Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 07.05.2014, 20:40   #1
bender84
 
winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Standard

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?



Hallo ein Prob mein vater hat den Anhang einer mail geöffnet und es wurde was installiert...nun lassen sich meine Antivierenprogramme nicht öffnen....

Vielleicht könnt ihr mir ja helfen.Vielen Dank

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-05-2014
Ran by bender90 (administrator) on SVEN on 07-05-2014 20:30:08
Running from C:\Users\bender90\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Yuna Software) C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
() C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\bender90\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
() C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro SafeSync\hrfscore.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
() C:\ProgramData\Windows Manager\winmgr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-06] (Egis Technology Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-12] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [629280 2009-08-18] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [0 ] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM-x32\...\Run: [Live Update 5] => C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe [315392 2012-01-30] ()
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-08-13] (MSI)
HKLM-x32\...\Run: [CommandCenter] => C:\Program Files (x86)\MSI\CommandCenter\StartCommandCenter.exe [809968 2013-09-26] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [Spotify Web Helper] => C:\Users\bender90\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-21] (Spotify Ltd)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1825984 2014-04-24] (Valve Corporation)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe [3344384 2010-12-23] ()
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-04-11] (Raptr, Inc)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [RGSC] => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\RunOnce: [WindowsUpdate] - C:\ProgramData\Windows Manager\winmgr.exe [21158400 2014-05-03] ()
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\CurrentVersion\Windows: [Load] C:\ProgramData\Microsoft.com <===== ATTENTION
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\MountPoints2: {db36818b-b92d-11e0-abaa-00116b983502} - K:\pushinst.exe
IFEO\AvastSvc.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\AvastUI.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avcenter.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avconfig.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgcsrvx.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgidsagent.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgnt.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgrsx.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgwdsvc.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avp.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\bdagent.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\ccuac.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\ComboFix.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\egui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\hijackthis.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\instup.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\keyscrambler.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbam.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamgui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbampt.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamscheduler.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamservice.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MpCmdRun.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MSASCui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MsMpEng.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\msseces.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\rstrui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\spybotsd.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\wireshark.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\zlclient.exe: [Debugger] C:\Windows\system32\Microsoft.com
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA9CCCD5AD521CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = 
SearchScopes: HKLM-x32 - {609D962F-363E-4443-AFE7-514C6434FBC4} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://startsear.ch/?aff=1&q={searchTerms}
SearchScopes: HKCU - {4327FABE-3C22-4689-8DBF-D226CF777FE9} URL = hxxp://plusnetwork.com/?sp=brw&q={searchTerms}
SearchScopes: HKCU - {609D962F-363E-4443-AFE7-514C6434FBC4} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://startsear.ch/?aff=1&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: IE5BarLauncherBHO Class - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Browser Companion Helper Verifier - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll ( )
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM-x32 - VShareToolBar - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} -  No File
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -  No File
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -  No File
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -  No File
Handler-x32: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default
FF SearchEngineOrder.1: Web Search
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.facebook.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.116.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.96.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @stonetrip.com/ShiVaWebPlayer,version=1.8.1.0 - C:\Users\bender90\AppData\Roaming\..\LocalLow\StoneTrip\WebPlayer1.8.1\npShiVa3D_1.8.1.dll (Stonetrip)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll (vShare.tv )
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icq-search.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icqplugin-3.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\Plusnetwork.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\startsear.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\ich@maltegoetz.de [2013-12-11]
FF Extension: Rain Alarm Extension - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\rain-alarm@mdiener.de [2014-03-27]
FF Extension: WEB.DE MailCheck - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\toolbar@web.de.xpi [2011-12-19]
FF Extension: NoScript - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-07-19]
FF Extension: Adblock Plus - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-19]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [0 ] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [0 ] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [0 ] (Avira Operations GmbH & Co. KG)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 MsgPlusService; C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [128000 2013-05-07] (Yuna Software)
S3 MSIBIOSData_CC; C:\Program Files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe [2100736 2013-09-11] (MSI)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe [307712 2013-09-16] ()
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\MSICommService.exe [2114560 2013-09-12] ()
S3 MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe [4110336 2013-09-12] ()
R2 MSICTL_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe [1985536 2013-08-15] ()
S3 MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe [2224640 2013-09-11] ()
S3 MSISaveLoad_CC; C:\Program Files (x86)\MSI\CommandCenter\MSISaveLoadService.exe [3957248 2013-07-18] ()
S3 MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe [177152 2013-09-11] ()
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe [503808 2013-09-12] ()
S3 MSIWMI_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIWMIService.exe [182272 2013-08-23] ()
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-08-19] (MSI)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
R3 OnlineStorageService; C:\Program Files\Trend Micro SafeSync\hrfscore.exe [7908664 2012-07-12] (Trend Micro Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-28] ()
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [15888 2013-04-01] (Intel(R) Corporation)

==================== Drivers (Whitelisted) ====================

R3 AcpiCtlDrv; C:\Windows\System32\DRIVERS\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-01] (DT Soft Ltd)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21408 2013-08-01] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21920 2013-08-01] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [25448 2013-01-07] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-08-01] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NTIOLib_MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
R3 NTIOLib_MSIRatio_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NTIOLib_MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation                           )
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2013-03-12] (Realtek Semiconductor Corporation                           )
S3 tap0901_openvpn_accl; C:\Windows\System32\DRIVERS\tap0901_openvpn_accl.sys [37912 2012-08-21] (The OpenVPN Project)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-09-17] (Anchorfree Inc.)
S3 NTIOLib_1_0_C; \??\C:\MSI\MSI SUITE\NTIOLib_X64.sys [X]
S3 NTIOLib_1_1_S; \??\C:\MSI\MSI SUITE\Super-Charger\NTIOLib_X64.sys [X]
S3 NTIOLib_FastBoot; \??\C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteComCen; \??\C:\MSI\MSI SUITE\ControlCenter\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteFB; \??\C:\MSI\MSI SUITE\FastBoot\NTIOLib_X64.sys [X]
S3 PCDSRVC{1368CD8C-499695F1-06020101}_0; \??\c:\users\bender90\appdata\local\temp\wvsialvzwkma\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{3368CD8C-528FE905-06020101}_0; \??\c:\users\bender90\appdata\local\temp\8bi4_nfmp78t\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{A368CD8C-0AEEE3CC-06020101}_0; \??\c:\users\bender90\appdata\local\temp\ao_cb0cvvayd\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{A368CD8C-62FE955B-06020101}_0; \??\c:\users\bender90\appdata\local\temp\1kn9s8jfcbti\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{F368CD8C-EEA1AE2B-06020101}_0; \??\c:\users\bender90\appdata\local\temp\j8ecgnp9oixx\pcdrdiag\bin\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-07 20:28 - 2014-05-07 20:28 - 00047296 _____ () C:\Users\bender90\Downloads\Addition.txt
2014-05-07 20:27 - 2014-05-07 20:30 - 00029066 _____ () C:\Users\bender90\Downloads\FRST.txt
2014-05-07 20:27 - 2014-05-07 20:30 - 00000000 ____D () C:\FRST
2014-05-07 20:26 - 2014-05-07 20:26 - 02063872 _____ (Farbar) C:\Users\bender90\Downloads\FRST64.exe
2014-05-07 19:57 - 2014-05-07 19:57 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-07 19:55 - 2014-05-07 20:26 - 00000000 __SHD () C:\ProgramData\Windows Manager
2014-05-07 19:55 - 2014-05-03 17:07 - 21158400 __RSH (Mirillis Ltd.) C:\Windows\SysWOW64\Microsoft.com
2014-05-07 19:55 - 2014-05-03 17:07 - 21158400 __RSH (Mirillis Ltd.) C:\ProgramData\Microsoft.com
2014-04-30 18:16 - 2014-05-07 19:03 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\UseNeXT
2014-04-30 18:16 - 2014-05-07 18:54 - 00000000 ____D () C:\Users\bender90\Documents\UseNeXT
2014-04-30 18:16 - 2014-04-30 18:16 - 00001861 _____ () C:\Users\bender90\Desktop\UseNeXT by Tangysoft.lnk
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-04-30 18:15 - 2014-04-30 18:15 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\bender90\Downloads\UseNeXTSetup_5.63.exe
2014-04-26 09:03 - 2014-04-26 09:06 - 295347968 _____ (AMD Inc.) C:\Users\bender90\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe
2014-04-08 18:00 - 2014-04-08 18:00 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-08 18:00 - 2014-04-08 18:00 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-08 18:00 - 2014-04-08 18:00 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-08 18:00 - 2014-04-08 18:00 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-08 18:00 - 2014-04-08 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-08 18:00 - 2014-04-08 18:00 - 00000000 ____D () C:\Program Files\Java
2014-04-08 17:59 - 2014-04-08 17:59 - 30796712 _____ (Oracle Corporation) C:\Users\bender90\Downloads\jre-7u51-windows-x64.exe
2014-04-08 15:49 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-04-08 15:49 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-04-08 15:49 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-04-08 15:49 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-04-08 15:49 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-04-08 15:49 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-04-08 15:49 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-04-08 15:49 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-04-08 15:49 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-04-08 15:49 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-04-08 15:49 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-04-08 15:49 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-04-08 15:49 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-04-08 15:49 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-04-08 15:49 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-04-08 15:49 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-04-08 15:49 - 2013-10-01 22:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-08 15:49 - 2013-10-01 22:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-08 15:44 - 2013-12-21 11:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-08 15:44 - 2013-12-21 10:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-08 15:43 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-08 15:43 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-08 15:43 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-08 15:43 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-08 15:43 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-08 15:43 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-08 15:43 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-08 15:43 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-08 15:43 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-08 15:43 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-08 15:43 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-08 15:43 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-08 15:43 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-08 15:43 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-08 15:43 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-08 15:43 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-08 15:43 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-08 15:43 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-08 15:43 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-08 15:43 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-08 15:43 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-08 15:43 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-08 15:43 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-08 15:43 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-08 15:43 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-08 15:43 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-08 15:43 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-08 15:43 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-08 15:43 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-08 15:43 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-08 15:43 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-08 15:43 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-08 15:43 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-08 15:43 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-08 15:43 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-08 15:43 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-08 15:43 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-08 15:43 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-08 15:43 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-08 15:43 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-08 15:43 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-04-08 15:43 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll

==================== One Month Modified Files and Folders =======

2014-05-07 20:30 - 2014-05-07 20:27 - 00029066 _____ () C:\Users\bender90\Downloads\FRST.txt
2014-05-07 20:30 - 2014-05-07 20:27 - 00000000 ____D () C:\FRST
2014-05-07 20:28 - 2014-05-07 20:28 - 00047296 _____ () C:\Users\bender90\Downloads\Addition.txt
2014-05-07 20:26 - 2014-05-07 20:26 - 02063872 _____ (Farbar) C:\Users\bender90\Downloads\FRST64.exe
2014-05-07 20:26 - 2014-05-07 19:55 - 00000000 __SHD () C:\ProgramData\Windows Manager
2014-05-07 20:25 - 2011-06-17 07:45 - 01116030 _____ () C:\Windows\WindowsUpdate.log
2014-05-07 19:59 - 2012-10-29 11:36 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Spotify
2014-05-07 19:57 - 2014-05-07 19:57 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-07 19:54 - 2012-11-09 16:41 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\vlc
2014-05-07 19:53 - 2013-02-08 10:58 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-07 19:50 - 2013-10-30 18:43 - 00000000 ____D () C:\Users\bender90\AppData\Local\CrashDumps
2014-05-07 19:49 - 2012-10-29 11:36 - 00000000 ____D () C:\Users\bender90\AppData\Local\Spotify
2014-05-07 19:40 - 2012-03-30 09:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-07 19:03 - 2014-04-30 18:16 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\UseNeXT
2014-05-07 18:54 - 2014-04-30 18:16 - 00000000 ____D () C:\Users\bender90\Documents\UseNeXT
2014-05-07 17:00 - 2014-02-04 16:45 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Raptr
2014-05-07 13:23 - 2014-03-06 21:49 - 00000000 ____D () C:\ProgramData\PMS
2014-05-07 13:07 - 2009-07-14 06:45 - 00014592 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-07 13:07 - 2009-07-14 06:45 - 00014592 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-07 13:06 - 2011-06-17 17:37 - 00699884 _____ () C:\Windows\system32\perfh007.dat
2014-05-07 13:06 - 2011-06-17 17:37 - 00149766 _____ () C:\Windows\system32\perfc007.dat
2014-05-07 13:06 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-07 13:03 - 2013-05-28 10:52 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C0979D09-93B8-4BB6-A5B3-C8605BA24C41}
2014-05-07 13:01 - 2013-04-16 20:33 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-07 13:00 - 2013-02-08 10:58 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-07 12:59 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-07 12:59 - 2009-07-14 06:51 - 00307820 _____ () C:\Windows\setupact.log
2014-05-05 17:55 - 2011-07-28 18:02 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-05 17:52 - 2011-09-29 11:46 - 00000000 ____D () C:\ProgramData\Origin
2014-05-05 17:52 - 2011-09-29 11:46 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-03 17:07 - 2014-05-07 19:55 - 21158400 __RSH (Mirillis Ltd.) C:\Windows\SysWOW64\Microsoft.com
2014-05-03 17:07 - 2014-05-07 19:55 - 21158400 __RSH (Mirillis Ltd.) C:\ProgramData\Microsoft.com
2014-05-02 18:45 - 2013-10-01 19:57 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Mirillis
2014-05-02 18:45 - 2013-10-01 19:57 - 00000000 ____D () C:\Users\bender90\AppData\Local\Mirillis
2014-05-02 18:45 - 2013-10-01 19:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
2014-05-02 18:44 - 2013-10-01 19:57 - 00000020 _____ () C:\Windows\capsys184523.log
2014-05-02 17:25 - 2011-07-28 18:02 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-05-01 08:39 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-30 18:16 - 2014-04-30 18:16 - 00001861 _____ () C:\Users\bender90\Desktop\UseNeXT by Tangysoft.lnk
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-04-30 18:15 - 2014-04-30 18:15 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\bender90\Downloads\UseNeXTSetup_5.63.exe
2014-04-29 14:38 - 2012-03-30 09:21 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 14:38 - 2012-03-30 09:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 14:38 - 2011-07-28 21:38 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-26 09:06 - 2014-04-26 09:03 - 295347968 _____ (AMD Inc.) C:\Users\bender90\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe
2014-04-17 20:11 - 2014-02-04 16:43 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-04-14 21:03 - 2011-08-02 17:58 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\SoftGrid Client
2014-04-14 19:50 - 2011-08-15 12:09 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\TS3Client
2014-04-09 15:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-08 18:00 - 2014-04-08 18:00 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-08 18:00 - 2014-04-08 18:00 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-08 18:00 - 2014-04-08 18:00 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-08 18:00 - 2014-04-08 18:00 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-08 18:00 - 2014-04-08 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-08 18:00 - 2014-04-08 18:00 - 00000000 ____D () C:\Program Files\Java
2014-04-08 17:59 - 2014-04-08 17:59 - 30796712 _____ (Oracle Corporation) C:\Users\bender90\Downloads\jre-7u51-windows-x64.exe
2014-04-08 17:59 - 2011-07-31 19:21 - 00000000 ____D () C:\Users\bender90\AppData\Local\Adobe
2014-04-08 15:47 - 2011-08-02 17:58 - 01595580 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

Files to move or delete:
====================
C:\Users\bender90\AppData\Roaming\Camdata.ini
C:\Users\bender90\AppData\Roaming\CamLayout.ini
C:\Users\bender90\AppData\Roaming\CamShapes.ini
C:\ProgramData\ldsw_0paos.pad


Some content of TEMP:
====================
C:\Users\bender90\AppData\Local\Temp\13-12_win7_win8_64_dd_ccc_whql.exe
C:\Users\bender90\AppData\Local\Temp\avgnt.exe
C:\Users\bender90\AppData\Local\Temp\detectionapi_rd.dll
C:\Users\bender90\AppData\Local\Temp\detectionui_r.exe
C:\Users\bender90\AppData\Local\Temp\directx10tests_rd.dll
C:\Users\bender90\AppData\Local\Temp\directx11tests_rd.dll
C:\Users\bender90\AppData\Local\Temp\directx9tests_rd.dll
C:\Users\bender90\AppData\Local\Temp\jna1324566697984281769.dll
C:\Users\bender90\AppData\Local\Temp\jna4101322631714976574.dll
C:\Users\bender90\AppData\Local\Temp\jna4383689400269149208.dll
C:\Users\bender90\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\bender90\AppData\Local\Temp\local.dll
C:\Users\bender90\AppData\Local\Temp\MirillisAction!1.18.0.exe
C:\Users\bender90\AppData\Local\Temp\MsgPlusUninstall.exe
C:\Users\bender90\AppData\Local\Temp\raptrpatch.exe
C:\Users\bender90\AppData\Local\Temp\rootsupd.exe
C:\Users\bender90\AppData\Local\Temp\sonarinst.exe
C:\Users\bender90\AppData\Local\Temp\upnp.exe
C:\Users\bender90\AppData\Local\Temp\upx.exe
C:\Users\bender90\AppData\Local\Temp\vlc-2.1.3-win32.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-29 17:23

==================== End Of Log ============================
         

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-05-2014
Ran by bender90 at 2014-05-07 20:30:21
Running from C:\Users\bender90\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 2 (SP2) (x32 Version:  - Microsoft) Hidden
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.1.6731 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.1.6731 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.2.19 - NewTech Infosystems)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3003 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3005 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0812 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3014 - Acer Incorporated)
ACPI Driver Installer (HKLM-x32\...\553E35CD-0415-41bc-B39A-410375E88534) (Version: 2.1 - Intel Corporation)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
aerosoft's - German Airports 3 - Berlin-Tegel X (HKLM-x32\...\{3DAD565E-1275-4EE8-9568-932CB7B75FB8}) (Version: 1.00 - aerosoft)
aerosoft's - German Airports 3 - Hamburg X (HKLM-x32\...\{EA6E7823-9E5B-4EDD-9750-C3C87FDF0460}) (Version: 1.00 - aerosoft)
aerosoft's - Mega Airport Frankfurt X (HKLM-x32\...\{BAEE0C24-C8C2-4820-9DF4-887909F1A286}) (Version: 1.01 - aerosoft)
Aerosoft's - MyTraffic 2010 (HKLM-x32\...\{37F50C53-EDED-4FFE-9877-532A335C5C18}) (Version: 6.00 - Aerosoft)
AIDA64 Extreme Edition v2.70 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 2.70 - FinalWire Ltd.)
Airline Tycoon 2 v1.01 (HKLM-x32\...\AirlineTycoon2_is1) (Version:  - Kalypso Media)
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Backup Manager Advance (x32 Version: 2.0.2.19 - NewTech Infosystems) Hidden
Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.4.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.0 - Electronic Arts)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
BrowserCompanion (HKLM-x32\...\BrowserCompanion) (Version:  - ) <==== ATTENTION
Call of Duty (HKLM-x32\...\Call of Duty) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CommandCenter (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.0.29 - MSI)
Company of Heroes - FAKEMSI (x32 Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes (HKLM-x32\...\Company of Heroes) (Version: 2.602.0 - THQ Inc.)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0315 - DT Soft Ltd)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
EA Installer (HKLM-x32\...\EA Installer.-1797597899) (Version: 2.3.0.74 - Electronic Arts, Inc.)
Emergency 4 Deluxe (HKLM-x32\...\{EDA12670-56B5-4459-BA21-D010F0E3EBA1}) (Version: 1.03.001 - )
Emsisoft HiJackFree 4.5 (HKLM-x32\...\Emsisoft HiJackFree_is1) (Version: 4.5 - Emsi Software GmbH)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.0) (Version: 0.70.0 - ESN Social Software AB)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Free YouTube to MP3 Converter version 3.12.2.430 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.2.430 - DVDVideoSoft Ltd.)
FUSSBALL MANAGER 11 (HKLM-x32\...\FUSSBALL MANAGER 11) (Version:  - Electronic Arts)
FUSSBALL MANAGER 12 (HKLM-x32\...\FUSSBALL MANAGER 12) (Version: 1.0.0.3 - Electronic Arts)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version:  - Rockstar North / Toronto)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 1.00.3004 - Acer Incorporated)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3001 - Acer Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.10.1372 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{B1AC3709-3E98-4F2C-A84E-4BCA2A452E64}) (Version: 4.2.40.2418 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version:  - Intel Corporation)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
K-Lite Codec Pack 9.9.5 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.9.5 - )
Live Update 5 (HKLM-x32\...\{36F6E986-D2D1-403C-8BD3-D95EF7BC705D}}_is1) (Version: 5.0.109 - MSI)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.50 (HKLM\...\Logitech Gaming Software) (Version: 8.50.281 - Logitech Inc.)
MAGIX Foto Manager 8 (HKLM-x32\...\MAGIX Foto Manager 8 D) (Version: 6.0.1.471 - MAGIX AG)
MAGIX Fotobuch 3.6 (HKLM-x32\...\MAGIX Fotobuch) (Version: 3.6 - MAGIX AG)
MAGIX Media Suite (HKLM-x32\...\MAGIX Media Suite D) (Version: 1.13.0.112 - MAGIX AG)
MAGIX Online Druck Service 3.4.3.0 (D) (HKLM-x32\...\MAGIX Online Druck Service D) (Version: 3.4.3.0 - MAGIX AG)
MAGIX Ringtone Maker SE (HKLM-x32\...\MAGIX Ringtone Maker SE D) (Version: 3.1.0.5 - MAGIX AG)
MAGIX Screenshare (HKLM-x32\...\MAGIX_{A7E29614-2CEB-42CE-A696-EF640A9777B2}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare (Version: 4.3.6.1987 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{A77C3BFA-A6C7-420B-8786-71BC063DE5C0}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video easy 4 HD (HKLM-x32\...\MAGIX_{0FD91AEB-C9AF-4BE9-8071-61F46B6AFBB8}) (Version: 4.0.0.30 - MAGIX AG)
MAGIX Video easy 4 HD (Version: 4.0.0.30 - MAGIX AG) Hidden
Medal of Honor Allied Assault (HKLM-x32\...\{0DEA94ED-915A-4834-A87E-388D012C8E02}) (Version:  - )
Medal of Honor™ Warfighter (HKLM-x32\...\{1040143F-FEFB-4B90-8E51-E47D40E14C4E}) (Version: 1.0.0.3 - Electronic Arts)
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version:  - Oberon Media)
Messenger Plus! for Skype (HKLM-x32\...\Messenger Plus! for Skype) (Version: 1.8.0.125 - Yuna Software)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Flight Simulator X (x32 Version: 10.0.61355.0 - Microsoft Game Studios) Hidden
Microsoft Flight Simulator X Service Pack 1 (x32 Version: 10.0.61355.0 - Microsoft Game Studios) Hidden
Microsoft Flight Simulator X Service Pack 2 (HKLM-x32\...\{E7CC4B85-DC2F-463F-8FEB-E7398E25C19A}) (Version: 10.0.61472.0 - Microsoft Game Studios)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (x32 Version: 3.5.8080.0 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mouse Editor (HKLM-x32\...\InstallShield_{20D0FE9A-816F-4218-9F5E-67B4198052FF}) (Version: 10.12.0003 - Ihr Firmenname)
MOUSE Editor (x32 Version: 10.12.0003 - Ihr Firmenname) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSI Intel Extreme Tuning Utility (HKLM-x32\...\{2301bb34-385a-4a57-877f-c54347957fad}) (Version: 4.0.6.305 - Intel Corporation)
MSI Intel Extreme Tuning Utility (x32 Version: 4.0.6.305 - Intel Corporation) Hidden
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
mufin player (HKLM-x32\...\mufin player D) (Version: 1.0.0.98 - MAGIX AG)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.72.0 - Egis Technology Inc.)
Nero 9 Essentials (HKLM-x32\...\{bd521da1-d38b-47ae-824a-c66007866327}) (Version:  - Nero AG)
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.7.201 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.7.201 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.9.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.7.201 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.8.1 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.11.209 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.1.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.16.0.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.10.505 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 3.0.4 - Vitalwerks Internet Solutions LLC)
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4550 - Electronic Arts, Inc.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PDF24 Creator 5.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6959 - Realtek Semiconductor Corp.)
Silent Hunter 5 (HKLM-x32\...\{AC61C594-5F86-4BE9-ABAF-763C6A8E2302}) (Version: 1.0.1 - Ubisoft)
SimCity 4 Deluxe (HKLM-x32\...\{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}) (Version: 1.0.0.0 - Electronic Arts)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 2.0.0.0 - Electronic Arts)
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Star Defender 4 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}) (Version:  - Oberon Media)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.019 - MSI)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
The Movies(TM) (HKLM-x32\...\InstallShield_{0556F885-2415-4666-B53E-33727E46AEA1}) (Version: 1.0 - Activision)
The Movies(TM) (x32 Version: 1.0 - Activision) Hidden
TP-LINK TL-WN821N(C)_TL-WN822N_TL-WN823N Driver (HKLM-x32\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Trend Micro SafeSync (HKLM\...\HFRS_is1) (Version: 5.1.0.1173 - Trend Micro)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
Virtual DJ - Atomix Productions (HKLM-x32\...\Virtual DJ - Atomix Productions) (Version:  - )
VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
vShare.tv plugin 1.3 (HKLM-x32\...\vShare.tv plugin) (Version: 1.3 - vShare.tv, Inc.) <==== ATTENTION
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3005 - Acer Incorporated)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)

==================== Restore Points  =========================

29-04-2014 15:30:03 Geplanter Prüfpunkt
07-05-2014 17:00:11 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 04:34 - 2012-03-29 11:24 - 00001395 _RASH C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
149.5.18.172 www.google-analytics.com.
149.5.18.172 ad-emea.doubleclick.net.
149.5.18.172 www.statcounter.com.
108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.


