06.0441 0x0b60 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
09:58:06.0450 0x0b60 MTConfig - ok
09:58:06.0466 0x0b60 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
09:58:06.0474 0x0b60 Mup - ok
09:58:06.0502 0x0b60 [ 6FFECC25B39DC7652A0CEC0ADA9DB589, 927EF066CBBA8353149F8C3B7C4299AC06FED439DA874D25CFB583E5912611A2 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
09:58:06.0507 0x0b60 mwlPSDFilter - ok
09:58:06.0517 0x0b60 [ 0BEFE32CA56D6EE89D58175725596A85, E36B9E6159AF7F67D549F7178896CCCB8FC3964531B1DA20CBDD465E632D8FCF ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
09:58:06.0522 0x0b60 mwlPSDNServ - ok
09:58:06.0529 0x0b60 [ D43BC633B8660463E446E28E14A51262, C55F235B5E08FAC6D70B0FAC737D714E318A93F8E43FF8095B86A76559AF211D ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
09:58:06.0535 0x0b60 mwlPSDVDisk - ok
09:58:06.0585 0x0b60 [ 0F5FAAC852DB4C340B7A2F187E3358B8, 859A077C03AA244918F3E7BF7A63BD422C1C085EEDEE2C25FE4BC068E5D72484 ] MWLService C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
09:58:06.0595 0x0b60 MWLService - ok
09:58:06.0638 0x0b60 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
09:58:06.0690 0x0b60 napagent - ok
09:58:06.0735 0x0b60 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:58:06.0767 0x0b60 NativeWifiP - ok
09:58:06.0835 0x0b60 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
09:58:06.0860 0x0b60 NDIS - ok
09:58:06.0884 0x0b60 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:58:06.0923 0x0b60 NdisCap - ok
09:58:06.0941 0x0b60 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:58:06.0979 0x0b60 NdisTapi - ok
09:58:07.0043 0x0b60 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:58:07.0072 0x0b60 Ndisuio - ok
09:58:07.0127 0x0b60 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:58:07.0174 0x0b60 NdisWan - ok
09:58:07.0224 0x0b60 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:58:07.0265 0x0b60 NDProxy - ok
09:58:07.0347 0x0b60 [ B90E093E7A7250906F1054418B5339C0, F9A0BAC5B4B29F14B5CACA1047F8928A495EFD56E485492BF71C856B296476D6 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
09:58:07.0381 0x0b60 Nero BackItUp Scheduler 4.0 - ok
09:58:07.0398 0x0b60 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:58:07.0443 0x0b60 NetBIOS - ok
09:58:07.0492 0x0b60 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:58:07.0536 0x0b60 NetBT - ok
09:58:07.0575 0x0b60 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe
09:58:07.0582 0x0b60 Netlogon - ok
09:58:07.0651 0x0b60 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
09:58:07.0703 0x0b60 Netman - ok
09:58:07.0806 0x0b60 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:58:07.0817 0x0b60 NetMsmqActivator - ok
09:58:07.0833 0x0b60 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:58:07.0843 0x0b60 NetPipeActivator - ok
09:58:07.0866 0x0b60 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
09:58:07.0913 0x0b60 netprofm - ok
09:58:07.0919 0x0b60 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:58:07.0929 0x0b60 NetTcpActivator - ok
09:58:07.0935 0x0b60 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:58:07.0945 0x0b60 NetTcpPortSharing - ok
09:58:07.0988 0x0b60 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
09:58:07.0995 0x0b60 nfrd960 - ok
09:58:08.0009 0x0b60 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:58:08.0041 0x0b60 NlaSvc - ok
09:58:08.0068 0x0b60 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:58:08.0096 0x0b60 Npfs - ok
09:58:08.0138 0x0b60 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
09:58:08.0178 0x0b60 nsi - ok
09:58:08.0222 0x0b60 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:58:08.0265 0x0b60 nsiproxy - ok
09:58:08.0351 0x0b60 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:58:08.0415 0x0b60 Ntfs - ok
09:58:08.0460 0x0b60 [ BD691091AC7D9713D8F0B07C6B099E6C, 4A69ED227CCBBCB76F78078CEE42506A875759FFB519CB9C40173EF8ACD6D6D2 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
09:58:08.0466 0x0b60 NTI IScheduleSvc - ok
09:58:08.0477 0x0b60 [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
09:58:08.0482 0x0b60 NTIDrvr - ok
09:58:08.0536 0x0b60 [ 23CF3DA010497EB2BF39A5C5A57E437C, 39CFDE7D401EFCE4F550E0A9461F5FC4D71FA07235E1336E4F0B4882BD76550E ] NTIOLib_1_0_3 C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys
09:58:08.0541 0x0b60 NTIOLib_1_0_3 - ok
09:58:08.0614 0x0b60 [ 1B32C54B95121AB1683C7B83B2DB4B96, 99F4994A0E5BD1BF6E3F637D3225C69FF4CD620557E23637533E7F18D7D6CBA1 ] NTIOLib_1_0_4 C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys
09:58:08.0621 0x0b60 NTIOLib_1_0_4 - ok
09:58:08.0638 0x0b60 NTIOLib_1_0_C - ok
09:58:08.0663 0x0b60 NTIOLib_1_1_S - ok
09:58:08.0671 0x0b60 NTIOLib_FastBoot - ok
09:58:08.0682 0x0b60 [ 95E4C7B0384DA89DCE8EA6F31C3613D9, CF4B5FA853CE809F1924DF3A3AE3C4E191878C4EA5248D8785DC7E51807A512B ] NTIOLib_MSIClock_CC C:\Program Files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys
09:58:08.0688 0x0b60 NTIOLib_MSIClock_CC - ok
09:58:08.0696 0x0b60 [ A711E6AB17802FABF2E69E0CD57C54CD, A9706E320179993DADE519A83061477ACE195DAA1B788662825484813001F526 ] NTIOLib_MSICOMM_CC C:\Program Files (x86)\MSI\CommandCenter\NTIOLib_X64.sys
09:58:08.0702 0x0b60 NTIOLib_MSICOMM_CC - ok
09:58:08.0744 0x0b60 [ E9A30EDEF1105B8A64218F892B2E56ED, E83908EBA2501A00EF9E74E7D1C8B4FF1279F1CD6051707FD51824F87E4378FA ] NTIOLib_MSICPU_CC C:\Program Files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys
09:58:08.0750 0x0b60 NTIOLib_MSICPU_CC - ok
09:58:08.0765 0x0b60 [ 6CCE5BB9C8C2A8293DF2D3B1897941A2, 9254F012009D55F555418FF85F7D93B184AB7CB0E37AECDFDAB62CFE94DEA96B ] NTIOLib_MSIDDR_CC C:\Program Files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys
09:58:08.0770 0x0b60 NTIOLib_MSIDDR_CC - ok
09:58:08.0783 0x0b60 [ 68DDE686D6999AD2E5D182B20403240B, 591BD5E92DFA0117B3DAA29750E73E2DB25BAA717C31217539D30FFB1F7F3A52 ] NTIOLib_MSIRatio_CC C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys
09:58:08.0788 0x0b60 NTIOLib_MSIRatio_CC - ok
09:58:08.0801 0x0b60 [ 3DBF69F935EA48571EA6B0F5A2878896, E005E8D183E853A27AD3BB56F25489F369C11B0D47E3D4095AAD9291B3343BF1 ] NTIOLib_MSISMB_CC C:\Program Files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys
09:58:08.0806 0x0b60 NTIOLib_MSISMB_CC - ok
09:58:08.0834 0x0b60 [ DD04CD3DE0C19BEDE84E9C95A86B3CA8, CD4A249C3EF65AF285D0F8F30A8A96E83688486AAB515836318A2559757A89BB ] NTIOLib_MSISuperIO_CC C:\Program Files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys
09:58:08.0839 0x0b60 NTIOLib_MSISuperIO_CC - ok
09:58:08.0841 0x0b60 NTIOLib_SuiteComCen - ok
09:58:08.0843 0x0b60 NTIOLib_SuiteFB - ok
09:58:08.0847 0x0b60 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
09:58:08.0888 0x0b60 Null - ok
09:58:08.0947 0x0b60 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:58:08.0957 0x0b60 nvraid - ok
09:58:08.0974 0x0b60 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:58:08.0984 0x0b60 nvstor - ok
09:58:09.0005 0x0b60 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:58:09.0016 0x0b60 nv_agp - ok
09:58:09.0073 0x0b60 [ 1F0E05DFF4F5A833168E49BE1256F002, A858267572033C185293B0FD15B2BFDA679D0771A14C0ADF24461B529DBAD8DF ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:58:09.0089 0x0b60 odserv - ok
09:58:09.0150 0x0b60 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:58:09.0159 0x0b60 ohci1394 - ok
09:58:09.0462 0x0b60 [ 3BE73D3CACA24068D015E47AE78B08B4, F417A8BC939435405C7B064FECE6B2A1E3FD6783F5E2EE09142253AEC135B68B ] OnlineStorageService C:\Program Files\Trend Micro SafeSync\hrfscore.exe
09:58:09.0696 0x0b60 OnlineStorageService - ok
09:58:09.0742 0x0b60 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:58:09.0750 0x0b60 ose - ok
09:58:09.0924 0x0b60 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:58:10.0086 0x0b60 osppsvc - ok
09:58:10.0128 0x0b60 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:58:10.0170 0x0b60 p2pimsvc - ok
09:58:10.0190 0x0b60 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
09:58:10.0210 0x0b60 p2psvc - ok
09:58:10.0233 0x0b60 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:58:10.0243 0x0b60 Parport - ok
09:58:10.0286 0x0b60 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:58:10.0295 0x0b60 partmgr - ok
09:58:10.0309 0x0b60 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
09:58:10.0335 0x0b60 PcaSvc - ok
09:58:10.0407 0x0b60 PCDSRVC{1368CD8C-499695F1-06020101}_0 - ok
09:58:10.0409 0x0b60 PCDSRVC{3368CD8C-528FE905-06020101}_0 - ok
09:58:10.0423 0x0b60 PCDSRVC{A368CD8C-0AEEE3CC-06020101}_0 - ok
09:58:10.0432 0x0b60 PCDSRVC{A368CD8C-62FE955B-06020101}_0 - ok
09:58:10.0435 0x0b60 PCDSRVC{F368CD8C-EEA1AE2B-06020101}_0 - ok
09:58:10.0479 0x0b60 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
09:58:10.0489 0x0b60 pci - ok
09:58:10.0534 0x0b60 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
09:58:10.0541 0x0b60 pciide - ok
09:58:10.0554 0x0b60 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:58:10.0566 0x0b60 pcmcia - ok
09:58:10.0577 0x0b60 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
09:58:10.0584 0x0b60 pcw - ok
09:58:10.0610 0x0b60 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:58:10.0667 0x0b60 PEAUTH - ok
09:58:10.0730 0x0b60 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:58:10.0751 0x0b60 PerfHost - ok
09:58:10.0825 0x0b60 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
09:58:10.0911 0x0b60 pla - ok
09:58:10.0955 0x0b60 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:58:10.0991 0x0b60 PlugPlay - ok
09:58:11.0020 0x0b60 PnkBstrA - ok
09:58:11.0027 0x0b60 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:58:11.0049 0x0b60 PNRPAutoReg - ok
09:58:11.0078 0x0b60 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:58:11.0093 0x0b60 PNRPsvc - ok
09:58:11.0129 0x0b60 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:58:11.0182 0x0b60 PolicyAgent - ok
09:58:11.0220 0x0b60 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
09:58:11.0265 0x0b60 Power - ok
09:58:11.0323 0x0b60 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:58:11.0353 0x0b60 PptpMiniport - ok
09:58:11.0378 0x0b60 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
09:58:11.0399 0x0b60 Processor - ok
09:58:11.0446 0x0b60 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
09:58:11.0485 0x0b60 ProfSvc - ok
09:58:11.0531 0x0b60 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
09:58:11.0538 0x0b60 ProtectedStorage - ok
09:58:11.0590 0x0b60 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:58:11.0628 0x0b60 Psched - ok
09:58:11.0687 0x0b60 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
09:58:11.0742 0x0b60 ql2300 - ok
09:58:11.0755 0x0b60 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
09:58:11.0764 0x0b60 ql40xx - ok
09:58:11.0788 0x0b60 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
09:58:11.0821 0x0b60 QWAVE - ok
09:58:11.0838 0x0b60 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:58:11.0859 0x0b60 QWAVEdrv - ok
09:58:11.0873 0x0b60 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:58:11.0902 0x0b60 RasAcd - ok
09:58:11.0933 0x0b60 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:58:11.0961 0x0b60 RasAgileVpn - ok
09:58:11.0975 0x0b60 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
09:58:12.0016 0x0b60 RasAuto - ok
09:58:12.0045 0x0b60 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:58:12.0086 0x0b60 Rasl2tp - ok
09:58:12.0119 0x0b60 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
09:58:12.0164 0x0b60 RasMan - ok
09:58:12.0186 0x0b60 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:58:12.0216 0x0b60 RasPppoe - ok
09:58:12.0230 0x0b60 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:58:12.0260 0x0b60 RasSstp - ok
09:58:12.0276 0x0b60 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:58:12.0348 0x0b60 rdbss - ok
09:58:12.0367 0x0b60 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:58:12.0378 0x0b60 rdpbus - ok
09:58:12.0396 0x0b60 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:58:12.0423 0x0b60 RDPCDD - ok
09:58:12.0429 0x0b60 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:58:12.0470 0x0b60 RDPENCDD - ok
09:58:12.0492 0x0b60 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:58:12.0519 0x0b60 RDPREFMP - ok
09:58:12.0579 0x0b60 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:58:12.0621 0x0b60 RdpVideoMiniport - ok
09:58:12.0674 0x0b60 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:58:12.0697 0x0b60 RDPWD - ok
09:58:12.0747 0x0b60 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:58:12.0759 0x0b60 rdyboost - ok
09:58:12.0788 0x0b60 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:58:12.0826 0x0b60 RemoteAccess - ok
09:58:12.0852 0x0b60 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:58:12.0895 0x0b60 RemoteRegistry - ok
09:58:12.0917 0x0b60 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:58:12.0965 0x0b60 RpcEptMapper - ok
09:58:12.0979 0x0b60 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
09:58:13.0002 0x0b60 RpcLocator - ok
09:58:13.0057 0x0b60 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
09:58:13.0097 0x0b60 RpcSs - ok
09:58:13.0109 0x0b60 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:58:13.0138 0x0b60 rspndr - ok
09:58:13.0166 0x0b60 [ 68DD0457D18FCCEF7384AE84022F0C86, 82C02EDB30D4FA1145AB1818F9FCE0B73FEB1B94C138B5513794F25FAC85F2CC ] RTL8023x64 C:\Windows\system32\DRIVERS\Rtnic64.sys
09:58:13.0175 0x0b60 RTL8023x64 - ok
09:58:13.0222 0x0b60 [ 130DD683DCC902F47A4AC35201D07E2F, A1E7082D93C170CF5855007B26F96E8F8183B15126D34A9DB16CBF190BD8EF53 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
09:58:13.0244 0x0b60 RTL8167 - ok
09:58:13.0318 0x0b60 [ 7461D3DA1AABB5F703504E958455A900, B77D36E095A476A8191C1771539F20529F82CACF3C945BF55D64C39EEF09D0EA ] RTL8192cu C:\Windows\system32\DRIVERS\RTL8192cu.sys
09:58:13.0341 0x0b60 RTL8192cu - ok
09:58:13.0354 0x0b60 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe
09:58:13.0362 0x0b60 SamSs - ok
09:58:13.0414 0x0b60 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:58:13.0423 0x0b60 sbp2port - ok
09:58:13.0437 0x0b60 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:58:13.0481 0x0b60 SCardSvr - ok
09:58:13.0530 0x0b60 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:58:13.0557 0x0b60 scfilter - ok
09:58:13.0589 0x0b60 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
09:58:13.0656 0x0b60 Schedule - ok
09:58:13.0695 0x0b60 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
09:58:13.0723 0x0b60 SCPolicySvc - ok
09:58:13.0767 0x0b60 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:58:13.0799 0x0b60 SDRSVC - ok
09:58:13.0821 0x0b60 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:58:13.0861 0x0b60 secdrv - ok
09:58:13.0910 0x0b60 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
09:58:13.0938 0x0b60 seclogon - ok
09:58:13.0950 0x0b60 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
09:58:13.0999 0x0b60 SENS - ok
09:58:14.0015 0x0b60 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:58:14.0031 0x0b60 SensrSvc - ok
09:58:14.0043 0x0b60 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:58:14.0051 0x0b60 Serenum - ok
09:58:14.0072 0x0b60 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:58:14.0084 0x0b60 Serial - ok
09:58:14.0116 0x0b60 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
09:58:14.0124 0x0b60 sermouse - ok
09:58:14.0166 0x0b60 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
09:58:14.0214 0x0b60 SessionEnv - ok
09:58:14.0255 0x0b60 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:58:14.0276 0x0b60 sffdisk - ok
09:58:14.0287 0x0b60 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:58:14.0306 0x0b60 sffp_mmc - ok
09:58:14.0322 0x0b60 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:58:14.0343 0x0b60 sffp_sd - ok
09:58:14.0358 0x0b60 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
09:58:14.0366 0x0b60 sfloppy - ok
09:58:14.0445 0x0b60 [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
09:58:14.0467 0x0b60 Sftfs - ok
09:58:14.0529 0x0b60 [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
09:58:14.0546 0x0b60 sftlist - ok
09:58:14.0577 0x0b60 [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
09:58:14.0588 0x0b60 Sftplay - ok
09:58:14.0602 0x0b60 [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
09:58:14.0609 0x0b60 Sftredir - ok
09:58:14.0612 0x0b60 [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
09:58:14.0619 0x0b60 Sftvol - ok
09:58:14.0625 0x0b60 [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
09:58:14.0635 0x0b60 sftvsa - ok
09:58:14.0667 0x0b60 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:58:14.0716 0x0b60 SharedAccess - ok
09:58:14.0752 0x0b60 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:58:14.0789 0x0b60 ShellHWDetection - ok
09:58:14.0800 0x0b60 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:58:14.0808 0x0b60 SiSRaid2 - ok
09:58:14.0822 0x0b60 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
09:58:14.0830 0x0b60 SiSRaid4 - ok
09:58:14.0854 0x0b60 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:58:14.0899 0x0b60 Smb - ok
09:58:14.0934 0x0b60 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:58:14.0958 0x0b60 SNMPTRAP - ok
09:58:14.0978 0x0b60 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
09:58:14.0985 0x0b60 spldr - ok
09:58:15.0049 0x0b60 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
09:58:15.0077 0x0b60 Spooler - ok
09:58:15.0213 0x0b60 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
09:58:15.0376 0x0b60 sppsvc - ok
09:58:15.0391 0x0b60 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:58:15.0436 0x0b60 sppuinotify - ok
09:58:15.0477 0x0b60 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
09:58:15.0519 0x0b60 srv - ok
09:58:15.0536 0x0b60 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:58:15.0568 0x0b60 srv2 - ok
09:58:15.0597 0x0b60 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:58:15.0621 0x0b60 srvnet - ok
09:58:15.0645 0x0b60 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:58:15.0692 0x0b60 SSDPSRV - ok
09:58:15.0706 0x0b60 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:58:15.0736 0x0b60 SstpSvc - ok
09:58:15.0798 0x0b60 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
09:58:15.0809 0x0b60 ssudmdm - ok
09:58:15.0945 0x0b60 [ 706080AD43599D4AB04F1676A3A62CC1, BD9A645163501E2234CAB2B99DB297A634526786D2CDC55FE1C18F5019623E34 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
09:58:16.0075 0x0b60 Steam Client Service - ok
09:58:16.0093 0x0b60 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
09:58:16.0102 0x0b60 stexstor - ok
09:58:16.0167 0x0b60 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
09:58:16.0205 0x0b60 stisvc - ok
09:58:16.0250 0x0b60 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
09:58:16.0257 0x0b60 swenum - ok
09:58:16.0288 0x0b60 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
09:58:16.0341 0x0b60 swprv - ok
09:58:16.0423 0x0b60 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
09:58:16.0514 0x0b60 SysMain - ok
09:58:16.0562 0x0b60 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:58:16.0577 0x0b60 TabletInputService - ok
09:58:16.0644 0x0b60 [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
09:58:16.0652 0x0b60 tap0901 - ok
09:58:16.0681 0x0b60 [ DABC1C08AD2CD6578A1B49C38366110A, D1D4D5ACF2A4847F6E3F35B10658F01E1BA3901436E00BFF09F4871BBC5AFBEB ] tap0901_openvpn_accl C:\Windows\system32\DRIVERS\tap0901_openvpn_accl.sys
09:58:16.0690 0x0b60 tap0901_openvpn_accl - ok
09:58:16.0753 0x0b60 [ BD06799129D17F9BE08E2F6C168BBCF0, B115A49B14E241B4CE03274878A7ACFA9004603A08BD265BD7F75424E5FBB8F4 ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys
09:58:16.0760 0x0b60 taphss6 - ok
09:58:16.0805 0x0b60 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
09:58:16.0849 0x0b60 TapiSrv - ok
09:58:16.0875 0x0b60 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
09:58:16.0904 0x0b60 TBS - ok
09:58:16.0999 0x0b60 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:58:17.0065 0x0b60 Tcpip - ok
09:58:17.0124 0x0b60 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:58:17.0169 0x0b60 TCPIP6 - ok
09:58:17.0211 0x0b60 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:58:17.0239 0x0b60 tcpipreg - ok
09:58:17.0271 0x0b60 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:58:17.0308 0x0b60 TDPIPE - ok
09:58:17.0348 0x0b60 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:58:17.0367 0x0b60 TDTCP - ok
09:58:17.0409 0x0b60 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:58:17.0454 0x0b60 tdx - ok
09:58:17.0507 0x0b60 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
09:58:17.0515 0x0b60 TermDD - ok
09:58:17.0547 0x0b60 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
09:58:17.0597 0x0b60 TermService - ok
09:58:17.0601 0x0b60 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
09:58:17.0622 0x0b60 Themes - ok
09:58:17.0645 0x0b60 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
09:58:17.0674 0x0b60 THREADORDER - ok
09:58:17.0714 0x0b60 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
09:58:17.0763 0x0b60 TrkWks - ok
09:58:17.0841 0x0b60 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:58:17.0882 0x0b60 TrustedInstaller - ok
09:58:17.0922 0x0b60 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:58:17.0940 0x0b60 tssecsrv - ok
09:58:18.0001 0x0b60 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:58:18.0016 0x0b60 TsUsbFlt - ok
09:58:18.0085 0x0b60 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:58:18.0116 0x0b60 tunnel - ok
09:58:18.0136 0x0b60 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
09:58:18.0144 0x0b60 uagp35 - ok
09:58:18.0168 0x0b60 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00, 4646712B3F3AF6188DBCE1A95D92261E8B15E9583FE5DD538EC884F48B51759D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
09:58:18.0174 0x0b60 UBHelper - ok
09:58:18.0195 0x0b60 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:58:18.0231 0x0b60 udfs - ok
09:58:18.0246 0x0b60 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:58:18.0256 0x0b60 UI0Detect - ok
09:58:18.0279 0x0b60 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:58:18.0288 0x0b60 uliagpkx - ok
09:58:18.0324 0x0b60 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
09:58:18.0333 0x0b60 umbus - ok
09:58:18.0352 0x0b60 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
09:58:18.0377 0x0b60 UmPass - ok
09:58:18.0438 0x0b60 [ 70DDE3A86DBEB1D6C3C30AD687B1877A, 2DAE797240DB8F521F1C9D1171524790052E186B060D58A1B102FBFFC80CE48E ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
09:58:18.0448 0x0b60 Updater Service - ok
09:58:18.0467 0x0b60 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
09:58:18.0504 0x0b60 upnphost - ok
09:58:18.0557 0x0b60 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
09:58:18.0582 0x0b60 usbaudio - ok
09:58:18.0620 0x0b60 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:58:18.0640 0x0b60 usbccgp - ok
09:58:18.0692 0x0b60 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:58:18.0714 0x0b60 usbcir - ok
09:58:18.0756 0x0b60 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:58:18.0777 0x0b60 usbehci - ok
09:58:18.0838 0x0b60 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:58:18.0870 0x0b60 usbhub - ok
09:58:18.0909 0x0b60 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:58:18.0923 0x0b60 usbohci - ok
09:58:18.0943 0x0b60 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:58:18.0968 0x0b60 usbprint - ok
09:58:18.0993 0x0b60 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys
09:58:19.0041 0x0b60 usbscan - ok
09:58:19.0101 0x0b60 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:58:19.0160 0x0b60 USBSTOR - ok
09:58:19.0200 0x0b60 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:58:19.0207 0x0b60 usbuhci - ok
09:58:19.0229 0x0b60 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
09:58:19.0258 0x0b60 UxSms - ok
09:58:19.0268 0x0b60 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe
09:58:19.0276 0x0b60 VaultSvc - ok
09:58:19.0302 0x0b60 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:58:19.0309 0x0b60 vdrvroot - ok
09:58:19.0370 0x0b60 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
09:58:19.0421 0x0b60 vds - ok
09:58:19.0440 0x0b60 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:58:19.0451 0x0b60 vga - ok
09:58:19.0463 0x0b60 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
09:58:19.0492 0x0b60 VgaSave - ok
09:58:19.0537 0x0b60 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:58:19.0549 0x0b60 vhdmp - ok
09:58:19.0591 0x0b60 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
09:58:19.0599 0x0b60 viaide - ok
09:58:19.0613 0x0b60 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:58:19.0622 0x0b60 volmgr - ok
09:58:19.0679 0x0b60 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:58:19.0695 0x0b60 volmgrx - ok
09:58:19.0707 0x0b60 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:58:19.0727 0x0b60 volsnap - ok
09:58:19.0755 0x0b60 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
09:58:19.0765 0x0b60 vsmraid - ok
09:58:19.0839 0x0b60 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
09:58:19.0942 0x0b60 VSS - ok
09:58:19.0955 0x0b60 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:58:19.0966 0x0b60 vwifibus - ok
09:58:19.0992 0x0b60 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] VWiFiFlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:58:20.0005 0x0b60 VWiFiFlt - ok
09:58:20.0029 0x0b60 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
09:58:20.0042 0x0b60 vwifimp - ok
09:58:20.0073 0x0b60 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
09:58:20.0123 0x0b60 W32Time - ok
09:58:20.0141 0x0b60 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
09:58:20.0165 0x0b60 WacomPen - ok
09:58:20.0201 0x0b60 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:58:20.0245 0x0b60 WANARP - ok
09:58:20.0271 0x0b60 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:58:20.0300 0x0b60 Wanarpv6 - ok
09:58:20.0377 0x0b60 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
09:58:20.0458 0x0b60 wbengine - ok
09:58:20.0475 0x0b60 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:58:20.0493 0x0b60 WbioSrvc - ok
09:58:20.0512 0x0b60 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:58:20.0534 0x0b60 wcncsvc - ok
09:58:20.0551 0x0b60 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:58:20.0567 0x0b60 WcsPlugInService - ok
09:58:20.0575 0x0b60 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
09:58:20.0582 0x0b60 Wd - ok
09:58:20.0653 0x0b60 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:58:20.0679 0x0b60 Wdf01000 - ok
09:58:20.0696 0x0b60 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:58:20.0774 0x0b60 WdiServiceHost - ok
09:58:20.0778 0x0b60 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:58:20.0792 0x0b60 WdiSystemHost - ok
09:58:20.0833 0x0b60 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
09:58:20.0848 0x0b60 WebClient - ok
09:58:20.0865 0x0b60 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:58:20.0915 0x0b60 Wecsvc - ok
09:58:20.0941 0x0b60 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:58:20.0988 0x0b60 wercplsupport - ok
09:58:21.0032 0x0b60 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
09:58:21.0067 0x0b60 WerSvc - ok
09:58:21.0085 0x0b60 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:58:21.0112 0x0b60 WfpLwf - ok
09:58:21.0126 0x0b60 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:58:21.0134 0x0b60 WIMMount - ok
09:58:21.0151 0x0b60 WinDefend - ok
09:58:21.0165 0x0b60 WinHttpAutoProxySvc - ok
09:58:21.0203 0x0b60 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:58:21.0246 0x0b60 Winmgmt - ok
09:58:21.0332 0x0b60 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
09:58:21.0442 0x0b60 WinRM - ok
09:58:21.0498 0x0b60 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:58:21.0523 0x0b60 WinUsb - ok
09:58:21.0569 0x0b60 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
09:58:21.0605 0x0b60 Wlansvc - ok
09:58:21.0754 0x0b60 [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:58:21.0824 0x0b60 wlidsvc - ok
09:58:21.0893 0x0b60 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
09:58:21.0902 0x0b60 WmiAcpi - ok
09:58:21.0922 0x0b60 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:58:21.0942 0x0b60 wmiApSrv - ok
09:58:21.0984 0x0b60 WMPNetworkSvc - ok
09:58:21.0992 0x0b60 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:58:22.0004 0x0b60 WPCSvc - ok
09:58:22.0056 0x0b60 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:58:22.0068 0x0b60 WPDBusEnum - ok
09:58:22.0080 0x0b60 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:58:22.0121 0x0b60 ws2ifsl - ok
09:58:22.0142 0x0b60 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
09:58:22.0156 0x0b60 wscsvc - ok
09:58:22.0158 0x0b60 WSearch - ok
09:58:22.0256 0x0b60 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
09:58:22.0338 0x0b60 wuauserv - ok
09:58:22.0385 0x0b60 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:58:22.0421 0x0b60 WudfPf - ok
09:58:22.0449 0x0b60 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:58:22.0475 0x0b60 WUDFRd - ok
09:58:22.0499 0x0b60 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:58:22.0531 0x0b60 wudfsvc - ok
09:58:22.0566 0x0b60 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
09:58:22.0603 0x0b60 WwanSvc - ok
09:58:22.0725 0x0b60 [ 2A3D2E1651F3C9FC2E52881E4DF7A758, C2A35B946F7C12D3935D61B365E34D1001609ED8A5FC8A7342A9B5527E4A0DAE ] XTU3SERVICE C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
09:58:22.0731 0x0b60 XTU3SERVICE - ok
09:58:22.0777 0x0b60 [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
09:58:22.0784 0x0b60 xusb21 - ok
09:58:22.0813 0x0b60 ================ Scan global ===============================
09:58:22.0834 0x0b60 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
09:58:22.0880 0x0b60 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
09:58:22.0890 0x0b60 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
09:58:22.0917 0x0b60 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
09:58:22.0945 0x0b60 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
09:58:22.0952 0x0b60 [ Global ] - ok
09:58:22.0952 0x0b60 ================ Scan MBR ==================================
09:58:22.0968 0x0b60 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:58:23.0293 0x0b60 \Device\Harddisk0\DR0 - ok
09:58:23.0294 0x0b60 ================ Scan VBR ==================================
09:58:23.0295 0x0b60 [ 8DE6E752D201132C18847F4FD88AF637 ] \Device\Harddisk0\DR0\Partition1
09:58:23.0352 0x0b60 \Device\Harddisk0\DR0\Partition1 - ok
09:58:23.0354 0x0b60 [ 2BD7CE0C4D90B0A11ADBEFC7DE1472C8 ] \Device\Harddisk0\DR0\Partition2
09:58:23.0421 0x0b60 \Device\Harddisk0\DR0\Partition2 - ok
09:58:23.0423 0x0b60 [ EED955E951A545922282D71A8DCD097D ] \Device\Harddisk0\DR0\Partition3
09:58:23.0424 0x0b60 \Device\Harddisk0\DR0\Partition3 - ok
09:58:23.0424 0x0b60 Waiting for KSN requests completion. In queue: 239
09:58:24.0424 0x0b60 Waiting for KSN requests completion. In queue: 239
09:58:25.0424 0x0b60 Waiting for KSN requests completion. In queue: 239
09:58:26.0430 0x0b60 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.3.336 ), 0x40000 ( disabled : updated )
09:58:26.0432 0x0b60 Win FW state via NFP2: enabled
09:58:29.0096 0x0b60 ============================================================
09:58:29.0096 0x0b60 Scan finished
09:58:29.0096 0x0b60 ============================================================
09:58:29.0101 0x02d8 Detected object count: 7
09:58:29.0101 0x02d8 Actual detected object count: 7
09:58:52.0193 0x02d8 MSIClock_CC ( UnsignedFile.Multi.Generic ) - skipped by user
09:58:52.0193 0x02d8 MSIClock_CC ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:58:52.0193 0x02d8 MSICOMM_CC ( UnsignedFile.Multi.Generic ) - skipped by user
09:58:52.0193 0x02d8 MSICOMM_CC ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:58:52.0194 0x02d8 MSICPU_CC ( UnsignedFile.Multi.Generic ) - skipped by user
09:58:52.0194 0x02d8 MSICPU_CC ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:58:52.0195 0x02d8 MSICTL_CC ( UnsignedFile.Multi.Generic ) - skipped by user
09:58:52.0195 0x02d8 MSICTL_CC ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:58:52.0195 0x02d8 MSIDDR_CC ( UnsignedFile.Multi.Generic ) - skipped by user
09:58:52.0196 0x02d8 MSIDDR_CC ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:58:52.0196 0x02d8 MSISMB_CC ( UnsignedFile.Multi.Generic ) - skipped by user
09:58:52.0196 0x02d8 MSISMB_CC ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:58:52.0197 0x02d8 MSISuperIO_CC ( UnsignedFile.Multi.Generic ) - skipped by user
09:58:52.0197 0x02d8 MSISuperIO_CC ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:59:03.0820 0x0ac0 Deinitialize success
|
|
08.05.2014, 10:57
| #4 |
| | winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? Hier noch die Aktuellen Logs von FRST Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-05-2014
Ran by bender90 at 2014-05-08 11:54:55
Running from C:\Users\bender90\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 2 (SP2) (x32 Version: - Microsoft) Hidden
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.1.6731 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.1.6731 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.2.19 - NewTech Infosystems)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3003 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3005 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0812 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3014 - Acer Incorporated)
ACPI Driver Installer (HKLM-x32\...\553E35CD-0415-41bc-B39A-410375E88534) (Version: 2.1 - Intel Corporation)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.18.0 - Mirillis)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
aerosoft's - German Airports 3 - Berlin-Tegel X (HKLM-x32\...\{3DAD565E-1275-4EE8-9568-932CB7B75FB8}) (Version: 1.00 - aerosoft)
aerosoft's - German Airports 3 - Hamburg X (HKLM-x32\...\{EA6E7823-9E5B-4EDD-9750-C3C87FDF0460}) (Version: 1.00 - aerosoft)
aerosoft's - Mega Airport Frankfurt X (HKLM-x32\...\{BAEE0C24-C8C2-4820-9DF4-887909F1A286}) (Version: 1.01 - aerosoft)
Aerosoft's - MyTraffic 2010 (HKLM-x32\...\{37F50C53-EDED-4FFE-9877-532A335C5C18}) (Version: 6.00 - Aerosoft)
AIDA64 Extreme Edition v2.70 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 2.70 - FinalWire Ltd.)
Airline Tycoon 2 v1.01 (HKLM-x32\...\AirlineTycoon2_is1) (Version: - Kalypso Media)
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Backup Manager Advance (x32 Version: 2.0.2.19 - NewTech Infosystems) Hidden
Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.4.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.0 - Electronic Arts)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
BrowserCompanion (HKLM-x32\...\BrowserCompanion) (Version: - ) <==== ATTENTION
Call of Duty (HKLM-x32\...\Call of Duty) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CommandCenter (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.0.29 - MSI)
Company of Heroes - FAKEMSI (x32 Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes (HKLM-x32\...\Company of Heroes) (Version: 2.602.0 - THQ Inc.)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0315 - DT Soft Ltd)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media)
EA Installer (HKLM-x32\...\EA Installer.-1797597899) (Version: 2.3.0.74 - Electronic Arts, Inc.)
Emergency 4 Deluxe (HKLM-x32\...\{EDA12670-56B5-4459-BA21-D010F0E3EBA1}) (Version: 1.03.001 - )
Emsisoft HiJackFree 4.5 (HKLM-x32\...\Emsisoft HiJackFree_is1) (Version: 4.5 - Emsi Software GmbH)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.0) (Version: 0.70.0 - ESN Social Software AB)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Free YouTube to MP3 Converter version 3.12.2.430 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.2.430 - DVDVideoSoft Ltd.)
FUSSBALL MANAGER 11 (HKLM-x32\...\FUSSBALL MANAGER 11) (Version: - Electronic Arts)
FUSSBALL MANAGER 12 (HKLM-x32\...\FUSSBALL MANAGER 12) (Version: 1.0.0.3 - Electronic Arts)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version: - Rockstar North / Toronto)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - IO Interactive)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 1.00.3004 - Acer Incorporated)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3001 - Acer Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.10.1372 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{B1AC3709-3E98-4F2C-A84E-4BCA2A452E64}) (Version: 4.2.40.2418 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version: - Intel Corporation)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
K-Lite Codec Pack 9.9.5 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.9.5 - )
Live Update 5 (HKLM-x32\...\{36F6E986-D2D1-403C-8BD3-D95EF7BC705D}}_is1) (Version: 5.0.109 - MSI)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.50 (HKLM\...\Logitech Gaming Software) (Version: 8.50.281 - Logitech Inc.)