==================== Scheduled Tasks (whitelisted) =============

Task: {08C660F4-40F6-407B-8DF7-E5AB94248F11} - System32\Tasks\task4999894 => C:\Users\bender90\AppData\Local\Temp\cgs8h1.exe <==== ATTENTION
Task: {0978D71D-0AB2-40DD-A28B-CA3BE2FAD6F3} - System32\Tasks\{567795F9-9CD9-4ADB-9564-A9E88AA91319} => K:\Autorun.exe
Task: {214A1F64-5C6B-4600-9B0E-8C0481C12BA8} - System32\Tasks\{CF91E79D-D816-4736-8853-808CC6180726} => K:\Autorun.exe
Task: {532D7A68-9123-4150-80D1-E54921F9D1A7} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2009-07-09] (Acer)
Task: {8888669A-595F-4057-8361-3A478208B163} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08] (Google Inc.)
Task: {935C46DF-4BAB-45DA-86D7-DD74D00238AD} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2637058006-716935516-2651843933-1000
Task: {A000A393-F221-4DEC-8F71-D9F238B4B69E} - System32\Tasks\{5504C86C-4880-46BB-8923-076C4F7D04F7} => E:\setup.exe
Task: {A78A3AEE-CDFB-4112-A8F1-3296EC1A722E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08] (Google Inc.)
Task: {B7CD19B0-7DBB-4329-8AC1-DB5B49AC89D5} - System32\Tasks\{C14836D9-D315-46CB-B70E-575644EDFF33} => K:\Autorun.exe
Task: {B91D97E3-8B0F-4685-84B2-4919F0FB573F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29] (Adobe Systems Incorporated)
Task: {D981D123-8BE9-4187-B695-7EC28FCBF6FC} - System32\Tasks\{7BDE3F1D-0DF2-4D63-96D0-4B366F3105CB} => K:\setup.exe
Task: {DEF73EDA-A067-403A-B932-8ABC4C9F85A5} - System32\Tasks\{D04D3D78-1584-46E0-8022-649C499199F8} => C:\Windows\system32\msiexec.exe [2010-11-20] (Microsoft Corporation)
Task: {DF58737F-BD31-4C35-9289-3848093C8DEB} - System32\Tasks\{E05891E5-A95E-4388-88EE-FF062B866EB6} => K:\setup.exe
Task: {FB81D614-B6C1-4988-BEED-37F03B347F2E} - System32\Tasks\{C9409708-8F70-4C68-A71C-D1471CA654EB} => K:\Autorun.exe
Task: {FE7796E8-538D-4BAD-A655-CA149DAF981D} - System32\Tasks\{A188004D-74B8-46D7-A735-FE76C35440F0} => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-08-01 17:31 - 2013-08-01 17:31 - 00198120 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-08-01 17:31 - 2013-08-01 17:31 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-08-01 17:31 - 2013-08-01 17:31 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2013-10-17 11:38 - 2013-08-15 16:28 - 01985536 _____ () C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe
2011-07-28 18:02 - 2013-10-28 23:21 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-08-25 19:33 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2010-12-23 11:00 - 2010-12-23 11:00 - 03344384 _____ () C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe
2014-02-04 15:01 - 2013-04-08 16:29 - 00846848 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
2009-08-18 09:27 - 2009-08-18 09:27 - 00629280 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
2014-05-07 19:55 - 2014-05-03 17:07 - 21158400 _____ () C:\ProgramData\Windows Manager\winmgr.exe
2009-02-03 02:33 - 2009-02-03 02:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 02:55 - 2008-09-29 02:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2010-12-02 11:56 - 2010-12-02 11:56 - 00815104 _____ () C:\Program Files (x86)\MOUSE Editor\Data\MouseEditor\Forms\OSD_Text\OSD_Text.dll
2010-10-11 04:13 - 2010-10-11 04:13 - 00087040 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_MouseDeviceManager.dll
2010-11-24 03:11 - 2010-11-24 03:11 - 02535936 _____ () C:\Program Files (x86)\MOUSE Editor\Data\MouseEditor\Forms\ScreenCapture\ScreenCapture.dll
2010-12-02 14:01 - 2010-12-02 14:01 - 00994304 _____ () C:\Program Files (x86)\MOUSE Editor\Data\MouseEditor\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll
2010-09-20 08:18 - 2010-09-20 08:18 - 00085504 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_ZoomControl.dll
2010-09-20 08:18 - 2010-09-20 08:18 - 00054272 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_ScrollbarControl.dll
2010-09-20 08:19 - 2010-09-20 08:19 - 00062976 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_AnalyzeGesturesInRight.dll
2010-11-01 14:16 - 2010-11-01 14:16 - 00062976 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_AnalyzeGesturesInOne.dll
2010-09-20 08:18 - 2010-09-20 08:18 - 00117760 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_Wheel4D.dll
2014-02-04 15:01 - 2013-03-12 21:48 - 01411072 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
2014-02-04 15:01 - 2013-04-02 12:34 - 00193024 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
2014-02-04 15:01 - 2013-04-02 12:34 - 00297472 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJRtl.dll
2009-08-18 09:31 - 2009-08-18 09:31 - 00163840 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-02-22 00:32 - 2014-02-22 00:32 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-02-22 00:32 - 2014-02-22 00:32 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-02-22 00:32 - 2014-02-22 00:32 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-02-22 00:32 - 2014-02-22 00:32 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00124928 _____ () C:\Program Files (x86)\Raptr\_elementtree.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2012-02-06 22:28 - 2012-02-06 22:28 - 00031744 _____ () C:\Program Files (x86)\Raptr\Crypto.Cipher.AES.pyd
2012-02-06 22:28 - 2012-02-06 22:28 - 00010752 _____ () C:\Program Files (x86)\Raptr\Crypto.Random.OSRNG.winrandom.pyd
2012-02-06 22:28 - 2012-02-06 22:28 - 00011264 _____ () C:\Program Files (x86)\Raptr\Crypto.Util._counter.pyd
2011-05-10 21:01 - 2011-05-10 21:01 - 00030208 _____ () C:\Program Files (x86)\Raptr\simplejson._speedups.pyd
2014-02-22 00:32 - 2014-02-22 00:32 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00016384 _____ () C:\Program Files (x86)\Raptr\win32trace.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2013-11-21 02:05 - 2013-11-21 02:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2014-04-29 14:38 - 2014-04-29 14:38 - 16351920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2012-10-27 09:53 - 2012-10-27 09:53 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 01:06 - 2010-11-23 01:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2013-10-17 11:45 - 2013-09-04 07:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-03-19 00:55 - 2014-03-19 00:55 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: HKCU => C:\Windows\windows 7\server.exe
MSCONFIG\startupreg: MessengerPlusForSkypeService => "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"

==================== Faulty Device Manager Devices =============

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/07/2014 07:53:57 PM) (Source: .NET Runtime) (User: ) (EventID: 1022)
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 6976. Meldungs-ID: [0x2509].

Error: (05/07/2014 07:50:17 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.3.0, Zeitstempel: 0x00000004
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00036fa6
ID des fehlerhaften Prozesses: 0x4fc
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (05/07/2014 07:49:48 PM) (Source: .NET Runtime) (User: ) (EventID: 1022)
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 6680. Meldungs-ID: [0x2509].

Error: (05/07/2014 06:54:36 PM) (Source: SideBySide) (User: ) (EventID: 63)
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (05/07/2014 06:42:54 PM) (Source: .NET Runtime) (User: ) (EventID: 1022)
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 1536. Meldungs-ID: [0x2509].

Error: (05/07/2014 06:40:38 PM) (Source: .NET Runtime) (User: ) (EventID: 1022)
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 1456. Meldungs-ID: [0x2509].

Error: (05/07/2014 06:14:46 PM) (Source: .NET Runtime) (User: ) (EventID: 1022)
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 1064. Meldungs-ID: [0x2509].

Error: (05/07/2014 01:03:11 PM) (Source: .NET Runtime) (User: ) (EventID: 1022)
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 2336. Meldungs-ID: [0x2509].

Error: (05/02/2014 08:08:07 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: mwlshellext.dll, Version: 3.1.72.0, Zeitstempel: 0x4a7b0f60
Ausnahmecode: 0xc000041d
Fehleroffset: 0x000000000000438d
ID des fehlerhaften Prozesses: 0x1f48
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3

Error: (05/02/2014 08:08:03 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: mwlshellext.dll, Version: 3.1.72.0, Zeitstempel: 0x4a7b0f60
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000438d
ID des fehlerhaften Prozesses: 0x1f48
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3


System errors:
=============
Error: (05/07/2014 08:25:22 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT) (EventID: 10000)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (05/07/2014 00:59:44 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT) (EventID: 10000)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (05/05/2014 05:13:57 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT) (EventID: 10000)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (05/02/2014 02:19:45 PM) (Source: Service Control Manager) (User: ) (EventID: 7034)
Description: Dienst "MSISuperIO_CC" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/02/2014 02:19:20 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT) (EventID: 10000)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (05/01/2014 08:36:51 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT) (EventID: 10000)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (04/30/2014 07:36:40 PM) (Source: DCOM) (User: ) (EventID: 10010)
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

Error: (04/30/2014 05:44:17 PM) (Source: Service Control Manager) (User: ) (EventID: 7034)
Description: Dienst "MSISuperIO_CC" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/30/2014 05:43:34 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT) (EventID: 10000)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (04/30/2014 09:35:18 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT) (EventID: 10000)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126


Microsoft Office Sessions:
=========================
Error: (09/09/2013 10:11:08 AM) (Source: Microsoft Office 12 Sessions) (User: ) (EventID: 7001)
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 15%
Total physical RAM: 16328.07 MB
Available physical RAM: 13817.56 MB
Total Pagefile: 32654.33 MB
Available Pagefile: 29266.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:689.04 GB) (Free:260.91 GB) NTFS
Drive d: (DATA) (Fixed) (Total:689.57 GB) (Free:689.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: B2B05A62)
Partition 1: (Not Active) - (Size=19 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=689 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=690 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 07.05.2014, 20:50   #2
schrauber
/// the machine
/// TB-Ausbilder
 

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Standard

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?



hi,

Revo Uninstaller - Download - Filepony
Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION

Mit Revo auch Moderat die Reste entfernen lassen.



Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 08.05.2014, 09:59   #3
bender84
 
winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Standard

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?



und wie gehts das bei dem Programm?

zb die datei


Task: {08C660F4-40F6-407B-8DF7-E5AB94248F11} - System32\Tasks\task4999894 => C:\Users\bender90\AppData\Local\Temp\cgs8h1.exe <==== ATTENTION

finde ich garnicht auf meinen rechner

habe heute mal geschaut...also weder antivir noch spybot noch Systemwiederherstellung noch Windows Defender lassen sich starten.Das heißt wohl der Virus blockt die Programme.Aus dem Taskmanager brauch man ihn garnicht löschen er startet dann neu.

Gibt es noch irgendein anderes Programm wie man den ohne Windows Neuaufsetzen entfernen kann?