MAGIX Foto Manager 8 (HKLM-x32\...\MAGIX Foto Manager 8 D) (Version: 6.0.1.471 - MAGIX AG)
MAGIX Fotobuch 3.6 (HKLM-x32\...\MAGIX Fotobuch) (Version: 3.6 - MAGIX AG)
MAGIX Media Suite (HKLM-x32\...\MAGIX Media Suite D) (Version: 1.13.0.112 - MAGIX AG)
MAGIX Online Druck Service 3.4.3.0 (D) (HKLM-x32\...\MAGIX Online Druck Service D) (Version: 3.4.3.0 - MAGIX AG)
MAGIX Ringtone Maker SE (HKLM-x32\...\MAGIX Ringtone Maker SE D) (Version: 3.1.0.5 - MAGIX AG)
MAGIX Screenshare (HKLM-x32\...\MAGIX_{A7E29614-2CEB-42CE-A696-EF640A9777B2}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare (Version: 4.3.6.1987 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{A77C3BFA-A6C7-420B-8786-71BC063DE5C0}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video easy 4 HD (HKLM-x32\...\MAGIX_{0FD91AEB-C9AF-4BE9-8071-61F46B6AFBB8}) (Version: 4.0.0.30 - MAGIX AG)
MAGIX Video easy 4 HD (Version: 4.0.0.30 - MAGIX AG) Hidden
Medal of Honor Allied Assault (HKLM-x32\...\{0DEA94ED-915A-4834-A87E-388D012C8E02}) (Version: - )
Medal of Honor™ Warfighter (HKLM-x32\...\{1040143F-FEFB-4B90-8E51-E47D40E14C4E}) (Version: 1.0.0.3 - Electronic Arts)
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version: - Oberon Media)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Flight Simulator X (x32 Version: 10.0.61355.0 - Microsoft Game Studios) Hidden
Microsoft Flight Simulator X Service Pack 1 (x32 Version: 10.0.61355.0 - Microsoft Game Studios) Hidden
Microsoft Flight Simulator X Service Pack 2 (HKLM-x32\...\{E7CC4B85-DC2F-463F-8FEB-E7398E25C19A}) (Version: 10.0.61472.0 - Microsoft Game Studios)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (x32 Version: 3.5.8080.0 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mouse Editor (HKLM-x32\...\InstallShield_{20D0FE9A-816F-4218-9F5E-67B4198052FF}) (Version: 10.12.0003 - Ihr Firmenname)
MOUSE Editor (x32 Version: 10.12.0003 - Ihr Firmenname) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSI Intel Extreme Tuning Utility (HKLM-x32\...\{2301bb34-385a-4a57-877f-c54347957fad}) (Version: 4.0.6.305 - Intel Corporation)
MSI Intel Extreme Tuning Utility (x32 Version: 4.0.6.305 - Intel Corporation) Hidden
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
mufin player (HKLM-x32\...\mufin player D) (Version: 1.0.0.98 - MAGIX AG)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.72.0 - Egis Technology Inc.)
Nero 9 Essentials (HKLM-x32\...\{bd521da1-d38b-47ae-824a-c66007866327}) (Version: - Nero AG)
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.7.201 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.7.201 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.9.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.7.201 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.8.1 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.11.209 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.1.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.16.0.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.10.505 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 3.0.4 - Vitalwerks Internet Solutions LLC)
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4550 - Electronic Arts, Inc.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PDF24 Creator 5.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6959 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Silent Hunter 5 (HKLM-x32\...\{AC61C594-5F86-4BE9-ABAF-763C6A8E2302}) (Version: 1.0.1 - Ubisoft)
SimCity 4 Deluxe (HKLM-x32\...\{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}) (Version: 1.0.0.0 - Electronic Arts)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 2.0.0.0 - Electronic Arts)
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Star Defender 4 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}) (Version: - Oberon Media)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.019 - MSI)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
The Movies(TM) (HKLM-x32\...\InstallShield_{0556F885-2415-4666-B53E-33727E46AEA1}) (Version: 1.0 - Activision)
The Movies(TM) (x32 Version: 1.0 - Activision) Hidden
TP-LINK TL-WN821N(C)_TL-WN822N_TL-WN823N Driver (HKLM-x32\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Trend Micro SafeSync (HKLM\...\HFRS_is1) (Version: 5.1.0.1173 - Trend Micro)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version: - Tangysoft Ltd.)
Virtual DJ - Atomix Productions (HKLM-x32\...\Virtual DJ - Atomix Productions) (Version: - )
VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
vShare.tv plugin 1.3 (HKLM-x32\...\vShare.tv plugin) (Version: 1.3 - vShare.tv, Inc.) <==== ATTENTION
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3005 - Acer Incorporated)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
==================== Restore Points =========================
29-04-2014 15:30:03 Geplanter Prüfpunkt
07-05-2014 17:00:11 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2009-07-14 04:34 - 2012-03-29 11:24 - 00001395 _RASH C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
149.5.18.172 www.google-analytics.com.
149.5.18.172 ad-emea.doubleclick.net.
149.5.18.172 www.statcounter.com.
108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.
==================== Scheduled Tasks (whitelisted) =============
Task: {0978D71D-0AB2-40DD-A28B-CA3BE2FAD6F3} - System32\Tasks\{567795F9-9CD9-4ADB-9564-A9E88AA91319} => K:\Autorun.exe
Task: {214A1F64-5C6B-4600-9B0E-8C0481C12BA8} - System32\Tasks\{CF91E79D-D816-4736-8853-808CC6180726} => K:\Autorun.exe
Task: {532D7A68-9123-4150-80D1-E54921F9D1A7} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2009-07-09] (Acer)
Task: {8888669A-595F-4057-8361-3A478208B163} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08] (Google Inc.)
Task: {935C46DF-4BAB-45DA-86D7-DD74D00238AD} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2637058006-716935516-2651843933-1000
Task: {A000A393-F221-4DEC-8F71-D9F238B4B69E} - System32\Tasks\{5504C86C-4880-46BB-8923-076C4F7D04F7} => E:\setup.exe
Task: {A78A3AEE-CDFB-4112-A8F1-3296EC1A722E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08] (Google Inc.)
Task: {B7CD19B0-7DBB-4329-8AC1-DB5B49AC89D5} - System32\Tasks\{C14836D9-D315-46CB-B70E-575644EDFF33} => K:\Autorun.exe
Task: {B91D97E3-8B0F-4685-84B2-4919F0FB573F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29] (Adobe Systems Incorporated)
Task: {D981D123-8BE9-4187-B695-7EC28FCBF6FC} - System32\Tasks\{7BDE3F1D-0DF2-4D63-96D0-4B366F3105CB} => K:\setup.exe
Task: {DEF73EDA-A067-403A-B932-8ABC4C9F85A5} - System32\Tasks\{D04D3D78-1584-46E0-8022-649C499199F8} => C:\Windows\system32\msiexec.exe [2010-11-20] (Microsoft Corporation)
Task: {DF58737F-BD31-4C35-9289-3848093C8DEB} - System32\Tasks\{E05891E5-A95E-4388-88EE-FF062B866EB6} => K:\setup.exe
Task: {FB81D614-B6C1-4988-BEED-37F03B347F2E} - System32\Tasks\{C9409708-8F70-4C68-A71C-D1471CA654EB} => K:\Autorun.exe
Task: {FE7796E8-538D-4BAD-A655-CA149DAF981D} - System32\Tasks\{A188004D-74B8-46D7-A735-FE76C35440F0} => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-08-01 17:31 - 2013-08-01 17:31 - 00198120 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-08-01 17:31 - 2013-08-01 17:31 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-08-01 17:31 - 2013-08-01 17:31 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2013-10-17 11:38 - 2013-08-15 16:28 - 01985536 _____ () C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe
2011-07-28 18:02 - 2013-10-28 23:21 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-05-07 19:55 - 2014-05-03 17:07 - 21158400 __RSH () C:\Program Files (x86)\Windows Manager\winmgr.exe
2013-10-17 11:38 - 2013-09-12 18:20 - 04110336 _____ () C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe
2013-10-17 11:38 - 2013-09-12 16:23 - 00503808 _____ () C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe
2011-08-25 19:33 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2010-12-23 11:00 - 2010-12-23 11:00 - 03344384 _____ () C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe
2014-02-04 15:01 - 2013-04-08 16:29 - 00846848 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
2009-08-18 09:27 - 2009-08-18 09:27 - 00629280 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
2009-02-03 02:33 - 2009-02-03 02:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 02:55 - 2008-09-29 02:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2014-05-08 11:41 - 2014-05-08 11:41 - 00005120 _____ () C:\Windows\TEMP\nsp600A.tmp\LangDLL.dll
2014-01-09 12:02 - 2014-04-22 00:55 - 00340480 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-04-23 10:38 - 2014-04-22 00:55 - 00471552 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2013-03-25 14:23 - 2014-04-01 00:09 - 00754688 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-03-29 11:53 - 2014-04-24 00:01 - 01092288 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-03-26 16:16 - 2014-03-03 21:15 - 20626624 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-12-11 09:51 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-12-11 09:51 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-12-11 09:51 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2010-12-02 11:56 - 2010-12-02 11:56 - 00815104 _____ () C:\Program Files (x86)\MOUSE Editor\Data\MouseEditor\Forms\OSD_Text\OSD_Text.dll
2010-10-11 04:13 - 2010-10-11 04:13 - 00087040 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_MouseDeviceManager.dll
2010-11-24 03:11 - 2010-11-24 03:11 - 02535936 _____ () C:\Program Files (x86)\MOUSE Editor\Data\MouseEditor\Forms\ScreenCapture\ScreenCapture.dll
2010-12-02 14:01 - 2010-12-02 14:01 - 00994304 _____ () C:\Program Files (x86)\MOUSE Editor\Data\MouseEditor\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll
2010-09-20 08:18 - 2010-09-20 08:18 - 00085504 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_ZoomControl.dll
2010-09-20 08:18 - 2010-09-20 08:18 - 00054272 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_ScrollbarControl.dll
2010-09-20 08:19 - 2010-09-20 08:19 - 00062976 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_AnalyzeGesturesInRight.dll
2010-11-01 14:16 - 2010-11-01 14:16 - 00062976 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_AnalyzeGesturesInOne.dll
2010-09-20 08:18 - 2010-09-20 08:18 - 00117760 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_Wheel4D.dll
2014-02-04 15:01 - 2013-03-12 21:48 - 01411072 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
2014-02-04 15:01 - 2013-04-02 12:34 - 00193024 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
2014-02-04 15:01 - 2013-04-02 12:34 - 00297472 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJRtl.dll
2009-08-18 09:31 - 2009-08-18 09:31 - 00163840 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-02-22 00:32 - 2014-02-22 00:32 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-02-22 00:32 - 2014-02-22 00:32 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-02-22 00:32 - 2014-02-22 00:32 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-02-22 00:32 - 2014-02-22 00:32 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00124928 _____ () C:\Program Files (x86)\Raptr\_elementtree.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2012-02-06 22:28 - 2012-02-06 22:28 - 00031744 _____ () C:\Program Files (x86)\Raptr\Crypto.Cipher.AES.pyd
2012-02-06 22:28 - 2012-02-06 22:28 - 00010752 _____ () C:\Program Files (x86)\Raptr\Crypto.Random.OSRNG.winrandom.pyd
2012-02-06 22:28 - 2012-02-06 22:28 - 00011264 _____ () C:\Program Files (x86)\Raptr\Crypto.Util._counter.pyd
2011-05-10 21:01 - 2011-05-10 21:01 - 00030208 _____ () C:\Program Files (x86)\Raptr\simplejson._speedups.pyd
2014-02-22 00:32 - 2014-02-22 00:32 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00016384 _____ () C:\Program Files (x86)\Raptr\win32trace.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2013-11-21 02:05 - 2013-11-21 02:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2014-04-29 14:38 - 2014-04-29 14:38 - 16351920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2012-10-27 09:53 - 2012-10-27 09:53 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 01:06 - 2010-11-23 01:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2013-10-17 11:45 - 2013-09-04 07:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-03-19 00:55 - 2014-03-19 00:55 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupreg: HKCU => C:\Windows\windows 7\server.exe
MSCONFIG\startupreg: MessengerPlusForSkypeService => "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"
==================== Faulty Device Manager Devices =============
Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/08/2014 11:28:45 AM) (Source: SideBySide) (User: ) (EventID: 80)
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/08/2014 11:23:06 AM) (Source: SideBySide) (User: ) (EventID: 80)
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/08/2014 11:23:02 AM) (Source: SideBySide) (User: ) (EventID: 80)
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/07/2014 07:53:57 PM) (Source: .NET Runtime) (User: ) (EventID: 1022)
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 6976. Meldungs-ID: [0x2509].
Error: (05/07/2014 07:50:17 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.3.0, Zeitstempel: 0x00000004
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00036fa6
ID des fehlerhaften Prozesses: 0x4fc
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Error: (05/07/2014 07:49:48 PM) (Source: .NET Runtime) (User: ) (EventID: 1022)
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 6680. Meldungs-ID: [0x2509].
Error: (05/07/2014 06:54:36 PM) (Source: SideBySide) (User: ) (EventID: 63)
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (05/07/2014 06:42:54 PM) (Source: .NET Runtime) (User: ) (EventID: 1022)
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 1536. Meldungs-ID: [0x2509].
Error: (05/07/2014 06:40:38 PM) (Source: .NET Runtime) (User: ) (EventID: 1022)
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 1456. Meldungs-ID: [0x2509].
Error: (05/07/2014 06:14:46 PM) (Source: .NET Runtime) (User: ) (EventID: 1022)
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 1064. Meldungs-ID: [0x2509].
System errors:
=============
Error: (05/08/2014 11:41:19 AM) (Source: Service Control Manager) (User: ) (EventID: 7024)
Description: Der Dienst "Avira Echtzeit-Scanner" wurde mit folgendem dienstspezifischem Fehler beendet: %%310.
Error: (05/08/2014 11:40:59 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT) (EventID: 10000)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126
Error: (05/08/2014 10:41:25 AM) (Source: Service Control Manager) (User: ) (EventID: 7024)
Description: Der Dienst "Avira Echtzeit-Scanner" wurde mit folgendem dienstspezifischem Fehler beendet: %%310.
Error: (05/08/2014 10:41:04 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT) (EventID: 10000)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126
Error: (05/08/2014 10:33:05 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT) (EventID: 10000)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126
Error: (05/08/2014 09:50:37 AM) (Source: Service Control Manager) (User: ) (EventID: 7024)
Description: Der Dienst "Avira Echtzeit-Scanner" wurde mit folgendem dienstspezifischem Fehler beendet: %%310.
Error: (05/08/2014 09:50:05 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT) (EventID: 10000)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126
Error: (05/07/2014 10:02:49 PM) (Source: Service Control Manager) (User: ) (EventID: 7024)
Description: Der Dienst "Avira Echtzeit-Scanner" wurde mit folgendem dienstspezifischem Fehler beendet: %%310.
Error: (05/07/2014 10:02:26 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT) (EventID: 10000)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126
Error: (05/07/2014 09:46:32 PM) (Source: Service Control Manager) (User: ) (EventID: 7024)
Description: Der Dienst "Avira Echtzeit-Scanner" wurde mit folgendem dienstspezifischem Fehler beendet: %%310.
Microsoft Office Sessions:
=========================
Error: (09/09/2013 10:11:08 AM) (Source: Microsoft Office 12 Sessions) (User: ) (EventID: 7001)
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Percentage of memory in use: 17%
Total physical RAM: 16328.07 MB
Available physical RAM: 13536.36 MB
Total Pagefile: 32654.33 MB
Available Pagefile: 29521.24 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:689.04 GB) (Free:261.28 GB) NTFS
Drive d: (DATA) (Fixed) (Total:689.57 GB) (Free:689.46 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: B2B05A62)
Partition 1: (Not Active) - (Size=19 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=689 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=690 GB) - (Type=07 NTFS)
==================== End Of Log ============================
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-05-2014
Ran by bender90 (administrator) on SVEN on 08-05-2014 11:51:37
Running from C:\Users\bender90\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
() C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Mirillis Ltd.) C:\Windows\Temp\MirillisAction!1.18.0.exe
() C:\Program Files (x86)\Windows Manager\winmgr.exe
() C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe
() C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe
(MSI CO.,LTD.) C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\CPU_Ratio.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Mirillis Ltd.) C:\ProgramData\Windows Manager\winmgr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro SafeSync\hrfscore.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-06] (Egis Technology Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-12] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [629280 2009-08-18] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [0 ] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM-x32\...\Run: [Live Update 5] => C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe [315392 2012-01-30] ()
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-08-13] (MSI)
HKLM-x32\...\Run: [CommandCenter] => C:\Program Files (x86)\MSI\CommandCenter\StartCommandCenter.exe [809968 2013-09-26] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKU\.DEFAULT\...\RunOnce: [WindowsUpdate] - C:\Program Files (x86)\Windows Manager\winmgr.exe [21158400 2014-05-03] ()
HKU\.DEFAULT\...\CurrentVersion\Windows: [Load] C:\Windows\system32\Microsoft.com <===== ATTENTION
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1825984 2014-04-24] (Valve Corporation)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe [3344384 2010-12-23] ()
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-04-11] (Raptr, Inc)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\RunOnce: [WindowsUpdate] - C:\ProgramData\Windows Manager\winmgr.exe [21158400 2014-05-03] (Mirillis Ltd.)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\CurrentVersion\Windows: [Load] C:\ProgramData\Microsoft.com <===== ATTENTION
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\MountPoints2: {db36818b-b92d-11e0-abaa-00116b983502} - K:\pushinst.exe
IFEO\AvastSvc.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\AvastUI.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avcenter.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avconfig.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgcsrvx.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgidsagent.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgnt.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgrsx.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgwdsvc.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avp.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\bdagent.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\ccuac.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\ComboFix.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\egui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\hijackthis.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\instup.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\keyscrambler.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbam.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamgui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbampt.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamscheduler.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamservice.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MpCmdRun.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MSASCui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MsMpEng.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\msseces.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\rstrui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\spybotsd.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\wireshark.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\zlclient.exe: [Debugger] C:\Windows\system32\Microsoft.com
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA9CCCD5AD521CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKLM-x32 - {609D962F-363E-4443-AFE7-514C6434FBC4} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://startsear.ch/?aff=1&q={searchTerms}
SearchScopes: HKCU - {4327FABE-3C22-4689-8DBF-D226CF777FE9} URL = hxxp://plusnetwork.com/?sp=brw&q={searchTerms}
SearchScopes: HKCU - {609D962F-363E-4443-AFE7-514C6434FBC4} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://startsear.ch/?aff=1&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: IE5BarLauncherBHO Class - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Browser Companion Helper Verifier - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll ( )
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM-x32 - VShareToolBar - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - No File
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - No File
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - No File
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - No File
Handler-x32: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default
FF SearchEngineOrder.1: Web Search
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.facebook.com/
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.116.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.96.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @stonetrip.com/ShiVaWebPlayer,version=1.8.1.0 - C:\Users\bender90\AppData\Roaming\..\LocalLow\StoneTrip\WebPlayer1.8.1\npShiVa3D_1.8.1.dll (Stonetrip)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll (vShare.tv )
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icq-search.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icqplugin-3.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\Plusnetwork.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\startsear.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\ich@maltegoetz.de [2013-12-11]
FF Extension: Rain Alarm Extension - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\rain-alarm@mdiener.de [2014-03-27]
FF Extension: WEB.DE MailCheck - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\toolbar@web.de.xpi [2011-12-19]
FF Extension: NoScript - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-07-19]
FF Extension: Adblock Plus - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-19]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [0 ] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [0 ] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [0 ] (Avira Operations GmbH & Co. KG)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 MSIBIOSData_CC; C:\Program Files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe [2100736 2013-09-11] (MSI)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe [307712 2013-09-16] ()
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\MSICommService.exe [2114560 2013-09-12] ()
R3 MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe [4110336 2013-09-12] ()
R2 MSICTL_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe [1985536 2013-08-15] ()
S3 MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe [2224640 2013-09-11] ()
S3 MSISaveLoad_CC; C:\Program Files (x86)\MSI\CommandCenter\MSISaveLoadService.exe [3957248 2013-07-18] ()
S3 MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe [177152 2013-09-11] ()
R3 MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe [503808 2013-09-12] ()
S3 MSIWMI_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIWMIService.exe [182272 2013-08-23] ()
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-08-19] (MSI)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
R3 OnlineStorageService; C:\Program Files\Trend Micro SafeSync\hrfscore.exe [7908664 2012-07-12] (Trend Micro Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-28] ()
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [15888 2013-04-01] (Intel(R) Corporation)
==================== Drivers (Whitelisted) ====================
R3 AcpiCtlDrv; C:\Windows\System32\DRIVERS\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-01] (DT Soft Ltd)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21408 2013-08-01] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21920 2013-08-01] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [25448 2013-01-07] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-08-01] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NTIOLib_MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
R3 NTIOLib_MSIRatio_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NTIOLib_MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation )
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2013-03-12] (Realtek Semiconductor Corporation )
S3 tap0901_openvpn_accl; C:\Windows\System32\DRIVERS\tap0901_openvpn_accl.sys [37912 2012-08-21] (The OpenVPN Project)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-09-17] (Anchorfree Inc.)