TDSSKiller Log


Code:
ATTFilter
09:55:10.0213 0x15b8  TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
09:55:14.0919 0x15b8  ============================================================
09:55:14.0920 0x15b8  Current date / time: 2014/05/08 09:55:14.0919
09:55:14.0920 0x15b8  SystemInfo:
09:55:14.0920 0x15b8  
09:55:14.0920 0x15b8  OS Version: 6.1.7601 ServicePack: 1.0
09:55:14.0920 0x15b8  Product type: Workstation
09:55:14.0920 0x15b8  ComputerName: SVEN
09:55:14.0920 0x15b8  UserName: bender90
09:55:14.0920 0x15b8  Windows directory: C:\Windows
09:55:14.0920 0x15b8  System windows directory: C:\Windows
09:55:14.0920 0x15b8  Running under WOW64
09:55:14.0920 0x15b8  Processor architecture: Intel x64
09:55:14.0920 0x15b8  Number of processors: 8
09:55:14.0920 0x15b8  Page size: 0x1000
09:55:14.0920 0x15b8  Boot type: Normal boot
09:55:14.0920 0x15b8  ============================================================
09:55:20.0267 0x15b8  KLMD registered as C:\Windows\system32\drivers\04793012.sys
09:55:20.0324 0x15b8  System UUID: {92DE4E6C-AD9F-E64D-3DA8-F38E17A756AD}
09:55:20.0648 0x15b8  Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:55:20.0660 0x15b8  ============================================================
09:55:20.0660 0x15b8  \Device\Harddisk0\DR0:
09:55:20.0660 0x15b8  MBR partitions:
09:55:20.0660 0x15b8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x251C800, BlocksNum 0x32000
09:55:20.0660 0x15b8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x254E800, BlocksNum 0x56214000
09:55:20.0660 0x15b8  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x58762800, BlocksNum 0x56324800
09:55:20.0660 0x15b8  ============================================================
09:55:20.0680 0x15b8  C: <-> \Device\Harddisk0\DR0\Partition2
09:55:20.0728 0x15b8  D: <-> \Device\Harddisk0\DR0\Partition3
09:55:20.0728 0x15b8  ============================================================
09:55:20.0728 0x15b8  Initialize success
09:55:20.0728 0x15b8  ============================================================
09:56:22.0822 0x0b60  ============================================================
09:56:22.0822 0x0b60  Scan started
09:56:22.0822 0x0b60  Mode: Manual; SigCheck; TDLFS; 
09:56:22.0822 0x0b60  ============================================================
09:56:22.0822 0x0b60  KSN ping started
09:56:36.0466 0x0b60  KSN ping finished: true
09:56:37.0671 0x0b60  ================ Scan system memory ========================
09:56:37.0671 0x0b60  System memory - ok
09:56:37.0671 0x0b60  ================ Scan services =============================
09:56:37.0839 0x0b60  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
09:56:37.0908 0x0b60  1394ohci - ok
09:56:37.0933 0x0b60  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
09:56:37.0943 0x0b60  ACPI - ok
09:56:38.0002 0x0b60  [ 2EA3EB3E69B6480AB112E876F3096312, 4A22343D8F261BE90F7287318EAC5B187F49D1C375174E4B526A0F3A27CD8346 ] AcpiCtlDrv      C:\Windows\system32\DRIVERS\AcpiCtlDrv.sys
09:56:38.0009 0x0b60  AcpiCtlDrv - ok
09:56:38.0033 0x0b60  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
09:56:38.0072 0x0b60  AcpiPmi - ok
09:56:38.0273 0x0b60  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:56:38.0279 0x0b60  AdobeARMservice - ok
09:56:38.0405 0x0b60  [ 7C7E868E1D8096ED08D80FF7712BB9D8, EB4438F3CC377728173E018A763F0D0A8D5BBA4A289F554036D06B24030D2D62 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:56:38.0412 0x0b60  AdobeFlashPlayerUpdateSvc - ok
09:56:38.0441 0x0b60  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
09:56:38.0455 0x0b60  adp94xx - ok
09:56:38.0485 0x0b60  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
09:56:38.0496 0x0b60  adpahci - ok
09:56:38.0537 0x0b60  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
09:56:38.0545 0x0b60  adpu320 - ok
09:56:38.0574 0x0b60  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:56:38.0662 0x0b60  AeLookupSvc - ok
09:56:38.0739 0x0b60  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
09:56:38.0815 0x0b60  AFD - ok
09:56:38.0868 0x0b60  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
09:56:38.0874 0x0b60  agp440 - ok
09:56:38.0892 0x0b60  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
09:56:38.0933 0x0b60  ALG - ok
09:56:38.0978 0x0b60  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
09:56:38.0982 0x0b60  aliide - ok
09:56:39.0013 0x0b60  [ 66B54471B5856E314947881E28263A6D, 2D60706B52A2CE98FF806337D62CD010C1DEB2AEDDF899C7B67173928B2D7C4C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
09:56:39.0061 0x0b60  AMD External Events Utility - ok
09:56:39.0064 0x0b60  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
09:56:39.0069 0x0b60  amdide - ok
09:56:39.0101 0x0b60  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
09:56:39.0144 0x0b60  AmdK8 - ok
09:56:39.0643 0x0b60  [ FBB35875FEFE53D4280259842069ED72, B1A1B5799A6C50C244182CD201A1E9FCB7BE3B5ED4BB2E2E6BCF8E1BF53B75DB ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
09:56:39.0890 0x0b60  amdkmdag - ok
09:56:39.0954 0x0b60  [ A32BCAD9377E3B75D034CAFBA463A0AE, F504895D9C9CD1B4607806BCAF15A1CBFBAC2E5824903277A1350C9F35045602 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
09:56:39.0981 0x0b60  amdkmdap - ok
09:56:40.0007 0x0b60  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
09:56:40.0042 0x0b60  AmdPPM - ok
09:56:40.0118 0x0b60  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
09:56:40.0125 0x0b60  amdsata - ok
09:56:40.0157 0x0b60  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
09:56:40.0165 0x0b60  amdsbs - ok
09:56:40.0174 0x0b60  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
09:56:40.0178 0x0b60  amdxata - ok
09:56:40.0260 0x0b60  [ 4D282B9C5BB05DF92C9F3977DFB9F916, E6D49ED0D5FA26F2936FC97A0F1DFA38D1066AAF2EEFCE2931AF21B2CBE54CAD ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
09:56:40.0311 0x0b60  AntiVirSchedulerService - ok
09:56:40.0364 0x0b60  [ 65AF41A7A2C5B6693E1B4164E7632C3E, BA1DC45D7BB5307BD418D2BDFDBD1DD593439245A0A3F65FE6287F6F5198B999 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
09:56:40.0372 0x0b60  AntiVirService - ok
09:56:40.0417 0x0b60  [ 3D15C6EDBF84D792ACEBD2289546DBAF, 8E9199028CF4599CE362836CAD4DEC1E033F10335377280A4268E14D0201B1EB ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
09:56:40.0440 0x0b60  AntiVirWebService - ok
09:56:40.0490 0x0b60  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
09:56:40.0619 0x0b60  AppID - ok
09:56:40.0640 0x0b60  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
09:56:40.0678 0x0b60  AppIDSvc - ok
09:56:40.0707 0x0b60  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
09:56:40.0741 0x0b60  Appinfo - ok
09:56:40.0774 0x0b60  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
09:56:40.0781 0x0b60  arc - ok
09:56:40.0789 0x0b60  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
09:56:40.0796 0x0b60  arcsas - ok
09:56:41.0057 0x0b60  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:56:41.0112 0x0b60  aspnet_state - ok
09:56:41.0138 0x0b60  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:56:41.0181 0x0b60  AsyncMac - ok
09:56:41.0233 0x0b60  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
09:56:41.0237 0x0b60  atapi - ok
09:56:41.0321 0x0b60  [ C22D4905DDDF73EB0349D3B0604234A2, F86220290663FA95F3D8181D41F9D105634A62D50856BCEB174B9675F8DD7669 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
09:56:41.0365 0x0b60  AtiHDAudioService - ok
09:56:41.0391 0x0b60  [ 38467FF83C2B4265D51F418812A91E3C, 93F3C16E3B97EDBE7315CC9B9008D2B77D658EBFF14ECB184D521373E0B193D0 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
09:56:41.0398 0x0b60  AtiHdmiService - ok
09:56:41.0467 0x0b60  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:56:41.0524 0x0b60  AudioEndpointBuilder - ok
09:56:41.0538 0x0b60  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
09:56:41.0565 0x0b60  AudioSrv - ok
09:56:41.0622 0x0b60  [ 7806BFCD1D7FA5EC23F7324D4EAFD25B, 4EDFD9DE520728AF6578BED0054ED6A4976A7F020F3329EA6681D6E361D9DB2D ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
09:56:41.0628 0x0b60  avgntflt - ok
09:56:41.0691 0x0b60  [ C3A58DBD18786C338126D30BF8C33D72, 4DF4D37AB5139548C2DA4B4C8D6B933A7F4ED001BCA089EFBC8C57EEDE8785A6 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
09:56:41.0698 0x0b60  avipbb - ok
09:56:41.0722 0x0b60  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
09:56:41.0727 0x0b60  avkmgr - ok
09:56:41.0766 0x0b60  [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject        C:\Windows\system32\drivers\avmeject.sys
09:56:41.0771 0x0b60  avmeject - ok
09:56:41.0822 0x0b60  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
09:56:41.0884 0x0b60  AxInstSV - ok
09:56:41.0922 0x0b60  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
09:56:41.0964 0x0b60  b06bdrv - ok
09:56:41.0993 0x0b60  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
09:56:42.0014 0x0b60  b57nd60a - ok
09:56:42.0052 0x0b60  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
09:56:42.0140 0x0b60  BDESVC - ok
09:56:42.0148 0x0b60  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
09:56:42.0187 0x0b60  Beep - ok
09:56:42.0278 0x0b60  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
09:56:42.0342 0x0b60  BFE - ok
09:56:42.0404 0x0b60  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
09:56:42.0455 0x0b60  BITS - ok
09:56:42.0482 0x0b60  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
09:56:42.0500 0x0b60  blbdrive - ok
09:56:42.0535 0x0b60  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:56:42.0570 0x0b60  bowser - ok
09:56:42.0585 0x0b60  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:56:42.0652 0x0b60  BrFiltLo - ok
09:56:42.0663 0x0b60  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:56:42.0671 0x0b60  BrFiltUp - ok
09:56:42.0717 0x0b60  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
09:56:42.0738 0x0b60  Browser - ok
09:56:42.0760 0x0b60  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
09:56:42.0798 0x0b60  Brserid - ok
09:56:42.0805 0x0b60  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
09:56:42.0823 0x0b60  BrSerWdm - ok
09:56:42.0833 0x0b60  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
09:56:42.0865 0x0b60  BrUsbMdm - ok
09:56:42.0876 0x0b60  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
09:56:42.0882 0x0b60  BrUsbSer - ok
09:56:42.0891 0x0b60  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
09:56:42.0914 0x0b60  BTHMODEM - ok
09:56:42.0951 0x0b60  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
09:56:42.0999 0x0b60  bthserv - ok
09:56:43.0015 0x0b60  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:56:43.0034 0x0b60  cdfs - ok
09:56:43.0079 0x0b60  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
09:56:43.0120 0x0b60  cdrom - ok
09:56:43.0172 0x0b60  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
09:56:43.0192 0x0b60  CertPropSvc - ok
09:56:43.0203 0x0b60  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
09:56:43.0211 0x0b60  circlass - ok
09:56:43.0233 0x0b60  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
09:56:43.0244 0x0b60  CLFS - ok
09:56:43.0289 0x0b60  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:56:43.0296 0x0b60  clr_optimization_v2.0.50727_32 - ok
09:56:43.0319 0x0b60  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:56:43.0328 0x0b60  clr_optimization_v2.0.50727_64 - ok
09:56:43.0405 0x0b60  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:56:43.0467 0x0b60  clr_optimization_v4.0.30319_32 - ok
09:56:43.0500 0x0b60  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:56:43.0510 0x0b60  clr_optimization_v4.0.30319_64 - ok
09:56:43.0557 0x0b60  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
09:56:43.0578 0x0b60  CmBatt - ok
09:56:43.0623 0x0b60  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
09:56:43.0628 0x0b60  cmdide - ok
09:56:43.0805 0x0b60  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
09:56:43.0839 0x0b60  CNG - ok
09:56:43.0844 0x0b60  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
09:56:43.0849 0x0b60  Compbatt - ok
09:56:43.0898 0x0b60  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
09:56:43.0937 0x0b60  CompositeBus - ok
09:56:43.0954 0x0b60  COMSysApp - ok
09:56:43.0962 0x0b60  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
09:56:43.0968 0x0b60  crcdisk - ok
09:56:44.0007 0x0b60  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:56:44.0045 0x0b60  CryptSvc - ok
09:56:44.0413 0x0b60  [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
09:56:44.0457 0x0b60  cvhsvc - ok
09:56:44.0514 0x0b60  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:56:44.0555 0x0b60  DcomLaunch - ok
09:56:44.0587 0x0b60  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
09:56:44.0625 0x0b60  defragsvc - ok
09:56:44.0668 0x0b60  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:56:44.0701 0x0b60  DfsC - ok
09:56:44.0768 0x0b60  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
09:56:44.0775 0x0b60  dg_ssudbus - ok
09:56:44.0799 0x0b60  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
09:56:44.0840 0x0b60  Dhcp - ok
09:56:44.0871 0x0b60  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
09:56:44.0889 0x0b60  discache - ok
09:56:44.0919 0x0b60  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
09:56:44.0925 0x0b60  Disk - ok
09:56:44.0954 0x0b60  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:56:44.0980 0x0b60  Dnscache - ok
09:56:45.0029 0x0b60  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
09:56:45.0052 0x0b60  dot3svc - ok
09:56:45.0105 0x0b60  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
09:56:45.0142 0x0b60  DPS - ok
09:56:45.0218 0x0b60  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:56:45.0260 0x0b60  drmkaud - ok
09:56:45.0317 0x0b60  [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
09:56:45.0324 0x0b60  dtsoftbus01 - ok
09:56:45.0444 0x0b60  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:56:45.0462 0x0b60  DXGKrnl - ok
09:56:45.0503 0x0b60  [ 761B9EDD97A021AA1922501B7A056635, 5F2BD5B086B3E0E3B11237152E0F3CE6D1CC0F927EC72808D59C4CCC9187A6D0 ] e1yexpress      C:\Windows\system32\DRIVERS\e1y62x64.sys
09:56:45.0515 0x0b60  e1yexpress - ok
09:56:45.0538 0x0b60  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
09:56:45.0558 0x0b60  EapHost - ok
09:56:45.0646 0x0b60  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
09:56:45.0781 0x0b60  ebdrv - ok
09:56:45.0830 0x0b60  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
09:56:45.0863 0x0b60  EFS - ok
09:56:45.0938 0x0b60  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
09:56:45.0984 0x0b60  ehRecvr - ok
09:56:46.0005 0x0b60  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
09:56:46.0038 0x0b60  ehSched - ok
09:56:46.0078 0x0b60  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
09:56:46.0092 0x0b60  elxstor - ok
09:56:46.0128 0x0b60  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
09:56:46.0166 0x0b60  ErrDev - ok
09:56:46.0205 0x0b60  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
09:56:46.0242 0x0b60  EventSystem - ok
09:56:46.0262 0x0b60  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
09:56:46.0284 0x0b60  exfat - ok
09:56:46.0297 0x0b60  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:56:46.0331 0x0b60  fastfat - ok
09:56:46.0382 0x0b60  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
09:56:46.0417 0x0b60  Fax - ok
09:56:46.0430 0x0b60  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
09:56:46.0437 0x0b60  fdc - ok
09:56:46.0446 0x0b60  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
09:56:46.0475 0x0b60  fdPHost - ok
09:56:46.0488 0x0b60  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:56:46.0510 0x0b60  FDResPub - ok
09:56:46.0524 0x0b60  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:56:46.0530 0x0b60  FileInfo - ok
09:56:46.0538 0x0b60  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:56:46.0572 0x0b60  Filetrace - ok
09:56:46.0587 0x0b60  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
09:56:46.0594 0x0b60  flpydisk - ok
09:56:46.0642 0x0b60  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:56:46.0652 0x0b60  FltMgr - ok
09:56:46.0799 0x0b60  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
09:56:46.0853 0x0b60  FontCache - ok
09:56:46.0917 0x0b60  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:56:46.0923 0x0b60  FontCache3.0.0.0 - ok
09:56:46.0935 0x0b60  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
09:56:46.0941 0x0b60  FsDepends - ok
09:56:46.0978 0x0b60  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:56:46.0983 0x0b60  Fs_Rec - ok
09:56:47.0042 0x0b60  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
09:56:47.0053 0x0b60  fvevol - ok
09:56:47.0108 0x0b60  [ 444534CBA693DD23C1CC589681E01656, DF8ED7FFA66E0A88EBB58A491A177D8CEB35B08B0911D7A1F4B8865755DC27CE ] FWLANUSB        C:\Windows\system32\DRIVERS\fwlanusb.sys
09:56:47.0148 0x0b60  FWLANUSB - ok
09:56:47.0164 0x0b60  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
09:56:47.0171 0x0b60  gagp30kx - ok
09:56:47.0184 0x0b60  [ 7508FCFB8D93556213F530DFFAEDEC45, F43214963DC9B6F11FDFE772CBF4C6388868A31178D24D22309ED9AC2695D3FD ] GearAspiWDM     C:\Windows\system32\drivers\GEARAspiWDM.sys
09:56:47.0188 0x0b60  GearAspiWDM - ok
09:56:47.0253 0x0b60  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
09:56:47.0294 0x0b60  gpsvc - ok
09:56:47.0381 0x0b60  [ 816FD5A6F3C2F3D600900096632FC60E, D92401C4B56663F8A12B6390562608A125713408B00266C53844129679E48E9C ] Greg_Service    C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
09:56:47.0400 0x0b60  Greg_Service - ok
09:56:47.0522 0x0b60  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:56:47.0527 0x0b60  gupdate - ok
09:56:47.0542 0x0b60  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:56:47.0547 0x0b60  gupdatem - ok
09:56:47.0612 0x0b60  [ 98405343D7DCD330FE1B08C8F4C3900C, 31D086E2A7B9209A6CEAAFF1E2B4371C11C5455267138E4F2D43FC758BB6165B ] HCW85BDA        C:\Windows\system32\drivers\HCW85BDA.sys
09:56:47.0690 0x0b60  HCW85BDA - ok
09:56:47.0704 0x0b60  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
09:56:47.0757 0x0b60  hcw85cir - ok
09:56:47.0830 0x0b60  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:56:47.0863 0x0b60  HdAudAddService - ok
09:56:47.0893 0x0b60  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
09:56:47.0913 0x0b60  HDAudBus - ok
09:56:47.0929 0x0b60  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
09:56:47.0946 0x0b60  HidBatt - ok
09:56:47.0963 0x0b60  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
09:56:47.0983 0x0b60  HidBth - ok
09:56:47.0996 0x0b60  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
09:56:48.0013 0x0b60  HidIr - ok
09:56:48.0039 0x0b60  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
09:56:48.0073 0x0b60  hidserv - ok
09:56:48.0121 0x0b60  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
09:56:48.0134 0x0b60  HidUsb - ok
09:56:48.0181 0x0b60  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:56:48.0203 0x0b60  hkmsvc - ok
09:56:48.0264 0x0b60  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:56:48.0287 0x0b60  HomeGroupListener - ok
09:56:48.0326 0x0b60  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:56:48.0349 0x0b60  HomeGroupProvider - ok
09:56:48.0392 0x0b60  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
09:56:48.0398 0x0b60  HpSAMD - ok
09:56:48.0463 0x0b60  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:56:48.0505 0x0b60  HTTP - ok
09:56:48.0540 0x0b60  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
09:56:48.0545 0x0b60  hwpolicy - ok
09:56:48.0570 0x0b60  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
09:56:48.0577 0x0b60  i8042prt - ok
09:56:48.0636 0x0b60  [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
09:56:48.0644 0x0b60  IAANTMON - ok
09:56:48.0681 0x0b60  [ 1D004CB1DA6323B1F55CAEF7F94B61D9, 8FFFB429BA46938724BBB87AB9B3EC77EA17C4B893BABDBDD38309F02963D405 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
09:56:48.0692 0x0b60  iaStor - ok
09:56:48.0711 0x0b60  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
09:56:48.0723 0x0b60  iaStorV - ok
09:56:48.0780 0x0b60  [ D9A9FFC89F61CAD4AD9EF31FBB17E634, F81184889B30DA8947F22A9C9ED5C542295ED70F0A1C27D1C91BAC21F4BCD987 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
09:56:48.0787 0x0b60  ICCS - ok
09:56:48.0853 0x0b60  [ 55004F2386405B28471E09C2373ED0E0, 4B706A725EC17650CCFE0D0D944FC187B4C943D8241B847F2B8C65A3A1145885 ] ICCWDT          C:\Windows\system32\DRIVERS\ICCWDT.sys
09:56:48.0858 0x0b60  ICCWDT - ok
09:56:48.0902 0x0b60  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
09:56:48.0916 0x0b60  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
09:56:51.0636 0x0b60  Detect skipped due to KSN trusted
09:56:51.0636 0x0b60  IDriverT - ok
09:56:51.0728 0x0b60  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:56:51.0749 0x0b60  idsvc - ok
09:56:51.0789 0x0b60  IEEtwCollectorService - ok
09:56:52.0213 0x0b60  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
09:56:52.0382 0x0b60  igfx - ok
09:56:52.0405 0x0b60  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
09:56:52.0410 0x0b60  iirsp - ok
09:56:52.0469 0x0b60  [ 39F3C7E218CE9118106D166F09AE1352, B78ADFC87AACF868D62A7FB0971B8786C1315A9B4D34D3E3159AD3F24D78AD62 ] ikbevent        C:\Windows\system32\DRIVERS\ikbevent.sys
09:56:52.0473 0x0b60  ikbevent - ok
09:56:52.0628 0x0b60  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
09:56:52.0682 0x0b60  IKEEXT - ok
09:56:52.0705 0x0b60  [ 404906005D768E48BF16218B420249C7, 78409A077F244FCAC806180384C240F3BB1FF7ECF02EDB5E5D3188F458AB23D1 ] imsevent        C:\Windows\system32\DRIVERS\imsevent.sys
09:56:52.0710 0x0b60  imsevent - ok
09:56:52.0731 0x0b60  [ 3F2BB021CB280880F8C1B7A6FEF9B447, CEC0BF9D6C9CF6E6A9F9B4E656BD47208AC977EDDC11C1C3BCD07EB50BABC017 ] INETMON         C:\Windows\System32\Drivers\INETMON.sys
09:56:52.0736 0x0b60  INETMON - ok
09:56:52.0857 0x0b60  [ E9740A3BC0AE6EA035FF7ECE3A1B27B6, 4CA3E094B0057E143955DE5D41C3344688B6D2C4FFC0417235FF46312B600F99 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:56:52.0908 0x0b60  IntcAzAudAddService - ok
09:56:53.0161 0x0b60  [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
09:56:53.0204 0x0b60  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
09:56:55.0869 0x0b60  Detect skipped due to KSN trusted
09:56:55.0869 0x0b60  Intel(R) Capability Licensing Service Interface - ok
09:56:56.0039 0x0b60  [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
09:56:56.0115 0x0b60  Intel(R) Capability Licensing Service TCP IP Interface - ok
09:56:56.0175 0x0b60  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
09:56:56.0192 0x0b60  intelide - ok
09:56:56.0228 0x0b60  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
09:56:56.0257 0x0b60  intelppm - ok
09:56:56.0350 0x0b60  [ 94E0CB0750C3E09E34257A4BEA582EED, BE6B3F1AEA73AADFCF36BB950D1F6DE1D988280114483615A92DDA1A74D72F76 ] iocbios2        C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys
09:56:56.0368 0x0b60  iocbios2 - ok
09:56:56.0397 0x0b60  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
09:56:56.0432 0x0b60  IPBusEnum - ok
09:56:56.0470 0x0b60  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:56:56.0531 0x0b60  IpFilterDriver - ok
09:56:56.0567 0x0b60  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:56:56.0616 0x0b60  iphlpsvc - ok
09:56:56.0659 0x0b60  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
09:56:56.0680 0x0b60  IPMIDRV - ok
09:56:56.0697 0x0b60  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
09:56:56.0751 0x0b60  IPNAT - ok
09:56:56.0770 0x0b60  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:56:56.0822 0x0b60  IRENUM - ok
09:56:56.0837 0x0b60  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:56:56.0847 0x0b60  isapnp - ok
09:56:56.0864 0x0b60  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
09:56:56.0876 0x0b60  iScsiPrt - ok
09:56:56.0919 0x0b60  [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT            C:\Windows\system32\DRIVERS\ISCTD64.sys
09:56:56.0937 0x0b60  ISCT - ok
09:56:56.0997 0x0b60  [ 5215D12B13FC2BC7717AA4884846D34F, B97B8FFC6FB212398BF772C08B318411EA70B683B816906F30EF35DEB5B1C130 ] ISCTAgent       C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
09:56:57.0015 0x0b60  ISCTAgent - ok
09:56:57.0063 0x0b60  [ 78D369F8A81A341109FBA1DB64B4C512, E584F693255CCBF7006E7D35984149CF599BB0849A8F02EFDD6223DF0D606049 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
09:56:57.0081 0x0b60  iusb3hcs - ok
09:56:57.0103 0x0b60  [ 5B632ABA038CE2E2D5D2D1115C6B26D1, 605A8FFA704E4369CF9D17DF8630DC9E196B8920D47F1CC5151759E60B234C1F ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
09:56:57.0120 0x0b60  iusb3hub - ok
09:56:57.0246 0x0b60  [ EA841584EF59528D11F20355770E427E, 515737761BB2A0A233F4AD141E28D93E3B9789320A15B7D5FB3DB5AC3CD8E249 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
09:56:57.0272 0x0b60  iusb3xhc - ok
09:56:57.0359 0x0b60  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
09:56:57.0385 0x0b60  jhi_service - ok
09:56:57.0402 0x0b60  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
09:56:57.0411 0x0b60  kbdclass - ok
09:56:57.0474 0x0b60  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
09:56:57.0494 0x0b60  kbdhid - ok
09:56:57.0508 0x0b60  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
09:56:57.0518 0x0b60  KeyIso - ok
09:56:57.0576 0x0b60  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:56:57.0600 0x0b60  KSecDD - ok
09:56:57.0611 0x0b60  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
09:56:57.0622 0x0b60  KSecPkg - ok
09:56:57.0641 0x0b60  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
09:56:57.0678 0x0b60  ksthunk - ok
09:56:57.0715 0x0b60  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:56:57.0751 0x0b60  KtmRm - ok
09:56:57.0815 0x0b60  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
09:56:57.0893 0x0b60  LanmanServer - ok
09:56:57.0948 0x0b60  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:56:58.0010 0x0b60  LanmanWorkstation - ok
09:56:58.0080 0x0b60  [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
09:56:58.0108 0x0b60  LGBusEnum - ok
09:56:58.0158 0x0b60  [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
09:56:58.0173 0x0b60  LGVirHid - ok
09:56:58.0204 0x0b60  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:56:58.0255 0x0b60  lltdio - ok
09:56:58.0283 0x0b60  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:56:58.0322 0x0b60  lltdsvc - ok
09:56:58.0345 0x0b60  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:56:58.0365 0x0b60  lmhosts - ok
09:56:58.0450 0x0b60  [ 6A35B295812CE7064CFBCD9F254169CF, 561DD131FED6F90686D8C031B45B87B6D065C7E0C8804AEFCDE239725AAEE43E ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:56:58.0474 0x0b60  LMS - ok
09:56:58.0510 0x0b60  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
09:56:58.0520 0x0b60  LSI_FC - ok
09:56:58.0535 0x0b60  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
09:56:58.0545 0x0b60  LSI_SAS - ok
09:56:58.0567 0x0b60  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:56:58.0576 0x0b60  LSI_SAS2 - ok
09:56:58.0583 0x0b60  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:56:58.0594 0x0b60  LSI_SCSI - ok
09:56:58.0607 0x0b60  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
09:56:58.0648 0x0b60  luafv - ok
09:56:58.0720 0x0b60  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
09:56:58.0751 0x0b60  Mcx2Svc - ok
09:56:58.0779 0x0b60  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
09:56:58.0796 0x0b60  megasas - ok
09:56:58.0817 0x0b60  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
09:56:58.0831 0x0b60  MegaSR - ok
09:56:58.0846 0x0b60  [ 926C135CFB0C75B32FB714B5C0C58FAA, AF627CD125794B69D450D298D5608D357F2C91FB89EBFAA0DA2A0F07C6A304A8 ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
09:56:58.0855 0x0b60  MEIx64 - ok
09:56:58.0865 0x0b60  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
09:56:58.0904 0x0b60  MMCSS - ok
09:56:58.0938 0x0b60  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
09:56:58.0957 0x0b60  Modem - ok
09:56:58.0979 0x0b60  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:56:59.0005 0x0b60  monitor - ok
09:56:59.0088 0x0b60  [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
09:56:59.0102 0x0b60  MotioninJoyXFilter - ok
09:56:59.0116 0x0b60  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:56:59.0122 0x0b60  mouclass - ok
09:56:59.0131 0x0b60  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
09:56:59.0140 0x0b60  mouhid - ok
09:56:59.0182 0x0b60  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
09:56:59.0209 0x0b60  mountmgr - ok
09:56:59.0293 0x0b60  [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:56:59.0314 0x0b60  MozillaMaintenance - ok
09:56:59.0354 0x0b60  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
09:56:59.0370 0x0b60  mpio - ok
09:56:59.0419 0x0b60  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:56:59.0465 0x0b60  mpsdrv - ok
09:56:59.0611 0x0b60  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:56:59.0681 0x0b60  MpsSvc - ok
09:56:59.0723 0x0b60  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:56:59.0780 0x0b60  MRxDAV - ok
09:56:59.0807 0x0b60  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:56:59.0862 0x0b60  mrxsmb - ok
09:56:59.0921 0x0b60  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:56:59.0940 0x0b60  mrxsmb10 - ok
09:56:59.0958 0x0b60  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:56:59.0988 0x0b60  mrxsmb20 - ok
09:57:00.0035 0x0b60  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
09:57:00.0056 0x0b60  msahci - ok
09:57:00.0086 0x0b60  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
09:57:00.0098 0x0b60  msdsm - ok
09:57:00.0115 0x0b60  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
09:57:00.0154 0x0b60  MSDTC - ok
09:57:00.0187 0x0b60  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:57:00.0212 0x0b60  Msfs - ok
09:57:00.0370 0x0b60  [ A67125BDB2C0120E459FE77F0078E2B3, 8576ACDBAACC6DA3284B8BBBCEED4B18B689EB2875E0BB674EEF00FFBAE5548E ] MsgPlusService  C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
09:57:00.0385 0x0b60  MsgPlusService - detected UnsignedFile.Multi.Generic ( 1 )
09:57:03.0135 0x0b60  Detect skipped due to KSN trusted
09:57:03.0135 0x0b60  MsgPlusService - ok
09:57:03.0168 0x0b60  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
09:57:03.0206 0x0b60  mshidkmdf - ok
09:57:03.0684 0x0b60  [ 9CEBDD8D9E37156A567D33AC97899219, 9A08F7D65C6E1F5B44DBDE66406815597D921D697FAF2013FAB0FAA5572FF6A2 ] MSIBIOSData_CC  C:\Program Files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe
09:57:03.0781 0x0b60  MSIBIOSData_CC - detected UnsignedFile.Multi.Generic ( 1 )
09:57:06.0426 0x0b60  Detect skipped due to KSN trusted
09:57:06.0426 0x0b60  MSIBIOSData_CC - ok
09:57:06.0499 0x0b60  [ CF9F2C29EBD7611B2FA8B703D5FC79D6, 05DF592BE0FA7369CCB5F4628B994949C53BE113DE2052EE85A83FAAA6E59282 ] MSIClock_CC     C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe
09:57:06.0518 0x0b60  MSIClock_CC - detected UnsignedFile.Multi.Generic ( 1 )
09:57:09.0396 0x0b60  MSIClock_CC ( UnsignedFile.Multi.Generic ) - warning
09:57:09.0396 0x0b60  Force sending object to P2P due to detect: C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe
09:57:12.0145 0x0b60  Object send P2P result: true
09:57:14.0913 0x0b60  [ CE903E18B2E1B2DB62A461787240429E, 7543C440167B5632F85BFD0A514AC514DF0B452264DC473788F744816ED24161 ] MSICOMM_CC      C:\Program Files (x86)\MSI\CommandCenter\MSICommService.exe
09:57:15.0019 0x0b60  MSICOMM_CC - detected UnsignedFile.Multi.Generic ( 1 )
09:57:17.0654 0x0b60  MSICOMM_CC ( UnsignedFile.Multi.Generic ) - warning
09:57:20.0476 0x0b60  [ 5F19B14DCD0F5DBFEF778F3EA3026A1E, 2FA2B530D7DFCD670327A5A6E7AEA8617CBEE9764695A1DDB53923EEEB08CF80 ] MSICPU_CC       C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe
09:57:20.0684 0x0b60  MSICPU_CC - detected UnsignedFile.Multi.Generic ( 1 )
09:57:23.0413 0x0b60  MSICPU_CC ( UnsignedFile.Multi.Generic ) - warning
09:57:26.0162 0x0b60  [ 4FB55D77B2A96921D0AB7E3DAEE8AD83, 0E363E56A16A7546403541FD6823A03F587D04B7AE09B6FE59157050022A66F2 ] MSICTL_CC       C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe
09:57:26.0241 0x0b60  MSICTL_CC - detected UnsignedFile.Multi.Generic ( 1 )
09:57:28.0879 0x0b60  MSICTL_CC ( UnsignedFile.Multi.Generic ) - warning
09:57:31.0763 0x0b60  [ DEC52680ED6728A3CD5191674B6CC7B4, 94413B41510BD7C7226EA587303EC3320D68847FCDC30A59F48A69EAE387A1B6 ] MSIDDR_CC       C:\Program Files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe
09:57:31.0864 0x0b60  MSIDDR_CC - detected UnsignedFile.Multi.Generic ( 1 )
09:57:34.0596 0x0b60  MSIDDR_CC ( UnsignedFile.Multi.Generic ) - warning
09:57:49.0328 0x0b60  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:57:49.0334 0x0b60  msisadrv - ok
09:57:49.0459 0x0b60  [ C41A29D2EEF3390877558D07D74DB2CE, FB181712DE192F2AADAE1070DA3AA73B7B7602E8B74E0C4EB1D9E13C45AACD3A ] MSISaveLoad_CC  C:\Program Files (x86)\MSI\CommandCenter\MSISaveLoadService.exe
09:57:49.0605 0x0b60  MSISaveLoad_CC - detected UnsignedFile.Multi.Generic ( 1 )
09:57:52.0335 0x0b60  Detect skipped due to KSN trusted
09:57:52.0336 0x0b60  MSISaveLoad_CC - ok
09:57:52.0398 0x0b60  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:57:52.0442 0x0b60  MSiSCSI - ok
09:57:52.0444 0x0b60  msiserver - ok
09:57:52.0495 0x0b60  [ 23D3D2BAF2686E8C25EFD1AD8DDF2E42, DAD5F4055533334D7D242BF2D2BF6FAF26FDDAB1BBACE90D04EE03B334374297 ] MSISMB_CC       C:\Program Files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe
09:57:52.0513 0x0b60  MSISMB_CC - detected UnsignedFile.Multi.Generic ( 1 )
09:57:55.0152 0x0b60  MSISMB_CC ( UnsignedFile.Multi.Generic ) - warning
09:57:57.0881 0x0b60  [ 9025C16F6AE806FB34EB333FF3A31C66, 282CCA3385463F412B28E651E1FFBEB6DF646E32958E95F5F11293DDBE41FEC8 ] MSISuperIO_CC   C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe
09:57:57.0896 0x0b60  MSISuperIO_CC - detected UnsignedFile.Multi.Generic ( 1 )
09:58:00.0557 0x0b60  MSISuperIO_CC ( UnsignedFile.Multi.Generic ) - warning
09:58:03.0276 0x0b60  [ 580CFFAC7E0A0FFB34B4A755653BF31A, A958AD4BF12603D6CA31F12C1C0443176BDC5A614F3653575F7F42AEB079C03F ] MSIWMI_CC       C:\Program Files (x86)\MSI\CommandCenter\MSIWMIService.exe
09:58:03.0283 0x0b60  MSIWMI_CC - detected UnsignedFile.Multi.Generic ( 1 )
09:58:06.0010 0x0b60  Detect skipped due to KSN trusted
09:58:06.0010 0x0b60  MSIWMI_CC - ok
09:58:06.0118 0x0b60  [ C92F541E27885AF79DA641418E74672D, FDC4543A3DA3394DEAB8D8A5FF9298427CF06E8E385294BB8D25216DD1887EBD ] MSI_SuperCharger C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
09:58:06.0127 0x0b60  MSI_SuperCharger - ok
09:58:06.0158 0x0b60  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:58:06.0201 0x0b60  MSKSSRV - ok
09:58:06.0216 0x0b60  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:58:06.0254 0x0b60  MSPCLOCK - ok
09:58:06.0266 0x0b60  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:58:06.0306 0x0b60  MSPQM - ok
09:58:06.0356 0x0b60  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:58:06.0371 0x0b60  MsRPC - ok
09:58:06.0383 0x0b60  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
09:58:06.0390 0x0b60  mssmbios - ok
09:58:06.0400 0x0b60  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:58:06.0428 0x0b60  MSTEE - ok
09:58:06.0441 0x0b60  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
09:58:06.0450 0x0b60  MTConfig - ok
09:58:06.0466 0x0b60  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
09:58:06.0474 0x0b60  Mup - ok
09:58:06.0502 0x0b60  [ 6FFECC25B39DC7652A0CEC0ADA9DB589, 927EF066CBBA8353149F8C3B7C4299AC06FED439DA874D25CFB583E5912611A2 ] mwlPSDFilter    C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
09:58:06.0507 0x0b60  mwlPSDFilter - ok
09:58:06.0517 0x0b60  [ 0BEFE32CA56D6EE89D58175725596A85, E36B9E6159AF7F67D549F7178896CCCB8FC3964531B1DA20CBDD465E632D8FCF ] mwlPSDNServ     C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
09:58:06.0522 0x0b60  mwlPSDNServ - ok
09:58:06.0529 0x0b60  [ D43BC633B8660463E446E28E14A51262, C55F235B5E08FAC6D70B0FAC737D714E318A93F8E43FF8095B86A76559AF211D ] mwlPSDVDisk     C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
09:58:06.0535 0x0b60  mwlPSDVDisk - ok
09:58:06.0585 0x0b60  [ 0F5FAAC852DB4C340B7A2F187E3358B8, 859A077C03AA244918F3E7BF7A63BD422C1C085EEDEE2C25FE4BC068E5D72484 ] MWLService      C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
09:58:06.0595 0x0b60  MWLService - ok
09:58:06.0638 0x0b60  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
09:58:06.0690 0x0b60  napagent - ok
09:58:06.0735 0x0b60  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:58:06.0767 0x0b60  NativeWifiP - ok
09:58:06.0835 0x0b60  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:58:06.0860 0x0b60  NDIS - ok
09:58:06.0884 0x0b60  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
09:58:06.0923 0x0b60  NdisCap - ok
09:58:06.0941 0x0b60  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:58:06.0979 0x0b60  NdisTapi - ok
09:58:07.0043 0x0b60  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:58:07.0072 0x0b60  Ndisuio - ok
09:58:07.0127 0x0b60  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:58:07.0174 0x0b60  NdisWan - ok
09:58:07.0224 0x0b60  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:58:07.0265 0x0b60  NDProxy - ok
09:58:07.0347 0x0b60  [ B90E093E7A7250906F1054418B5339C0, F9A0BAC5B4B29F14B5CACA1047F8928A495EFD56E485492BF71C856B296476D6 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
09:58:07.0381 0x0b60  Nero BackItUp Scheduler 4.0 - ok
09:58:07.0398 0x0b60  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:58:07.0443 0x0b60  NetBIOS - ok
09:58:07.0492 0x0b60  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
09:58:07.0536 0x0b60  NetBT - ok
09:58:07.0575 0x0b60  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
09:58:07.0582 0x0b60  Netlogon - ok
09:58:07.0651 0x0b60  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
09:58:07.0703 0x0b60  Netman - ok
09:58:07.0806 0x0b60  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:58:07.0817 0x0b60  NetMsmqActivator - ok
09:58:07.0833 0x0b60  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:58:07.0843 0x0b60  NetPipeActivator - ok
09:58:07.0866 0x0b60  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
09:58:07.0913 0x0b60  netprofm - ok
09:58:07.0919 0x0b60  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:58:07.0929 0x0b60  NetTcpActivator - ok
09:58:07.0935 0x0b60  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:58:07.0945 0x0b60  NetTcpPortSharing - ok
09:58:07.0988 0x0b60  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
09:58:07.0995 0x0b60  nfrd960 - ok
09:58:08.0009 0x0b60  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:58:08.0041 0x0b60  NlaSvc - ok
09:58:08.0068 0x0b60  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:58:08.0096 0x0b60  Npfs - ok
09:58:08.0138 0x0b60  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
09:58:08.0178 0x0b60  nsi - ok
09:58:08.0222 0x0b60  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:58:08.0265 0x0b60  nsiproxy - ok
09:58:08.0351 0x0b60  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:58:08.0415 0x0b60  Ntfs - ok
09:58:08.0460 0x0b60  [ BD691091AC7D9713D8F0B07C6B099E6C, 4A69ED227CCBBCB76F78078CEE42506A875759FFB519CB9C40173EF8ACD6D6D2 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
09:58:08.0466 0x0b60  NTI IScheduleSvc - ok
09:58:08.0477 0x0b60  [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
09:58:08.0482 0x0b60  NTIDrvr - ok
09:58:08.0536 0x0b60  [ 23CF3DA010497EB2BF39A5C5A57E437C, 39CFDE7D401EFCE4F550E0A9461F5FC4D71FA07235E1336E4F0B4882BD76550E ] NTIOLib_1_0_3   C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys
09:58:08.0541 0x0b60  NTIOLib_1_0_3 - ok
09:58:08.0614 0x0b60  [ 1B32C54B95121AB1683C7B83B2DB4B96, 99F4994A0E5BD1BF6E3F637D3225C69FF4CD620557E23637533E7F18D7D6CBA1 ] NTIOLib_1_0_4   C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys
09:58:08.0621 0x0b60  NTIOLib_1_0_4 - ok
09:58:08.0638 0x0b60  NTIOLib_1_0_C - ok
09:58:08.0663 0x0b60  NTIOLib_1_1_S - ok
09:58:08.0671 0x0b60  NTIOLib_FastBoot - ok
09:58:08.0682 0x0b60  [ 95E4C7B0384DA89DCE8EA6F31C3613D9, CF4B5FA853CE809F1924DF3A3AE3C4E191878C4EA5248D8785DC7E51807A512B ] NTIOLib_MSIClock_CC C:\Program Files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys
09:58:08.0688 0x0b60  NTIOLib_MSIClock_CC - ok
09:58:08.0696 0x0b60  [ A711E6AB17802FABF2E69E0CD57C54CD, A9706E320179993DADE519A83061477ACE195DAA1B788662825484813001F526 ] NTIOLib_MSICOMM_CC C:\Program Files (x86)\MSI\CommandCenter\NTIOLib_X64.sys
09:58:08.0702 0x0b60  NTIOLib_MSICOMM_CC - ok
09:58:08.0744 0x0b60  [ E9A30EDEF1105B8A64218F892B2E56ED, E83908EBA2501A00EF9E74E7D1C8B4FF1279F1CD6051707FD51824F87E4378FA ] NTIOLib_MSICPU_CC C:\Program Files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys
09:58:08.0750 0x0b60  NTIOLib_MSICPU_CC - ok
09:58:08.0765 0x0b60  [ 6CCE5BB9C8C2A8293DF2D3B1897941A2, 9254F012009D55F555418FF85F7D93B184AB7CB0E37AECDFDAB62CFE94DEA96B ] NTIOLib_MSIDDR_CC C:\Program Files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys
09:58:08.0770 0x0b60  NTIOLib_MSIDDR_CC - ok
09:58:08.0783 0x0b60  [ 68DDE686D6999AD2E5D182B20403240B, 591BD5E92DFA0117B3DAA29750E73E2DB25BAA717C31217539D30FFB1F7F3A52 ] NTIOLib_MSIRatio_CC C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys
09:58:08.0788 0x0b60  NTIOLib_MSIRatio_CC - ok
09:58:08.0801 0x0b60  [ 3DBF69F935EA48571EA6B0F5A2878896, E005E8D183E853A27AD3BB56F25489F369C11B0D47E3D4095AAD9291B3343BF1 ] NTIOLib_MSISMB_CC C:\Program Files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys
09:58:08.0806 0x0b60  NTIOLib_MSISMB_CC - ok
09:58:08.0834 0x0b60  [ DD04CD3DE0C19BEDE84E9C95A86B3CA8, CD4A249C3EF65AF285D0F8F30A8A96E83688486AAB515836318A2559757A89BB ] NTIOLib_MSISuperIO_CC C:\Program Files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys
09:58:08.0839 0x0b60  NTIOLib_MSISuperIO_CC - ok
09:58:08.0841 0x0b60  NTIOLib_SuiteComCen - ok
09:58:08.0843 0x0b60  NTIOLib_SuiteFB - ok
09:58:08.0847 0x0b60  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
09:58:08.0888 0x0b60  Null - ok
09:58:08.0947 0x0b60  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:58:08.0957 0x0b60  nvraid - ok
09:58:08.0974 0x0b60  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:58:08.0984 0x0b60  nvstor - ok
09:58:09.0005 0x0b60  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:58:09.0016 0x0b60  nv_agp - ok
09:58:09.0073 0x0b60  [ 1F0E05DFF4F5A833168E49BE1256F002, A858267572033C185293B0FD15B2BFDA679D0771A14C0ADF24461B529DBAD8DF ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:58:09.0089 0x0b60  odserv - ok
09:58:09.0150 0x0b60  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
09:58:09.0159 0x0b60  ohci1394 - ok
09:58:09.0462 0x0b60  [ 3BE73D3CACA24068D015E47AE78B08B4, F417A8BC939435405C7B064FECE6B2A1E3FD6783F5E2EE09142253AEC135B68B ] OnlineStorageService C:\Program Files\Trend Micro SafeSync\hrfscore.exe
09:58:09.0696 0x0b60  OnlineStorageService - ok
09:58:09.0742 0x0b60  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:58:09.0750 0x0b60  ose - ok
09:58:09.0924 0x0b60  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:58:10.0086 0x0b60  osppsvc - ok
09:58:10.0128 0x0b60  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
09:58:10.0170 0x0b60  p2pimsvc - ok
09:58:10.0190 0x0b60  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
09:58:10.0210 0x0b60  p2psvc - ok
09:58:10.0233 0x0b60  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
09:58:10.0243 0x0b60  Parport - ok
09:58:10.0286 0x0b60  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:58:10.0295 0x0b60  partmgr - ok
09:58:10.0309 0x0b60  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:58:10.0335 0x0b60  PcaSvc - ok
09:58:10.0407 0x0b60  PCDSRVC{1368CD8C-499695F1-06020101}_0 - ok
09:58:10.0409 0x0b60  PCDSRVC{3368CD8C-528FE905-06020101}_0 - ok
09:58:10.0423 0x0b60  PCDSRVC{A368CD8C-0AEEE3CC-06020101}_0 - ok
09:58:10.0432 0x0b60  PCDSRVC{A368CD8C-62FE955B-06020101}_0 - ok
09:58:10.0435 0x0b60  PCDSRVC{F368CD8C-EEA1AE2B-06020101}_0 - ok
09:58:10.0479 0x0b60  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
09:58:10.0489 0x0b60  pci - ok
09:58:10.0534 0x0b60  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
09:58:10.0541 0x0b60  pciide - ok
09:58:10.0554 0x0b60  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
09:58:10.0566 0x0b60  pcmcia - ok
09:58:10.0577 0x0b60  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
09:58:10.0584 0x0b60  pcw - ok
09:58:10.0610 0x0b60  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:58:10.0667 0x0b60  PEAUTH - ok
09:58:10.0730 0x0b60  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
09:58:10.0751 0x0b60  PerfHost - ok
09:58:10.0825 0x0b60  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
09:58:10.0911 0x0b60  pla - ok
09:58:10.0955 0x0b60  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:58:10.0991 0x0b60  PlugPlay - ok
09:58:11.0020 0x0b60  PnkBstrA - ok
09:58:11.0027 0x0b60  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
09:58:11.0049 0x0b60  PNRPAutoReg - ok
09:58:11.0078 0x0b60  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
09:58:11.0093 0x0b60  PNRPsvc - ok
09:58:11.0129 0x0b60  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:58:11.0182 0x0b60  PolicyAgent - ok
09:58:11.0220 0x0b60  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
09:58:11.0265 0x0b60  Power - ok
09:58:11.0323 0x0b60  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:58:11.0353 0x0b60  PptpMiniport - ok
09:58:11.0378 0x0b60  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
09:58:11.0399 0x0b60  Processor - ok
09:58:11.0446 0x0b60  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
09:58:11.0485 0x0b60  ProfSvc - ok
09:58:11.0531 0x0b60  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
09:58:11.0538 0x0b60  ProtectedStorage - ok
09:58:11.0590 0x0b60  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
09:58:11.0628 0x0b60  Psched - ok
09:58:11.0687 0x0b60  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
09:58:11.0742 0x0b60  ql2300 - ok
09:58:11.0755 0x0b60  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
09:58:11.0764 0x0b60  ql40xx - ok
09:58:11.0788 0x0b60  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
09:58:11.0821 0x0b60  QWAVE - ok
09:58:11.0838 0x0b60  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:58:11.0859 0x0b60  QWAVEdrv - ok
09:58:11.0873 0x0b60  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:58:11.0902 0x0b60  RasAcd - ok
09:58:11.0933 0x0b60  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
09:58:11.0961 0x0b60  RasAgileVpn - ok
09:58:11.0975 0x0b60  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
09:58:12.0016 0x0b60  RasAuto - ok
09:58:12.0045 0x0b60  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:58:12.0086 0x0b60  Rasl2tp - ok
09:58:12.0119 0x0b60  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
09:58:12.0164 0x0b60  RasMan - ok
09:58:12.0186 0x0b60  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:58:12.0216 0x0b60  RasPppoe - ok
09:58:12.0230 0x0b60  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:58:12.0260 0x0b60  RasSstp - ok
09:58:12.0276 0x0b60  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:58:12.0348 0x0b60  rdbss - ok
09:58:12.0367 0x0b60  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
09:58:12.0378 0x0b60  rdpbus - ok
09:58:12.0396 0x0b60  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:58:12.0423 0x0b60  RDPCDD - ok
09:58:12.0429 0x0b60  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:58:12.0470 0x0b60  RDPENCDD - ok
09:58:12.0492 0x0b60  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
09:58:12.0519 0x0b60  RDPREFMP - ok
09:58:12.0579 0x0b60  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:58:12.0621 0x0b60  RdpVideoMiniport - ok
09:58:12.0674 0x0b60  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:58:12.0697 0x0b60  RDPWD - ok
09:58:12.0747 0x0b60  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
09:58:12.0759 0x0b60  rdyboost - ok
09:58:12.0788 0x0b60  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:58:12.0826 0x0b60  RemoteAccess - ok
09:58:12.0852 0x0b60  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:58:12.0895 0x0b60  RemoteRegistry - ok
09:58:12.0917 0x0b60  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
09:58:12.0965 0x0b60  RpcEptMapper - ok
09:58:12.0979 0x0b60  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
09:58:13.0002 0x0b60  RpcLocator - ok
09:58:13.0057 0x0b60  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
09:58:13.0097 0x0b60  RpcSs - ok
09:58:13.0109 0x0b60  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:58:13.0138 0x0b60  rspndr - ok
09:58:13.0166 0x0b60  [ 68DD0457D18FCCEF7384AE84022F0C86, 82C02EDB30D4FA1145AB1818F9FCE0B73FEB1B94C138B5513794F25FAC85F2CC ] RTL8023x64      C:\Windows\system32\DRIVERS\Rtnic64.sys
09:58:13.0175 0x0b60  RTL8023x64 - ok
09:58:13.0222 0x0b60  [ 130DD683DCC902F47A4AC35201D07E2F, A1E7082D93C170CF5855007B26F96E8F8183B15126D34A9DB16CBF190BD8EF53 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
09:58:13.0244 0x0b60  RTL8167 - ok
09:58:13.0318 0x0b60  [ 7461D3DA1AABB5F703504E958455A900, B77D36E095A476A8191C1771539F20529F82CACF3C945BF55D64C39EEF09D0EA ] RTL8192cu       C:\Windows\system32\DRIVERS\RTL8192cu.sys
09:58:13.0341 0x0b60  RTL8192cu - ok
09:58:13.0354 0x0b60  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
09:58:13.0362 0x0b60  SamSs - ok
09:58:13.0414 0x0b60  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:58:13.0423 0x0b60  sbp2port - ok
09:58:13.0437 0x0b60  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:58:13.0481 0x0b60  SCardSvr - ok
09:58:13.0530 0x0b60  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
09:58:13.0557 0x0b60  scfilter - ok
09:58:13.0589 0x0b60  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
09:58:13.0656 0x0b60  Schedule - ok
09:58:13.0695 0x0b60  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:58:13.0723 0x0b60  SCPolicySvc - ok
09:58:13.0767 0x0b60  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:58:13.0799 0x0b60  SDRSVC - ok
09:58:13.0821 0x0b60  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:58:13.0861 0x0b60  secdrv - ok
09:58:13.0910 0x0b60  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
09:58:13.0938 0x0b60  seclogon - ok
09:58:13.0950 0x0b60  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
09:58:13.0999 0x0b60  SENS - ok
09:58:14.0015 0x0b60  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
09:58:14.0031 0x0b60  SensrSvc - ok
09:58:14.0043 0x0b60  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
09:58:14.0051 0x0b60  Serenum - ok
09:58:14.0072 0x0b60  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
09:58:14.0084 0x0b60  Serial - ok
09:58:14.0116 0x0b60  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
09:58:14.0124 0x0b60  sermouse - ok
09:58:14.0166 0x0b60  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
09:58:14.0214 0x0b60  SessionEnv - ok
09:58:14.0255 0x0b60  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
09:58:14.0276 0x0b60  sffdisk - ok
09:58:14.0287 0x0b60  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:58:14.0306 0x0b60  sffp_mmc - ok
09:58:14.0322 0x0b60  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
09:58:14.0343 0x0b60  sffp_sd - ok
09:58:14.0358 0x0b60  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
09:58:14.0366 0x0b60  sfloppy - ok
09:58:14.0445 0x0b60  [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
09:58:14.0467 0x0b60  Sftfs - ok
09:58:14.0529 0x0b60  [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
09:58:14.0546 0x0b60  sftlist - ok
09:58:14.0577 0x0b60  [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
09:58:14.0588 0x0b60  Sftplay - ok
09:58:14.0602 0x0b60  [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
09:58:14.0609 0x0b60  Sftredir - ok
09:58:14.0612 0x0b60  [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
09:58:14.0619 0x0b60  Sftvol - ok
09:58:14.0625 0x0b60  [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
09:58:14.0635 0x0b60  sftvsa - ok
09:58:14.0667 0x0b60  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:58:14.0716 0x0b60  SharedAccess - ok
09:58:14.0752 0x0b60  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:58:14.0789 0x0b60  ShellHWDetection - ok
09:58:14.0800 0x0b60  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:58:14.0808 0x0b60  SiSRaid2 - ok
09:58:14.0822 0x0b60  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
09:58:14.0830 0x0b60  SiSRaid4 - ok
09:58:14.0854 0x0b60  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:58:14.0899 0x0b60  Smb - ok
09:58:14.0934 0x0b60  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:58:14.0958 0x0b60  SNMPTRAP - ok
09:58:14.0978 0x0b60  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
09:58:14.0985 0x0b60  spldr - ok
09:58:15.0049 0x0b60  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
09:58:15.0077 0x0b60  Spooler - ok
09:58:15.0213 0x0b60  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
09:58:15.0376 0x0b60  sppsvc - ok
09:58:15.0391 0x0b60  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
09:58:15.0436 0x0b60  sppuinotify - ok
09:58:15.0477 0x0b60  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:58:15.0519 0x0b60  srv - ok
09:58:15.0536 0x0b60  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:58:15.0568 0x0b60  srv2 - ok
09:58:15.0597 0x0b60  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:58:15.0621 0x0b60  srvnet - ok
09:58:15.0645 0x0b60  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:58:15.0692 0x0b60  SSDPSRV - ok
09:58:15.0706 0x0b60  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:58:15.0736 0x0b60  SstpSvc - ok
09:58:15.0798 0x0b60  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
09:58:15.0809 0x0b60  ssudmdm - ok
09:58:15.0945 0x0b60  [ 706080AD43599D4AB04F1676A3A62CC1, BD9A645163501E2234CAB2B99DB297A634526786D2CDC55FE1C18F5019623E34 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
09:58:16.0075 0x0b60  Steam Client Service - ok
09:58:16.0093 0x0b60  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
09:58:16.0102 0x0b60  stexstor - ok
09:58:16.0167 0x0b60  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
09:58:16.0205 0x0b60  stisvc - ok
09:58:16.0250 0x0b60  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
09:58:16.0257 0x0b60  swenum - ok
09:58:16.0288 0x0b60  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
09:58:16.0341 0x0b60  swprv - ok
09:58:16.0423 0x0b60  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
09:58:16.0514 0x0b60  SysMain - ok
09:58:16.0562 0x0b60  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:58:16.0577 0x0b60  TabletInputService - ok
09:58:16.0644 0x0b60  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
09:58:16.0652 0x0b60  tap0901 - ok
09:58:16.0681 0x0b60  [ DABC1C08AD2CD6578A1B49C38366110A, D1D4D5ACF2A4847F6E3F35B10658F01E1BA3901436E00BFF09F4871BBC5AFBEB ] tap0901_openvpn_accl C:\Windows\system32\DRIVERS\tap0901_openvpn_accl.sys
09:58:16.0690 0x0b60  tap0901_openvpn_accl - ok
09:58:16.0753 0x0b60  [ BD06799129D17F9BE08E2F6C168BBCF0, B115A49B14E241B4CE03274878A7ACFA9004603A08BD265BD7F75424E5FBB8F4 ] taphss6         C:\Windows\system32\DRIVERS\taphss6.sys
09:58:16.0760 0x0b60  taphss6 - ok
09:58:16.0805 0x0b60  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:58:16.0849 0x0b60  TapiSrv - ok
09:58:16.0875 0x0b60  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
09:58:16.0904 0x0b60  TBS - ok
09:58:16.0999 0x0b60  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:58:17.0065 0x0b60  Tcpip - ok
09:58:17.0124 0x0b60  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
09:58:17.0169 0x0b60  TCPIP6 - ok
09:58:17.0211 0x0b60  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:58:17.0239 0x0b60  tcpipreg - ok
09:58:17.0271 0x0b60  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:58:17.0308 0x0b60  TDPIPE - ok
09:58:17.0348 0x0b60  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:58:17.0367 0x0b60  TDTCP - ok
09:58:17.0409 0x0b60  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:58:17.0454 0x0b60  tdx - ok
09:58:17.0507 0x0b60  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
09:58:17.0515 0x0b60  TermDD - ok
09:58:17.0547 0x0b60  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
09:58:17.0597 0x0b60  TermService - ok
09:58:17.0601 0x0b60  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
09:58:17.0622 0x0b60  Themes - ok
09:58:17.0645 0x0b60  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
09:58:17.0674 0x0b60  THREADORDER - ok
09:58:17.0714 0x0b60  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
09:58:17.0763 0x0b60  TrkWks - ok
09:58:17.0841 0x0b60  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:58:17.0882 0x0b60  TrustedInstaller - ok
09:58:17.0922 0x0b60  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:58:17.0940 0x0b60  tssecsrv - ok
09:58:18.0001 0x0b60  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
09:58:18.0016 0x0b60  TsUsbFlt - ok
09:58:18.0085 0x0b60  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:58:18.0116 0x0b60  tunnel - ok
09:58:18.0136 0x0b60  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
09:58:18.0144 0x0b60  uagp35 - ok
09:58:18.0168 0x0b60  [ 2E22C1FD397A5A9FFEF55E9D1FC96C00, 4646712B3F3AF6188DBCE1A95D92261E8B15E9583FE5DD538EC884F48B51759D ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
09:58:18.0174 0x0b60  UBHelper - ok
09:58:18.0195 0x0b60  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:58:18.0231 0x0b60  udfs - ok
09:58:18.0246 0x0b60  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:58:18.0256 0x0b60  UI0Detect - ok
09:58:18.0279 0x0b60  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:58:18.0288 0x0b60  uliagpkx - ok
09:58:18.0324 0x0b60  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
09:58:18.0333 0x0b60  umbus - ok
09:58:18.0352 0x0b60  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
09:58:18.0377 0x0b60  UmPass - ok
09:58:18.0438 0x0b60  [ 70DDE3A86DBEB1D6C3C30AD687B1877A, 2DAE797240DB8F521F1C9D1171524790052E186B060D58A1B102FBFFC80CE48E ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
09:58:18.0448 0x0b60  Updater Service - ok
09:58:18.0467 0x0b60  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
09:58:18.0504 0x0b60  upnphost - ok
09:58:18.0557 0x0b60  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
09:58:18.0582 0x0b60  usbaudio - ok
09:58:18.0620 0x0b60  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
09:58:18.0640 0x0b60  usbccgp - ok
09:58:18.0692 0x0b60  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:58:18.0714 0x0b60  usbcir - ok
09:58:18.0756 0x0b60  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
09:58:18.0777 0x0b60  usbehci - ok
09:58:18.0838 0x0b60  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:58:18.0870 0x0b60  usbhub - ok
09:58:18.0909 0x0b60  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
09:58:18.0923 0x0b60  usbohci - ok
09:58:18.0943 0x0b60  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
09:58:18.0968 0x0b60  usbprint - ok
09:58:18.0993 0x0b60  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
09:58:19.0041 0x0b60  usbscan - ok
09:58:19.0101 0x0b60  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:58:19.0160 0x0b60  USBSTOR - ok
09:58:19.0200 0x0b60  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
09:58:19.0207 0x0b60  usbuhci - ok
09:58:19.0229 0x0b60  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
09:58:19.0258 0x0b60  UxSms - ok
09:58:19.0268 0x0b60  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
09:58:19.0276 0x0b60  VaultSvc - ok
09:58:19.0302 0x0b60  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
09:58:19.0309 0x0b60  vdrvroot - ok
09:58:19.0370 0x0b60  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
09:58:19.0421 0x0b60  vds - ok
09:58:19.0440 0x0b60  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:58:19.0451 0x0b60  vga - ok
09:58:19.0463 0x0b60  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:58:19.0492 0x0b60  VgaSave - ok
09:58:19.0537 0x0b60  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
09:58:19.0549 0x0b60  vhdmp - ok
09:58:19.0591 0x0b60  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
09:58:19.0599 0x0b60  viaide - ok
09:58:19.0613 0x0b60  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:58:19.0622 0x0b60  volmgr - ok
09:58:19.0679 0x0b60  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:58:19.0695 0x0b60  volmgrx - ok
09:58:19.0707 0x0b60  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:58:19.0727 0x0b60  volsnap - ok
09:58:19.0755 0x0b60  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
09:58:19.0765 0x0b60  vsmraid - ok
09:58:19.0839 0x0b60  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
09:58:19.0942 0x0b60  VSS - ok
09:58:19.0955 0x0b60  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
09:58:19.0966 0x0b60  vwifibus - ok
09:58:19.0992 0x0b60  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] VWiFiFlt        C:\Windows\system32\DRIVERS\vwififlt.sys
09:58:20.0005 0x0b60  VWiFiFlt - ok
09:58:20.0029 0x0b60  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
09:58:20.0042 0x0b60  vwifimp - ok
09:58:20.0073 0x0b60  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
09:58:20.0123 0x0b60  W32Time - ok
09:58:20.0141 0x0b60  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
09:58:20.0165 0x0b60  WacomPen - ok
09:58:20.0201 0x0b60  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
09:58:20.0245 0x0b60  WANARP - ok
09:58:20.0271 0x0b60  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:58:20.0300 0x0b60  Wanarpv6 - ok
09:58:20.0377 0x0b60  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
09:58:20.0458 0x0b60  wbengine - ok
09:58:20.0475 0x0b60  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
09:58:20.0493 0x0b60  WbioSrvc - ok
09:58:20.0512 0x0b60  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:58:20.0534 0x0b60  wcncsvc - ok
09:58:20.0551 0x0b60  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:58:20.0567 0x0b60  WcsPlugInService - ok
09:58:20.0575 0x0b60  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
09:58:20.0582 0x0b60  Wd - ok
09:58:20.0653 0x0b60  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:58:20.0679 0x0b60  Wdf01000 - ok
09:58:20.0696 0x0b60  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:58:20.0774 0x0b60  WdiServiceHost - ok
09:58:20.0778 0x0b60  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:58:20.0792 0x0b60  WdiSystemHost - ok
09:58:20.0833 0x0b60  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
09:58:20.0848 0x0b60  WebClient - ok
09:58:20.0865 0x0b60  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:58:20.0915 0x0b60  Wecsvc - ok
09:58:20.0941 0x0b60  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:58:20.0988 0x0b60  wercplsupport - ok
09:58:21.0032 0x0b60  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
09:58:21.0067 0x0b60  WerSvc - ok
09:58:21.0085 0x0b60  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
09:58:21.0112 0x0b60  WfpLwf - ok
09:58:21.0126 0x0b60  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
09:58:21.0134 0x0b60  WIMMount - ok
09:58:21.0151 0x0b60  WinDefend - ok
09:58:21.0165 0x0b60  WinHttpAutoProxySvc - ok
09:58:21.0203 0x0b60  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:58:21.0246 0x0b60  Winmgmt - ok
09:58:21.0332 0x0b60  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
09:58:21.0442 0x0b60  WinRM - ok
09:58:21.0498 0x0b60  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
09:58:21.0523 0x0b60  WinUsb - ok
09:58:21.0569 0x0b60  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:58:21.0605 0x0b60  Wlansvc - ok
09:58:21.0754 0x0b60  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:58:21.0824 0x0b60  wlidsvc - ok
09:58:21.0893 0x0b60  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
09:58:21.0902 0x0b60  WmiAcpi - ok
09:58:21.0922 0x0b60  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:58:21.0942 0x0b60  wmiApSrv - ok
09:58:21.0984 0x0b60  WMPNetworkSvc - ok
09:58:21.0992 0x0b60  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:58:22.0004 0x0b60  WPCSvc - ok
09:58:22.0056 0x0b60  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:58:22.0068 0x0b60  WPDBusEnum - ok
09:58:22.0080 0x0b60  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:58:22.0121 0x0b60  ws2ifsl - ok
09:58:22.0142 0x0b60  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
09:58:22.0156 0x0b60  wscsvc - ok
09:58:22.0158 0x0b60  WSearch - ok
09:58:22.0256 0x0b60  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
09:58:22.0338 0x0b60  wuauserv - ok
09:58:22.0385 0x0b60  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:58:22.0421 0x0b60  WudfPf - ok
09:58:22.0449 0x0b60  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
09:58:22.0475 0x0b60  WUDFRd - ok
09:58:22.0499 0x0b60  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:58:22.0531 0x0b60  wudfsvc - ok
09:58:22.0566 0x0b60  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
09:58:22.0603 0x0b60  WwanSvc - ok
09:58:22.0725 0x0b60  [ 2A3D2E1651F3C9FC2E52881E4DF7A758, C2A35B946F7C12D3935D61B365E34D1001609ED8A5FC8A7342A9B5527E4A0DAE ] XTU3SERVICE     C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
09:58:22.0731 0x0b60  XTU3SERVICE - ok
09:58:22.0777 0x0b60  [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
09:58:22.0784 0x0b60  xusb21 - ok
09:58:22.0813 0x0b60  ================ Scan global ===============================
09:58:22.0834 0x0b60  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
09:58:22.0880 0x0b60  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
09:58:22.0890 0x0b60  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
09:58:22.0917 0x0b60  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
09:58:22.0945 0x0b60  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
09:58:22.0952 0x0b60  [ Global ] - ok
09:58:22.0952 0x0b60  ================ Scan MBR ==================================
09:58:22.0968 0x0b60  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:58:23.0293 0x0b60  \Device\Harddisk0\DR0 - ok
09:58:23.0294 0x0b60  ================ Scan VBR ==================================
09:58:23.0295 0x0b60  [ 8DE6E752D201132C18847F4FD88AF637 ] \Device\Harddisk0\DR0\Partition1
09:58:23.0352 0x0b60  \Device\Harddisk0\DR0\Partition1 - ok
09:58:23.0354 0x0b60  [ 2BD7CE0C4D90B0A11ADBEFC7DE1472C8 ] \Device\Harddisk0\DR0\Partition2
09:58:23.0421 0x0b60  \Device\Harddisk0\DR0\Partition2 - ok
09:58:23.0423 0x0b60  [ EED955E951A545922282D71A8DCD097D ] \Device\Harddisk0\DR0\Partition3
09:58:23.0424 0x0b60  \Device\Harddisk0\DR0\Partition3 - ok
09:58:23.0424 0x0b60  Waiting for KSN requests completion. In queue: 239
09:58:24.0424 0x0b60  Waiting for KSN requests completion. In queue: 239
09:58:25.0424 0x0b60  Waiting for KSN requests completion. In queue: 239
09:58:26.0430 0x0b60  AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.3.336 ), 0x40000 ( disabled : updated )
09:58:26.0432 0x0b60  Win FW state via NFP2: enabled
09:58:29.0096 0x0b60  ============================================================
09:58:29.0096 0x0b60  Scan finished
09:58:29.0096 0x0b60  ============================================================
09:58:29.0101 0x02d8  Detected object count: 7
09:58:29.0101 0x02d8  Actual detected object count: 7
09:58:52.0193 0x02d8  MSIClock_CC ( UnsignedFile.Multi.Generic ) - skipped by user
09:58:52.0193 0x02d8  MSIClock_CC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:58:52.0193 0x02d8  MSICOMM_CC ( UnsignedFile.Multi.Generic ) - skipped by user
09:58:52.0193 0x02d8  MSICOMM_CC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:58:52.0194 0x02d8  MSICPU_CC ( UnsignedFile.Multi.Generic ) - skipped by user
09:58:52.0194 0x02d8  MSICPU_CC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:58:52.0195 0x02d8  MSICTL_CC ( UnsignedFile.Multi.Generic ) - skipped by user
09:58:52.0195 0x02d8  MSICTL_CC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:58:52.0195 0x02d8  MSIDDR_CC ( UnsignedFile.Multi.Generic ) - skipped by user
09:58:52.0196 0x02d8  MSIDDR_CC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:58:52.0196 0x02d8  MSISMB_CC ( UnsignedFile.Multi.Generic ) - skipped by user
09:58:52.0196 0x02d8  MSISMB_CC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:58:52.0197 0x02d8  MSISuperIO_CC ( UnsignedFile.Multi.Generic ) - skipped by user
09:58:52.0197 0x02d8  MSISuperIO_CC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:59:03.0820 0x0ac0  Deinitialize success
         
__________________

Alt 08.05.2014, 11:57   #4
bender84
 
winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Standard

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?



Hier noch die Aktuellen Logs von FRST

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-05-2014
Ran by bender90 at 2014-05-08 11:54:55
Running from C:\Users\bender90\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 2 (SP2) (x32 Version:  - Microsoft) Hidden
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.1.6731 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.1.6731 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.2.19 - NewTech Infosystems)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3003 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3005 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0812 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3014 - Acer Incorporated)
ACPI Driver Installer (HKLM-x32\...\553E35CD-0415-41bc-B39A-410375E88534) (Version: 2.1 - Intel Corporation)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.18.0 - Mirillis)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
aerosoft's - German Airports 3 - Berlin-Tegel X (HKLM-x32\...\{3DAD565E-1275-4EE8-9568-932CB7B75FB8}) (Version: 1.00 - aerosoft)
aerosoft's - German Airports 3 - Hamburg X (HKLM-x32\...\{EA6E7823-9E5B-4EDD-9750-C3C87FDF0460}) (Version: 1.00 - aerosoft)
aerosoft's - Mega Airport Frankfurt X (HKLM-x32\...\{BAEE0C24-C8C2-4820-9DF4-887909F1A286}) (Version: 1.01 - aerosoft)
Aerosoft's - MyTraffic 2010 (HKLM-x32\...\{37F50C53-EDED-4FFE-9877-532A335C5C18}) (Version: 6.00 - Aerosoft)
AIDA64 Extreme Edition v2.70 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 2.70 - FinalWire Ltd.)
Airline Tycoon 2 v1.01 (HKLM-x32\...\AirlineTycoon2_is1) (Version:  - Kalypso Media)
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Backup Manager Advance (x32 Version: 2.0.2.19 - NewTech Infosystems) Hidden
Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.4.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.0 - Electronic Arts)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
BrowserCompanion (HKLM-x32\...\BrowserCompanion) (Version:  - ) <==== ATTENTION
Call of Duty (HKLM-x32\...\Call of Duty) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CommandCenter (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.0.29 - MSI)
Company of Heroes - FAKEMSI (x32 Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes (HKLM-x32\...\Company of Heroes) (Version: 2.602.0 - THQ Inc.)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0315 - DT Soft Ltd)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
EA Installer (HKLM-x32\...\EA Installer.-1797597899) (Version: 2.3.0.74 - Electronic Arts, Inc.)
Emergency 4 Deluxe (HKLM-x32\...\{EDA12670-56B5-4459-BA21-D010F0E3EBA1}) (Version: 1.03.001 - )
Emsisoft HiJackFree 4.5 (HKLM-x32\...\Emsisoft HiJackFree_is1) (Version: 4.5 - Emsi Software GmbH)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.0) (Version: 0.70.0 - ESN Social Software AB)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Free YouTube to MP3 Converter version 3.12.2.430 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.2.430 - DVDVideoSoft Ltd.)
FUSSBALL MANAGER 11 (HKLM-x32\...\FUSSBALL MANAGER 11) (Version:  - Electronic Arts)
FUSSBALL MANAGER 12 (HKLM-x32\...\FUSSBALL MANAGER 12) (Version: 1.0.0.3 - Electronic Arts)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version:  - Rockstar North / Toronto)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 1.00.3004 - Acer Incorporated)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3001 - Acer Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.10.1372 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{B1AC3709-3E98-4F2C-A84E-4BCA2A452E64}) (Version: 4.2.40.2418 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version:  - Intel Corporation)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
K-Lite Codec Pack 9.9.5 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.9.5 - )
Live Update 5 (HKLM-x32\...\{36F6E986-D2D1-403C-8BD3-D95EF7BC705D}}_is1) (Version: 5.0.109 - MSI)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.50 (HKLM\...\Logitech Gaming Software) (Version: 8.50.281 - Logitech Inc.)
MAGIX Foto Manager 8 (HKLM-x32\...\MAGIX Foto Manager 8 D) (Version: 6.0.1.471 - MAGIX AG)
MAGIX Fotobuch 3.6 (HKLM-x32\...\MAGIX Fotobuch) (Version: 3.6 - MAGIX AG)
MAGIX Media Suite (HKLM-x32\...\MAGIX Media Suite D) (Version: 1.13.0.112 - MAGIX AG)
MAGIX Online Druck Service 3.4.3.0 (D) (HKLM-x32\...\MAGIX Online Druck Service D) (Version: 3.4.3.0 - MAGIX AG)
MAGIX Ringtone Maker SE (HKLM-x32\...\MAGIX Ringtone Maker SE D) (Version: 3.1.0.5 - MAGIX AG)
MAGIX Screenshare (HKLM-x32\...\MAGIX_{A7E29614-2CEB-42CE-A696-EF640A9777B2}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare (Version: 4.3.6.1987 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{A77C3BFA-A6C7-420B-8786-71BC063DE5C0}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video easy 4 HD (HKLM-x32\...\MAGIX_{0FD91AEB-C9AF-4BE9-8071-61F46B6AFBB8}) (Version: 4.0.0.30 - MAGIX AG)
MAGIX Video easy 4 HD (Version: 4.0.0.30 - MAGIX AG) Hidden
Medal of Honor Allied Assault (HKLM-x32\...\{0DEA94ED-915A-4834-A87E-388D012C8E02}) (Version:  - )
Medal of Honor™ Warfighter (HKLM-x32\...\{1040143F-FEFB-4B90-8E51-E47D40E14C4E}) (Version: 1.0.0.3 - Electronic Arts)
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version:  - Oberon Media)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Flight Simulator X (x32 Version: 10.0.61355.0 - Microsoft Game Studios) Hidden
Microsoft Flight Simulator X Service Pack 1 (x32 Version: 10.0.61355.0 - Microsoft Game Studios) Hidden
Microsoft Flight Simulator X Service Pack 2 (HKLM-x32\...\{E7CC4B85-DC2F-463F-8FEB-E7398E25C19A}) (Version: 10.0.61472.0 - Microsoft Game Studios)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (x32 Version: 3.5.8080.0 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mouse Editor (HKLM-x32\...\InstallShield_{20D0FE9A-816F-4218-9F5E-67B4198052FF}) (Version: 10.12.0003 - Ihr Firmenname)
MOUSE Editor (x32 Version: 10.12.0003 - Ihr Firmenname) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSI Intel Extreme Tuning Utility (HKLM-x32\...\{2301bb34-385a-4a57-877f-c54347957fad}) (Version: 4.0.6.305 - Intel Corporation)
MSI Intel Extreme Tuning Utility (x32 Version: 4.0.6.305 - Intel Corporation) Hidden
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
mufin player (HKLM-x32\...\mufin player D) (Version: 1.0.0.98 - MAGIX AG)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.72.0 - Egis Technology Inc.)
Nero 9 Essentials (HKLM-x32\...\{bd521da1-d38b-47ae-824a-c66007866327}) (Version:  - Nero AG)
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.7.201 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.7.201 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.9.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.7.201 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.8.1 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.11.209 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.1.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.16.0.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.10.505 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 3.0.4 - Vitalwerks Internet Solutions LLC)
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4550 - Electronic Arts, Inc.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PDF24 Creator 5.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6959 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Silent Hunter 5 (HKLM-x32\...\{AC61C594-5F86-4BE9-ABAF-763C6A8E2302}) (Version: 1.0.1 - Ubisoft)
SimCity 4 Deluxe (HKLM-x32\...\{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}) (Version: 1.0.0.0 - Electronic Arts)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 2.0.0.0 - Electronic Arts)
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Star Defender 4 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}) (Version:  - Oberon Media)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.019 - MSI)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
The Movies(TM) (HKLM-x32\...\InstallShield_{0556F885-2415-4666-B53E-33727E46AEA1}) (Version: 1.0 - Activision)
The Movies(TM) (x32 Version: 1.0 - Activision) Hidden
TP-LINK TL-WN821N(C)_TL-WN822N_TL-WN823N Driver (HKLM-x32\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Trend Micro SafeSync (HKLM\...\HFRS_is1) (Version: 5.1.0.1173 - Trend Micro)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
Virtual DJ - Atomix Productions (HKLM-x32\...\Virtual DJ - Atomix Productions) (Version:  - )
VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
vShare.tv plugin 1.3 (HKLM-x32\...\vShare.tv plugin) (Version: 1.3 - vShare.tv, Inc.) <==== ATTENTION
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3005 - Acer Incorporated)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)

==================== Restore Points  =========================

29-04-2014 15:30:03 Geplanter Prüfpunkt
07-05-2014 17:00:11 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 04:34 - 2012-03-29 11:24 - 00001395 _RASH C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
149.5.18.172 www.google-analytics.com.
149.5.18.172 ad-emea.doubleclick.net.
149.5.18.172 www.statcounter.com.
108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.