S3 NTIOLib_1_0_C; \??\C:\MSI\MSI SUITE\NTIOLib_X64.sys [X]
S3 NTIOLib_1_1_S; \??\C:\MSI\MSI SUITE\Super-Charger\NTIOLib_X64.sys [X]
S3 NTIOLib_FastBoot; \??\C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteComCen; \??\C:\MSI\MSI SUITE\ControlCenter\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteFB; \??\C:\MSI\MSI SUITE\FastBoot\NTIOLib_X64.sys [X]
S3 PCDSRVC{1368CD8C-499695F1-06020101}_0; \??\c:\users\bender90\appdata\local\temp\wvsialvzwkma\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{3368CD8C-528FE905-06020101}_0; \??\c:\users\bender90\appdata\local\temp\8bi4_nfmp78t\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{A368CD8C-0AEEE3CC-06020101}_0; \??\c:\users\bender90\appdata\local\temp\ao_cb0cvvayd\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{A368CD8C-62FE955B-06020101}_0; \??\c:\users\bender90\appdata\local\temp\1kn9s8jfcbti\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{F368CD8C-EEA1AE2B-06020101}_0; \??\c:\users\bender90\appdata\local\temp\j8ecgnp9oixx\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-08 11:29 - 2014-05-08 11:52 - 00028810 _____ () C:\Users\bender90\Desktop\FRST.txt
2014-05-08 11:23 - 2014-05-08 11:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-08 11:22 - 2014-05-08 11:22 - 02347384 _____ (ESET) C:\Users\bender90\Downloads\esetsmartinstaller_deu.exe
2014-05-08 10:42 - 2014-05-08 10:42 - 00002039 _____ () C:\Users\Public\Desktop\Action!.lnk
2014-05-08 10:42 - 2014-05-08 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
2014-05-08 10:39 - 2014-05-08 10:39 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3(1).exe.part
2014-05-08 10:38 - 2014-05-08 10:38 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3.exe
2014-05-08 10:25 - 2014-05-08 10:25 - 00000000 ____D () C:\Users\bender90\AppData\Local\AviraResume
2014-05-08 09:54 - 2014-05-08 09:54 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller.zip
2014-05-08 09:53 - 2014-05-08 09:54 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\bender90\Desktop\tdsskiller.exe
2014-05-07 21:47 - 2014-05-07 21:47 - 00003260 _____ () C:\Windows\System32\Tasks\{CFF8B7A5-524C-4C48-9F12-296002285E7A}
2014-05-07 21:39 - 2014-05-08 11:41 - 00000000 __SHD () C:\Program Files (x86)\Windows Manager
2014-05-07 20:56 - 2014-05-07 20:56 - 00001268 _____ () C:\Users\bender90\Desktop\Revo Uninstaller.lnk
2014-05-07 20:56 - 2014-05-07 20:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 20:55 - 2014-05-07 20:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\bender90\Downloads\revosetup95.exe
2014-05-07 20:27 - 2014-05-08 11:51 - 00000000 ____D () C:\FRST
2014-05-07 20:26 - 2014-05-07 20:26 - 02063872 _____ (Farbar) C:\Users\bender90\Desktop\FRST64.exe
2014-05-07 19:57 - 2014-05-07 19:57 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-07 19:55 - 2014-05-08 09:50 - 00000000 __SHD () C:\ProgramData\Windows Manager
2014-05-07 19:55 - 2014-05-03 17:07 - 21158400 __RSH (Mirillis Ltd.) C:\Windows\SysWOW64\Microsoft.com
2014-05-07 19:55 - 2014-05-03 17:07 - 21158400 __RSH (Mirillis Ltd.) C:\ProgramData\Microsoft.com
2014-04-30 18:16 - 2014-05-07 19:03 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\UseNeXT
2014-04-30 18:16 - 2014-05-07 18:54 - 00000000 ____D () C:\Users\bender90\Documents\UseNeXT
2014-04-30 18:16 - 2014-04-30 18:16 - 00001861 _____ () C:\Users\bender90\Desktop\UseNeXT by Tangysoft.lnk
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-04-30 18:15 - 2014-04-30 18:15 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\bender90\Downloads\UseNeXTSetup_5.63.exe
2014-04-26 09:03 - 2014-04-26 09:06 - 295347968 _____ (AMD Inc.) C:\Users\bender90\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe
2014-04-08 18:00 - 2014-04-08 18:00 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-08 18:00 - 2014-04-08 18:00 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-08 18:00 - 2014-04-08 18:00 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-08 18:00 - 2014-04-08 18:00 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-08 18:00 - 2014-04-08 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-08 18:00 - 2014-04-08 18:00 - 00000000 ____D () C:\Program Files\Java
2014-04-08 17:59 - 2014-04-08 17:59 - 30796712 _____ (Oracle Corporation) C:\Users\bender90\Downloads\jre-7u51-windows-x64.exe
2014-04-08 15:49 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-04-08 15:49 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-04-08 15:49 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-04-08 15:49 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-04-08 15:49 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-04-08 15:49 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-04-08 15:49 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-04-08 15:49 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-04-08 15:49 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-04-08 15:49 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-04-08 15:49 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-04-08 15:49 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-04-08 15:49 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-04-08 15:49 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-04-08 15:49 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-04-08 15:49 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-04-08 15:49 - 2013-10-01 22:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-08 15:49 - 2013-10-01 22:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-08 15:44 - 2013-12-21 11:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-08 15:44 - 2013-12-21 10:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-08 15:43 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-08 15:43 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-08 15:43 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-08 15:43 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-08 15:43 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-08 15:43 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-08 15:43 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-08 15:43 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-08 15:43 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-08 15:43 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-08 15:43 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-08 15:43 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-08 15:43 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-08 15:43 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-08 15:43 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-08 15:43 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-08 15:43 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-08 15:43 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-08 15:43 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-08 15:43 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-08 15:43 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-08 15:43 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-08 15:43 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-08 15:43 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-08 15:43 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-08 15:43 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-08 15:43 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-08 15:43 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-08 15:43 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-08 15:43 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-08 15:43 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-08 15:43 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-08 15:43 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-08 15:43 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-08 15:43 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-08 15:43 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-08 15:43 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-08 15:43 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-08 15:43 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-08 15:43 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-08 15:43 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-04-08 15:43 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
==================== One Month Modified Files and Folders =======
2014-05-08 11:53 - 2013-02-08 10:58 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-08 11:52 - 2014-05-08 11:29 - 00028810 _____ () C:\Users\bender90\Desktop\FRST.txt
2014-05-08 11:51 - 2014-05-07 20:27 - 00000000 ____D () C:\FRST
2014-05-08 11:48 - 2009-07-14 06:45 - 00014592 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-08 11:48 - 2009-07-14 06:45 - 00014592 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-08 11:47 - 2011-06-17 17:37 - 00699884 _____ () C:\Windows\system32\perfh007.dat
2014-05-08 11:47 - 2011-06-17 17:37 - 00149766 _____ () C:\Windows\system32\perfc007.dat
2014-05-08 11:47 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-08 11:44 - 2011-06-17 07:45 - 01157506 _____ () C:\Windows\WindowsUpdate.log
2014-05-08 11:43 - 2014-02-04 16:45 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Raptr
2014-05-08 11:42 - 2013-04-16 20:33 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-08 11:42 - 2013-02-08 10:58 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-08 11:41 - 2014-05-07 21:39 - 00000000 __SHD () C:\Program Files (x86)\Windows Manager
2014-05-08 11:41 - 2009-07-14 06:51 - 00311390 _____ () C:\Windows\setupact.log
2014-05-08 11:40 - 2012-03-30 09:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-08 11:40 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-08 11:23 - 2014-05-08 11:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-08 11:22 - 2014-05-08 11:22 - 02347384 _____ (ESET) C:\Users\bender90\Downloads\esetsmartinstaller_deu.exe
2014-05-08 10:42 - 2014-05-08 10:42 - 00002039 _____ () C:\Users\Public\Desktop\Action!.lnk
2014-05-08 10:42 - 2014-05-08 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
2014-05-08 10:39 - 2014-05-08 10:39 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3(1).exe.part
2014-05-08 10:38 - 2014-05-08 10:38 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3.exe
2014-05-08 10:25 - 2014-05-08 10:25 - 00000000 ____D () C:\Users\bender90\AppData\Local\AviraResume
2014-05-08 09:54 - 2014-05-08 09:54 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller.zip
2014-05-08 09:54 - 2014-05-08 09:53 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\bender90\Desktop\tdsskiller.exe
2014-05-08 09:50 - 2014-05-07 19:55 - 00000000 __SHD () C:\ProgramData\Windows Manager
2014-05-07 21:48 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-07 21:47 - 2014-05-07 21:47 - 00003260 _____ () C:\Windows\System32\Tasks\{CFF8B7A5-524C-4C48-9F12-296002285E7A}
2014-05-07 20:56 - 2014-05-07 20:56 - 00001268 _____ () C:\Users\bender90\Desktop\Revo Uninstaller.lnk
2014-05-07 20:56 - 2014-05-07 20:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 20:55 - 2014-05-07 20:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\bender90\Downloads\revosetup95.exe
2014-05-07 20:26 - 2014-05-07 20:26 - 02063872 _____ (Farbar) C:\Users\bender90\Desktop\FRST64.exe
2014-05-07 19:59 - 2012-10-29 11:36 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Spotify
2014-05-07 19:57 - 2014-05-07 19:57 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-07 19:54 - 2012-11-09 16:41 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\vlc
2014-05-07 19:50 - 2013-10-30 18:43 - 00000000 ____D () C:\Users\bender90\AppData\Local\CrashDumps
2014-05-07 19:49 - 2012-10-29 11:36 - 00000000 ____D () C:\Users\bender90\AppData\Local\Spotify
2014-05-07 19:03 - 2014-04-30 18:16 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\UseNeXT
2014-05-07 18:54 - 2014-04-30 18:16 - 00000000 ____D () C:\Users\bender90\Documents\UseNeXT
2014-05-07 13:23 - 2014-03-06 21:49 - 00000000 ____D () C:\ProgramData\PMS
2014-05-07 13:03 - 2013-05-28 10:52 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C0979D09-93B8-4BB6-A5B3-C8605BA24C41}
2014-05-05 17:55 - 2011-07-28 18:02 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-05 17:52 - 2011-09-29 11:46 - 00000000 ____D () C:\ProgramData\Origin
2014-05-05 17:52 - 2011-09-29 11:46 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-03 17:07 - 2014-05-07 19:55 - 21158400 __RSH (Mirillis Ltd.) C:\Windows\SysWOW64\Microsoft.com
2014-05-03 17:07 - 2014-05-07 19:55 - 21158400 __RSH (Mirillis Ltd.) C:\ProgramData\Microsoft.com
2014-05-02 18:45 - 2013-10-01 19:57 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Mirillis
2014-05-02 18:45 - 2013-10-01 19:57 - 00000000 ____D () C:\Users\bender90\AppData\Local\Mirillis
2014-05-02 18:44 - 2013-10-01 19:57 - 00000020 _____ () C:\Windows\capsys184523.log
2014-05-02 17:25 - 2011-07-28 18:02 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-05-01 08:39 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-30 18:16 - 2014-04-30 18:16 - 00001861 _____ () C:\Users\bender90\Desktop\UseNeXT by Tangysoft.lnk
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-04-30 18:15 - 2014-04-30 18:15 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\bender90\Downloads\UseNeXTSetup_5.63.exe
2014-04-29 14:38 - 2012-03-30 09:21 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 14:38 - 2012-03-30 09:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 14:38 - 2011-07-28 21:38 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-26 09:06 - 2014-04-26 09:03 - 295347968 _____ (AMD Inc.) C:\Users\bender90\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe
2014-04-17 20:11 - 2014-02-04 16:43 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-04-14 21:03 - 2011-08-02 17:58 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\SoftGrid Client
2014-04-14 19:50 - 2011-08-15 12:09 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\TS3Client
2014-04-09 15:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-08 18:00 - 2014-04-08 18:00 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-08 18:00 - 2014-04-08 18:00 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-08 18:00 - 2014-04-08 18:00 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-08 18:00 - 2014-04-08 18:00 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-08 18:00 - 2014-04-08 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-08 18:00 - 2014-04-08 18:00 - 00000000 ____D () C:\Program Files\Java
2014-04-08 17:59 - 2014-04-08 17:59 - 30796712 _____ (Oracle Corporation) C:\Users\bender90\Downloads\jre-7u51-windows-x64.exe
2014-04-08 17:59 - 2011-07-31 19:21 - 00000000 ____D () C:\Users\bender90\AppData\Local\Adobe
2014-04-08 15:47 - 2011-08-02 17:58 - 01595580 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
Files to move or delete:
====================
C:\Users\bender90\AppData\Roaming\Camdata.ini
C:\Users\bender90\AppData\Roaming\CamLayout.ini
C:\Users\bender90\AppData\Roaming\CamShapes.ini
C:\ProgramData\ldsw_0paos.pad
Some content of TEMP:
====================
C:\Users\bender90\AppData\Local\Temp\13-12_win7_win8_64_dd_ccc_whql.exe
C:\Users\bender90\AppData\Local\Temp\avgnt.exe
C:\Users\bender90\AppData\Local\Temp\detectionapi_rd.dll
C:\Users\bender90\AppData\Local\Temp\detectionui_r.exe
C:\Users\bender90\AppData\Local\Temp\directx10tests_rd.dll
C:\Users\bender90\AppData\Local\Temp\directx11tests_rd.dll
C:\Users\bender90\AppData\Local\Temp\directx9tests_rd.dll
C:\Users\bender90\AppData\Local\Temp\jna1324566697984281769.dll
C:\Users\bender90\AppData\Local\Temp\jna4101322631714976574.dll
C:\Users\bender90\AppData\Local\Temp\jna4383689400269149208.dll
C:\Users\bender90\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\bender90\AppData\Local\Temp\local.dll
C:\Users\bender90\AppData\Local\Temp\MirillisAction!1.18.0.exe
C:\Users\bender90\AppData\Local\Temp\MsgPlusUninstall.exe
C:\Users\bender90\AppData\Local\Temp\raptrpatch.exe
C:\Users\bender90\AppData\Local\Temp\rootsupd.exe
C:\Users\bender90\AppData\Local\Temp\sonarinst.exe
C:\Users\bender90\AppData\Local\Temp\upnp.exe
C:\Users\bender90\AppData\Local\Temp\upx.exe
C:\Users\bender90\AppData\Local\Temp\vlc-2.1.3-win32.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-29 17:23
==================== End Of Log ============================
|
|
09.05.2014, 09:18
| #5 |
| /// the machine /// TB-Ausbilder | winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.05.2014, 11:27
| #6 |
| | winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? Hallo das geht leider nicht er unterbindet mir das auch ...download fehlgeschlagen...hab es dann auf mein notebook runtergeladen und wollte es via stick übertragen...geht auch nicht...meckert er auch auf Datei kann nicht zugegriffen werden... hier noch ein log von spybot via USB Stick...leider kann ich es nicht fixen... Code:
ATTFilter Search results from Spybot - Search & Destroy
09.05.2014 12:18:58
Scan took 00:12:25.
86 items found.
Smitfraud-C.gp: [SBI $F0EB55BA] Autorun settings (WindowsUpdate) (Registry Value, nothing done)
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\WindowsUpdate
Smitfraud-C.gp: [SBI $F0EB55BA] Program file (File, nothing done)
C:\Program Files (x86)\Windows Manager\winmgr.exe
Properties.size=21158400
Properties.md5=C110E8C14DAF0B2BC2F7CA32DF5F2A33
Properties.filedate=1399129674
Properties.filedatetext=2014-05-03 17:07:54
Smitfraud-C.gp: [SBI $F0EB55BA] Autorun settings (WindowsUpdate) (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\WindowsUpdate
Smitfraud-C.gp: [SBI $F0EB55BA] Program file (File, nothing done)
C:\ProgramData\Microsoft.com
Properties.size=21158400
Properties.md5=C110E8C14DAF0B2BC2F7CA32DF5F2A33
Properties.filedate=1399129674
Properties.filedatetext=2014-05-03 17:07:54
Smitfraud-C.gp: [SBI $F0EB55BA] Autorun settings (WindowsUpdate) (Registry Value, nothing done)
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\WindowsUpdate
DownloadSponsor: [SBI $CC437C6B] Settings (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\OCS\lastPID
DownloadSponsor: [SBI $980DE8E4] Settings (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\OCS\PID
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\affiliate.gameladen.com\pap20.sol
Properties.size=98
Properties.md5=54E9D372563CEDD252C03F492A78B55B
Properties.filedate=1398876013
Properties.filedatetext=2014-04-30 18:40:12
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\badoocdn.com\statf.sol
Properties.size=42
Properties.md5=8AE12163EADEB8FB978C00212A1E8F77
Properties.filedate=1397760723
Properties.filedatetext=2014-04-17 20:52:02
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\cdn.movad.net\movad.sol
Properties.size=67
Properties.md5=840E9D361BBD1204D93FA8F8B7FFB8B9
Properties.filedate=1396610753
Properties.filedatetext=2014-04-04 13:25:53
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\images-na.ssl-images-amazon.com\mercury.sol
Properties.size=69
Properties.md5=2C0D96AE2C848A297A3F0A2044CBC4B3
Properties.filedate=1396257418
Properties.filedatetext=2014-03-31 11:16:58
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\p1.badoocdn.com\statf.sol
Properties.size=42
Properties.md5=261587602229EE5D0955825622FC657F
Properties.filedate=1396960521
Properties.filedatetext=2014-04-08 14:35:20
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\s.ytimg.com\soundData.sol
Properties.size=49
Properties.md5=F2945B8419B125F71FC8FD7CDDB59948
Properties.filedate=1396910303
Properties.filedatetext=2014-04-08 00:38:23
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\s.ytimg.com\subtitlesModuleData.sol
Properties.size=63
Properties.md5=17C935936AF9DDC488BC1772D34148DD
Properties.filedate=1396908797
Properties.filedatetext=2014-04-08 00:13:16
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\scache.vevo.com\analytics.sol
Properties.size=419
Properties.md5=8B305296C93C2DDE38B22F9F935EDC5F
Properties.filedate=1396867705
Properties.filedatetext=2014-04-07 12:48:25
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\scache.vevo.com\com.conviva.livePass.sol
Properties.size=225
Properties.md5=630EBC3CAF1B61378999C8CE903C20AF
Properties.filedate=1396867654
Properties.filedatetext=2014-04-07 12:47:34
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\scache.vevo.com\com.vevo.enum.SharedObjectNames.vevo.sol
Properties.size=185
Properties.md5=E5BC69F1BBEBB267F66314E6041863F9
Properties.filedate=1396867654
Properties.filedatetext=2014-04-07 12:47:33
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\secureinclude.ebaystatic.com\ebayLSO.sol
Properties.size=131
Properties.md5=933D24A245FAEC89B93CFC48BF7521A5
Properties.filedate=1399303782
Properties.filedatetext=2014-05-05 17:29:42
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\secureinclude.ebaystatic.com\ebayT.sol
Properties.size=39
Properties.md5=B43F43445AA3414DDC22EC80FBB22871
Properties.filedate=1399303782
Properties.filedatetext=2014-05-05 17:29:42
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\www.jochen-schweizer.de\lsoSearch.sol
Properties.size=123
Properties.md5=FC93336EB094DDCB69D2D3D87AD0F680
Properties.filedate=1398790190
Properties.filedatetext=2014-04-29 18:49:50
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\www.jochen-schweizer.de\lsoTrack.sol
Properties.size=112
Properties.md5=62945F78EE2BAC9748600D6DA3A4E1E9
Properties.filedate=1398790163
Properties.filedatetext=2014-04-29 18:49:22
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\www.paypalobjects.com\paypalLSO.sol
Properties.size=111
Properties.md5=55A7161177CF8AFBD7AB4282CF81849C
Properties.filedate=1396512003
Properties.filedatetext=2014-04-03 10:00:03
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\www.paypalobjects.com\ppLsoTest.sol
Properties.size=48
Properties.md5=74EE4375686A2069414EEF13E7B62789
Properties.filedate=1396511879
Properties.filedatetext=2014-04-03 09:57:59
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\www.sme-advertising.de\analytics.sol
Properties.size=351
Properties.md5=A5487C0C357BE04245DD51BB0B3D73D6
Properties.filedate=1398276353
Properties.filedatetext=2014-04-23 20:05:53
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\www.xatech.com\chat.sol
Properties.size=100
Properties.md5=2773D1BA0183D0A46C652A8110983343
Properties.filedate=1397489697
Properties.filedatetext=2014-04-14 17:34:56
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\de.chatrandom.com\flash\random-chat.swf\ud.sol
Properties.size=96
Properties.md5=74B1D6836D99E5010F8057F49C05E6F8
Properties.filedate=1396979621
Properties.filedatetext=2014-04-08 19:53:40
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\play.snacktv.de\player\videoplayer.swf\SnackTV.sol
Properties.size=79
Properties.md5=1CFDC63736490A743EA60097ACFB3EDC
Properties.filedate=1397147943
Properties.filedatetext=2014-04-10 18:39:02
Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\static.xvideos.com\swf\xv-player.swf\hexaplayerVolumeCookie.sol
Properties.size=61
Properties.md5=9EE679E20E38098F9DDA0A279BE2EE92
Properties.filedate=1397498687
Properties.filedatetext=2014-04-14 20:04:46
Win32.Fynlosk: [SBI $07875FC5] Application data folder (Directory, nothing done)
C:\Users\bender90\AppData\Roaming\dclogs\
Directory.subfile=C:\Users\bender90\AppData\Roaming\dclogs\2013-01-16-4.dc
Directory.subfile.size=670
Directory.subfile.md5=95952635626A2F04FB4199E056DFA18F
Directory.subfile.filedate=1358339627
Directory.subfile.filedatetext=2013-01-16 14:33:47
DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Internet Explorer (User): bender90) (Browser: Cookie, nothing done)
MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Internet Explorer (User): bender90) (Browser: Cookie, nothing done)
DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Firefox: bender90 (default)) (Browser: Cookie, nothing done)
MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Firefox: bender90 (default)) (Browser: Cookie, nothing done)
MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Firefox: bender90 (default)) (Browser: Cookie, nothing done)
MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Firefox: bender90 (default)) (Browser: Cookie, nothing done)
MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Firefox: bender90 (default)) (Browser: Cookie, nothing done)
Statcounter: [SBI $4E2AF2AC] Tracking cookie (Firefox: bender90 (default)) (Browser: Cookie, nothing done)
WebTrends live: [SBI $4E2AF2AC] Tracking cookie (Firefox: bender90 (default)) (Browser: Cookie, nothing done)
DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Firefox: bender90 (default)) (Browser: Cookie, nothing done)
Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Internet Explorer\TypedURLs
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Microsoft Management Console\Recent File List
MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\DirectInput\MostRecentApplication\Name
MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\DirectInput\MostRecentApplication\Id
MS DirectInput: [SBI $6533916A] Last mapped application ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\DirectInput\MostRecentMapperApplication\ID
MS DirectInput: [SBI $31B11F6A] Last mapped application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\DirectInput\MostRecentMapperApplication\Name
MS Paint: [SBI $07867C39] Recent file list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List
Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
Windows.OpenWith: [SBI $286A25C6] Open with list - .ACE extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ACE\OpenWithList
Windows.OpenWith: [SBI $CDE7D0A6] Open with list - .ASX extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASX\OpenWithList
Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
Windows.OpenWith: [SBI $691C1B44] Open with list - .BIN extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList
Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
Windows.OpenWith: [SBI $63036C95] Open with list - .CAB extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAB\OpenWithList
Windows.OpenWith: [SBI $F34FE1D0] Open with list - .CUE extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CUE\OpenWithList
Windows Explorer: [SBI $A2C7B3CD] Recent wallpaper list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Wallpaper\MRU
Windows Explorer: [SBI $7308A845] Run history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
WinRAR: [SBI $0B56E92B] Recent file list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\WinRAR\ArcHistory
WinRAR: [SBI $A59A1C0A] Recent exe file list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\WinRAR\DialogEditHistory\ArcName
WinRAR: [SBI $B84F9965] Last used directory (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\WinRAR\General\LastFolder
WinRAR: [SBI $B510882E] Extraction directory history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\WinRAR\DialogEditHistory\ExtrPath
Cookie: [SBI $49804B54] Browser: Cookie (155) (Browser: Cookie, nothing done)
Cache: [SBI $49804B54] Browser: Cache (2118) (Browser: Cache, nothing done)
History: [SBI $49804B54] Browser: History (223) (Browser: History, nothing done)
Cookie: [SBI $49804B54] Browser: Cookie (1331) (Browser: Cookie, nothing done)
--- Spybot - Search & Destroy version: 2.3.39.131 DLL (build: 20140425) ---
2014-04-25 SDBootCD.exe (2.3.39.109)
2014-04-25 SDCleaner.exe (2.3.39.110)
2014-04-25 SDDelFile.exe (2.3.39.94)
2013-06-18 SDDisableProxy.exe
2014-04-25 SDFSSvc.exe (2.3.39.217)
2013-03-20 SDFileScanHelper.exe (2.1.16.1)
2014-04-25 SDFiles.exe (2.3.39.135)
2014-04-25 SDHelp.exe (2.3.39.1)
2014-04-25 SDHookHelper.exe (2.3.39.2)
2014-04-25 SDHookInst32.exe (2.3.39.2)
2014-04-25 SDImmunize.exe (2.3.39.130)
2014-04-25 SDLogReport.exe (2.3.39.107)
2014-04-25 SDOnAccess.exe (2.3.39.11)
2014-04-25 SDPESetup.exe (2.3.39.3)
2014-04-25 SDPEStart.exe (2.3.39.86)
2014-04-25 SDPRE.exe (2.3.39.22)
2014-04-25 SDPhoneScan.exe (2.3.39.28)
2014-04-25 SDPrepPos.exe (2.3.39.15)
2014-04-25 SDQuarantine.exe (2.3.39.103)
2014-04-25 SDRootAlyzer.exe (2.3.39.116)
2014-04-25 SDSBIEdit.exe (2.3.39.39)
2014-04-25 SDScan.exe (2.3.39.181)
2014-04-25 SDScript.exe (2.3.39.54)
2014-04-25 SDSettings.exe (2.3.39.139)
2014-04-25 SDShell.exe (2.3.39.2)
2014-04-25 SDShred.exe (2.3.39.108)
2014-04-25 SDSysRepair.exe (2.3.39.102)
2014-04-25 SDTools.exe (2.3.39.157)
2014-04-25 SDTray.exe (2.3.39.129)
2014-04-25 SDUpdSvc.exe (2.3.39.77)
2014-04-25 SDUpdate.exe (2.3.39.94)
2014-04-25 SDWSCSvc.exe (2.3.39.2)
2014-04-25 SDWelcome.exe (2.3.39.130)
2014-04-25 blindman.exe (2.3.39.151)
2014-04-25 explorer.exe (2.3.39.181)
2013-06-19 spybotsd2-translation-frx.exe
2014-05-03 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-09-05 DelZip190.dll (1.9.0.107)
2014-04-25 NotificationSpreader.dll
2014-04-25 SDAV.dll
2014-04-25 SDAdvancedCheckLibrary.dll (2.3.39.98)
2014-04-25 SDECon32.dll (2.3.39.114)
2014-04-25 SDEvents.dll (2.3.39.2)
2014-04-25 SDFileScanLibrary.dll (2.3.39.14)
2014-04-25 SDHook32.dll (2.3.39.2)
2014-04-25 SDImmunizeLibrary.dll (2.3.39.2)
2014-04-25 SDLicense.dll (2.3.39.0)
2014-04-25 SDLists.dll (2.3.39.4)
2014-04-25 SDResources.dll (2.3.39.7)
2014-04-25 SDScanLibrary.dll (2.3.39.131)
2014-04-25 SDTasks.dll (2.3.39.15)
2013-12-19 SDWinLogon.dll (2.3.37.0)
2014-04-25 Tools.dll (2.3.39.36)
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2014-03-05 Includes\Adware-000.sbi (*)
2014-01-08 Includes\Adware-001.sbi (*)
2014-04-30 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-01-08 Includes\Dialer-000.sbi (*)
2014-01-08 Includes\Dialer-001.sbi (*)
2014-01-08 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2014-01-09 Includes\Fraud-000.sbi (*)
2014-01-09 Includes\Fraud-001.sbi (*)
2014-03-31 Includes\Fraud-002.sbi (*)
2014-01-09 Includes\Fraud-003.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-01-08 Includes\Hijackers-000.sbi (*)
2014-01-08 Includes\Hijackers-001.sbi (*)
2014-01-08 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\Keyloggers-000.sbi (*)
2014-03-19 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2014-01-09 Includes\Malware-001.sbi (*)
2014-01-09 Includes\Malware-002.sbi (*)
2014-02-05 Includes\Malware-003.sbi (*)
2014-01-28 Includes\Malware-004.sbi (*)
2014-04-15 Includes\Malware-005.sbi (*)
2014-02-26 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2014-04-30 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2013-12-23 Includes\MalwareC.sbi (*)
2014-01-15 Includes\PUPS-000.sbi (*)
2014-01-15 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2014-04-30 Includes\PUPS-C.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2014-01-07 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2014-01-08 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2014-01-08 Includes\Spyware-000.sbi (*)
2014-01-08 Includes\Spyware-001.sbi (*)
2014-01-08 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2014-01-15 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2014-01-15 Includes\Trojans-002.sbi (*)
2014-01-15 Includes\Trojans-003.sbi (*)
2014-01-15 Includes\Trojans-004.sbi (*)
2014-03-19 Includes\Trojans-005.sbi (*)
2014-01-15 Includes\Trojans-006.sbi (*)
2014-01-15 Includes\Trojans-007.sbi (*)
2014-01-15 Includes\Trojans-008.sbi (*)
2014-01-15 Includes\Trojans-009.sbi (*)
2014-04-30 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2014-01-15 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
|
|
10.05.2014, 11:00
| #7 |
| /// the machine /// TB-Ausbilder | winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? hi, Scan mit Farbar's Recovery Scan Tool (Recovery Mode - Windows Vista, 7, 8) Hinweise für Windows 8-Nutzer: Anleitung 1 (FRST-Variante) und Anleitung 2 (zweiter Teil)
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.05.2014, 13:25
| #8 |
| | winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-05-2014 01
Ran by SYSTEM on MININT-NTV0JET on 12-05-2014 14:22:11
Running from G:\
Platform: Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-06] (Egis Technology Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-12] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [629280 2009-08-17] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [0 ] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM-x32\...\Run: [Live Update 5] => C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe [315392 2012-01-30] ()
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-08-13] (MSI)
HKLM-x32\...\Run: [CommandCenter] => C:\Program Files (x86)\MSI\CommandCenter\StartCommandCenter.exe [809968 2013-09-26] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKU\bender90\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\bender90\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1825984 2014-04-23] (Valve Corporation)
HKU\bender90\...\Run: [OscarEditor] => C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe [3344384 2010-12-23] ()
HKU\bender90\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-04-11] (Raptr, Inc)
HKU\bender90\...\RunOnce: [WindowsUpdate] - C:\ProgramData\Microsoft.com [21158400 2014-05-03] (Mirillis Ltd.)
HKU\bender90\...\CurrentVersion\Windows: [Load] C:\ProgramData\Microsoft.com <===== ATTENTION
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-21] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-21] ()
IFEO\AvastSvc.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\AvastUI.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avcenter.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avconfig.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgcsrvx.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgidsagent.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgnt.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgrsx.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgwdsvc.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avp.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\bdagent.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\ccuac.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\ComboFix.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\egui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\hijackthis.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\instup.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\keyscrambler.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbam.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamgui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbampt.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamscheduler.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamservice.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MpCmdRun.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MSASCui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MsMpEng.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\msseces.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\rstrui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\spybotsd.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\wireshark.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\zlclient.exe: [Debugger] C:\Windows\system32\Microsoft.com
==================== Services (Whitelisted) =================
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [0 ] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [0 ] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [0 ] (Avira Operations GmbH & Co. KG)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
S2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] ()
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
S3 MSIBIOSData_CC; C:\Program Files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe [2100736 2013-09-11] (MSI)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe [307712 2013-09-16] ()
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\MSICommService.exe [2114560 2013-09-12] ()
S3 MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe [4110336 2013-09-12] ()
S2 MSICTL_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe [1985536 2013-08-15] ()
S3 MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe [2224640 2013-09-11] ()
S3 MSISaveLoad_CC; C:\Program Files (x86)\MSI\CommandCenter\MSISaveLoadService.exe [3957248 2013-07-18] ()
S3 MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe [177152 2013-09-11] ()
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe [503808 2013-09-12] ()
S3 MSIWMI_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIWMIService.exe [182272 2013-08-23] ()
S2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-08-19] (MSI)
S2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
S3 OnlineStorageService; C:\Program Files\Trend Micro SafeSync\hrfscore.exe [7908664 2012-07-12] (Trend Micro Inc.)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-28] ()
S2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [15888 2013-03-31] (Intel(R) Corporation)
==================== Drivers (Whitelisted) ====================
S3 AcpiCtlDrv; C:\Windows\System32\DRIVERS\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-21] (AVM Berlin)
S1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-01] (DT Soft Ltd)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-21] (AVM GmbH)
S3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21408 2013-08-01] ()
S3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21920 2013-08-01] ()
S3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
S2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [25448 2013-01-06] (Intel Corporation)
S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-08-01] ()
S3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
S3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
S3 NTIOLib_MSIRatio_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation )
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2013-03-12] (Realtek Semiconductor Corporation )
S3 tap0901_openvpn_accl; C:\Windows\System32\DRIVERS\tap0901_openvpn_accl.sys [37912 2012-08-20] (The OpenVPN Project)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-09-17] (Anchorfree Inc.)