==================== Scheduled Tasks (whitelisted) =============

Task: {0978D71D-0AB2-40DD-A28B-CA3BE2FAD6F3} - System32\Tasks\{567795F9-9CD9-4ADB-9564-A9E88AA91319} => K:\Autorun.exe
Task: {214A1F64-5C6B-4600-9B0E-8C0481C12BA8} - System32\Tasks\{CF91E79D-D816-4736-8853-808CC6180726} => K:\Autorun.exe
Task: {532D7A68-9123-4150-80D1-E54921F9D1A7} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2009-07-09] (Acer)
Task: {8888669A-595F-4057-8361-3A478208B163} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08] (Google Inc.)
Task: {935C46DF-4BAB-45DA-86D7-DD74D00238AD} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2637058006-716935516-2651843933-1000
Task: {A000A393-F221-4DEC-8F71-D9F238B4B69E} - System32\Tasks\{5504C86C-4880-46BB-8923-076C4F7D04F7} => E:\setup.exe
Task: {A78A3AEE-CDFB-4112-A8F1-3296EC1A722E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08] (Google Inc.)
Task: {B7CD19B0-7DBB-4329-8AC1-DB5B49AC89D5} - System32\Tasks\{C14836D9-D315-46CB-B70E-575644EDFF33} => K:\Autorun.exe
Task: {B91D97E3-8B0F-4685-84B2-4919F0FB573F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29] (Adobe Systems Incorporated)
Task: {D981D123-8BE9-4187-B695-7EC28FCBF6FC} - System32\Tasks\{7BDE3F1D-0DF2-4D63-96D0-4B366F3105CB} => K:\setup.exe
Task: {DEF73EDA-A067-403A-B932-8ABC4C9F85A5} - System32\Tasks\{D04D3D78-1584-46E0-8022-649C499199F8} => C:\Windows\system32\msiexec.exe [2010-11-20] (Microsoft Corporation)
Task: {DF58737F-BD31-4C35-9289-3848093C8DEB} - System32\Tasks\{E05891E5-A95E-4388-88EE-FF062B866EB6} => K:\setup.exe
Task: {FB81D614-B6C1-4988-BEED-37F03B347F2E} - System32\Tasks\{C9409708-8F70-4C68-A71C-D1471CA654EB} => K:\Autorun.exe
Task: {FE7796E8-538D-4BAD-A655-CA149DAF981D} - System32\Tasks\{A188004D-74B8-46D7-A735-FE76C35440F0} => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-08-01 17:31 - 2013-08-01 17:31 - 00198120 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-08-01 17:31 - 2013-08-01 17:31 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-08-01 17:31 - 2013-08-01 17:31 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2013-10-17 11:38 - 2013-08-15 16:28 - 01985536 _____ () C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe
2011-07-28 18:02 - 2013-10-28 23:21 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-05-07 19:55 - 2014-05-03 17:07 - 21158400 __RSH () C:\Program Files (x86)\Windows Manager\winmgr.exe
2013-10-17 11:38 - 2013-09-12 18:20 - 04110336 _____ () C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe
2013-10-17 11:38 - 2013-09-12 16:23 - 00503808 _____ () C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe
2011-08-25 19:33 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2010-12-23 11:00 - 2010-12-23 11:00 - 03344384 _____ () C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe
2014-02-04 15:01 - 2013-04-08 16:29 - 00846848 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
2009-08-18 09:27 - 2009-08-18 09:27 - 00629280 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
2009-02-03 02:33 - 2009-02-03 02:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 02:55 - 2008-09-29 02:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2014-05-08 11:41 - 2014-05-08 11:41 - 00005120 _____ () C:\Windows\TEMP\nsp600A.tmp\LangDLL.dll
2014-01-09 12:02 - 2014-04-22 00:55 - 00340480 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-04-23 10:38 - 2014-04-22 00:55 - 00471552 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2013-03-25 14:23 - 2014-04-01 00:09 - 00754688 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-03-29 11:53 - 2014-04-24 00:01 - 01092288 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-03-26 16:16 - 2014-03-03 21:15 - 20626624 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-12-11 09:51 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-12-11 09:51 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-12-11 09:51 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2010-12-02 11:56 - 2010-12-02 11:56 - 00815104 _____ () C:\Program Files (x86)\MOUSE Editor\Data\MouseEditor\Forms\OSD_Text\OSD_Text.dll
2010-10-11 04:13 - 2010-10-11 04:13 - 00087040 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_MouseDeviceManager.dll
2010-11-24 03:11 - 2010-11-24 03:11 - 02535936 _____ () C:\Program Files (x86)\MOUSE Editor\Data\MouseEditor\Forms\ScreenCapture\ScreenCapture.dll
2010-12-02 14:01 - 2010-12-02 14:01 - 00994304 _____ () C:\Program Files (x86)\MOUSE Editor\Data\MouseEditor\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll
2010-09-20 08:18 - 2010-09-20 08:18 - 00085504 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_ZoomControl.dll
2010-09-20 08:18 - 2010-09-20 08:18 - 00054272 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_ScrollbarControl.dll
2010-09-20 08:19 - 2010-09-20 08:19 - 00062976 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_AnalyzeGesturesInRight.dll
2010-11-01 14:16 - 2010-11-01 14:16 - 00062976 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_AnalyzeGesturesInOne.dll
2010-09-20 08:18 - 2010-09-20 08:18 - 00117760 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_Wheel4D.dll
2014-02-04 15:01 - 2013-03-12 21:48 - 01411072 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
2014-02-04 15:01 - 2013-04-02 12:34 - 00193024 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
2014-02-04 15:01 - 2013-04-02 12:34 - 00297472 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJRtl.dll
2009-08-18 09:31 - 2009-08-18 09:31 - 00163840 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-02-22 00:32 - 2014-02-22 00:32 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-02-22 00:32 - 2014-02-22 00:32 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-02-22 00:32 - 2014-02-22 00:32 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-02-22 00:32 - 2014-02-22 00:32 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00124928 _____ () C:\Program Files (x86)\Raptr\_elementtree.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2012-02-06 22:28 - 2012-02-06 22:28 - 00031744 _____ () C:\Program Files (x86)\Raptr\Crypto.Cipher.AES.pyd
2012-02-06 22:28 - 2012-02-06 22:28 - 00010752 _____ () C:\Program Files (x86)\Raptr\Crypto.Random.OSRNG.winrandom.pyd
2012-02-06 22:28 - 2012-02-06 22:28 - 00011264 _____ () C:\Program Files (x86)\Raptr\Crypto.Util._counter.pyd
2011-05-10 21:01 - 2011-05-10 21:01 - 00030208 _____ () C:\Program Files (x86)\Raptr\simplejson._speedups.pyd
2014-02-22 00:32 - 2014-02-22 00:32 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00016384 _____ () C:\Program Files (x86)\Raptr\win32trace.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2013-11-21 02:05 - 2013-11-21 02:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2014-04-29 14:38 - 2014-04-29 14:38 - 16351920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2012-10-27 09:53 - 2012-10-27 09:53 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 01:06 - 2010-11-23 01:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2013-10-17 11:45 - 2013-09-04 07:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-03-19 00:55 - 2014-03-19 00:55 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: HKCU => C:\Windows\windows 7\server.exe
MSCONFIG\startupreg: MessengerPlusForSkypeService => "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"

==================== Faulty Device Manager Devices =============

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/08/2014 11:28:45 AM) (Source: SideBySide) (User: ) (EventID: 80)
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/08/2014 11:23:06 AM) (Source: SideBySide) (User: ) (EventID: 80)
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/08/2014 11:23:02 AM) (Source: SideBySide) (User: ) (EventID: 80)
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/07/2014 07:53:57 PM) (Source: .NET Runtime) (User: ) (EventID: 1022)
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 6976. Meldungs-ID: [0x2509].

Error: (05/07/2014 07:50:17 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.3.0, Zeitstempel: 0x00000004
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00036fa6
ID des fehlerhaften Prozesses: 0x4fc
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (05/07/2014 07:49:48 PM) (Source: .NET Runtime) (User: ) (EventID: 1022)
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 6680. Meldungs-ID: [0x2509].

Error: (05/07/2014 06:54:36 PM) (Source: SideBySide) (User: ) (EventID: 63)
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (05/07/2014 06:42:54 PM) (Source: .NET Runtime) (User: ) (EventID: 1022)
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 1536. Meldungs-ID: [0x2509].

Error: (05/07/2014 06:40:38 PM) (Source: .NET Runtime) (User: ) (EventID: 1022)
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 1456. Meldungs-ID: [0x2509].

Error: (05/07/2014 06:14:46 PM) (Source: .NET Runtime) (User: ) (EventID: 1022)
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 1064. Meldungs-ID: [0x2509].


System errors:
=============
Error: (05/08/2014 11:41:19 AM) (Source: Service Control Manager) (User: ) (EventID: 7024)
Description: Der Dienst "Avira Echtzeit-Scanner" wurde mit folgendem dienstspezifischem Fehler beendet: %%310.

Error: (05/08/2014 11:40:59 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT) (EventID: 10000)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (05/08/2014 10:41:25 AM) (Source: Service Control Manager) (User: ) (EventID: 7024)
Description: Der Dienst "Avira Echtzeit-Scanner" wurde mit folgendem dienstspezifischem Fehler beendet: %%310.

Error: (05/08/2014 10:41:04 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT) (EventID: 10000)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (05/08/2014 10:33:05 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT) (EventID: 10000)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (05/08/2014 09:50:37 AM) (Source: Service Control Manager) (User: ) (EventID: 7024)
Description: Der Dienst "Avira Echtzeit-Scanner" wurde mit folgendem dienstspezifischem Fehler beendet: %%310.

Error: (05/08/2014 09:50:05 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT) (EventID: 10000)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (05/07/2014 10:02:49 PM) (Source: Service Control Manager) (User: ) (EventID: 7024)
Description: Der Dienst "Avira Echtzeit-Scanner" wurde mit folgendem dienstspezifischem Fehler beendet: %%310.

Error: (05/07/2014 10:02:26 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT) (EventID: 10000)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (05/07/2014 09:46:32 PM) (Source: Service Control Manager) (User: ) (EventID: 7024)
Description: Der Dienst "Avira Echtzeit-Scanner" wurde mit folgendem dienstspezifischem Fehler beendet: %%310.


Microsoft Office Sessions:
=========================
Error: (09/09/2013 10:11:08 AM) (Source: Microsoft Office 12 Sessions) (User: ) (EventID: 7001)
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 17%
Total physical RAM: 16328.07 MB
Available physical RAM: 13536.36 MB
Total Pagefile: 32654.33 MB
Available Pagefile: 29521.24 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:689.04 GB) (Free:261.28 GB) NTFS
Drive d: (DATA) (Fixed) (Total:689.57 GB) (Free:689.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: B2B05A62)
Partition 1: (Not Active) - (Size=19 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=689 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=690 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-05-2014
Ran by bender90 (administrator) on SVEN on 08-05-2014 11:51:37
Running from C:\Users\bender90\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
() C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Mirillis Ltd.) C:\Windows\Temp\MirillisAction!1.18.0.exe
() C:\Program Files (x86)\Windows Manager\winmgr.exe
() C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe
() C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe
(MSI CO.,LTD.) C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\CPU_Ratio.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Mirillis Ltd.) C:\ProgramData\Windows Manager\winmgr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro SafeSync\hrfscore.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-06] (Egis Technology Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-12] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [629280 2009-08-18] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [0 ] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM-x32\...\Run: [Live Update 5] => C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe [315392 2012-01-30] ()
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-08-13] (MSI)
HKLM-x32\...\Run: [CommandCenter] => C:\Program Files (x86)\MSI\CommandCenter\StartCommandCenter.exe [809968 2013-09-26] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKU\.DEFAULT\...\RunOnce: [WindowsUpdate] - C:\Program Files (x86)\Windows Manager\winmgr.exe [21158400 2014-05-03] ()
HKU\.DEFAULT\...\CurrentVersion\Windows: [Load] C:\Windows\system32\Microsoft.com <===== ATTENTION
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1825984 2014-04-24] (Valve Corporation)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe [3344384 2010-12-23] ()
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-04-11] (Raptr, Inc)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\RunOnce: [WindowsUpdate] - C:\ProgramData\Windows Manager\winmgr.exe [21158400 2014-05-03] (Mirillis Ltd.)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\CurrentVersion\Windows: [Load] C:\ProgramData\Microsoft.com <===== ATTENTION
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\MountPoints2: {db36818b-b92d-11e0-abaa-00116b983502} - K:\pushinst.exe
IFEO\AvastSvc.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\AvastUI.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avcenter.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avconfig.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgcsrvx.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgidsagent.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgnt.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgrsx.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgwdsvc.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avp.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\bdagent.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\ccuac.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\ComboFix.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\egui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\hijackthis.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\instup.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\keyscrambler.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbam.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamgui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbampt.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamscheduler.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamservice.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MpCmdRun.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MSASCui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MsMpEng.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\msseces.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\rstrui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\spybotsd.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\wireshark.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\zlclient.exe: [Debugger] C:\Windows\system32\Microsoft.com
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA9CCCD5AD521CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = 
SearchScopes: HKLM-x32 - {609D962F-363E-4443-AFE7-514C6434FBC4} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://startsear.ch/?aff=1&q={searchTerms}
SearchScopes: HKCU - {4327FABE-3C22-4689-8DBF-D226CF777FE9} URL = hxxp://plusnetwork.com/?sp=brw&q={searchTerms}
SearchScopes: HKCU - {609D962F-363E-4443-AFE7-514C6434FBC4} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://startsear.ch/?aff=1&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: IE5BarLauncherBHO Class - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Browser Companion Helper Verifier - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll ( )
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM-x32 - VShareToolBar - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} -  No File
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -  No File
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -  No File
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -  No File
Handler-x32: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default
FF SearchEngineOrder.1: Web Search
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.facebook.com/
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.116.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.96.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @stonetrip.com/ShiVaWebPlayer,version=1.8.1.0 - C:\Users\bender90\AppData\Roaming\..\LocalLow\StoneTrip\WebPlayer1.8.1\npShiVa3D_1.8.1.dll (Stonetrip)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll (vShare.tv )
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icq-search.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icqplugin-3.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\Plusnetwork.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\startsear.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\ich@maltegoetz.de [2013-12-11]
FF Extension: Rain Alarm Extension - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\rain-alarm@mdiener.de [2014-03-27]
FF Extension: WEB.DE MailCheck - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\toolbar@web.de.xpi [2011-12-19]
FF Extension: NoScript - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-07-19]
FF Extension: Adblock Plus - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-19]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [0 ] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [0 ] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [0 ] (Avira Operations GmbH & Co. KG)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 MSIBIOSData_CC; C:\Program Files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe [2100736 2013-09-11] (MSI)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe [307712 2013-09-16] ()
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\MSICommService.exe [2114560 2013-09-12] ()
R3 MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe [4110336 2013-09-12] ()
R2 MSICTL_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe [1985536 2013-08-15] ()
S3 MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe [2224640 2013-09-11] ()
S3 MSISaveLoad_CC; C:\Program Files (x86)\MSI\CommandCenter\MSISaveLoadService.exe [3957248 2013-07-18] ()
S3 MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe [177152 2013-09-11] ()
R3 MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe [503808 2013-09-12] ()
S3 MSIWMI_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIWMIService.exe [182272 2013-08-23] ()
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-08-19] (MSI)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
R3 OnlineStorageService; C:\Program Files\Trend Micro SafeSync\hrfscore.exe [7908664 2012-07-12] (Trend Micro Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-28] ()
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [15888 2013-04-01] (Intel(R) Corporation)

==================== Drivers (Whitelisted) ====================

R3 AcpiCtlDrv; C:\Windows\System32\DRIVERS\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-01] (DT Soft Ltd)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21408 2013-08-01] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21920 2013-08-01] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [25448 2013-01-07] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-08-01] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NTIOLib_MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
R3 NTIOLib_MSIRatio_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NTIOLib_MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation                           )
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2013-03-12] (Realtek Semiconductor Corporation                           )
S3 tap0901_openvpn_accl; C:\Windows\System32\DRIVERS\tap0901_openvpn_accl.sys [37912 2012-08-21] (The OpenVPN Project)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-09-17] (Anchorfree Inc.)
S3 NTIOLib_1_0_C; \??\C:\MSI\MSI SUITE\NTIOLib_X64.sys [X]
S3 NTIOLib_1_1_S; \??\C:\MSI\MSI SUITE\Super-Charger\NTIOLib_X64.sys [X]
S3 NTIOLib_FastBoot; \??\C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteComCen; \??\C:\MSI\MSI SUITE\ControlCenter\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteFB; \??\C:\MSI\MSI SUITE\FastBoot\NTIOLib_X64.sys [X]
S3 PCDSRVC{1368CD8C-499695F1-06020101}_0; \??\c:\users\bender90\appdata\local\temp\wvsialvzwkma\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{3368CD8C-528FE905-06020101}_0; \??\c:\users\bender90\appdata\local\temp\8bi4_nfmp78t\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{A368CD8C-0AEEE3CC-06020101}_0; \??\c:\users\bender90\appdata\local\temp\ao_cb0cvvayd\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{A368CD8C-62FE955B-06020101}_0; \??\c:\users\bender90\appdata\local\temp\1kn9s8jfcbti\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{F368CD8C-EEA1AE2B-06020101}_0; \??\c:\users\bender90\appdata\local\temp\j8ecgnp9oixx\pcdrdiag\bin\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-08 11:29 - 2014-05-08 11:52 - 00028810 _____ () C:\Users\bender90\Desktop\FRST.txt
2014-05-08 11:23 - 2014-05-08 11:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-08 11:22 - 2014-05-08 11:22 - 02347384 _____ (ESET) C:\Users\bender90\Downloads\esetsmartinstaller_deu.exe
2014-05-08 10:42 - 2014-05-08 10:42 - 00002039 _____ () C:\Users\Public\Desktop\Action!.lnk
2014-05-08 10:42 - 2014-05-08 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
2014-05-08 10:39 - 2014-05-08 10:39 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3(1).exe.part
2014-05-08 10:38 - 2014-05-08 10:38 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3.exe
2014-05-08 10:25 - 2014-05-08 10:25 - 00000000 ____D () C:\Users\bender90\AppData\Local\AviraResume
2014-05-08 09:54 - 2014-05-08 09:54 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller.zip
2014-05-08 09:53 - 2014-05-08 09:54 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\bender90\Desktop\tdsskiller.exe
2014-05-07 21:47 - 2014-05-07 21:47 - 00003260 _____ () C:\Windows\System32\Tasks\{CFF8B7A5-524C-4C48-9F12-296002285E7A}
2014-05-07 21:39 - 2014-05-08 11:41 - 00000000 __SHD () C:\Program Files (x86)\Windows Manager
2014-05-07 20:56 - 2014-05-07 20:56 - 00001268 _____ () C:\Users\bender90\Desktop\Revo Uninstaller.lnk
2014-05-07 20:56 - 2014-05-07 20:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 20:55 - 2014-05-07 20:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\bender90\Downloads\revosetup95.exe
2014-05-07 20:27 - 2014-05-08 11:51 - 00000000 ____D () C:\FRST
2014-05-07 20:26 - 2014-05-07 20:26 - 02063872 _____ (Farbar) C:\Users\bender90\Desktop\FRST64.exe
2014-05-07 19:57 - 2014-05-07 19:57 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-07 19:55 - 2014-05-08 09:50 - 00000000 __SHD () C:\ProgramData\Windows Manager
2014-05-07 19:55 - 2014-05-03 17:07 - 21158400 __RSH (Mirillis Ltd.) C:\Windows\SysWOW64\Microsoft.com
2014-05-07 19:55 - 2014-05-03 17:07 - 21158400 __RSH (Mirillis Ltd.) C:\ProgramData\Microsoft.com
2014-04-30 18:16 - 2014-05-07 19:03 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\UseNeXT
2014-04-30 18:16 - 2014-05-07 18:54 - 00000000 ____D () C:\Users\bender90\Documents\UseNeXT
2014-04-30 18:16 - 2014-04-30 18:16 - 00001861 _____ () C:\Users\bender90\Desktop\UseNeXT by Tangysoft.lnk
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-04-30 18:15 - 2014-04-30 18:15 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\bender90\Downloads\UseNeXTSetup_5.63.exe
2014-04-26 09:03 - 2014-04-26 09:06 - 295347968 _____ (AMD Inc.) C:\Users\bender90\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe
2014-04-08 18:00 - 2014-04-08 18:00 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-08 18:00 - 2014-04-08 18:00 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-08 18:00 - 2014-04-08 18:00 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-08 18:00 - 2014-04-08 18:00 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-08 18:00 - 2014-04-08 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-08 18:00 - 2014-04-08 18:00 - 00000000 ____D () C:\Program Files\Java
2014-04-08 17:59 - 2014-04-08 17:59 - 30796712 _____ (Oracle Corporation) C:\Users\bender90\Downloads\jre-7u51-windows-x64.exe
2014-04-08 15:49 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-04-08 15:49 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-04-08 15:49 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-04-08 15:49 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-04-08 15:49 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-04-08 15:49 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-04-08 15:49 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-04-08 15:49 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-04-08 15:49 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-04-08 15:49 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-04-08 15:49 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-04-08 15:49 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-04-08 15:49 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-04-08 15:49 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-04-08 15:49 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-04-08 15:49 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-04-08 15:49 - 2013-10-01 22:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-08 15:49 - 2013-10-01 22:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-08 15:44 - 2013-12-21 11:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-08 15:44 - 2013-12-21 10:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-08 15:43 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-08 15:43 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-08 15:43 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-08 15:43 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-08 15:43 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-08 15:43 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-08 15:43 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-08 15:43 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-08 15:43 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-08 15:43 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-08 15:43 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-08 15:43 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-08 15:43 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-08 15:43 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-08 15:43 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-08 15:43 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-08 15:43 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-08 15:43 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-08 15:43 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-08 15:43 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-08 15:43 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-08 15:43 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-08 15:43 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-08 15:43 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-08 15:43 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-08 15:43 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-08 15:43 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-08 15:43 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-08 15:43 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-08 15:43 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-08 15:43 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-08 15:43 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-08 15:43 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-08 15:43 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-08 15:43 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-08 15:43 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-08 15:43 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-08 15:43 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-08 15:43 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-08 15:43 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-08 15:43 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-04-08 15:43 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll

==================== One Month Modified Files and Folders =======

2014-05-08 11:53 - 2013-02-08 10:58 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-08 11:52 - 2014-05-08 11:29 - 00028810 _____ () C:\Users\bender90\Desktop\FRST.txt
2014-05-08 11:51 - 2014-05-07 20:27 - 00000000 ____D () C:\FRST
2014-05-08 11:48 - 2009-07-14 06:45 - 00014592 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-08 11:48 - 2009-07-14 06:45 - 00014592 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-08 11:47 - 2011-06-17 17:37 - 00699884 _____ () C:\Windows\system32\perfh007.dat
2014-05-08 11:47 - 2011-06-17 17:37 - 00149766 _____ () C:\Windows\system32\perfc007.dat
2014-05-08 11:47 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-08 11:44 - 2011-06-17 07:45 - 01157506 _____ () C:\Windows\WindowsUpdate.log
2014-05-08 11:43 - 2014-02-04 16:45 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Raptr
2014-05-08 11:42 - 2013-04-16 20:33 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-08 11:42 - 2013-02-08 10:58 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-08 11:41 - 2014-05-07 21:39 - 00000000 __SHD () C:\Program Files (x86)\Windows Manager
2014-05-08 11:41 - 2009-07-14 06:51 - 00311390 _____ () C:\Windows\setupact.log
2014-05-08 11:40 - 2012-03-30 09:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-08 11:40 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-08 11:23 - 2014-05-08 11:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-08 11:22 - 2014-05-08 11:22 - 02347384 _____ (ESET) C:\Users\bender90\Downloads\esetsmartinstaller_deu.exe
2014-05-08 10:42 - 2014-05-08 10:42 - 00002039 _____ () C:\Users\Public\Desktop\Action!.lnk
2014-05-08 10:42 - 2014-05-08 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
2014-05-08 10:39 - 2014-05-08 10:39 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3(1).exe.part
2014-05-08 10:38 - 2014-05-08 10:38 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3.exe
2014-05-08 10:25 - 2014-05-08 10:25 - 00000000 ____D () C:\Users\bender90\AppData\Local\AviraResume
2014-05-08 09:54 - 2014-05-08 09:54 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller.zip
2014-05-08 09:54 - 2014-05-08 09:53 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\bender90\Desktop\tdsskiller.exe
2014-05-08 09:50 - 2014-05-07 19:55 - 00000000 __SHD () C:\ProgramData\Windows Manager
2014-05-07 21:48 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-07 21:47 - 2014-05-07 21:47 - 00003260 _____ () C:\Windows\System32\Tasks\{CFF8B7A5-524C-4C48-9F12-296002285E7A}
2014-05-07 20:56 - 2014-05-07 20:56 - 00001268 _____ () C:\Users\bender90\Desktop\Revo Uninstaller.lnk
2014-05-07 20:56 - 2014-05-07 20:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 20:55 - 2014-05-07 20:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\bender90\Downloads\revosetup95.exe
2014-05-07 20:26 - 2014-05-07 20:26 - 02063872 _____ (Farbar) C:\Users\bender90\Desktop\FRST64.exe
2014-05-07 19:59 - 2012-10-29 11:36 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Spotify
2014-05-07 19:57 - 2014-05-07 19:57 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-07 19:54 - 2012-11-09 16:41 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\vlc
2014-05-07 19:50 - 2013-10-30 18:43 - 00000000 ____D () C:\Users\bender90\AppData\Local\CrashDumps
2014-05-07 19:49 - 2012-10-29 11:36 - 00000000 ____D () C:\Users\bender90\AppData\Local\Spotify
2014-05-07 19:03 - 2014-04-30 18:16 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\UseNeXT
2014-05-07 18:54 - 2014-04-30 18:16 - 00000000 ____D () C:\Users\bender90\Documents\UseNeXT
2014-05-07 13:23 - 2014-03-06 21:49 - 00000000 ____D () C:\ProgramData\PMS
2014-05-07 13:03 - 2013-05-28 10:52 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C0979D09-93B8-4BB6-A5B3-C8605BA24C41}
2014-05-05 17:55 - 2011-07-28 18:02 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-05 17:52 - 2011-09-29 11:46 - 00000000 ____D () C:\ProgramData\Origin
2014-05-05 17:52 - 2011-09-29 11:46 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-03 17:07 - 2014-05-07 19:55 - 21158400 __RSH (Mirillis Ltd.) C:\Windows\SysWOW64\Microsoft.com
2014-05-03 17:07 - 2014-05-07 19:55 - 21158400 __RSH (Mirillis Ltd.) C:\ProgramData\Microsoft.com
2014-05-02 18:45 - 2013-10-01 19:57 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Mirillis
2014-05-02 18:45 - 2013-10-01 19:57 - 00000000 ____D () C:\Users\bender90\AppData\Local\Mirillis
2014-05-02 18:44 - 2013-10-01 19:57 - 00000020 _____ () C:\Windows\capsys184523.log
2014-05-02 17:25 - 2011-07-28 18:02 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-05-01 08:39 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-30 18:16 - 2014-04-30 18:16 - 00001861 _____ () C:\Users\bender90\Desktop\UseNeXT by Tangysoft.lnk
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-04-30 18:15 - 2014-04-30 18:15 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\bender90\Downloads\UseNeXTSetup_5.63.exe
2014-04-29 14:38 - 2012-03-30 09:21 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 14:38 - 2012-03-30 09:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 14:38 - 2011-07-28 21:38 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-26 09:06 - 2014-04-26 09:03 - 295347968 _____ (AMD Inc.) C:\Users\bender90\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe
2014-04-17 20:11 - 2014-02-04 16:43 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-04-14 21:03 - 2011-08-02 17:58 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\SoftGrid Client
2014-04-14 19:50 - 2011-08-15 12:09 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\TS3Client
2014-04-09 15:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-08 18:00 - 2014-04-08 18:00 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-08 18:00 - 2014-04-08 18:00 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-08 18:00 - 2014-04-08 18:00 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-08 18:00 - 2014-04-08 18:00 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-08 18:00 - 2014-04-08 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-08 18:00 - 2014-04-08 18:00 - 00000000 ____D () C:\Program Files\Java
2014-04-08 17:59 - 2014-04-08 17:59 - 30796712 _____ (Oracle Corporation) C:\Users\bender90\Downloads\jre-7u51-windows-x64.exe
2014-04-08 17:59 - 2011-07-31 19:21 - 00000000 ____D () C:\Users\bender90\AppData\Local\Adobe
2014-04-08 15:47 - 2011-08-02 17:58 - 01595580 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

Files to move or delete:
====================
C:\Users\bender90\AppData\Roaming\Camdata.ini
C:\Users\bender90\AppData\Roaming\CamLayout.ini
C:\Users\bender90\AppData\Roaming\CamShapes.ini
C:\ProgramData\ldsw_0paos.pad


Some content of TEMP:
====================
C:\Users\bender90\AppData\Local\Temp\13-12_win7_win8_64_dd_ccc_whql.exe
C:\Users\bender90\AppData\Local\Temp\avgnt.exe
C:\Users\bender90\AppData\Local\Temp\detectionapi_rd.dll
C:\Users\bender90\AppData\Local\Temp\detectionui_r.exe
C:\Users\bender90\AppData\Local\Temp\directx10tests_rd.dll
C:\Users\bender90\AppData\Local\Temp\directx11tests_rd.dll
C:\Users\bender90\AppData\Local\Temp\directx9tests_rd.dll
C:\Users\bender90\AppData\Local\Temp\jna1324566697984281769.dll
C:\Users\bender90\AppData\Local\Temp\jna4101322631714976574.dll
C:\Users\bender90\AppData\Local\Temp\jna4383689400269149208.dll
C:\Users\bender90\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\bender90\AppData\Local\Temp\local.dll
C:\Users\bender90\AppData\Local\Temp\MirillisAction!1.18.0.exe
C:\Users\bender90\AppData\Local\Temp\MsgPlusUninstall.exe
C:\Users\bender90\AppData\Local\Temp\raptrpatch.exe
C:\Users\bender90\AppData\Local\Temp\rootsupd.exe
C:\Users\bender90\AppData\Local\Temp\sonarinst.exe
C:\Users\bender90\AppData\Local\Temp\upnp.exe
C:\Users\bender90\AppData\Local\Temp\upx.exe
C:\Users\bender90\AppData\Local\Temp\vlc-2.1.3-win32.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-29 17:23

==================== End Of Log ============================
         
--- --- ---

Alt 09.05.2014, 10:18   #5
schrauber
/// the machine
/// TB-Ausbilder
 

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Standard

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.05.2014, 12:27   #6
bender84
 
winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Standard

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?