S3 NTIOLib_1_0_C; \??\C:\MSI\MSI SUITE\NTIOLib_X64.sys [X]
S3 NTIOLib_1_1_S; \??\C:\MSI\MSI SUITE\Super-Charger\NTIOLib_X64.sys [X]
S3 NTIOLib_FastBoot; \??\C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteComCen; \??\C:\MSI\MSI SUITE\ControlCenter\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteFB; \??\C:\MSI\MSI SUITE\FastBoot\NTIOLib_X64.sys [X]
S3 PCDSRVC{1368CD8C-499695F1-06020101}_0; \??\c:\users\bender90\appdata\local\temp\wvsialvzwkma\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{3368CD8C-528FE905-06020101}_0; \??\c:\users\bender90\appdata\local\temp\8bi4_nfmp78t\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{A368CD8C-0AEEE3CC-06020101}_0; \??\c:\users\bender90\appdata\local\temp\ao_cb0cvvayd\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{A368CD8C-62FE955B-06020101}_0; \??\c:\users\bender90\appdata\local\temp\1kn9s8jfcbti\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{F368CD8C-EEA1AE2B-06020101}_0; \??\c:\users\bender90\appdata\local\temp\j8ecgnp9oixx\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-12 03:01 - 2014-05-12 03:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 02:25 - 2014-05-09 02:29 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe
2014-05-09 02:22 - 2014-05-09 02:22 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe.part
2014-05-09 02:20 - 2014-05-09 02:21 - 05200039 _____ () C:\Users\bender90\Downloads\ComboFix.exe.part
2014-05-08 03:25 - 2014-05-08 03:25 - 00000000 ____D () C:\Mozilla
2014-05-08 02:48 - 2014-05-08 02:48 - 00000000 ___SD () C:\Windows\System32\CompatTel
2014-05-08 02:47 - 2014-04-29 08:00 - 23133184 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-05-08 02:47 - 2014-04-29 07:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-05-08 02:47 - 2014-04-29 06:47 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-08 02:47 - 2014-04-29 06:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-08 02:45 - 2014-04-13 18:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-05-08 02:45 - 2014-04-13 18:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2014-05-08 02:45 - 2014-03-04 01:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2014-05-08 02:45 - 2014-03-04 01:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2014-05-08 02:45 - 2014-03-04 01:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2014-05-08 02:45 - 2014-03-04 01:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2014-05-08 02:45 - 2014-03-04 01:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2014-05-08 02:45 - 2014-03-04 01:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-05-08 02:45 - 2014-03-04 01:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-08 02:45 - 2014-03-04 01:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-05-08 02:45 - 2014-03-04 01:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-05-08 02:45 - 2014-03-04 00:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-05-08 02:45 - 2014-03-04 00:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-05-08 02:45 - 2014-02-03 18:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2014-05-08 02:45 - 2014-02-03 18:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2014-05-08 02:45 - 2014-02-03 18:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2014-05-08 02:45 - 2014-02-03 18:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\iologmsg.dll
2014-05-08 02:45 - 2014-02-03 18:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-05-08 02:45 - 2014-01-08 18:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-05-08 02:45 - 2014-01-03 14:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2014-05-08 02:44 - 2014-01-23 18:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2014-05-08 02:39 - 2014-05-08 02:39 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller(1).zip
2014-05-08 02:30 - 2014-05-08 02:30 - 00000268 _____ () C:\Users\bender90\Desktop\Search.txt
2014-05-08 02:28 - 2014-05-08 02:28 - 00049689 _____ () C:\Users\bender90\Desktop\Addition.txt
2014-05-08 02:27 - 2014-05-08 02:28 - 00047836 _____ () C:\Users\bender90\Desktop\FRST.txt
2014-05-08 01:23 - 2014-05-08 01:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-08 01:22 - 2014-05-08 01:22 - 02347384 _____ (ESET) C:\Users\bender90\Downloads\esetsmartinstaller_deu.exe
2014-05-08 00:39 - 2014-05-08 00:39 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3(1).exe.part
2014-05-08 00:38 - 2014-05-08 00:38 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3.exe
2014-05-08 00:25 - 2014-05-08 00:25 - 00000000 ____D () C:\Users\bender90\AppData\Local\AviraResume
2014-05-07 23:54 - 2014-05-07 23:54 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller.zip
2014-05-07 23:53 - 2014-05-07 23:54 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\bender90\Desktop\tdsskiller.exe
2014-05-07 11:47 - 2014-05-07 11:47 - 00003260 _____ () C:\Windows\System32\Tasks\{CFF8B7A5-524C-4C48-9F12-296002285E7A}
2014-05-07 11:39 - 2014-05-08 03:17 - 00000000 __SHD () C:\Program Files (x86)\Windows Manager
2014-05-07 10:56 - 2014-05-07 10:56 - 00001268 _____ () C:\Users\bender90\Desktop\Revo Uninstaller.lnk
2014-05-07 10:56 - 2014-05-07 10:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 10:55 - 2014-05-07 10:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\bender90\Downloads\revosetup95.exe
2014-05-07 10:27 - 2014-05-12 14:22 - 00000000 ____D () C:\FRST
2014-05-07 10:26 - 2014-05-07 10:26 - 02063872 _____ (Farbar) C:\Users\bender90\Desktop\FRST64.exe
2014-05-07 09:57 - 2014-05-07 09:57 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-07 09:55 - 2014-05-12 02:22 - 00000000 __SHD () C:\ProgramData\Windows Manager
2014-05-07 09:55 - 2014-05-03 07:07 - 21158400 __RSH (Mirillis Ltd.) C:\Windows\SysWOW64\Microsoft.com
2014-05-07 09:55 - 2014-05-03 07:07 - 21158400 __RSH (Mirillis Ltd.) C:\ProgramData\Microsoft.com
2014-04-30 08:16 - 2014-05-12 03:27 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\UseNeXT
2014-04-30 08:16 - 2014-05-12 03:26 - 00000000 ____D () C:\Users\bender90\Documents\UseNeXT
2014-04-30 08:16 - 2014-04-30 08:16 - 00001861 _____ () C:\Users\bender90\Desktop\UseNeXT by Tangysoft.lnk
2014-04-30 08:16 - 2014-04-30 08:16 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-04-30 08:15 - 2014-04-30 08:15 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\bender90\Downloads\UseNeXTSetup_5.63.exe
2014-04-25 23:03 - 2014-04-25 23:06 - 295347968 _____ (AMD Inc.) C:\Users\bender90\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe
==================== One Month Modified Files and Folders =======
2014-05-12 14:22 - 2014-05-07 10:27 - 00000000 ____D () C:\FRST
2014-05-12 04:10 - 2009-07-13 20:51 - 00322882 _____ () C:\Windows\setupact.log
2014-05-12 04:09 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-12 04:06 - 2012-04-26 07:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 04:05 - 2011-06-16 21:45 - 01423607 _____ () C:\Windows\WindowsUpdate.log
2014-05-12 04:05 - 2009-07-13 20:45 - 00022832 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-12 04:05 - 2009-07-13 20:45 - 00022832 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-12 03:59 - 2013-02-08 00:58 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-12 03:44 - 2011-06-17 07:37 - 00699884 _____ () C:\Windows\System32\perfh007.dat
2014-05-12 03:44 - 2011-06-17 07:37 - 00149766 _____ () C:\Windows\System32\perfc007.dat
2014-05-12 03:44 - 2009-07-13 21:13 - 01622236 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-05-12 03:40 - 2012-03-29 23:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-12 03:27 - 2014-04-30 08:16 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\UseNeXT
2014-05-12 03:26 - 2014-04-30 08:16 - 00000000 ____D () C:\Users\bender90\Documents\UseNeXT
2014-05-12 03:01 - 2014-05-12 03:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-12 02:31 - 2013-05-28 00:52 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C0979D09-93B8-4BB6-A5B3-C8605BA24C41}
2014-05-12 02:23 - 2014-02-04 06:45 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Raptr
2014-05-12 02:22 - 2014-05-07 09:55 - 00000000 __SHD () C:\ProgramData\Windows Manager
2014-05-12 02:22 - 2013-04-16 10:33 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-12 02:21 - 2013-02-08 00:58 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-09 02:56 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-05-09 02:29 - 2014-05-09 02:25 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe
2014-05-09 02:22 - 2014-05-09 02:22 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe.part
2014-05-09 02:21 - 2014-05-09 02:20 - 05200039 _____ () C:\Users\bender90\Downloads\ComboFix.exe.part
2014-05-09 01:54 - 2013-02-08 00:58 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-09 01:54 - 2013-02-08 00:58 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-08 04:09 - 2011-06-20 08:33 - 00000000 ____D () C:\users\bender90
2014-05-08 03:25 - 2014-05-08 03:25 - 00000000 ____D () C:\Mozilla
2014-05-08 03:17 - 2014-05-07 11:39 - 00000000 __SHD () C:\Program Files (x86)\Windows Manager
2014-05-08 02:50 - 2009-07-13 21:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-08 02:49 - 2009-09-03 01:10 - 00723896 _____ () C:\Windows\PFRO.log
2014-05-08 02:48 - 2014-05-08 02:48 - 00000000 ___SD () C:\Windows\System32\CompatTel
2014-05-08 02:47 - 2013-08-24 05:32 - 00000000 ____D () C:\Windows\System32\MRT
2014-05-08 02:46 - 2011-07-30 09:32 - 90655440 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-05-08 02:39 - 2014-05-08 02:39 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller(1).zip
2014-05-08 02:33 - 2011-08-27 02:04 - 00000000 ____D () C:\Windows\Minidump
2014-05-08 02:30 - 2014-05-08 02:30 - 00000268 _____ () C:\Users\bender90\Desktop\Search.txt
2014-05-08 02:28 - 2014-05-08 02:28 - 00049689 _____ () C:\Users\bender90\Desktop\Addition.txt
2014-05-08 02:28 - 2014-05-08 02:27 - 00047836 _____ () C:\Users\bender90\Desktop\FRST.txt
2014-05-08 02:08 - 2013-07-30 00:44 - 00002070 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-05-08 02:03 - 2013-10-01 09:56 - 00000000 ____D () C:\Program Files (x86)\Mirillis
2014-05-08 01:23 - 2014-05-08 01:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-08 01:22 - 2014-05-08 01:22 - 02347384 _____ (ESET) C:\Users\bender90\Downloads\esetsmartinstaller_deu.exe
2014-05-08 00:39 - 2014-05-08 00:39 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3(1).exe.part
2014-05-08 00:38 - 2014-05-08 00:38 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3.exe
2014-05-08 00:25 - 2014-05-08 00:25 - 00000000 ____D () C:\Users\bender90\AppData\Local\AviraResume
2014-05-07 23:54 - 2014-05-07 23:54 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller.zip
2014-05-07 23:54 - 2014-05-07 23:53 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\bender90\Desktop\tdsskiller.exe
2014-05-07 11:47 - 2014-05-07 11:47 - 00003260 _____ () C:\Windows\System32\Tasks\{CFF8B7A5-524C-4C48-9F12-296002285E7A}
2014-05-07 10:56 - 2014-05-07 10:56 - 00001268 _____ () C:\Users\bender90\Desktop\Revo Uninstaller.lnk
2014-05-07 10:56 - 2014-05-07 10:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 10:55 - 2014-05-07 10:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\bender90\Downloads\revosetup95.exe
2014-05-07 10:26 - 2014-05-07 10:26 - 02063872 _____ (Farbar) C:\Users\bender90\Desktop\FRST64.exe
2014-05-07 09:59 - 2012-10-29 01:36 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Spotify
2014-05-07 09:57 - 2014-05-07 09:57 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-07 09:54 - 2012-11-09 06:41 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\vlc
2014-05-07 09:50 - 2013-10-30 08:43 - 00000000 ____D () C:\Users\bender90\AppData\Local\CrashDumps
2014-05-07 09:49 - 2012-10-29 01:36 - 00000000 ____D () C:\Users\bender90\AppData\Local\Spotify
2014-05-07 03:23 - 2014-03-06 11:49 - 00000000 ____D () C:\ProgramData\PMS
2014-05-05 07:55 - 2011-07-28 08:02 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-05 07:52 - 2011-09-29 01:46 - 00000000 ____D () C:\ProgramData\Origin
2014-05-05 07:52 - 2011-09-29 01:46 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-03 07:07 - 2014-05-07 09:55 - 21158400 __RSH (Mirillis Ltd.) C:\Windows\SysWOW64\Microsoft.com
2014-05-03 07:07 - 2014-05-07 09:55 - 21158400 __RSH (Mirillis Ltd.) C:\ProgramData\Microsoft.com
2014-05-02 08:45 - 2013-10-01 09:57 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Mirillis
2014-05-02 08:45 - 2013-10-01 09:57 - 00000000 ____D () C:\Users\bender90\AppData\Local\Mirillis
2014-05-02 08:44 - 2013-10-01 09:57 - 00000020 _____ () C:\Windows\capsys184523.log
2014-05-02 07:25 - 2011-07-28 08:02 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-04-30 22:39 - 2009-07-13 21:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-30 08:16 - 2014-04-30 08:16 - 00001861 _____ () C:\Users\bender90\Desktop\UseNeXT by Tangysoft.lnk
2014-04-30 08:16 - 2014-04-30 08:16 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-04-30 08:15 - 2014-04-30 08:15 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\bender90\Downloads\UseNeXTSetup_5.63.exe
2014-04-29 08:00 - 2014-05-08 02:47 - 23133184 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-04-29 07:24 - 2014-05-08 02:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-04-29 06:47 - 2014-05-08 02:47 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 06:14 - 2014-05-08 02:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-29 04:38 - 2012-03-29 23:21 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 04:38 - 2012-03-29 23:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 04:38 - 2011-07-28 11:38 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-25 23:06 - 2014-04-25 23:03 - 295347968 _____ (AMD Inc.) C:\Users\bender90\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe
2014-04-17 10:11 - 2014-02-04 06:43 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-04-14 11:03 - 2011-08-02 07:58 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\SoftGrid Client
2014-04-14 09:50 - 2011-08-15 02:09 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\TS3Client
2014-04-13 18:24 - 2014-05-08 02:45 - 00465408 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-04-13 18:19 - 2014-05-08 02:45 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
Files to move or delete:
====================
C:\Users\bender90\AppData\Roaming\Camdata.ini
C:\Users\bender90\AppData\Roaming\CamLayout.ini
C:\Users\bender90\AppData\Roaming\CamShapes.ini
C:\ProgramData\ldsw_0paos.pad
Some content of TEMP:
====================
C:\Users\bender90\AppData\Local\Temp\avgnt.exe
C:\Users\bender90\AppData\Local\Temp\local.dll
C:\Users\bender90\AppData\Local\Temp\MirillisAction!1.18.0.exe
C:\Users\bender90\AppData\Local\Temp\rootsupd.exe
==================== Known DLLs (Whitelisted) ================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== Restore Points =========================
Restore point made on: 2014-04-29 07:30:18
Restore point made on: 2014-05-02 04:24:50
Restore point made on: 2014-05-07 09:00:26
Restore point made on: 2014-05-08 02:03:20
Restore point made on: 2014-05-08 02:21:38
Restore point made on: 2014-05-08 02:25:37
Restore point made on: 2014-05-08 02:45:35
Restore point made on: 2014-05-08 04:13:12
==================== Memory info ===========================
Percentage of memory in use: 7%
Total physical RAM: 16328.07 MB
Available physical RAM: 15100.31 MB
Total Pagefile: 16326.22 MB
Available Pagefile: 15092.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:689.04 GB) (Free:251.49 GB) NTFS
Drive e: (DATA) (Fixed) (Total:689.57 GB) (Free:689.43 GB) NTFS
Drive f: (PQSERVICE) (Fixed) (Total:18.55 GB) (Free:4.57 GB) NTFS
Drive g: (KINGSTON) (Removable) (Total:3.73 GB) (Free:3.73 GB) FAT32
Drive h: (TOSHIBA) (Removable) (Total:28.89 GB) (Free:22.66 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: B2B05A62)
Partition 1: (Not Active) - (Size=19 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=689 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=690 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 2 (Size: 29 GB) (Disk ID: 04EBC27D)
Partition 1: (Active) - (Size=29 GB) - (Type=07 NTFS)
LastRegBack: 2014-05-09 02:49
==================== End Of Log ============================
--- --- --- |
|
12.05.2014, 13:39
| #9 |
| /// the machine /// TB-Ausbilder | winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? Drücke bitte die  + R Taste und schreibe notepad in das Ausführen Fenster.Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKU\bender90\...\RunOnce: [WindowsUpdate] - C:\ProgramData\Microsoft.com [21158400 2014-05-03] (Mirillis Ltd.)
HKU\bender90\...\CurrentVersion\Windows: [Load] C:\ProgramData\Microsoft.com <===== ATTENTION
IFEO\AvastSvc.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\AvastUI.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avcenter.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avconfig.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgcsrvx.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgidsagent.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgnt.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgrsx.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgwdsvc.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avp.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\bdagent.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\ccuac.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\ComboFix.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\egui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\hijackthis.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\instup.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\keyscrambler.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbam.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamgui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbampt.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamscheduler.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamservice.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MpCmdRun.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MSASCui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MsMpEng.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\msseces.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\rstrui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\spybotsd.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\wireshark.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\zlclient.exe: [Debugger] C:\Windows\system32\Microsoft.com
S3 PCDSRVC{1368CD8C-499695F1-06020101}_0; \??\c:\users\bender90\appdata\local\temp\wvsialvzwkma\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{3368CD8C-528FE905-06020101}_0; \??\c:\users\bender90\appdata\local\temp\8bi4_nfmp78t\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{A368CD8C-0AEEE3CC-06020101}_0; \??\c:\users\bender90\appdata\local\temp\ao_cb0cvvayd\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{A368CD8C-62FE955B-06020101}_0; \??\c:\users\bender90\appdata\local\temp\1kn9s8jfcbti\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{F368CD8C-EEA1AE2B-06020101}_0; \??\c:\users\bender90\appdata\local\temp\j8ecgnp9oixx\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
2014-05-08 02:48 - 2014-05-08 02:48 - 00000000 ___SD () C:\Windows\System32\CompatTel
2014-05-07 09:55 - 2014-05-12 02:22 - 00000000 __SHD () C:\ProgramData\Windows Manager
2014-05-07 09:55 - 2014-05-03 07:07 - 21158400 __RSH (Mirillis Ltd.) C:\Windows\SysWOW64\Microsoft.com
2014-05-07 09:55 - 2014-05-03 07:07 - 21158400 __RSH (Mirillis Ltd.) C:\ProgramData\Microsoft.com
C:\Users\bender90\AppData\Roaming\Camdata.ini
C:\Users\bender90\AppData\Roaming\CamLayout.ini
C:\Users\bender90\AppData\Roaming\CamShapes.ini
C:\ProgramData\ldsw_0paos.pad
Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.05.2014, 13:53
| #10 |
| | winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-05-2014 01
Ran by SYSTEM at 2014-05-12 14:52:18 Run:3
Running from G:\
Boot Mode: Recovery
==============================================
Content of fixlist:
*****************
HKU\bender90\...\RunOnce: [WindowsUpdate] - C:\ProgramData\Microsoft.com [21158400 2014-05-03] (Mirillis Ltd.)
HKU\bender90\...\CurrentVersion\Windows: [Load] C:\ProgramData\Microsoft.com <===== ATTENTION
IFEO\AvastSvc.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\AvastUI.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avcenter.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avconfig.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgcsrvx.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgidsagent.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgnt.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgrsx.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgwdsvc.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avp.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\bdagent.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\ccuac.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\ComboFix.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\egui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\hijackthis.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\instup.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\keyscrambler.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbam.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamgui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbampt.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamscheduler.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamservice.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MpCmdRun.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MSASCui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MsMpEng.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\msseces.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\rstrui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\spybotsd.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\wireshark.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\zlclient.exe: [Debugger] C:\Windows\system32\Microsoft.com
S3 PCDSRVC{1368CD8C-499695F1-06020101}_0; \??\c:\users\bender90\appdata\local\temp\wvsialvzwkma\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{3368CD8C-528FE905-06020101}_0; \??\c:\users\bender90\appdata\local\temp\8bi4_nfmp78t\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{A368CD8C-0AEEE3CC-06020101}_0; \??\c:\users\bender90\appdata\local\temp\ao_cb0cvvayd\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{A368CD8C-62FE955B-06020101}_0; \??\c:\users\bender90\appdata\local\temp\1kn9s8jfcbti\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{F368CD8C-EEA1AE2B-06020101}_0; \??\c:\users\bender90\appdata\local\temp\j8ecgnp9oixx\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
2014-05-08 02:48 - 2014-05-08 02:48 - 00000000 ___SD () C:\Windows\System32\CompatTel
2014-05-07 09:55 - 2014-05-12 02:22 - 00000000 __SHD () C:\ProgramData\Windows Manager
2014-05-07 09:55 - 2014-05-03 07:07 - 21158400 __RSH (Mirillis Ltd.) C:\Windows\SysWOW64\Microsoft.com
2014-05-07 09:55 - 2014-05-03 07:07 - 21158400 __RSH (Mirillis Ltd.) C:\ProgramData\Microsoft.com
C:\Users\bender90\AppData\Roaming\Camdata.ini
C:\Users\bender90\AppData\Roaming\CamLayout.ini
C:\Users\bender90\AppData\Roaming\CamShapes.ini
C:\ProgramData\ldsw_0paos.pad
*****************
HKU\bender90\Software\Microsoft\Windows\CurrentVersion\RunOnce\\WindowsUpdate => Value deleted successfully.
HKU\bender90\Software\Microsoft\Windows NT\CurrentVersion\Windows\\Load => Value was restored successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AvastSvc.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AvastUI.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avcenter.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avconfig.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgcsrvx.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgidsagent.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgnt.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgrsx.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgui.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgwdsvc.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avp.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bdagent.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ccuac.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ComboFix.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\egui.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\hijackthis.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\instup.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\keyscrambler.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbam.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbamgui.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbampt.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbamscheduler.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbamservice.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MpCmdRun.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MSASCui.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MsMpEng.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\msseces.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\rstrui.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\spybotsd.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\wireshark.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\zlclient.exe => Key deleted successfully.
PCDSRVC{1368CD8C-499695F1-06020101}_0 => Service deleted successfully.
PCDSRVC{3368CD8C-528FE905-06020101}_0 => Service deleted successfully.
PCDSRVC{A368CD8C-0AEEE3CC-06020101}_0 => Service deleted successfully.
PCDSRVC{A368CD8C-62FE955B-06020101}_0 => Service deleted successfully.
PCDSRVC{F368CD8C-EEA1AE2B-06020101}_0 => Service deleted successfully.
C:\Windows\System32\CompatTel => Moved successfully.
C:\ProgramData\Windows Manager => Moved successfully.
C:\Windows\SysWOW64\Microsoft.com => Moved successfully.
C:\ProgramData\Microsoft.com => Moved successfully.
C:\Users\bender90\AppData\Roaming\Camdata.ini => Moved successfully.
C:\Users\bender90\AppData\Roaming\CamLayout.ini => Moved successfully.
C:\Users\bender90\AppData\Roaming\CamShapes.ini => Moved successfully.
C:\ProgramData\ldsw_0paos.pad => Moved successfully.
==== End of Fixlog ====
|
|
13.05.2014, 09:59
| #11 |
| /// the machine /// TB-Ausbilder | winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
13.05.2014, 11:46
| #12 |
| | winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org
Database version: v2014.05.13.06
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16661
bender90 :: SVEN [administrator]
13.05.2014 11:58:52
mbar-log-2014-05-13 (11-58-52).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 269023
Time elapsed: 14 minute(s), 21 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 2
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WINMGR.EXE (Trojan.Agent.CMO) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WINMGR.EXE (Trojan.Agent.CMO) -> Delete on reboot.
Registry Values Detected: 1
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce|WindowsUpdate (Trojan.Agent.CMO) -> Data: "C:\Program Files (x86)\Windows Manager\winmgr.exe" -> Delete on reboot.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 1
C:\Users\bender90\AppData\Roaming\dclogs (Stolen.Data) -> Delete on reboot.
Files Detected: 4
C:\Users\bender90\AppData\Roaming\addon.dat (Malware.Trace) -> Delete on reboot.
C:\Users\bender90\AppData\Roaming\logs.dat (Bifrose.Trace) -> Delete on reboot.
C:\Users\bender90\AppData\Roaming\dclogs\2013-01-16-4.dc (Stolen.Data) -> Delete on reboot.
C:\Program Files (x86)\Windows Manager\winmgr.exe (Trojan.Agent.CMO) -> Delete on reboot.
Physical Sectors Detected: 0
(No malicious items detected)
(end)
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-05-2014 01
Ran by bender90 (administrator) on SVEN on 13-05-2014 12:46:11
Running from C:\Users\bender90\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
() C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
() C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe
() C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe
(MSI CO.,LTD.) C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\CPU_Ratio.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-06] (Egis Technology Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-12] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [629280 2009-08-18] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM-x32\...\Run: [Live Update 5] => C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe [315392 2012-01-30] ()
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-08-13] (MSI)
HKLM-x32\...\Run: [CommandCenter] => C:\Program Files (x86)\MSI\CommandCenter\StartCommandCenter.exe [809968 2013-09-26] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKU\.DEFAULT\...\CurrentVersion\Windows: [Load] C:\Windows\system32\Microsoft.com <===== ATTENTION
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1825984 2014-04-24] (Valve Corporation)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe [3344384 2010-12-23] ()
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-04-11] (Raptr, Inc)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\MountPoints2: {1fa6036a-93a2-11e1-910a-00040eccce2e} - K:\setup64.exe
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\MountPoints2: {db36818b-b92d-11e0-abaa-00116b983502} - K:\pushinst.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA9CCCD5AD521CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKLM-x32 - {609D962F-363E-4443-AFE7-514C6434FBC4} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://startsear.ch/?aff=1&q={searchTerms}
SearchScopes: HKCU - {4327FABE-3C22-4689-8DBF-D226CF777FE9} URL = hxxp://plusnetwork.com/?sp=brw&q={searchTerms}
SearchScopes: HKCU - {609D962F-363E-4443-AFE7-514C6434FBC4} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://startsear.ch/?aff=1&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default
FF SearchEngineOrder.1: Web Search
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.facebook.com/
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.116.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.96.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @stonetrip.com/ShiVaWebPlayer,version=1.8.1.0 - C:\Users\bender90\AppData\Roaming\..\LocalLow\StoneTrip\WebPlayer1.8.1\npShiVa3D_1.8.1.dll (Stonetrip)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icq-search.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icqplugin-3.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\Plusnetwork.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\startsear.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\ich@maltegoetz.de [2013-12-11]
FF Extension: Rain Alarm Extension - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\rain-alarm@mdiener.de [2014-03-27]
FF Extension: WEB.DE MailCheck - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\toolbar@web.de.xpi [2011-12-19]
FF Extension: NoScript - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-07-19]
FF Extension: Adblock Plus - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-19]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
==================== Services (Whitelisted) =================
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-23] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-23] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-23] (Avira Operations GmbH & Co. KG)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 MSIBIOSData_CC; C:\Program Files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe [2100736 2013-09-11] (MSI)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe [307712 2013-09-16] ()
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\MSICommService.exe [2114560 2013-09-12] ()
R3 MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe [4110336 2013-09-12] ()
R2 MSICTL_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe [1985536 2013-08-15] ()
S3 MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe [2224640 2013-09-11] ()
S3 MSISaveLoad_CC; C:\Program Files (x86)\MSI\CommandCenter\MSISaveLoadService.exe [3957248 2013-07-18] ()
S3 MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe [177152 2013-09-11] ()
R3 MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe [503808 2013-09-12] ()
S3 MSIWMI_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIWMIService.exe [182272 2013-08-23] ()
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-08-19] (MSI)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
S3 OnlineStorageService; C:\Program Files\Trend Micro SafeSync\hrfscore.exe [7908664 2012-07-12] (Trend Micro Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-28] ()
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [15888 2013-04-01] (Intel(R) Corporation)
==================== Drivers (Whitelisted) ====================
R3 AcpiCtlDrv; C:\Windows\System32\DRIVERS\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-01] (DT Soft Ltd)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21408 2013-08-01] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21920 2013-08-01] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [25448 2013-01-07] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-08-01] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NTIOLib_MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
R3 NTIOLib_MSIRatio_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NTIOLib_MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation )
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2013-03-12] (Realtek Semiconductor Corporation )
S1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 tap0901_openvpn_accl; C:\Windows\System32\DRIVERS\tap0901_openvpn_accl.sys [37912 2012-08-21] (The OpenVPN Project)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-09-17] (Anchorfree Inc.)
S3 NTIOLib_1_0_C; \??\C:\MSI\MSI SUITE\NTIOLib_X64.sys [X]
S3 NTIOLib_1_1_S; \??\C:\MSI\MSI SUITE\Super-Charger\NTIOLib_X64.sys [X]
S3 NTIOLib_FastBoot; \??\C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteComCen; \??\C:\MSI\MSI SUITE\ControlCenter\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteFB; \??\C:\MSI\MSI SUITE\FastBoot\NTIOLib_X64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-13 12:46 - 2014-05-13 12:46 - 00000000 ____D () C:\Users\bender90\Desktop\FRST-OlderVersion
2014-05-13 11:58 - 2014-05-13 12:44 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-05-13 11:58 - 2014-05-13 12:29 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-13 11:58 - 2014-05-13 11:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-13 11:56 - 2014-05-13 12:44 - 00000000 ____D () C:\Users\bender90\Desktop\mbar
2014-05-13 11:56 - 2014-05-13 12:29 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-13 11:55 - 2014-05-13 11:55 - 12589848 _____ (Malwarebytes Corp.) C:\Users\bender90\Desktop\mbar-1.07.0.1009.exe
2014-05-12 17:49 - 2014-05-12 17:49 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Desktop\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-12 13:01 - 2014-05-12 13:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 12:25 - 2014-05-09 12:29 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe
2014-05-09 12:22 - 2014-05-09 12:22 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe.part
2014-05-09 12:20 - 2014-05-09 12:21 - 05200039 _____ () C:\Users\bender90\Downloads\ComboFix.exe.part
2014-05-08 13:25 - 2014-05-08 13:25 - 00000000 ____D () C:\Mozilla
2014-05-08 12:47 - 2014-04-29 18:00 - 23133184 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-08 12:47 - 2014-04-29 17:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-08 12:47 - 2014-04-29 16:47 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-08 12:47 - 2014-04-29 16:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-08 12:45 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-08 12:45 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 12:45 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-08 12:45 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-05-08 12:45 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-05-08 12:45 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-05-08 12:45 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-05-08 12:45 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-05-08 12:45 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-08 12:45 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-05-08 12:45 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-05-08 12:45 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-05-08 12:45 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-05-08 12:45 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-05-08 12:45 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-05-08 12:45 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-05-08 12:45 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-05-08 12:45 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-05-08 12:45 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-05-08 12:45 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-05-08 12:44 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-05-08 12:39 - 2014-05-08 12:39 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller(1).zip
2014-05-08 12:30 - 2014-05-08 12:30 - 00000268 _____ () C:\Users\bender90\Desktop\Search.txt
2014-05-08 12:28 - 2014-05-08 12:28 - 00049689 _____ () C:\Users\bender90\Desktop\Addition.txt
2014-05-08 12:27 - 2014-05-13 12:46 - 00024241 _____ () C:\Users\bender90\Desktop\FRST.txt
2014-05-08 12:08 - 2014-05-08 12:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-08 11:23 - 2014-05-08 11:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-08 11:22 - 2014-05-08 11:22 - 02347384 _____ (ESET) C:\Users\bender90\Downloads\esetsmartinstaller_deu.exe
2014-05-08 10:42 - 2014-05-08 12:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
2014-05-08 10:39 - 2014-05-08 10:39 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3(1).exe.part
2014-05-08 10:38 - 2014-05-08 10:38 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3.exe
2014-05-08 10:25 - 2014-05-08 10:25 - 00000000 ____D () C:\Users\bender90\AppData\Local\AviraResume
2014-05-08 09:54 - 2014-05-08 09:54 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller.zip
2014-05-08 09:53 - 2014-05-08 09:54 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\bender90\Desktop\tdsskiller.exe
2014-05-07 21:47 - 2014-05-07 21:47 - 00003260 _____ () C:\Windows\System32\Tasks\{CFF8B7A5-524C-4C48-9F12-296002285E7A}
2014-05-07 21:39 - 2014-05-13 12:23 - 00000000 __SHD () C:\Program Files (x86)\Windows Manager
2014-05-07 20:56 - 2014-05-07 20:56 - 00001268 _____ () C:\Users\bender90\Desktop\Revo Uninstaller.lnk
2014-05-07 20:56 - 2014-05-07 20:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 20:55 - 2014-05-07 20:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\bender90\Downloads\revosetup95.exe
2014-05-07 20:27 - 2014-05-13 12:46 - 00000000 ____D () C:\FRST
2014-05-07 20:26 - 2014-05-13 12:46 - 02066944 _____ (Farbar) C:\Users\bender90\Desktop\FRST64.exe
2014-05-07 19:57 - 2014-05-07 19:57 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-04-30 18:16 - 2014-05-12 13:27 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\UseNeXT
2014-04-30 18:16 - 2014-05-12 13:26 - 00000000 ____D () C:\Users\bender90\Documents\UseNeXT
2014-04-30 18:16 - 2014-04-30 18:16 - 00001861 _____ () C:\Users\bender90\Desktop\UseNeXT by Tangysoft.lnk
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-04-30 18:15 - 2014-04-30 18:15 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\bender90\Downloads\UseNeXTSetup_5.63.exe
2014-04-26 09:03 - 2014-04-26 09:06 - 295347968 _____ (AMD Inc.) C:\Users\bender90\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe
==================== One Month Modified Files and Folders =======
2014-05-13 12:46 - 2014-05-13 12:46 - 00000000 ____D () C:\Users\bender90\Desktop\FRST-OlderVersion
2014-05-13 12:46 - 2014-05-08 12:27 - 00024241 _____ () C:\Users\bender90\Desktop\FRST.txt
2014-05-13 12:46 - 2014-05-07 20:27 - 00000000 ____D () C:\FRST
2014-05-13 12:46 - 2014-05-07 20:26 - 02066944 _____ (Farbar) C:\Users\bender90\Desktop\FRST64.exe
2014-05-13 12:44 - 2014-05-13 11:58 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-05-13 12:44 - 2014-05-13 11:56 - 00000000 ____D () C:\Users\bender90\Desktop\mbar
2014-05-13 12:40 - 2012-03-30 09:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-13 12:32 - 2009-07-14 06:45 - 00022832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-13 12:32 - 2009-07-14 06:45 - 00022832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-13 12:31 - 2011-06-17 17:37 - 00699884 _____ () C:\Windows\system32\perfh007.dat
2014-05-13 12:31 - 2011-06-17 17:37 - 00149766 _____ () C:\Windows\system32\perfc007.dat
2014-05-13 12:31 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-13 12:29 - 2014-05-13 11:58 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-13 12:29 - 2014-05-13 11:56 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-13 12:29 - 2011-06-17 07:45 - 01487802 _____ () C:\Windows\WindowsUpdate.log
2014-05-13 12:26 - 2014-02-04 16:45 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Raptr
2014-05-13 12:25 - 2013-04-16 20:33 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-13 12:25 - 2013-02-08 10:58 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-13 12:24 - 2011-08-27 12:04 - 00000000 ____D () C:\Windows\Minidump
2014-05-13 12:24 - 2009-09-03 11:10 - 00725172 _____ () C:\Windows\PFRO.log
2014-05-13 12:24 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-13 12:24 - 2009-07-14 06:51 - 00325024 _____ () C:\Windows\setupact.log
2014-05-13 12:23 - 2014-05-07 21:39 - 00000000 __SHD () C:\Program Files (x86)\Windows Manager
2014-05-13 11:59 - 2013-02-08 10:58 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-13 11:58 - 2014-05-13 11:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-13 11:55 - 2014-05-13 11:55 - 12589848 _____ (Malwarebytes Corp.) C:\Users\bender90\Desktop\mbar-1.07.0.1009.exe
2014-05-12 17:49 - 2014-05-12 17:49 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Desktop\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-12 14:06 - 2012-04-26 17:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 13:27 - 2014-04-30 18:16 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\UseNeXT
2014-05-12 13:26 - 2014-04-30 18:16 - 00000000 ____D () C:\Users\bender90\Documents\UseNeXT
2014-05-12 13:01 - 2014-05-12 13:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-12 12:31 - 2013-05-28 10:52 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C0979D09-93B8-4BB6-A5B3-C8605BA24C41}
2014-05-09 12:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-09 12:29 - 2014-05-09 12:25 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe
2014-05-09 12:22 - 2014-05-09 12:22 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe.part
2014-05-09 12:21 - 2014-05-09 12:20 - 05200039 _____ () C:\Users\bender90\Downloads\ComboFix.exe.part
2014-05-09 11:54 - 2013-02-08 10:58 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-09 11:54 - 2013-02-08 10:58 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-08 14:09 - 2011-06-20 18:33 - 00000000 ____D () C:\Users\bender90
2014-05-08 13:25 - 2014-05-08 13:25 - 00000000 ____D () C:\Mozilla
2014-05-08 12:50 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-08 12:47 - 2013-08-24 15:32 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-08 12:46 - 2011-07-30 19:32 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-08 12:39 - 2014-05-08 12:39 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller(1).zip
2014-05-08 12:30 - 2014-05-08 12:30 - 00000268 _____ () C:\Users\bender90\Desktop\Search.txt
2014-05-08 12:28 - 2014-05-08 12:28 - 00049689 _____ () C:\Users\bender90\Desktop\Addition.txt
2014-05-08 12:08 - 2014-05-08 12:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-08 12:08 - 2013-07-30 10:44 - 00002070 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-05-08 12:03 - 2014-05-08 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
2014-05-08 12:03 - 2013-10-01 19:56 - 00000000 ____D () C:\Program Files (x86)\Mirillis
2014-05-08 11:23 - 2014-05-08 11:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-08 11:22 - 2014-05-08 11:22 - 02347384 _____ (ESET) C:\Users\bender90\Downloads\esetsmartinstaller_deu.exe
2014-05-08 10:39 - 2014-05-08 10:39 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3(1).exe.part
2014-05-08 10:38 - 2014-05-08 10:38 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3.exe
2014-05-08 10:25 - 2014-05-08 10:25 - 00000000 ____D () C:\Users\bender90\AppData\Local\AviraResume
2014-05-08 09:54 - 2014-05-08 09:54 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller.zip
2014-05-08 09:54 - 2014-05-08 09:53 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\bender90\Desktop\tdsskiller.exe
2014-05-07 21:48 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-07 21:47 - 2014-05-07 21:47 - 00003260 _____ () C:\Windows\System32\Tasks\{CFF8B7A5-524C-4C48-9F12-296002285E7A}
2014-05-07 20:56 - 2014-05-07 20:56 - 00001268 _____ () C:\Users\bender90\Desktop\Revo Uninstaller.lnk
2014-05-07 20:56 - 2014-05-07 20:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 20:55 - 2014-05-07 20:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\bender90\Downloads\revosetup95.exe
2014-05-07 19:59 - 2012-10-29 11:36 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Spotify
2014-05-07 19:57 - 2014-05-07 19:57 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-07 19:54 - 2012-11-09 16:41 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\vlc
2014-05-07 19:50 - 2013-10-30 18:43 - 00000000 ____D () C:\Users\bender90\AppData\Local\CrashDumps
2014-05-07 19:49 - 2012-10-29 11:36 - 00000000 ____D () C:\Users\bender90\AppData\Local\Spotify
2014-05-07 13:23 - 2014-03-06 21:49 - 00000000 ____D () C:\ProgramData\PMS
2014-05-05 17:55 - 2011-07-28 18:02 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-05 17:52 - 2011-09-29 11:46 - 00000000 ____D () C:\ProgramData\Origin
2014-05-05 17:52 - 2011-09-29 11:46 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-02 18:45 - 2013-10-01 19:57 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Mirillis
2014-05-02 18:45 - 2013-10-01 19:57 - 00000000 ____D () C:\Users\bender90\AppData\Local\Mirillis
2014-05-02 18:44 - 2013-10-01 19:57 - 00000020 _____ () C:\Windows\capsys184523.log
2014-05-02 17:25 - 2011-07-28 18:02 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-05-01 08:39 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-30 18:16 - 2014-04-30 18:16 - 00001861 _____ () C:\Users\bender90\Desktop\UseNeXT by Tangysoft.lnk
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-04-30 18:15 - 2014-04-30 18:15 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\bender90\Downloads\UseNeXTSetup_5.63.exe
2014-04-29 18:00 - 2014-05-08 12:47 - 23133184 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 17:24 - 2014-05-08 12:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 16:47 - 2014-05-08 12:47 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 16:14 - 2014-05-08 12:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-29 14:38 - 2012-03-30 09:21 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 14:38 - 2012-03-30 09:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 14:38 - 2011-07-28 21:38 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-26 09:06 - 2014-04-26 09:03 - 295347968 _____ (AMD Inc.) C:\Users\bender90\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe
2014-04-17 20:11 - 2014-02-04 16:43 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-04-14 21:03 - 2011-08-02 17:58 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\SoftGrid Client
2014-04-14 19:50 - 2011-08-15 12:09 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\TS3Client
2014-04-14 04:24 - 2014-05-08 12:45 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:19 - 2014-05-08 12:45 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
Some content of TEMP:
====================
C:\Users\bender90\AppData\Local\Temp\avgnt.exe
C:\Users\bender90\AppData\Local\Temp\local.dll
C:\Users\bender90\AppData\Local\Temp\MirillisAction!1.18.0.exe
C:\Users\bender90\AppData\Local\Temp\rootsupd.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-09 12:49
==================== End Of Log ============================
|
|
14.05.2014, 11:18
| #13 |
| /// the machine /// TB-Ausbilder | winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? Zum Mäuse melken. Frisches FRST Scanlog aus der Recovery bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
14.05.2014, 12:29
| #14 |
| | winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? oh sorry... FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-05-2014 01
Ran by SYSTEM on MININT-NJ51FVU on 14-05-2014 13:28:24
Running from H:\
Platform: Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-06] (Egis Technology Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-12] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [629280 2009-08-17] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [0 ] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM-x32\...\Run: [Live Update 5] => C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe [315392 2012-01-30] ()
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-08-13] (MSI)
HKLM-x32\...\Run: [CommandCenter] => C:\Program Files (x86)\MSI\CommandCenter\StartCommandCenter.exe [809968 2013-09-26] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKU\bender90\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\bender90\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1825984 2014-04-23] (Valve Corporation)
HKU\bender90\...\Run: [OscarEditor] => C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe [3344384 2010-12-23] ()
HKU\bender90\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-04-11] (Raptr, Inc)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-21] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-21] ()
==================== Services (Whitelisted) =================
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [0 ] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [0 ] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [0 ] (Avira Operations GmbH & Co. KG)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
S2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] ()
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
S3 MSIBIOSData_CC; C:\Program Files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe [2100736 2013-09-11] (MSI)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe [307712 2013-09-16] ()
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\MSICommService.exe [2114560 2013-09-12] ()
S3 MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe [4110336 2013-09-12] ()
S2 MSICTL_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe [1985536 2013-08-15] ()
S3 MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe [2224640 2013-09-11] ()
S3 MSISaveLoad_CC; C:\Program Files (x86)\MSI\CommandCenter\MSISaveLoadService.exe [3957248 2013-07-18] ()
S3 MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe [177152 2013-09-11] ()
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe [503808 2013-09-12] ()
S3 MSIWMI_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIWMIService.exe [182272 2013-08-23] ()
S2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-08-19] (MSI)
S2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
S3 OnlineStorageService; C:\Program Files\Trend Micro SafeSync\hrfscore.exe [7908664 2012-07-12] (Trend Micro Inc.)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-28] ()
S2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [15888 2013-03-31] (Intel(R) Corporation)
==================== Drivers (Whitelisted) ====================
S3 AcpiCtlDrv; C:\Windows\System32\DRIVERS\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-21] (AVM Berlin)
S1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-01] (DT Soft Ltd)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-21] (AVM GmbH)
S3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21408 2013-08-01] ()
S3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21920 2013-08-01] ()
S3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
S2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [25448 2013-01-06] (Intel Corporation)
S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-08-01] ()
S3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
S3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
S3 NTIOLib_MSIRatio_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S4 NTIOLib_MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation )
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2013-03-12] (Realtek Semiconductor Corporation )
S3 tap0901_openvpn_accl; C:\Windows\System32\DRIVERS\tap0901_openvpn_accl.sys [37912 2012-08-20] (The OpenVPN Project)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-09-17] (Anchorfree Inc.)
S3 NTIOLib_1_0_C; \??\C:\MSI\MSI SUITE\NTIOLib_X64.sys [X]
S3 NTIOLib_1_1_S; \??\C:\MSI\MSI SUITE\Super-Charger\NTIOLib_X64.sys [X]
S3 NTIOLib_FastBoot; \??\C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteComCen; \??\C:\MSI\MSI SUITE\ControlCenter\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteFB; \??\C:\MSI\MSI SUITE\FastBoot\NTIOLib_X64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-13 04:20 - 2014-05-13 04:20 - 00002141 _____ () C:\Users\bender90\Desktop\SpyBot - Search & Destroy - CHIP Downloader.lnk
2014-05-13 02:46 - 2014-05-13 02:46 - 00000000 ____D () C:\Users\bender90\Desktop\FRST-OlderVersion
2014-05-13 01:58 - 2014-05-13 02:29 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2014-05-13 01:58 - 2014-05-13 01:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-13 01:56 - 2014-05-13 02:44 - 00000000 ____D () C:\Users\bender90\Desktop\mbar
2014-05-13 01:56 - 2014-05-13 02:29 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
2014-05-13 01:55 - 2014-05-13 01:55 - 12589848 _____ (Malwarebytes Corp.) C:\Users\bender90\Desktop\mbar-1.07.0.1009.exe
2014-05-12 07:49 - 2014-05-12 07:49 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Desktop\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-12 03:01 - 2014-05-12 03:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 02:25 - 2014-05-09 02:29 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe
2014-05-09 02:22 - 2014-05-09 02:22 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe.part
2014-05-09 02:20 - 2014-05-09 02:21 - 05200039 _____ () C:\Users\bender90\Downloads\ComboFix.exe.part
2014-05-08 03:25 - 2014-05-08 03:25 - 00000000 ____D () C:\Mozilla
2014-05-08 02:47 - 2014-04-29 08:00 - 23133184 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-05-08 02:47 - 2014-04-29 07:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-05-08 02:47 - 2014-04-29 06:47 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-08 02:47 - 2014-04-29 06:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-08 02:45 - 2014-04-13 18:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-05-08 02:45 - 2014-04-13 18:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2014-05-08 02:45 - 2014-03-04 01:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2014-05-08 02:45 - 2014-03-04 01:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2014-05-08 02:45 - 2014-03-04 01:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2014-05-08 02:45 - 2014-03-04 01:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2014-05-08 02:45 - 2014-03-04 01:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2014-05-08 02:45 - 2014-03-04 01:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-05-08 02:45 - 2014-03-04 01:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-08 02:45 - 2014-03-04 01:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-05-08 02:45 - 2014-03-04 01:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-05-08 02:45 - 2014-03-04 00:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-05-08 02:45 - 2014-03-04 00:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-05-08 02:45 - 2014-02-03 18:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2014-05-08 02:45 - 2014-02-03 18:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2014-05-08 02:45 - 2014-02-03 18:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2014-05-08 02:45 - 2014-02-03 18:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\iologmsg.dll
2014-05-08 02:45 - 2014-02-03 18:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-05-08 02:45 - 2014-01-08 18:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-05-08 02:45 - 2014-01-03 14:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2014-05-08 02:44 - 2014-01-23 18:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2014-05-08 02:39 - 2014-05-08 02:39 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller(1).zip
2014-05-08 02:30 - 2014-05-08 02:30 - 00000268 _____ () C:\Users\bender90\Desktop\Search.txt
2014-05-08 02:28 - 2014-05-08 02:28 - 00049689 _____ () C:\Users\bender90\Desktop\Addition.txt
2014-05-08 02:27 - 2014-05-13 02:46 - 00042101 _____ () C:\Users\bender90\Desktop\FRST.txt
2014-05-08 01:23 - 2014-05-08 01:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-08 01:22 - 2014-05-08 01:22 - 02347384 _____ (ESET) C:\Users\bender90\Downloads\esetsmartinstaller_deu.exe
2014-05-08 00:39 - 2014-05-08 00:39 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3(1).exe.part
2014-05-08 00:38 - 2014-05-08 00:38 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3.exe
2014-05-08 00:25 - 2014-05-08 00:25 - 00000000 ____D () C:\Users\bender90\AppData\Local\AviraResume
2014-05-07 23:54 - 2014-05-07 23:54 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller.zip
2014-05-07 23:53 - 2014-05-07 23:54 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\bender90\Desktop\tdsskiller.exe
2014-05-07 11:47 - 2014-05-07 11:47 - 00003260 _____ () C:\Windows\System32\Tasks\{CFF8B7A5-524C-4C48-9F12-296002285E7A}
2014-05-07 11:39 - 2014-05-13 02:23 - 00000000 __SHD () C:\Program Files (x86)\Windows Manager
2014-05-07 10:56 - 2014-05-07 10:56 - 00001268 _____ () C:\Users\bender90\Desktop\Revo Uninstaller.lnk
2014-05-07 10:56 - 2014-05-07 10:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 10:55 - 2014-05-07 10:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\bender90\Downloads\revosetup95.exe
2014-05-07 10:27 - 2014-05-14 13:28 - 00000000 ____D () C:\FRST
2014-05-07 10:26 - 2014-05-13 02:46 - 02066944 _____ (Farbar) C:\Users\bender90\Desktop\FRST64.exe
2014-05-07 09:57 - 2014-05-07 09:57 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-04-30 08:16 - 2014-05-12 03:27 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\UseNeXT
2014-04-30 08:16 - 2014-05-12 03:26 - 00000000 ____D () C:\Users\bender90\Documents\UseNeXT
2014-04-30 08:16 - 2014-04-30 08:16 - 00001861 _____ () C:\Users\bender90\Desktop\UseNeXT by Tangysoft.lnk
2014-04-30 08:16 - 2014-04-30 08:16 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-04-30 08:15 - 2014-04-30 08:15 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\bender90\Downloads\UseNeXTSetup_5.63.exe
2014-04-25 23:03 - 2014-04-25 23:06 - 295347968 _____ (AMD Inc.) C:\Users\bender90\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe
==================== One Month Modified Files and Folders =======
2014-05-14 13:28 - 2014-05-07 10:27 - 00000000 ____D () C:\FRST
2014-05-14 03:25 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-14 03:25 - 2009-07-13 20:51 - 00326452 _____ () C:\Windows\setupact.log
2014-05-13 04:38 - 2011-06-16 21:45 - 01488585 _____ () C:\Windows\WindowsUpdate.log
2014-05-13 04:20 - 2014-05-13 04:20 - 00002141 _____ () C:\Users\bender90\Desktop\SpyBot - Search & Destroy - CHIP Downloader.lnk
2014-05-13 03:59 - 2013-02-08 00:58 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-13 03:40 - 2012-03-29 23:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-13 03:12 - 2013-05-28 00:52 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C0979D09-93B8-4BB6-A5B3-C8605BA24C41}
2014-05-13 02:46 - 2014-05-13 02:46 - 00000000 ____D () C:\Users\bender90\Desktop\FRST-OlderVersion
2014-05-13 02:46 - 2014-05-08 02:27 - 00042101 _____ () C:\Users\bender90\Desktop\FRST.txt
2014-05-13 02:46 - 2014-05-07 10:26 - 02066944 _____ (Farbar) C:\Users\bender90\Desktop\FRST64.exe
2014-05-13 02:44 - 2014-05-13 01:56 - 00000000 ____D () C:\Users\bender90\Desktop\mbar
2014-05-13 02:32 - 2009-07-13 20:45 - 00022832 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-13 02:32 - 2009-07-13 20:45 - 00022832 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-13 02:31 - 2011-06-17 07:37 - 00699884 _____ () C:\Windows\System32\perfh007.dat
2014-05-13 02:31 - 2011-06-17 07:37 - 00149766 _____ () C:\Windows\System32\perfc007.dat
2014-05-13 02:31 - 2009-07-13 21:13 - 01622236 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-05-13 02:29 - 2014-05-13 01:58 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2014-05-13 02:29 - 2014-05-13 01:56 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
2014-05-13 02:26 - 2014-02-04 06:45 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Raptr
2014-05-13 02:25 - 2013-04-16 10:33 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-13 02:25 - 2013-02-08 00:58 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-13 02:24 - 2011-08-27 02:04 - 00000000 ____D () C:\Windows\Minidump
2014-05-13 02:24 - 2009-09-03 01:10 - 00725172 _____ () C:\Windows\PFRO.log
2014-05-13 02:23 - 2014-05-07 11:39 - 00000000 __SHD () C:\Program Files (x86)\Windows Manager
2014-05-13 01:58 - 2014-05-13 01:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-13 01:55 - 2014-05-13 01:55 - 12589848 _____ (Malwarebytes Corp.) C:\Users\bender90\Desktop\mbar-1.07.0.1009.exe
2014-05-12 07:49 - 2014-05-12 07:49 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Desktop\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-12 04:06 - 2012-04-26 07:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 03:27 - 2014-04-30 08:16 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\UseNeXT
2014-05-12 03:26 - 2014-04-30 08:16 - 00000000 ____D () C:\Users\bender90\Documents\UseNeXT
2014-05-12 03:01 - 2014-05-12 03:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 02:56 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-05-09 02:29 - 2014-05-09 02:25 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe
2014-05-09 02:22 - 2014-05-09 02:22 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe.part
2014-05-09 02:21 - 2014-05-09 02:20 - 05200039 _____ () C:\Users\bender90\Downloads\ComboFix.exe.part
2014-05-09 01:54 - 2013-02-08 00:58 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-09 01:54 - 2013-02-08 00:58 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-08 04:09 - 2011-06-20 08:33 - 00000000 ____D () C:\users\bender90
2014-05-08 03:25 - 2014-05-08 03:25 - 00000000 ____D () C:\Mozilla
2014-05-08 02:50 - 2009-07-13 21:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-08 02:47 - 2013-08-24 05:32 - 00000000 ____D () C:\Windows\System32\MRT
2014-05-08 02:46 - 2011-07-30 09:32 - 90655440 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-05-08 02:39 - 2014-05-08 02:39 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller(1).zip
2014-05-08 02:30 - 2014-05-08 02:30 - 00000268 _____ () C:\Users\bender90\Desktop\Search.txt
2014-05-08 02:28 - 2014-05-08 02:28 - 00049689 _____ () C:\Users\bender90\Desktop\Addition.txt
2014-05-08 02:08 - 2013-07-30 00:44 - 00002070 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-05-08 02:03 - 2013-10-01 09:56 - 00000000 ____D () C:\Program Files (x86)\Mirillis
2014-05-08 01:23 - 2014-05-08 01:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-08 01:22 - 2014-05-08 01:22 - 02347384 _____ (ESET) C:\Users\bender90\Downloads\esetsmartinstaller_deu.exe
2014-05-08 00:39 - 2014-05-08 00:39 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3(1).exe.part
2014-05-08 00:38 - 2014-05-08 00:38 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3.exe
2014-05-08 00:25 - 2014-05-08 00:25 - 00000000 ____D () C:\Users\bender90\AppData\Local\AviraResume
2014-05-07 23:54 - 2014-05-07 23:54 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller.zip
2014-05-07 23:54 - 2014-05-07 23:53 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\bender90\Desktop\tdsskiller.exe
2014-05-07 11:47 - 2014-05-07 11:47 - 00003260 _____ () C:\Windows\System32\Tasks\{CFF8B7A5-524C-4C48-9F12-296002285E7A}
2014-05-07 10:56 - 2014-05-07 10:56 - 00001268 _____ () C:\Users\bender90\Desktop\Revo Uninstaller.lnk
2014-05-07 10:56 - 2014-05-07 10:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 10:55 - 2014-05-07 10:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\bender90\Downloads\revosetup95.exe
2014-05-07 09:59 - 2012-10-29 01:36 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Spotify
2014-05-07 09:57 - 2014-05-07 09:57 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-07 09:54 - 2012-11-09 06:41 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\vlc
2014-05-07 09:50 - 2013-10-30 08:43 - 00000000 ____D () C:\Users\bender90\AppData\Local\CrashDumps
2014-05-07 09:49 - 2012-10-29 01:36 - 00000000 ____D () C:\Users\bender90\AppData\Local\Spotify
2014-05-07 03:23 - 2014-03-06 11:49 - 00000000 ____D () C:\ProgramData\PMS
2014-05-05 07:55 - 2011-07-28 08:02 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-05 07:52 - 2011-09-29 01:46 - 00000000 ____D () C:\ProgramData\Origin
2014-05-05 07:52 - 2011-09-29 01:46 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-02 08:45 - 2013-10-01 09:57 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Mirillis
2014-05-02 08:45 - 2013-10-01 09:57 - 00000000 ____D () C:\Users\bender90\AppData\Local\Mirillis
2014-05-02 08:44 - 2013-10-01 09:57 - 00000020 _____ () C:\Windows\capsys184523.log
2014-05-02 07:25 - 2011-07-28 08:02 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-04-30 22:39 - 2009-07-13 21:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-30 08:16 - 2014-04-30 08:16 - 00001861 _____ () C:\Users\bender90\Desktop\UseNeXT by Tangysoft.lnk
2014-04-30 08:16 - 2014-04-30 08:16 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-04-30 08:15 - 2014-04-30 08:15 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\bender90\Downloads\UseNeXTSetup_5.63.exe
2014-04-29 08:00 - 2014-05-08 02:47 - 23133184 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-04-29 07:24 - 2014-05-08 02:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-04-29 06:47 - 2014-05-08 02:47 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 06:14 - 2014-05-08 02:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-29 04:38 - 2012-03-29 23:21 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 04:38 - 2012-03-29 23:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 04:38 - 2011-07-28 11:38 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-25 23:06 - 2014-04-25 23:03 - 295347968 _____ (AMD Inc.) C:\Users\bender90\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe
2014-04-17 10:11 - 2014-02-04 06:43 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-04-14 11:03 - 2011-08-02 07:58 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\SoftGrid Client
2014-04-14 09:50 - 2011-08-15 02:09 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\TS3Client
Some content of TEMP:
====================
C:\Users\bender90\AppData\Local\Temp\avgnt.exe
C:\Users\bender90\AppData\Local\Temp\local.dll
C:\Users\bender90\AppData\Local\Temp\MirillisAction!1.18.0.exe
C:\Users\bender90\AppData\Local\Temp\rootsupd.exe
==================== Known DLLs (Whitelisted) ================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== Restore Points =========================
Restore point made on: 2014-04-29 07:30:18
Restore point made on: 2014-05-02 04:24:50
Restore point made on: 2014-05-07 09:00:26
Restore point made on: 2014-05-08 02:03:20
Restore point made on: 2014-05-08 02:21:38
Restore point made on: 2014-05-08 02:25:37
Restore point made on: 2014-05-08 02:45:35
Restore point made on: 2014-05-08 04:13:12
Restore point made on: 2014-05-13 02:23:17
==================== Memory info ===========================
Percentage of memory in use: 7%
Total physical RAM: 16328.07 MB
Available physical RAM: 15096.59 MB
Total Pagefile: 16326.22 MB
Available Pagefile: 15081.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:689.04 GB) (Free:250.8 GB) NTFS
Drive e: (DATA) (Fixed) (Total:689.57 GB) (Free:689.43 GB) NTFS
Drive f: (PQSERVICE) (Fixed) (Total:18.55 GB) (Free:4.57 GB) NTFS
Drive h: (KINGSTON) (Removable) (Total:3.73 GB) (Free:3.73 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: B2B05A62)
Partition 1: (Not Active) - (Size=19 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=689 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=690 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
LastRegBack: 2014-05-09 02:49
==================== End Of Log ============================
|
|
15.05.2014, 09:42
| #15 |
| /// the machine /// TB-Ausbilder | winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? Ok, jetzt schnall ich nix mehr, jetzt isses weg. Frisches FRST log aus dem normalen Modus bitte. Welche Probleme bestehen noch?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? |
| antivir, association, bifrose.trace, blockiert, branding, browser, converter, desktop, dvdvideosoft ltd., excel, firefox, flash player, homepage, launch, malware.trace, msiexec.exe, prozess, realtek, registry, safer networking, scan, security, software, spotify web helper, spyware, stolen.data, svchost.exe, system, trojan.agent.cmo, warum |
WARNUNG an die MITLESER: 
Linear-Darstellung