Hallo das geht leider nicht er unterbindet mir das auch ...download fehlgeschlagen...hab es dann auf mein notebook runtergeladen und wollte es via stick übertragen...geht auch nicht...meckert er auch auf Datei kann nicht zugegriffen werden...

hier noch ein log von spybot via USB Stick...leider kann ich es nicht fixen...

Code:
ATTFilter
Search results from Spybot - Search & Destroy

09.05.2014 12:18:58
Scan took 00:12:25.
86 items found.

Smitfraud-C.gp: [SBI $F0EB55BA] Autorun settings (WindowsUpdate) (Registry Value, nothing done)
  HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\WindowsUpdate

Smitfraud-C.gp: [SBI $F0EB55BA]  Program file (File, nothing done)
  C:\Program Files (x86)\Windows Manager\winmgr.exe
  Properties.size=21158400
  Properties.md5=C110E8C14DAF0B2BC2F7CA32DF5F2A33
  Properties.filedate=1399129674
  Properties.filedatetext=2014-05-03 17:07:54

Smitfraud-C.gp: [SBI $F0EB55BA] Autorun settings (WindowsUpdate) (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\WindowsUpdate

Smitfraud-C.gp: [SBI $F0EB55BA]  Program file (File, nothing done)
  C:\ProgramData\Microsoft.com
  Properties.size=21158400
  Properties.md5=C110E8C14DAF0B2BC2F7CA32DF5F2A33
  Properties.filedate=1399129674
  Properties.filedatetext=2014-05-03 17:07:54

Smitfraud-C.gp: [SBI $F0EB55BA] Autorun settings (WindowsUpdate) (Registry Value, nothing done)
  HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\WindowsUpdate

DownloadSponsor: [SBI $CC437C6B] Settings (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\OCS\lastPID

DownloadSponsor: [SBI $980DE8E4] Settings (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\OCS\PID

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\affiliate.gameladen.com\pap20.sol
  Properties.size=98
  Properties.md5=54E9D372563CEDD252C03F492A78B55B
  Properties.filedate=1398876013
  Properties.filedatetext=2014-04-30 18:40:12

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\badoocdn.com\statf.sol
  Properties.size=42
  Properties.md5=8AE12163EADEB8FB978C00212A1E8F77
  Properties.filedate=1397760723
  Properties.filedatetext=2014-04-17 20:52:02

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\cdn.movad.net\movad.sol
  Properties.size=67
  Properties.md5=840E9D361BBD1204D93FA8F8B7FFB8B9
  Properties.filedate=1396610753
  Properties.filedatetext=2014-04-04 13:25:53

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\images-na.ssl-images-amazon.com\mercury.sol
  Properties.size=69
  Properties.md5=2C0D96AE2C848A297A3F0A2044CBC4B3
  Properties.filedate=1396257418
  Properties.filedatetext=2014-03-31 11:16:58

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\p1.badoocdn.com\statf.sol
  Properties.size=42
  Properties.md5=261587602229EE5D0955825622FC657F
  Properties.filedate=1396960521
  Properties.filedatetext=2014-04-08 14:35:20

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\s.ytimg.com\soundData.sol
  Properties.size=49
  Properties.md5=F2945B8419B125F71FC8FD7CDDB59948
  Properties.filedate=1396910303
  Properties.filedatetext=2014-04-08 00:38:23

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\s.ytimg.com\subtitlesModuleData.sol
  Properties.size=63
  Properties.md5=17C935936AF9DDC488BC1772D34148DD
  Properties.filedate=1396908797
  Properties.filedatetext=2014-04-08 00:13:16

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\scache.vevo.com\analytics.sol
  Properties.size=419
  Properties.md5=8B305296C93C2DDE38B22F9F935EDC5F
  Properties.filedate=1396867705
  Properties.filedatetext=2014-04-07 12:48:25

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\scache.vevo.com\com.conviva.livePass.sol
  Properties.size=225
  Properties.md5=630EBC3CAF1B61378999C8CE903C20AF
  Properties.filedate=1396867654
  Properties.filedatetext=2014-04-07 12:47:34

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\scache.vevo.com\com.vevo.enum.SharedObjectNames.vevo.sol
  Properties.size=185
  Properties.md5=E5BC69F1BBEBB267F66314E6041863F9
  Properties.filedate=1396867654
  Properties.filedatetext=2014-04-07 12:47:33

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\secureinclude.ebaystatic.com\ebayLSO.sol
  Properties.size=131
  Properties.md5=933D24A245FAEC89B93CFC48BF7521A5
  Properties.filedate=1399303782
  Properties.filedatetext=2014-05-05 17:29:42

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\secureinclude.ebaystatic.com\ebayT.sol
  Properties.size=39
  Properties.md5=B43F43445AA3414DDC22EC80FBB22871
  Properties.filedate=1399303782
  Properties.filedatetext=2014-05-05 17:29:42

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\www.jochen-schweizer.de\lsoSearch.sol
  Properties.size=123
  Properties.md5=FC93336EB094DDCB69D2D3D87AD0F680
  Properties.filedate=1398790190
  Properties.filedatetext=2014-04-29 18:49:50

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\www.jochen-schweizer.de\lsoTrack.sol
  Properties.size=112
  Properties.md5=62945F78EE2BAC9748600D6DA3A4E1E9
  Properties.filedate=1398790163
  Properties.filedatetext=2014-04-29 18:49:22

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\www.paypalobjects.com\paypalLSO.sol
  Properties.size=111
  Properties.md5=55A7161177CF8AFBD7AB4282CF81849C
  Properties.filedate=1396512003
  Properties.filedatetext=2014-04-03 10:00:03

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\www.paypalobjects.com\ppLsoTest.sol
  Properties.size=48
  Properties.md5=74EE4375686A2069414EEF13E7B62789
  Properties.filedate=1396511879
  Properties.filedatetext=2014-04-03 09:57:59

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\www.sme-advertising.de\analytics.sol
  Properties.size=351
  Properties.md5=A5487C0C357BE04245DD51BB0B3D73D6
  Properties.filedate=1398276353
  Properties.filedatetext=2014-04-23 20:05:53

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\www.xatech.com\chat.sol
  Properties.size=100
  Properties.md5=2773D1BA0183D0A46C652A8110983343
  Properties.filedate=1397489697
  Properties.filedatetext=2014-04-14 17:34:56

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\de.chatrandom.com\flash\random-chat.swf\ud.sol
  Properties.size=96
  Properties.md5=74B1D6836D99E5010F8057F49C05E6F8
  Properties.filedate=1396979621
  Properties.filedatetext=2014-04-08 19:53:40

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\play.snacktv.de\player\videoplayer.swf\SnackTV.sol
  Properties.size=79
  Properties.md5=1CFDC63736490A743EA60097ACFB3EDC
  Properties.filedate=1397147943
  Properties.filedatetext=2014-04-10 18:39:02

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7]  Text file (File, nothing done)
  C:\Users\bender90\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\P2GE89MG\static.xvideos.com\swf\xv-player.swf\hexaplayerVolumeCookie.sol
  Properties.size=61
  Properties.md5=9EE679E20E38098F9DDA0A279BE2EE92
  Properties.filedate=1397498687
  Properties.filedatetext=2014-04-14 20:04:46

Win32.Fynlosk: [SBI $07875FC5] Application data folder (Directory, nothing done)
  C:\Users\bender90\AppData\Roaming\dclogs\
  Directory.subfile=C:\Users\bender90\AppData\Roaming\dclogs\2013-01-16-4.dc
  Directory.subfile.size=670
  Directory.subfile.md5=95952635626A2F04FB4199E056DFA18F
  Directory.subfile.filedate=1358339627
  Directory.subfile.filedatetext=2013-01-16 14:33:47

DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Internet Explorer (User): bender90) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Internet Explorer (User): bender90) (Browser: Cookie, nothing done)
  

DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Firefox: bender90 (default)) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Firefox: bender90 (default)) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Firefox: bender90 (default)) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Firefox: bender90 (default)) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Firefox: bender90 (default)) (Browser: Cookie, nothing done)
  

Statcounter: [SBI $4E2AF2AC] Tracking cookie (Firefox: bender90 (default)) (Browser: Cookie, nothing done)
  

WebTrends live: [SBI $4E2AF2AC] Tracking cookie (Firefox: bender90 (default)) (Browser: Cookie, nothing done)
  

DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Firefox: bender90 (default)) (Browser: Cookie, nothing done)
  

Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Internet Explorer\TypedURLs

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Microsoft Management Console\Recent File List

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\DirectInput\MostRecentApplication\Name

MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\DirectInput\MostRecentApplication\Id

MS DirectInput: [SBI $6533916A] Last mapped application ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\DirectInput\MostRecentMapperApplication\ID

MS DirectInput: [SBI $31B11F6A] Last mapped application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\DirectInput\MostRecentMapperApplication\Name

MS Paint: [SBI $07867C39] Recent file list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List

Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows.OpenWith: [SBI $286A25C6] Open with list - .ACE extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ACE\OpenWithList

Windows.OpenWith: [SBI $CDE7D0A6] Open with list - .ASX extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASX\OpenWithList

Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList

Windows.OpenWith: [SBI $691C1B44] Open with list - .BIN extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList

Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList

Windows.OpenWith: [SBI $63036C95] Open with list - .CAB extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAB\OpenWithList

Windows.OpenWith: [SBI $F34FE1D0] Open with list - .CUE extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CUE\OpenWithList

Windows Explorer: [SBI $A2C7B3CD] Recent wallpaper list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Wallpaper\MRU

Windows Explorer: [SBI $7308A845] Run history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU

Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

WinRAR: [SBI $0B56E92B] Recent file list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\WinRAR\ArcHistory

WinRAR: [SBI $A59A1C0A] Recent exe file list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\WinRAR\DialogEditHistory\ArcName

WinRAR: [SBI $B84F9965] Last used directory (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\WinRAR\General\LastFolder

WinRAR: [SBI $B510882E] Extraction directory history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\WinRAR\DialogEditHistory\ExtrPath

Cookie: [SBI $49804B54] Browser: Cookie (155) (Browser: Cookie, nothing done)
  

Cache: [SBI $49804B54] Browser: Cache (2118) (Browser: Cache, nothing done)
  

History: [SBI $49804B54] Browser: History (223) (Browser: History, nothing done)
  

Cookie: [SBI $49804B54] Browser: Cookie (1331) (Browser: Cookie, nothing done)
  


--- Spybot - Search & Destroy version: 2.3.39.131  DLL (build: 20140425) ---

2014-04-25 SDBootCD.exe (2.3.39.109)
2014-04-25 SDCleaner.exe (2.3.39.110)
2014-04-25 SDDelFile.exe (2.3.39.94)
2013-06-18 SDDisableProxy.exe
2014-04-25 SDFSSvc.exe (2.3.39.217)
2013-03-20 SDFileScanHelper.exe (2.1.16.1)
2014-04-25 SDFiles.exe (2.3.39.135)
2014-04-25 SDHelp.exe (2.3.39.1)
2014-04-25 SDHookHelper.exe (2.3.39.2)
2014-04-25 SDHookInst32.exe (2.3.39.2)
2014-04-25 SDImmunize.exe (2.3.39.130)
2014-04-25 SDLogReport.exe (2.3.39.107)
2014-04-25 SDOnAccess.exe (2.3.39.11)
2014-04-25 SDPESetup.exe (2.3.39.3)
2014-04-25 SDPEStart.exe (2.3.39.86)
2014-04-25 SDPRE.exe (2.3.39.22)
2014-04-25 SDPhoneScan.exe (2.3.39.28)
2014-04-25 SDPrepPos.exe (2.3.39.15)
2014-04-25 SDQuarantine.exe (2.3.39.103)
2014-04-25 SDRootAlyzer.exe (2.3.39.116)
2014-04-25 SDSBIEdit.exe (2.3.39.39)
2014-04-25 SDScan.exe (2.3.39.181)
2014-04-25 SDScript.exe (2.3.39.54)
2014-04-25 SDSettings.exe (2.3.39.139)
2014-04-25 SDShell.exe (2.3.39.2)
2014-04-25 SDShred.exe (2.3.39.108)
2014-04-25 SDSysRepair.exe (2.3.39.102)
2014-04-25 SDTools.exe (2.3.39.157)
2014-04-25 SDTray.exe (2.3.39.129)
2014-04-25 SDUpdSvc.exe (2.3.39.77)
2014-04-25 SDUpdate.exe (2.3.39.94)
2014-04-25 SDWSCSvc.exe (2.3.39.2)
2014-04-25 SDWelcome.exe (2.3.39.130)
2014-04-25 blindman.exe (2.3.39.151)
2014-04-25 explorer.exe (2.3.39.181)
2013-06-19 spybotsd2-translation-frx.exe
2014-05-03 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-09-05 DelZip190.dll (1.9.0.107)
2014-04-25 NotificationSpreader.dll
2014-04-25 SDAV.dll
2014-04-25 SDAdvancedCheckLibrary.dll (2.3.39.98)
2014-04-25 SDECon32.dll (2.3.39.114)
2014-04-25 SDEvents.dll (2.3.39.2)
2014-04-25 SDFileScanLibrary.dll (2.3.39.14)
2014-04-25 SDHook32.dll (2.3.39.2)
2014-04-25 SDImmunizeLibrary.dll (2.3.39.2)
2014-04-25 SDLicense.dll (2.3.39.0)
2014-04-25 SDLists.dll (2.3.39.4)
2014-04-25 SDResources.dll (2.3.39.7)
2014-04-25 SDScanLibrary.dll (2.3.39.131)
2014-04-25 SDTasks.dll (2.3.39.15)
2013-12-19 SDWinLogon.dll (2.3.37.0)
2014-04-25 Tools.dll (2.3.39.36)
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2014-03-05 Includes\Adware-000.sbi (*)
2014-01-08 Includes\Adware-001.sbi (*)
2014-04-30 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-01-08 Includes\Dialer-000.sbi (*)
2014-01-08 Includes\Dialer-001.sbi (*)
2014-01-08 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2014-01-09 Includes\Fraud-000.sbi (*)
2014-01-09 Includes\Fraud-001.sbi (*)
2014-03-31 Includes\Fraud-002.sbi (*)
2014-01-09 Includes\Fraud-003.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-01-08 Includes\Hijackers-000.sbi (*)
2014-01-08 Includes\Hijackers-001.sbi (*)
2014-01-08 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\Keyloggers-000.sbi (*)
2014-03-19 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2014-01-09 Includes\Malware-001.sbi (*)
2014-01-09 Includes\Malware-002.sbi (*)
2014-02-05 Includes\Malware-003.sbi (*)
2014-01-28 Includes\Malware-004.sbi (*)
2014-04-15 Includes\Malware-005.sbi (*)
2014-02-26 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2014-04-30 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2013-12-23 Includes\MalwareC.sbi (*)
2014-01-15 Includes\PUPS-000.sbi (*)
2014-01-15 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2014-04-30 Includes\PUPS-C.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2014-01-07 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2014-01-08 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2014-01-08 Includes\Spyware-000.sbi (*)
2014-01-08 Includes\Spyware-001.sbi (*)
2014-01-08 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2014-01-15 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2014-01-15 Includes\Trojans-002.sbi (*)
2014-01-15 Includes\Trojans-003.sbi (*)
2014-01-15 Includes\Trojans-004.sbi (*)
2014-03-19 Includes\Trojans-005.sbi (*)
2014-01-15 Includes\Trojans-006.sbi (*)
2014-01-15 Includes\Trojans-007.sbi (*)
2014-01-15 Includes\Trojans-008.sbi (*)
2014-01-15 Includes\Trojans-009.sbi (*)
2014-04-30 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2014-01-15 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
         

Alt 10.05.2014, 12:00   #7
schrauber
/// the machine
/// TB-Ausbilder
 

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Standard

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?



hi,

Scan mit Farbar's Recovery Scan Tool (Recovery Mode - Windows Vista, 7, 8)
Hinweise für Windows 8-Nutzer: Anleitung 1 (FRST-Variante) und Anleitung 2 (zweiter Teil)
  • Downloade dir bitte die passende Version des Tools (im Zweifel beide) und speichere diese auf einen USB Stick: FRST Download FRST 32-Bit | FRST 64-Bit
  • Schließe den USB Stick an das infizierte System an und boote das System in die System Reparatur Option.
  • Scanne jetzt nach der bebilderten Anleitung oder verwende die folgende Kurzanleitung:
Über den Boot Manager:
  • Starte den Rechner neu.
  • Während dem Hochfahren drücke mehrmals die F8 Taste
  • Wähle nun Computer reparieren.
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Mit Windows CD/DVD (auch bei Windows 8 möglich):
  • Lege die Windows CD in dein Laufwerk.
  • Starte den Rechner neu und starte von der CD.
  • Wähle die Spracheinstellungen und klicke "Weiter".
  • Klicke auf Computerreparaturoptionen !
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Wähle in den Reparaturoptionen: Eingabeaufforderung
  • Gib nun bitte notepad ein und drücke Enter.
  • Im öffnenden Textdokument: Datei > Speichern unter... und wähle Computer.
    Hier wird dir der Laufwerksbuchstabe deines USB Sticks angezeigt, merke ihn dir.
  • Schließe Notepad wieder
  • Gib nun bitte folgenden Befehl ein.
    e:\frst.exe bzw. e:\frst64.exe
    Hinweis: e steht für den Laufwerksbuchstaben deines USB Sticks, den du dir gemerkt hast. Gegebenfalls anpassen.
  • Akzeptiere den Disclaimer mit Ja und klicke Untersuchen
Das Tool erstellt eine FRST.txt auf deinem USB Stick. Poste den Inhalt bitte hier nach Möglichkeit in Code-Tags (Anleitung).

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.05.2014, 14:25   #8
bender84
 
winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Standard

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-05-2014 01
Ran by SYSTEM on MININT-NTV0JET on 12-05-2014 14:22:11
Running from G:\
Platform: Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.




==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-06] (Egis Technology Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-12] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [629280 2009-08-17] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [0 ] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM-x32\...\Run: [Live Update 5] => C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe [315392 2012-01-30] ()
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-08-13] (MSI)
HKLM-x32\...\Run: [CommandCenter] => C:\Program Files (x86)\MSI\CommandCenter\StartCommandCenter.exe [809968 2013-09-26] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKU\bender90\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\bender90\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1825984 2014-04-23] (Valve Corporation)
HKU\bender90\...\Run: [OscarEditor] => C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe [3344384 2010-12-23] ()
HKU\bender90\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-04-11] (Raptr, Inc)
HKU\bender90\...\RunOnce: [WindowsUpdate] - C:\ProgramData\Microsoft.com [21158400 2014-05-03] (Mirillis Ltd.)
HKU\bender90\...\CurrentVersion\Windows: [Load] C:\ProgramData\Microsoft.com <===== ATTENTION
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-21] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-21] ()
IFEO\AvastSvc.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\AvastUI.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avcenter.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avconfig.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgcsrvx.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgidsagent.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgnt.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgrsx.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgwdsvc.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avp.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\bdagent.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\ccuac.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\ComboFix.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\egui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\hijackthis.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\instup.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\keyscrambler.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbam.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamgui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbampt.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamscheduler.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamservice.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MpCmdRun.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MSASCui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MsMpEng.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\msseces.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\rstrui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\spybotsd.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\wireshark.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\zlclient.exe: [Debugger] C:\Windows\system32\Microsoft.com

==================== Services (Whitelisted) =================

S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [0 ] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [0 ] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [0 ] (Avira Operations GmbH & Co. KG)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
S2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] ()
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
S3 MSIBIOSData_CC; C:\Program Files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe [2100736 2013-09-11] (MSI)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe [307712 2013-09-16] ()
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\MSICommService.exe [2114560 2013-09-12] ()
S3 MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe [4110336 2013-09-12] ()
S2 MSICTL_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe [1985536 2013-08-15] ()
S3 MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe [2224640 2013-09-11] ()
S3 MSISaveLoad_CC; C:\Program Files (x86)\MSI\CommandCenter\MSISaveLoadService.exe [3957248 2013-07-18] ()
S3 MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe [177152 2013-09-11] ()
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe [503808 2013-09-12] ()
S3 MSIWMI_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIWMIService.exe [182272 2013-08-23] ()
S2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-08-19] (MSI)
S2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
S3 OnlineStorageService; C:\Program Files\Trend Micro SafeSync\hrfscore.exe [7908664 2012-07-12] (Trend Micro Inc.)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-28] ()
S2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [15888 2013-03-31] (Intel(R) Corporation)

==================== Drivers (Whitelisted) ====================

S3 AcpiCtlDrv; C:\Windows\System32\DRIVERS\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-21] (AVM Berlin)
S1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-01] (DT Soft Ltd)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-21] (AVM GmbH)
S3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21408 2013-08-01] ()
S3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21920 2013-08-01] ()
S3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
S2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [25448 2013-01-06] (Intel Corporation)
S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-08-01] ()
S3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
S3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
S3 NTIOLib_MSIRatio_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation                           )
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2013-03-12] (Realtek Semiconductor Corporation                           )
S3 tap0901_openvpn_accl; C:\Windows\System32\DRIVERS\tap0901_openvpn_accl.sys [37912 2012-08-20] (The OpenVPN Project)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-09-17] (Anchorfree Inc.)
S3 NTIOLib_1_0_C; \??\C:\MSI\MSI SUITE\NTIOLib_X64.sys [X]
S3 NTIOLib_1_1_S; \??\C:\MSI\MSI SUITE\Super-Charger\NTIOLib_X64.sys [X]
S3 NTIOLib_FastBoot; \??\C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteComCen; \??\C:\MSI\MSI SUITE\ControlCenter\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteFB; \??\C:\MSI\MSI SUITE\FastBoot\NTIOLib_X64.sys [X]
S3 PCDSRVC{1368CD8C-499695F1-06020101}_0; \??\c:\users\bender90\appdata\local\temp\wvsialvzwkma\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{3368CD8C-528FE905-06020101}_0; \??\c:\users\bender90\appdata\local\temp\8bi4_nfmp78t\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{A368CD8C-0AEEE3CC-06020101}_0; \??\c:\users\bender90\appdata\local\temp\ao_cb0cvvayd\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{A368CD8C-62FE955B-06020101}_0; \??\c:\users\bender90\appdata\local\temp\1kn9s8jfcbti\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{F368CD8C-EEA1AE2B-06020101}_0; \??\c:\users\bender90\appdata\local\temp\j8ecgnp9oixx\pcdrdiag\bin\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-12 03:01 - 2014-05-12 03:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 02:25 - 2014-05-09 02:29 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe
2014-05-09 02:22 - 2014-05-09 02:22 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe.part
2014-05-09 02:20 - 2014-05-09 02:21 - 05200039 _____ () C:\Users\bender90\Downloads\ComboFix.exe.part
2014-05-08 03:25 - 2014-05-08 03:25 - 00000000 ____D () C:\Mozilla
2014-05-08 02:48 - 2014-05-08 02:48 - 00000000 ___SD () C:\Windows\System32\CompatTel
2014-05-08 02:47 - 2014-04-29 08:00 - 23133184 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-05-08 02:47 - 2014-04-29 07:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-05-08 02:47 - 2014-04-29 06:47 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-08 02:47 - 2014-04-29 06:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-08 02:45 - 2014-04-13 18:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-05-08 02:45 - 2014-04-13 18:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2014-05-08 02:45 - 2014-03-04 01:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2014-05-08 02:45 - 2014-03-04 01:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2014-05-08 02:45 - 2014-03-04 01:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2014-05-08 02:45 - 2014-03-04 01:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2014-05-08 02:45 - 2014-03-04 01:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2014-05-08 02:45 - 2014-03-04 01:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-05-08 02:45 - 2014-03-04 01:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-08 02:45 - 2014-03-04 01:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-05-08 02:45 - 2014-03-04 01:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-05-08 02:45 - 2014-03-04 00:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-05-08 02:45 - 2014-03-04 00:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-05-08 02:45 - 2014-02-03 18:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2014-05-08 02:45 - 2014-02-03 18:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2014-05-08 02:45 - 2014-02-03 18:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2014-05-08 02:45 - 2014-02-03 18:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\iologmsg.dll
2014-05-08 02:45 - 2014-02-03 18:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-05-08 02:45 - 2014-01-08 18:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-05-08 02:45 - 2014-01-03 14:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2014-05-08 02:44 - 2014-01-23 18:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2014-05-08 02:39 - 2014-05-08 02:39 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller(1).zip
2014-05-08 02:30 - 2014-05-08 02:30 - 00000268 _____ () C:\Users\bender90\Desktop\Search.txt
2014-05-08 02:28 - 2014-05-08 02:28 - 00049689 _____ () C:\Users\bender90\Desktop\Addition.txt
2014-05-08 02:27 - 2014-05-08 02:28 - 00047836 _____ () C:\Users\bender90\Desktop\FRST.txt
2014-05-08 01:23 - 2014-05-08 01:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-08 01:22 - 2014-05-08 01:22 - 02347384 _____ (ESET) C:\Users\bender90\Downloads\esetsmartinstaller_deu.exe
2014-05-08 00:39 - 2014-05-08 00:39 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3(1).exe.part
2014-05-08 00:38 - 2014-05-08 00:38 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3.exe
2014-05-08 00:25 - 2014-05-08 00:25 - 00000000 ____D () C:\Users\bender90\AppData\Local\AviraResume
2014-05-07 23:54 - 2014-05-07 23:54 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller.zip
2014-05-07 23:53 - 2014-05-07 23:54 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\bender90\Desktop\tdsskiller.exe
2014-05-07 11:47 - 2014-05-07 11:47 - 00003260 _____ () C:\Windows\System32\Tasks\{CFF8B7A5-524C-4C48-9F12-296002285E7A}
2014-05-07 11:39 - 2014-05-08 03:17 - 00000000 __SHD () C:\Program Files (x86)\Windows Manager
2014-05-07 10:56 - 2014-05-07 10:56 - 00001268 _____ () C:\Users\bender90\Desktop\Revo Uninstaller.lnk
2014-05-07 10:56 - 2014-05-07 10:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 10:55 - 2014-05-07 10:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\bender90\Downloads\revosetup95.exe
2014-05-07 10:27 - 2014-05-12 14:22 - 00000000 ____D () C:\FRST
2014-05-07 10:26 - 2014-05-07 10:26 - 02063872 _____ (Farbar) C:\Users\bender90\Desktop\FRST64.exe
2014-05-07 09:57 - 2014-05-07 09:57 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-07 09:55 - 2014-05-12 02:22 - 00000000 __SHD () C:\ProgramData\Windows Manager
2014-05-07 09:55 - 2014-05-03 07:07 - 21158400 __RSH (Mirillis Ltd.) C:\Windows\SysWOW64\Microsoft.com
2014-05-07 09:55 - 2014-05-03 07:07 - 21158400 __RSH (Mirillis Ltd.) C:\ProgramData\Microsoft.com
2014-04-30 08:16 - 2014-05-12 03:27 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\UseNeXT
2014-04-30 08:16 - 2014-05-12 03:26 - 00000000 ____D () C:\Users\bender90\Documents\UseNeXT
2014-04-30 08:16 - 2014-04-30 08:16 - 00001861 _____ () C:\Users\bender90\Desktop\UseNeXT by Tangysoft.lnk
2014-04-30 08:16 - 2014-04-30 08:16 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-04-30 08:15 - 2014-04-30 08:15 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\bender90\Downloads\UseNeXTSetup_5.63.exe
2014-04-25 23:03 - 2014-04-25 23:06 - 295347968 _____ (AMD Inc.) C:\Users\bender90\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe

==================== One Month Modified Files and Folders =======

2014-05-12 14:22 - 2014-05-07 10:27 - 00000000 ____D () C:\FRST
2014-05-12 04:10 - 2009-07-13 20:51 - 00322882 _____ () C:\Windows\setupact.log
2014-05-12 04:09 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-12 04:06 - 2012-04-26 07:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 04:05 - 2011-06-16 21:45 - 01423607 _____ () C:\Windows\WindowsUpdate.log
2014-05-12 04:05 - 2009-07-13 20:45 - 00022832 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-12 04:05 - 2009-07-13 20:45 - 00022832 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-12 03:59 - 2013-02-08 00:58 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-12 03:44 - 2011-06-17 07:37 - 00699884 _____ () C:\Windows\System32\perfh007.dat
2014-05-12 03:44 - 2011-06-17 07:37 - 00149766 _____ () C:\Windows\System32\perfc007.dat
2014-05-12 03:44 - 2009-07-13 21:13 - 01622236 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-05-12 03:40 - 2012-03-29 23:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-12 03:27 - 2014-04-30 08:16 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\UseNeXT
2014-05-12 03:26 - 2014-04-30 08:16 - 00000000 ____D () C:\Users\bender90\Documents\UseNeXT
2014-05-12 03:01 - 2014-05-12 03:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-12 02:31 - 2013-05-28 00:52 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C0979D09-93B8-4BB6-A5B3-C8605BA24C41}
2014-05-12 02:23 - 2014-02-04 06:45 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Raptr
2014-05-12 02:22 - 2014-05-07 09:55 - 00000000 __SHD () C:\ProgramData\Windows Manager
2014-05-12 02:22 - 2013-04-16 10:33 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-12 02:21 - 2013-02-08 00:58 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-09 02:56 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-05-09 02:29 - 2014-05-09 02:25 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe
2014-05-09 02:22 - 2014-05-09 02:22 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe.part
2014-05-09 02:21 - 2014-05-09 02:20 - 05200039 _____ () C:\Users\bender90\Downloads\ComboFix.exe.part
2014-05-09 01:54 - 2013-02-08 00:58 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-09 01:54 - 2013-02-08 00:58 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-08 04:09 - 2011-06-20 08:33 - 00000000 ____D () C:\users\bender90
2014-05-08 03:25 - 2014-05-08 03:25 - 00000000 ____D () C:\Mozilla
2014-05-08 03:17 - 2014-05-07 11:39 - 00000000 __SHD () C:\Program Files (x86)\Windows Manager
2014-05-08 02:50 - 2009-07-13 21:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-08 02:49 - 2009-09-03 01:10 - 00723896 _____ () C:\Windows\PFRO.log
2014-05-08 02:48 - 2014-05-08 02:48 - 00000000 ___SD () C:\Windows\System32\CompatTel
2014-05-08 02:47 - 2013-08-24 05:32 - 00000000 ____D () C:\Windows\System32\MRT
2014-05-08 02:46 - 2011-07-30 09:32 - 90655440 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-05-08 02:39 - 2014-05-08 02:39 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller(1).zip
2014-05-08 02:33 - 2011-08-27 02:04 - 00000000 ____D () C:\Windows\Minidump
2014-05-08 02:30 - 2014-05-08 02:30 - 00000268 _____ () C:\Users\bender90\Desktop\Search.txt
2014-05-08 02:28 - 2014-05-08 02:28 - 00049689 _____ () C:\Users\bender90\Desktop\Addition.txt
2014-05-08 02:28 - 2014-05-08 02:27 - 00047836 _____ () C:\Users\bender90\Desktop\FRST.txt
2014-05-08 02:08 - 2013-07-30 00:44 - 00002070 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-05-08 02:03 - 2013-10-01 09:56 - 00000000 ____D () C:\Program Files (x86)\Mirillis
2014-05-08 01:23 - 2014-05-08 01:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-08 01:22 - 2014-05-08 01:22 - 02347384 _____ (ESET) C:\Users\bender90\Downloads\esetsmartinstaller_deu.exe
2014-05-08 00:39 - 2014-05-08 00:39 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3(1).exe.part
2014-05-08 00:38 - 2014-05-08 00:38 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3.exe
2014-05-08 00:25 - 2014-05-08 00:25 - 00000000 ____D () C:\Users\bender90\AppData\Local\AviraResume
2014-05-07 23:54 - 2014-05-07 23:54 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller.zip
2014-05-07 23:54 - 2014-05-07 23:53 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\bender90\Desktop\tdsskiller.exe
2014-05-07 11:47 - 2014-05-07 11:47 - 00003260 _____ () C:\Windows\System32\Tasks\{CFF8B7A5-524C-4C48-9F12-296002285E7A}
2014-05-07 10:56 - 2014-05-07 10:56 - 00001268 _____ () C:\Users\bender90\Desktop\Revo Uninstaller.lnk
2014-05-07 10:56 - 2014-05-07 10:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 10:55 - 2014-05-07 10:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\bender90\Downloads\revosetup95.exe
2014-05-07 10:26 - 2014-05-07 10:26 - 02063872 _____ (Farbar) C:\Users\bender90\Desktop\FRST64.exe
2014-05-07 09:59 - 2012-10-29 01:36 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Spotify
2014-05-07 09:57 - 2014-05-07 09:57 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-07 09:54 - 2012-11-09 06:41 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\vlc
2014-05-07 09:50 - 2013-10-30 08:43 - 00000000 ____D () C:\Users\bender90\AppData\Local\CrashDumps
2014-05-07 09:49 - 2012-10-29 01:36 - 00000000 ____D () C:\Users\bender90\AppData\Local\Spotify
2014-05-07 03:23 - 2014-03-06 11:49 - 00000000 ____D () C:\ProgramData\PMS
2014-05-05 07:55 - 2011-07-28 08:02 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-05 07:52 - 2011-09-29 01:46 - 00000000 ____D () C:\ProgramData\Origin
2014-05-05 07:52 - 2011-09-29 01:46 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-03 07:07 - 2014-05-07 09:55 - 21158400 __RSH (Mirillis Ltd.) C:\Windows\SysWOW64\Microsoft.com
2014-05-03 07:07 - 2014-05-07 09:55 - 21158400 __RSH (Mirillis Ltd.) C:\ProgramData\Microsoft.com
2014-05-02 08:45 - 2013-10-01 09:57 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Mirillis
2014-05-02 08:45 - 2013-10-01 09:57 - 00000000 ____D () C:\Users\bender90\AppData\Local\Mirillis
2014-05-02 08:44 - 2013-10-01 09:57 - 00000020 _____ () C:\Windows\capsys184523.log
2014-05-02 07:25 - 2011-07-28 08:02 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-04-30 22:39 - 2009-07-13 21:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-30 08:16 - 2014-04-30 08:16 - 00001861 _____ () C:\Users\bender90\Desktop\UseNeXT by Tangysoft.lnk
2014-04-30 08:16 - 2014-04-30 08:16 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-04-30 08:15 - 2014-04-30 08:15 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\bender90\Downloads\UseNeXTSetup_5.63.exe
2014-04-29 08:00 - 2014-05-08 02:47 - 23133184 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-04-29 07:24 - 2014-05-08 02:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-04-29 06:47 - 2014-05-08 02:47 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 06:14 - 2014-05-08 02:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-29 04:38 - 2012-03-29 23:21 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 04:38 - 2012-03-29 23:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 04:38 - 2011-07-28 11:38 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-25 23:06 - 2014-04-25 23:03 - 295347968 _____ (AMD Inc.) C:\Users\bender90\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe
2014-04-17 10:11 - 2014-02-04 06:43 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-04-14 11:03 - 2011-08-02 07:58 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\SoftGrid Client
2014-04-14 09:50 - 2011-08-15 02:09 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\TS3Client
2014-04-13 18:24 - 2014-05-08 02:45 - 00465408 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-04-13 18:19 - 2014-05-08 02:45 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll

Files to move or delete:
====================
C:\Users\bender90\AppData\Roaming\Camdata.ini
C:\Users\bender90\AppData\Roaming\CamLayout.ini
C:\Users\bender90\AppData\Roaming\CamShapes.ini
C:\ProgramData\ldsw_0paos.pad


Some content of TEMP:
====================
C:\Users\bender90\AppData\Local\Temp\avgnt.exe
C:\Users\bender90\AppData\Local\Temp\local.dll
C:\Users\bender90\AppData\Local\Temp\MirillisAction!1.18.0.exe
C:\Users\bender90\AppData\Local\Temp\rootsupd.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points  =========================

Restore point made on: 2014-04-29 07:30:18
Restore point made on: 2014-05-02 04:24:50
Restore point made on: 2014-05-07 09:00:26
Restore point made on: 2014-05-08 02:03:20
Restore point made on: 2014-05-08 02:21:38
Restore point made on: 2014-05-08 02:25:37
Restore point made on: 2014-05-08 02:45:35
Restore point made on: 2014-05-08 04:13:12

==================== Memory info =========================== 

Percentage of memory in use: 7%
Total physical RAM: 16328.07 MB
Available physical RAM: 15100.31 MB
Total Pagefile: 16326.22 MB
Available Pagefile: 15092.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:689.04 GB) (Free:251.49 GB) NTFS
Drive e: (DATA) (Fixed) (Total:689.57 GB) (Free:689.43 GB) NTFS
Drive f: (PQSERVICE) (Fixed) (Total:18.55 GB) (Free:4.57 GB) NTFS
Drive g: (KINGSTON) (Removable) (Total:3.73 GB) (Free:3.73 GB) FAT32
Drive h: (TOSHIBA) (Removable) (Total:28.89 GB) (Free:22.66 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: B2B05A62)
Partition 1: (Not Active) - (Size=19 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=689 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=690 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 2 (Size: 29 GB) (Disk ID: 04EBC27D)
Partition 1: (Active) - (Size=29 GB) - (Type=07 NTFS)


LastRegBack: 2014-05-09 02:49

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 12.05.2014, 14:39   #9
schrauber
/// the machine
/// TB-Ausbilder
 

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Standard

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?



Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKU\bender90\...\RunOnce: [WindowsUpdate] - C:\ProgramData\Microsoft.com [21158400 2014-05-03] (Mirillis Ltd.)
HKU\bender90\...\CurrentVersion\Windows: [Load] C:\ProgramData\Microsoft.com <===== ATTENTION
IFEO\AvastSvc.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\AvastUI.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avcenter.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avconfig.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgcsrvx.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgidsagent.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgnt.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgrsx.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgwdsvc.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avp.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\bdagent.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\ccuac.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\ComboFix.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\egui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\hijackthis.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\instup.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\keyscrambler.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbam.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamgui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbampt.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamscheduler.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamservice.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MpCmdRun.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MSASCui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MsMpEng.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\msseces.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\rstrui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\spybotsd.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\wireshark.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\zlclient.exe: [Debugger] C:\Windows\system32\Microsoft.com
S3 PCDSRVC{1368CD8C-499695F1-06020101}_0; \??\c:\users\bender90\appdata\local\temp\wvsialvzwkma\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{3368CD8C-528FE905-06020101}_0; \??\c:\users\bender90\appdata\local\temp\8bi4_nfmp78t\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{A368CD8C-0AEEE3CC-06020101}_0; \??\c:\users\bender90\appdata\local\temp\ao_cb0cvvayd\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{A368CD8C-62FE955B-06020101}_0; \??\c:\users\bender90\appdata\local\temp\1kn9s8jfcbti\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{F368CD8C-EEA1AE2B-06020101}_0; \??\c:\users\bender90\appdata\local\temp\j8ecgnp9oixx\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
2014-05-08 02:48 - 2014-05-08 02:48 - 00000000 ___SD () C:\Windows\System32\CompatTel
2014-05-07 09:55 - 2014-05-12 02:22 - 00000000 __SHD () C:\ProgramData\Windows Manager
2014-05-07 09:55 - 2014-05-03 07:07 - 21158400 __RSH (Mirillis Ltd.) C:\Windows\SysWOW64\Microsoft.com
2014-05-07 09:55 - 2014-05-03 07:07 - 21158400 __RSH (Mirillis Ltd.) C:\ProgramData\Microsoft.com
C:\Users\bender90\AppData\Roaming\Camdata.ini
C:\Users\bender90\AppData\Roaming\CamLayout.ini
C:\Users\bender90\AppData\Roaming\CamShapes.ini
C:\ProgramData\ldsw_0paos.pad
         
Speichere diese bitte als Fixlist.txt auf deinem USB Stick.
  • Starte deinen Rechner erneut in die Reparaturoptionen
  • Starte nun die FRST.exe erneut und klicke den Entfernen Button.

Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.05.2014, 14:53   #10
bender84
 
winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Standard

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?



Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-05-2014 01
Ran by SYSTEM at 2014-05-12 14:52:18 Run:3
Running from G:\
Boot Mode: Recovery
==============================================

Content of fixlist:
*****************
HKU\bender90\...\RunOnce: [WindowsUpdate] - C:\ProgramData\Microsoft.com [21158400 2014-05-03] (Mirillis Ltd.)
HKU\bender90\...\CurrentVersion\Windows: [Load] C:\ProgramData\Microsoft.com <===== ATTENTION
IFEO\AvastSvc.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\AvastUI.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avcenter.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avconfig.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgcsrvx.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgidsagent.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgnt.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgrsx.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avgwdsvc.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\avp.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\bdagent.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\ccuac.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\ComboFix.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\egui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\hijackthis.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\instup.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\keyscrambler.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbam.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamgui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbampt.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamscheduler.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\mbamservice.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MpCmdRun.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MSASCui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\MsMpEng.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\msseces.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\rstrui.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\spybotsd.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\wireshark.exe: [Debugger] C:\Windows\system32\Microsoft.com
IFEO\zlclient.exe: [Debugger] C:\Windows\system32\Microsoft.com
S3 PCDSRVC{1368CD8C-499695F1-06020101}_0; \??\c:\users\bender90\appdata\local\temp\wvsialvzwkma\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{3368CD8C-528FE905-06020101}_0; \??\c:\users\bender90\appdata\local\temp\8bi4_nfmp78t\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{A368CD8C-0AEEE3CC-06020101}_0; \??\c:\users\bender90\appdata\local\temp\ao_cb0cvvayd\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{A368CD8C-62FE955B-06020101}_0; \??\c:\users\bender90\appdata\local\temp\1kn9s8jfcbti\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
S3 PCDSRVC{F368CD8C-EEA1AE2B-06020101}_0; \??\c:\users\bender90\appdata\local\temp\j8ecgnp9oixx\pcdrdiag\bin\pcdsrvc_x64.pkms [X]
2014-05-08 02:48 - 2014-05-08 02:48 - 00000000 ___SD () C:\Windows\System32\CompatTel
2014-05-07 09:55 - 2014-05-12 02:22 - 00000000 __SHD () C:\ProgramData\Windows Manager
2014-05-07 09:55 - 2014-05-03 07:07 - 21158400 __RSH (Mirillis Ltd.) C:\Windows\SysWOW64\Microsoft.com
2014-05-07 09:55 - 2014-05-03 07:07 - 21158400 __RSH (Mirillis Ltd.) C:\ProgramData\Microsoft.com
C:\Users\bender90\AppData\Roaming\Camdata.ini
C:\Users\bender90\AppData\Roaming\CamLayout.ini
C:\Users\bender90\AppData\Roaming\CamShapes.ini
C:\ProgramData\ldsw_0paos.pad
         
*****************

HKU\bender90\Software\Microsoft\Windows\CurrentVersion\RunOnce\\WindowsUpdate => Value deleted successfully.
HKU\bender90\Software\Microsoft\Windows NT\CurrentVersion\Windows\\Load => Value was restored successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AvastSvc.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AvastUI.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avcenter.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avconfig.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgcsrvx.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgidsagent.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgnt.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgrsx.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgui.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgwdsvc.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avp.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bdagent.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ccuac.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ComboFix.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\egui.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\hijackthis.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\instup.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\keyscrambler.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbam.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbamgui.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbampt.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbamscheduler.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbamservice.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MpCmdRun.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MSASCui.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MsMpEng.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\msseces.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\rstrui.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\spybotsd.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\wireshark.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\zlclient.exe => Key deleted successfully.
PCDSRVC{1368CD8C-499695F1-06020101}_0 => Service deleted successfully.
PCDSRVC{3368CD8C-528FE905-06020101}_0 => Service deleted successfully.
PCDSRVC{A368CD8C-0AEEE3CC-06020101}_0 => Service deleted successfully.
PCDSRVC{A368CD8C-62FE955B-06020101}_0 => Service deleted successfully.
PCDSRVC{F368CD8C-EEA1AE2B-06020101}_0 => Service deleted successfully.
C:\Windows\System32\CompatTel => Moved successfully.
C:\ProgramData\Windows Manager => Moved successfully.
C:\Windows\SysWOW64\Microsoft.com => Moved successfully.
C:\ProgramData\Microsoft.com => Moved successfully.
C:\Users\bender90\AppData\Roaming\Camdata.ini => Moved successfully.
C:\Users\bender90\AppData\Roaming\CamLayout.ini => Moved successfully.
C:\Users\bender90\AppData\Roaming\CamShapes.ini => Moved successfully.
C:\ProgramData\ldsw_0paos.pad => Moved successfully.

==== End of Fixlog ====
         

Alt 13.05.2014, 10:59   #11
schrauber
/// the machine
/// TB-Ausbilder
 

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Standard

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?



Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 13.05.2014, 12:46   #12
bender84
 
winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Standard

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?



Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.05.13.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16661
bender90 :: SVEN [administrator]

13.05.2014 11:58:52
mbar-log-2014-05-13 (11-58-52).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 269023
Time elapsed: 14 minute(s), 21 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 2
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WINMGR.EXE (Trojan.Agent.CMO) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WINMGR.EXE (Trojan.Agent.CMO) -> Delete on reboot.

Registry Values Detected: 1
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce|WindowsUpdate (Trojan.Agent.CMO) -> Data: "C:\Program Files (x86)\Windows Manager\winmgr.exe" -> Delete on reboot.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Users\bender90\AppData\Roaming\dclogs (Stolen.Data) -> Delete on reboot.

Files Detected: 4
C:\Users\bender90\AppData\Roaming\addon.dat (Malware.Trace) -> Delete on reboot.
C:\Users\bender90\AppData\Roaming\logs.dat (Bifrose.Trace) -> Delete on reboot.
C:\Users\bender90\AppData\Roaming\dclogs\2013-01-16-4.dc (Stolen.Data) -> Delete on reboot.
C:\Program Files (x86)\Windows Manager\winmgr.exe (Trojan.Agent.CMO) -> Delete on reboot.

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-05-2014 01
Ran by bender90 (administrator) on SVEN on 13-05-2014 12:46:11
Running from C:\Users\bender90\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
() C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
() C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe
() C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe
(MSI CO.,LTD.) C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\CPU_Ratio.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-06] (Egis Technology Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-12] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [629280 2009-08-18] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM-x32\...\Run: [Live Update 5] => C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe [315392 2012-01-30] ()
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-08-13] (MSI)
HKLM-x32\...\Run: [CommandCenter] => C:\Program Files (x86)\MSI\CommandCenter\StartCommandCenter.exe [809968 2013-09-26] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKU\.DEFAULT\...\CurrentVersion\Windows: [Load] C:\Windows\system32\Microsoft.com <===== ATTENTION
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1825984 2014-04-24] (Valve Corporation)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe [3344384 2010-12-23] ()
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-04-11] (Raptr, Inc)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\MountPoints2: {1fa6036a-93a2-11e1-910a-00040eccce2e} - K:\setup64.exe
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\MountPoints2: {db36818b-b92d-11e0-abaa-00116b983502} - K:\pushinst.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA9CCCD5AD521CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = 
SearchScopes: HKLM-x32 - {609D962F-363E-4443-AFE7-514C6434FBC4} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://startsear.ch/?aff=1&q={searchTerms}
SearchScopes: HKCU - {4327FABE-3C22-4689-8DBF-D226CF777FE9} URL = hxxp://plusnetwork.com/?sp=brw&q={searchTerms}
SearchScopes: HKCU - {609D962F-363E-4443-AFE7-514C6434FBC4} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://startsear.ch/?aff=1&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default
FF SearchEngineOrder.1: Web Search
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.facebook.com/
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.116.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.96.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @stonetrip.com/ShiVaWebPlayer,version=1.8.1.0 - C:\Users\bender90\AppData\Roaming\..\LocalLow\StoneTrip\WebPlayer1.8.1\npShiVa3D_1.8.1.dll (Stonetrip)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icq-search.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icqplugin-3.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\Plusnetwork.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\startsear.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\ich@maltegoetz.de [2013-12-11]
FF Extension: Rain Alarm Extension - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\rain-alarm@mdiener.de [2014-03-27]
FF Extension: WEB.DE MailCheck - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\toolbar@web.de.xpi [2011-12-19]
FF Extension: NoScript - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-07-19]
FF Extension: Adblock Plus - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-19]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []

==================== Services (Whitelisted) =================

S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-23] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-23] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-23] (Avira Operations GmbH & Co. KG)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 MSIBIOSData_CC; C:\Program Files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe [2100736 2013-09-11] (MSI)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe [307712 2013-09-16] ()
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\MSICommService.exe [2114560 2013-09-12] ()
R3 MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe [4110336 2013-09-12] ()
R2 MSICTL_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe [1985536 2013-08-15] ()
S3 MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe [2224640 2013-09-11] ()
S3 MSISaveLoad_CC; C:\Program Files (x86)\MSI\CommandCenter\MSISaveLoadService.exe [3957248 2013-07-18] ()
S3 MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe [177152 2013-09-11] ()
R3 MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe [503808 2013-09-12] ()
S3 MSIWMI_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIWMIService.exe [182272 2013-08-23] ()
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-08-19] (MSI)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
S3 OnlineStorageService; C:\Program Files\Trend Micro SafeSync\hrfscore.exe [7908664 2012-07-12] (Trend Micro Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-28] ()
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [15888 2013-04-01] (Intel(R) Corporation)

==================== Drivers (Whitelisted) ====================

R3 AcpiCtlDrv; C:\Windows\System32\DRIVERS\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-01] (DT Soft Ltd)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21408 2013-08-01] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21920 2013-08-01] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [25448 2013-01-07] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-08-01] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NTIOLib_MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
R3 NTIOLib_MSIRatio_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NTIOLib_MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation                           )
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2013-03-12] (Realtek Semiconductor Corporation                           )
S1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 tap0901_openvpn_accl; C:\Windows\System32\DRIVERS\tap0901_openvpn_accl.sys [37912 2012-08-21] (The OpenVPN Project)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-09-17] (Anchorfree Inc.)
S3 NTIOLib_1_0_C; \??\C:\MSI\MSI SUITE\NTIOLib_X64.sys [X]
S3 NTIOLib_1_1_S; \??\C:\MSI\MSI SUITE\Super-Charger\NTIOLib_X64.sys [X]
S3 NTIOLib_FastBoot; \??\C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteComCen; \??\C:\MSI\MSI SUITE\ControlCenter\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteFB; \??\C:\MSI\MSI SUITE\FastBoot\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-13 12:46 - 2014-05-13 12:46 - 00000000 ____D () C:\Users\bender90\Desktop\FRST-OlderVersion
2014-05-13 11:58 - 2014-05-13 12:44 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-05-13 11:58 - 2014-05-13 12:29 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-13 11:58 - 2014-05-13 11:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-13 11:56 - 2014-05-13 12:44 - 00000000 ____D () C:\Users\bender90\Desktop\mbar
2014-05-13 11:56 - 2014-05-13 12:29 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-13 11:55 - 2014-05-13 11:55 - 12589848 _____ (Malwarebytes Corp.) C:\Users\bender90\Desktop\mbar-1.07.0.1009.exe
2014-05-12 17:49 - 2014-05-12 17:49 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Desktop\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-12 13:01 - 2014-05-12 13:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 12:25 - 2014-05-09 12:29 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe
2014-05-09 12:22 - 2014-05-09 12:22 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe.part
2014-05-09 12:20 - 2014-05-09 12:21 - 05200039 _____ () C:\Users\bender90\Downloads\ComboFix.exe.part
2014-05-08 13:25 - 2014-05-08 13:25 - 00000000 ____D () C:\Mozilla
2014-05-08 12:47 - 2014-04-29 18:00 - 23133184 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-08 12:47 - 2014-04-29 17:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-08 12:47 - 2014-04-29 16:47 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-08 12:47 - 2014-04-29 16:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-08 12:45 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-08 12:45 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 12:45 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-08 12:45 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-05-08 12:45 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-05-08 12:45 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-05-08 12:45 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-05-08 12:45 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-05-08 12:45 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-08 12:45 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-05-08 12:45 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-05-08 12:45 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-05-08 12:45 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-05-08 12:45 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-05-08 12:45 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-05-08 12:45 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-05-08 12:45 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-05-08 12:45 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-05-08 12:45 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-05-08 12:45 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-05-08 12:44 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-05-08 12:39 - 2014-05-08 12:39 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller(1).zip
2014-05-08 12:30 - 2014-05-08 12:30 - 00000268 _____ () C:\Users\bender90\Desktop\Search.txt
2014-05-08 12:28 - 2014-05-08 12:28 - 00049689 _____ () C:\Users\bender90\Desktop\Addition.txt
2014-05-08 12:27 - 2014-05-13 12:46 - 00024241 _____ () C:\Users\bender90\Desktop\FRST.txt
2014-05-08 12:08 - 2014-05-08 12:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-08 11:23 - 2014-05-08 11:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-08 11:22 - 2014-05-08 11:22 - 02347384 _____ (ESET) C:\Users\bender90\Downloads\esetsmartinstaller_deu.exe
2014-05-08 10:42 - 2014-05-08 12:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
2014-05-08 10:39 - 2014-05-08 10:39 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3(1).exe.part
2014-05-08 10:38 - 2014-05-08 10:38 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3.exe
2014-05-08 10:25 - 2014-05-08 10:25 - 00000000 ____D () C:\Users\bender90\AppData\Local\AviraResume
2014-05-08 09:54 - 2014-05-08 09:54 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller.zip
2014-05-08 09:53 - 2014-05-08 09:54 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\bender90\Desktop\tdsskiller.exe
2014-05-07 21:47 - 2014-05-07 21:47 - 00003260 _____ () C:\Windows\System32\Tasks\{CFF8B7A5-524C-4C48-9F12-296002285E7A}
2014-05-07 21:39 - 2014-05-13 12:23 - 00000000 __SHD () C:\Program Files (x86)\Windows Manager
2014-05-07 20:56 - 2014-05-07 20:56 - 00001268 _____ () C:\Users\bender90\Desktop\Revo Uninstaller.lnk
2014-05-07 20:56 - 2014-05-07 20:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 20:55 - 2014-05-07 20:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\bender90\Downloads\revosetup95.exe
2014-05-07 20:27 - 2014-05-13 12:46 - 00000000 ____D () C:\FRST
2014-05-07 20:26 - 2014-05-13 12:46 - 02066944 _____ (Farbar) C:\Users\bender90\Desktop\FRST64.exe
2014-05-07 19:57 - 2014-05-07 19:57 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-04-30 18:16 - 2014-05-12 13:27 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\UseNeXT
2014-04-30 18:16 - 2014-05-12 13:26 - 00000000 ____D () C:\Users\bender90\Documents\UseNeXT
2014-04-30 18:16 - 2014-04-30 18:16 - 00001861 _____ () C:\Users\bender90\Desktop\UseNeXT by Tangysoft.lnk
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-04-30 18:15 - 2014-04-30 18:15 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\bender90\Downloads\UseNeXTSetup_5.63.exe
2014-04-26 09:03 - 2014-04-26 09:06 - 295347968 _____ (AMD Inc.) C:\Users\bender90\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe

==================== One Month Modified Files and Folders =======

2014-05-13 12:46 - 2014-05-13 12:46 - 00000000 ____D () C:\Users\bender90\Desktop\FRST-OlderVersion
2014-05-13 12:46 - 2014-05-08 12:27 - 00024241 _____ () C:\Users\bender90\Desktop\FRST.txt
2014-05-13 12:46 - 2014-05-07 20:27 - 00000000 ____D () C:\FRST
2014-05-13 12:46 - 2014-05-07 20:26 - 02066944 _____ (Farbar) C:\Users\bender90\Desktop\FRST64.exe
2014-05-13 12:44 - 2014-05-13 11:58 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-05-13 12:44 - 2014-05-13 11:56 - 00000000 ____D () C:\Users\bender90\Desktop\mbar
2014-05-13 12:40 - 2012-03-30 09:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-13 12:32 - 2009-07-14 06:45 - 00022832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-13 12:32 - 2009-07-14 06:45 - 00022832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-13 12:31 - 2011-06-17 17:37 - 00699884 _____ () C:\Windows\system32\perfh007.dat
2014-05-13 12:31 - 2011-06-17 17:37 - 00149766 _____ () C:\Windows\system32\perfc007.dat
2014-05-13 12:31 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-13 12:29 - 2014-05-13 11:58 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-13 12:29 - 2014-05-13 11:56 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-13 12:29 - 2011-06-17 07:45 - 01487802 _____ () C:\Windows\WindowsUpdate.log
2014-05-13 12:26 - 2014-02-04 16:45 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Raptr
2014-05-13 12:25 - 2013-04-16 20:33 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-13 12:25 - 2013-02-08 10:58 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-13 12:24 - 2011-08-27 12:04 - 00000000 ____D () C:\Windows\Minidump
2014-05-13 12:24 - 2009-09-03 11:10 - 00725172 _____ () C:\Windows\PFRO.log
2014-05-13 12:24 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-13 12:24 - 2009-07-14 06:51 - 00325024 _____ () C:\Windows\setupact.log
2014-05-13 12:23 - 2014-05-07 21:39 - 00000000 __SHD () C:\Program Files (x86)\Windows Manager
2014-05-13 11:59 - 2013-02-08 10:58 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-13 11:58 - 2014-05-13 11:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-13 11:55 - 2014-05-13 11:55 - 12589848 _____ (Malwarebytes Corp.) C:\Users\bender90\Desktop\mbar-1.07.0.1009.exe
2014-05-12 17:49 - 2014-05-12 17:49 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Desktop\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-12 14:06 - 2012-04-26 17:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 13:27 - 2014-04-30 18:16 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\UseNeXT
2014-05-12 13:26 - 2014-04-30 18:16 - 00000000 ____D () C:\Users\bender90\Documents\UseNeXT
2014-05-12 13:01 - 2014-05-12 13:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-12 12:31 - 2013-05-28 10:52 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C0979D09-93B8-4BB6-A5B3-C8605BA24C41}
2014-05-09 12:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-09 12:29 - 2014-05-09 12:25 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe
2014-05-09 12:22 - 2014-05-09 12:22 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe.part
2014-05-09 12:21 - 2014-05-09 12:20 - 05200039 _____ () C:\Users\bender90\Downloads\ComboFix.exe.part
2014-05-09 11:54 - 2013-02-08 10:58 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-09 11:54 - 2013-02-08 10:58 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-08 14:09 - 2011-06-20 18:33 - 00000000 ____D () C:\Users\bender90
2014-05-08 13:25 - 2014-05-08 13:25 - 00000000 ____D () C:\Mozilla
2014-05-08 12:50 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-08 12:47 - 2013-08-24 15:32 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-08 12:46 - 2011-07-30 19:32 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-08 12:39 - 2014-05-08 12:39 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller(1).zip
2014-05-08 12:30 - 2014-05-08 12:30 - 00000268 _____ () C:\Users\bender90\Desktop\Search.txt
2014-05-08 12:28 - 2014-05-08 12:28 - 00049689 _____ () C:\Users\bender90\Desktop\Addition.txt
2014-05-08 12:08 - 2014-05-08 12:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-08 12:08 - 2013-07-30 10:44 - 00002070 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-05-08 12:03 - 2014-05-08 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
2014-05-08 12:03 - 2013-10-01 19:56 - 00000000 ____D () C:\Program Files (x86)\Mirillis
2014-05-08 11:23 - 2014-05-08 11:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-08 11:22 - 2014-05-08 11:22 - 02347384 _____ (ESET) C:\Users\bender90\Downloads\esetsmartinstaller_deu.exe
2014-05-08 10:39 - 2014-05-08 10:39 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3(1).exe.part
2014-05-08 10:38 - 2014-05-08 10:38 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3.exe
2014-05-08 10:25 - 2014-05-08 10:25 - 00000000 ____D () C:\Users\bender90\AppData\Local\AviraResume
2014-05-08 09:54 - 2014-05-08 09:54 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller.zip
2014-05-08 09:54 - 2014-05-08 09:53 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\bender90\Desktop\tdsskiller.exe
2014-05-07 21:48 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-07 21:47 - 2014-05-07 21:47 - 00003260 _____ () C:\Windows\System32\Tasks\{CFF8B7A5-524C-4C48-9F12-296002285E7A}
2014-05-07 20:56 - 2014-05-07 20:56 - 00001268 _____ () C:\Users\bender90\Desktop\Revo Uninstaller.lnk
2014-05-07 20:56 - 2014-05-07 20:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 20:55 - 2014-05-07 20:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\bender90\Downloads\revosetup95.exe
2014-05-07 19:59 - 2012-10-29 11:36 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Spotify
2014-05-07 19:57 - 2014-05-07 19:57 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-07 19:54 - 2012-11-09 16:41 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\vlc
2014-05-07 19:50 - 2013-10-30 18:43 - 00000000 ____D () C:\Users\bender90\AppData\Local\CrashDumps
2014-05-07 19:49 - 2012-10-29 11:36 - 00000000 ____D () C:\Users\bender90\AppData\Local\Spotify
2014-05-07 13:23 - 2014-03-06 21:49 - 00000000 ____D () C:\ProgramData\PMS
2014-05-05 17:55 - 2011-07-28 18:02 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-05 17:52 - 2011-09-29 11:46 - 00000000 ____D () C:\ProgramData\Origin
2014-05-05 17:52 - 2011-09-29 11:46 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-02 18:45 - 2013-10-01 19:57 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Mirillis
2014-05-02 18:45 - 2013-10-01 19:57 - 00000000 ____D () C:\Users\bender90\AppData\Local\Mirillis
2014-05-02 18:44 - 2013-10-01 19:57 - 00000020 _____ () C:\Windows\capsys184523.log
2014-05-02 17:25 - 2011-07-28 18:02 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-05-01 08:39 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-30 18:16 - 2014-04-30 18:16 - 00001861 _____ () C:\Users\bender90\Desktop\UseNeXT by Tangysoft.lnk
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-04-30 18:15 - 2014-04-30 18:15 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\bender90\Downloads\UseNeXTSetup_5.63.exe
2014-04-29 18:00 - 2014-05-08 12:47 - 23133184 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 17:24 - 2014-05-08 12:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 16:47 - 2014-05-08 12:47 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 16:14 - 2014-05-08 12:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-29 14:38 - 2012-03-30 09:21 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 14:38 - 2012-03-30 09:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 14:38 - 2011-07-28 21:38 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-26 09:06 - 2014-04-26 09:03 - 295347968 _____ (AMD Inc.) C:\Users\bender90\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe
2014-04-17 20:11 - 2014-02-04 16:43 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-04-14 21:03 - 2011-08-02 17:58 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\SoftGrid Client
2014-04-14 19:50 - 2011-08-15 12:09 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\TS3Client
2014-04-14 04:24 - 2014-05-08 12:45 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:19 - 2014-05-08 12:45 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

Some content of TEMP:
====================
C:\Users\bender90\AppData\Local\Temp\avgnt.exe
C:\Users\bender90\AppData\Local\Temp\local.dll
C:\Users\bender90\AppData\Local\Temp\MirillisAction!1.18.0.exe
C:\Users\bender90\AppData\Local\Temp\rootsupd.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-09 12:49

==================== End Of Log ============================
         
--- --- ---

Alt 14.05.2014, 12:18   #13
schrauber
/// the machine
/// TB-Ausbilder
 

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Standard

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?



Zum Mäuse melken. Frisches FRST Scanlog aus der Recovery bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 14.05.2014, 13:29   #14
bender84
 
winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Standard

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?



oh sorry...


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-05-2014 01
Ran by SYSTEM on MININT-NJ51FVU on 14-05-2014 13:28:24
Running from H:\
Platform: Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.




==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-06] (Egis Technology Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-12] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [629280 2009-08-17] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [0 ] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM-x32\...\Run: [Live Update 5] => C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe [315392 2012-01-30] ()
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-08-13] (MSI)
HKLM-x32\...\Run: [CommandCenter] => C:\Program Files (x86)\MSI\CommandCenter\StartCommandCenter.exe [809968 2013-09-26] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKU\bender90\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\bender90\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1825984 2014-04-23] (Valve Corporation)
HKU\bender90\...\Run: [OscarEditor] => C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe [3344384 2010-12-23] ()
HKU\bender90\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-04-11] (Raptr, Inc)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-21] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-21] ()

==================== Services (Whitelisted) =================

S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [0 ] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [0 ] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [0 ] (Avira Operations GmbH & Co. KG)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
S2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] ()
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
S3 MSIBIOSData_CC; C:\Program Files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe [2100736 2013-09-11] (MSI)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe [307712 2013-09-16] ()
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\MSICommService.exe [2114560 2013-09-12] ()
S3 MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe [4110336 2013-09-12] ()
S2 MSICTL_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe [1985536 2013-08-15] ()
S3 MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe [2224640 2013-09-11] ()
S3 MSISaveLoad_CC; C:\Program Files (x86)\MSI\CommandCenter\MSISaveLoadService.exe [3957248 2013-07-18] ()
S3 MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe [177152 2013-09-11] ()
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe [503808 2013-09-12] ()
S3 MSIWMI_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIWMIService.exe [182272 2013-08-23] ()
S2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-08-19] (MSI)
S2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
S3 OnlineStorageService; C:\Program Files\Trend Micro SafeSync\hrfscore.exe [7908664 2012-07-12] (Trend Micro Inc.)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-28] ()
S2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [15888 2013-03-31] (Intel(R) Corporation)

==================== Drivers (Whitelisted) ====================

S3 AcpiCtlDrv; C:\Windows\System32\DRIVERS\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-21] (AVM Berlin)
S1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-01] (DT Soft Ltd)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-21] (AVM GmbH)
S3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21408 2013-08-01] ()
S3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21920 2013-08-01] ()
S3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
S2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [25448 2013-01-06] (Intel Corporation)
S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-08-01] ()
S3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
S3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
S3 NTIOLib_MSIRatio_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S4 NTIOLib_MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation                           )
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2013-03-12] (Realtek Semiconductor Corporation                           )
S3 tap0901_openvpn_accl; C:\Windows\System32\DRIVERS\tap0901_openvpn_accl.sys [37912 2012-08-20] (The OpenVPN Project)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-09-17] (Anchorfree Inc.)
S3 NTIOLib_1_0_C; \??\C:\MSI\MSI SUITE\NTIOLib_X64.sys [X]
S3 NTIOLib_1_1_S; \??\C:\MSI\MSI SUITE\Super-Charger\NTIOLib_X64.sys [X]
S3 NTIOLib_FastBoot; \??\C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteComCen; \??\C:\MSI\MSI SUITE\ControlCenter\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteFB; \??\C:\MSI\MSI SUITE\FastBoot\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-13 04:20 - 2014-05-13 04:20 - 00002141 _____ () C:\Users\bender90\Desktop\SpyBot - Search & Destroy - CHIP Downloader.lnk
2014-05-13 02:46 - 2014-05-13 02:46 - 00000000 ____D () C:\Users\bender90\Desktop\FRST-OlderVersion
2014-05-13 01:58 - 2014-05-13 02:29 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2014-05-13 01:58 - 2014-05-13 01:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-13 01:56 - 2014-05-13 02:44 - 00000000 ____D () C:\Users\bender90\Desktop\mbar
2014-05-13 01:56 - 2014-05-13 02:29 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
2014-05-13 01:55 - 2014-05-13 01:55 - 12589848 _____ (Malwarebytes Corp.) C:\Users\bender90\Desktop\mbar-1.07.0.1009.exe
2014-05-12 07:49 - 2014-05-12 07:49 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Desktop\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-12 03:01 - 2014-05-12 03:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 02:25 - 2014-05-09 02:29 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe
2014-05-09 02:22 - 2014-05-09 02:22 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe.part
2014-05-09 02:20 - 2014-05-09 02:21 - 05200039 _____ () C:\Users\bender90\Downloads\ComboFix.exe.part
2014-05-08 03:25 - 2014-05-08 03:25 - 00000000 ____D () C:\Mozilla
2014-05-08 02:47 - 2014-04-29 08:00 - 23133184 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-05-08 02:47 - 2014-04-29 07:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-05-08 02:47 - 2014-04-29 06:47 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-08 02:47 - 2014-04-29 06:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-08 02:45 - 2014-04-13 18:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-05-08 02:45 - 2014-04-13 18:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2014-05-08 02:45 - 2014-03-04 01:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2014-05-08 02:45 - 2014-03-04 01:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2014-05-08 02:45 - 2014-03-04 01:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2014-05-08 02:45 - 2014-03-04 01:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2014-05-08 02:45 - 2014-03-04 01:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2014-05-08 02:45 - 2014-03-04 01:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-05-08 02:45 - 2014-03-04 01:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-08 02:45 - 2014-03-04 01:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-05-08 02:45 - 2014-03-04 01:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-05-08 02:45 - 2014-03-04 00:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-05-08 02:45 - 2014-03-04 00:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-05-08 02:45 - 2014-02-03 18:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2014-05-08 02:45 - 2014-02-03 18:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2014-05-08 02:45 - 2014-02-03 18:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2014-05-08 02:45 - 2014-02-03 18:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\iologmsg.dll
2014-05-08 02:45 - 2014-02-03 18:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-05-08 02:45 - 2014-01-08 18:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-05-08 02:45 - 2014-01-03 14:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2014-05-08 02:44 - 2014-01-23 18:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2014-05-08 02:39 - 2014-05-08 02:39 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller(1).zip
2014-05-08 02:30 - 2014-05-08 02:30 - 00000268 _____ () C:\Users\bender90\Desktop\Search.txt
2014-05-08 02:28 - 2014-05-08 02:28 - 00049689 _____ () C:\Users\bender90\Desktop\Addition.txt
2014-05-08 02:27 - 2014-05-13 02:46 - 00042101 _____ () C:\Users\bender90\Desktop\FRST.txt
2014-05-08 01:23 - 2014-05-08 01:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-08 01:22 - 2014-05-08 01:22 - 02347384 _____ (ESET) C:\Users\bender90\Downloads\esetsmartinstaller_deu.exe
2014-05-08 00:39 - 2014-05-08 00:39 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3(1).exe.part
2014-05-08 00:38 - 2014-05-08 00:38 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3.exe
2014-05-08 00:25 - 2014-05-08 00:25 - 00000000 ____D () C:\Users\bender90\AppData\Local\AviraResume
2014-05-07 23:54 - 2014-05-07 23:54 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller.zip
2014-05-07 23:53 - 2014-05-07 23:54 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\bender90\Desktop\tdsskiller.exe
2014-05-07 11:47 - 2014-05-07 11:47 - 00003260 _____ () C:\Windows\System32\Tasks\{CFF8B7A5-524C-4C48-9F12-296002285E7A}
2014-05-07 11:39 - 2014-05-13 02:23 - 00000000 __SHD () C:\Program Files (x86)\Windows Manager
2014-05-07 10:56 - 2014-05-07 10:56 - 00001268 _____ () C:\Users\bender90\Desktop\Revo Uninstaller.lnk
2014-05-07 10:56 - 2014-05-07 10:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 10:55 - 2014-05-07 10:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\bender90\Downloads\revosetup95.exe
2014-05-07 10:27 - 2014-05-14 13:28 - 00000000 ____D () C:\FRST
2014-05-07 10:26 - 2014-05-13 02:46 - 02066944 _____ (Farbar) C:\Users\bender90\Desktop\FRST64.exe
2014-05-07 09:57 - 2014-05-07 09:57 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-04-30 08:16 - 2014-05-12 03:27 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\UseNeXT
2014-04-30 08:16 - 2014-05-12 03:26 - 00000000 ____D () C:\Users\bender90\Documents\UseNeXT
2014-04-30 08:16 - 2014-04-30 08:16 - 00001861 _____ () C:\Users\bender90\Desktop\UseNeXT by Tangysoft.lnk
2014-04-30 08:16 - 2014-04-30 08:16 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-04-30 08:15 - 2014-04-30 08:15 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\bender90\Downloads\UseNeXTSetup_5.63.exe
2014-04-25 23:03 - 2014-04-25 23:06 - 295347968 _____ (AMD Inc.) C:\Users\bender90\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe

==================== One Month Modified Files and Folders =======

2014-05-14 13:28 - 2014-05-07 10:27 - 00000000 ____D () C:\FRST
2014-05-14 03:25 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-14 03:25 - 2009-07-13 20:51 - 00326452 _____ () C:\Windows\setupact.log
2014-05-13 04:38 - 2011-06-16 21:45 - 01488585 _____ () C:\Windows\WindowsUpdate.log
2014-05-13 04:20 - 2014-05-13 04:20 - 00002141 _____ () C:\Users\bender90\Desktop\SpyBot - Search & Destroy - CHIP Downloader.lnk
2014-05-13 03:59 - 2013-02-08 00:58 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-13 03:40 - 2012-03-29 23:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-13 03:12 - 2013-05-28 00:52 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C0979D09-93B8-4BB6-A5B3-C8605BA24C41}
2014-05-13 02:46 - 2014-05-13 02:46 - 00000000 ____D () C:\Users\bender90\Desktop\FRST-OlderVersion
2014-05-13 02:46 - 2014-05-08 02:27 - 00042101 _____ () C:\Users\bender90\Desktop\FRST.txt
2014-05-13 02:46 - 2014-05-07 10:26 - 02066944 _____ (Farbar) C:\Users\bender90\Desktop\FRST64.exe
2014-05-13 02:44 - 2014-05-13 01:56 - 00000000 ____D () C:\Users\bender90\Desktop\mbar
2014-05-13 02:32 - 2009-07-13 20:45 - 00022832 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-13 02:32 - 2009-07-13 20:45 - 00022832 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-13 02:31 - 2011-06-17 07:37 - 00699884 _____ () C:\Windows\System32\perfh007.dat
2014-05-13 02:31 - 2011-06-17 07:37 - 00149766 _____ () C:\Windows\System32\perfc007.dat
2014-05-13 02:31 - 2009-07-13 21:13 - 01622236 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-05-13 02:29 - 2014-05-13 01:58 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2014-05-13 02:29 - 2014-05-13 01:56 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
2014-05-13 02:26 - 2014-02-04 06:45 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Raptr
2014-05-13 02:25 - 2013-04-16 10:33 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-13 02:25 - 2013-02-08 00:58 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-13 02:24 - 2011-08-27 02:04 - 00000000 ____D () C:\Windows\Minidump
2014-05-13 02:24 - 2009-09-03 01:10 - 00725172 _____ () C:\Windows\PFRO.log
2014-05-13 02:23 - 2014-05-07 11:39 - 00000000 __SHD () C:\Program Files (x86)\Windows Manager
2014-05-13 01:58 - 2014-05-13 01:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-13 01:55 - 2014-05-13 01:55 - 12589848 _____ (Malwarebytes Corp.) C:\Users\bender90\Desktop\mbar-1.07.0.1009.exe
2014-05-12 07:49 - 2014-05-12 07:49 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Desktop\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-12 04:06 - 2012-04-26 07:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 03:27 - 2014-04-30 08:16 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\UseNeXT
2014-05-12 03:26 - 2014-04-30 08:16 - 00000000 ____D () C:\Users\bender90\Documents\UseNeXT
2014-05-12 03:01 - 2014-05-12 03:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 02:56 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-05-09 02:29 - 2014-05-09 02:25 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe
2014-05-09 02:22 - 2014-05-09 02:22 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe.part
2014-05-09 02:21 - 2014-05-09 02:20 - 05200039 _____ () C:\Users\bender90\Downloads\ComboFix.exe.part
2014-05-09 01:54 - 2013-02-08 00:58 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-09 01:54 - 2013-02-08 00:58 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-08 04:09 - 2011-06-20 08:33 - 00000000 ____D () C:\users\bender90
2014-05-08 03:25 - 2014-05-08 03:25 - 00000000 ____D () C:\Mozilla
2014-05-08 02:50 - 2009-07-13 21:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-08 02:47 - 2013-08-24 05:32 - 00000000 ____D () C:\Windows\System32\MRT
2014-05-08 02:46 - 2011-07-30 09:32 - 90655440 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-05-08 02:39 - 2014-05-08 02:39 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller(1).zip
2014-05-08 02:30 - 2014-05-08 02:30 - 00000268 _____ () C:\Users\bender90\Desktop\Search.txt
2014-05-08 02:28 - 2014-05-08 02:28 - 00049689 _____ () C:\Users\bender90\Desktop\Addition.txt
2014-05-08 02:08 - 2013-07-30 00:44 - 00002070 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-05-08 02:03 - 2013-10-01 09:56 - 00000000 ____D () C:\Program Files (x86)\Mirillis
2014-05-08 01:23 - 2014-05-08 01:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-08 01:22 - 2014-05-08 01:22 - 02347384 _____ (ESET) C:\Users\bender90\Downloads\esetsmartinstaller_deu.exe
2014-05-08 00:39 - 2014-05-08 00:39 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3(1).exe.part
2014-05-08 00:38 - 2014-05-08 00:38 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3.exe
2014-05-08 00:25 - 2014-05-08 00:25 - 00000000 ____D () C:\Users\bender90\AppData\Local\AviraResume
2014-05-07 23:54 - 2014-05-07 23:54 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller.zip
2014-05-07 23:54 - 2014-05-07 23:53 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\bender90\Desktop\tdsskiller.exe
2014-05-07 11:47 - 2014-05-07 11:47 - 00003260 _____ () C:\Windows\System32\Tasks\{CFF8B7A5-524C-4C48-9F12-296002285E7A}
2014-05-07 10:56 - 2014-05-07 10:56 - 00001268 _____ () C:\Users\bender90\Desktop\Revo Uninstaller.lnk
2014-05-07 10:56 - 2014-05-07 10:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 10:55 - 2014-05-07 10:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\bender90\Downloads\revosetup95.exe
2014-05-07 09:59 - 2012-10-29 01:36 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Spotify
2014-05-07 09:57 - 2014-05-07 09:57 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-07 09:54 - 2012-11-09 06:41 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\vlc
2014-05-07 09:50 - 2013-10-30 08:43 - 00000000 ____D () C:\Users\bender90\AppData\Local\CrashDumps
2014-05-07 09:49 - 2012-10-29 01:36 - 00000000 ____D () C:\Users\bender90\AppData\Local\Spotify
2014-05-07 03:23 - 2014-03-06 11:49 - 00000000 ____D () C:\ProgramData\PMS
2014-05-05 07:55 - 2011-07-28 08:02 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-05 07:52 - 2011-09-29 01:46 - 00000000 ____D () C:\ProgramData\Origin
2014-05-05 07:52 - 2011-09-29 01:46 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-02 08:45 - 2013-10-01 09:57 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Mirillis
2014-05-02 08:45 - 2013-10-01 09:57 - 00000000 ____D () C:\Users\bender90\AppData\Local\Mirillis
2014-05-02 08:44 - 2013-10-01 09:57 - 00000020 _____ () C:\Windows\capsys184523.log
2014-05-02 07:25 - 2011-07-28 08:02 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-04-30 22:39 - 2009-07-13 21:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-30 08:16 - 2014-04-30 08:16 - 00001861 _____ () C:\Users\bender90\Desktop\UseNeXT by Tangysoft.lnk
2014-04-30 08:16 - 2014-04-30 08:16 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-04-30 08:15 - 2014-04-30 08:15 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\bender90\Downloads\UseNeXTSetup_5.63.exe
2014-04-29 08:00 - 2014-05-08 02:47 - 23133184 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-04-29 07:24 - 2014-05-08 02:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-04-29 06:47 - 2014-05-08 02:47 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 06:14 - 2014-05-08 02:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-29 04:38 - 2012-03-29 23:21 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 04:38 - 2012-03-29 23:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 04:38 - 2011-07-28 11:38 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-25 23:06 - 2014-04-25 23:03 - 295347968 _____ (AMD Inc.) C:\Users\bender90\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe
2014-04-17 10:11 - 2014-02-04 06:43 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-04-14 11:03 - 2011-08-02 07:58 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\SoftGrid Client
2014-04-14 09:50 - 2011-08-15 02:09 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\TS3Client

Some content of TEMP:
====================
C:\Users\bender90\AppData\Local\Temp\avgnt.exe
C:\Users\bender90\AppData\Local\Temp\local.dll
C:\Users\bender90\AppData\Local\Temp\MirillisAction!1.18.0.exe
C:\Users\bender90\AppData\Local\Temp\rootsupd.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points  =========================

Restore point made on: 2014-04-29 07:30:18
Restore point made on: 2014-05-02 04:24:50
Restore point made on: 2014-05-07 09:00:26
Restore point made on: 2014-05-08 02:03:20
Restore point made on: 2014-05-08 02:21:38
Restore point made on: 2014-05-08 02:25:37
Restore point made on: 2014-05-08 02:45:35
Restore point made on: 2014-05-08 04:13:12
Restore point made on: 2014-05-13 02:23:17

==================== Memory info =========================== 

Percentage of memory in use: 7%
Total physical RAM: 16328.07 MB
Available physical RAM: 15096.59 MB
Total Pagefile: 16326.22 MB
Available Pagefile: 15081.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:689.04 GB) (Free:250.8 GB) NTFS
Drive e: (DATA) (Fixed) (Total:689.57 GB) (Free:689.43 GB) NTFS
Drive f: (PQSERVICE) (Fixed) (Total:18.55 GB) (Free:4.57 GB) NTFS
Drive h: (KINGSTON) (Removable) (Total:3.73 GB) (Free:3.73 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: B2B05A62)
Partition 1: (Not Active) - (Size=19 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=689 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=690 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.


LastRegBack: 2014-05-09 02:49

==================== End Of Log ============================
         
--- --- ---

Alt 15.05.2014, 10:42   #15
schrauber
/// the machine
/// TB-Ausbilder
 

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Standard

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?



Ok, jetzt schnall ich nix mehr, jetzt isses weg. Frisches FRST log aus dem normalen Modus bitte. Welche Probleme bestehen noch?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?
antivir, association, bifrose.trace, blockiert, branding, browser, converter, desktop, dvdvideosoft ltd., excel, firefox, flash player, homepage, launch, malware.trace, msiexec.exe, prozess, realtek, registry, safer networking, scan, security, software, spotify web helper, spyware, stolen.data, svchost.exe, system, trojan.agent.cmo, warum



Ähnliche Themen: winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?


  1. Avira Echtzeit-Scanner: Zugriff auf Registry wurde blockiert - die Zweite -
    Plagegeister aller Art und deren Bekämpfung - 26.05.2015 (21)
  2. Avira Echtzeit-Scanner: Zugriff auf Registry wurde blockiert
    Plagegeister aller Art und deren Bekämpfung - 07.05.2015 (28)
  3. Avira meldet Zugriff auf Registry wurde blockiert, Windows Log File zeigt asiatische Zeichen an
    Plagegeister aller Art und deren Bekämpfung - 11.04.2015 (3)
  4. Win7 - Speicherplatz verringert sich, Zugriff auf eigene Ordner blockiert
    Log-Analyse und Auswertung - 10.02.2015 (11)
  5. winmgr.exe blockiert Zugriff auf Antivirenprogramme
    Plagegeister aller Art und deren Bekämpfung - 29.04.2014 (1)
  6. ESET meldet Zugriff auf Seite blockiert - im Log steht Variante von Win32/Kryptik.BEFI
    Plagegeister aller Art und deren Bekämpfung - 27.06.2013 (19)
  7. Weißer Bildschirm (Polizei-Trojaner) blockiert jeglichen Zugriff (Vista)
    Log-Analyse und Auswertung - 12.05.2013 (13)
  8. Polizei-Trojaner blockiert jeglichen Zugriff
    Plagegeister aller Art und deren Bekämpfung - 09.05.2013 (3)
  9. avast! hat den Zugriff auf eine infizierte Webseite blockiert
    Plagegeister aller Art und deren Bekämpfung - 22.09.2012 (23)
  10. Kein Zugriff auf PC - "Aus Sicherheitsgründen wurde Ihr Windowssystem blockiert"
    Plagegeister aller Art und deren Bekämpfung - 25.05.2012 (6)
  11. Windows blockiert (Bundestrojaner) - Wie soll ich OTL installieren, da kein Zugriff!
    Log-Analyse und Auswertung - 20.12.2011 (23)
  12. Warnmeldung von Avira Y: autorun.inf' - Zugriff aus Sicherheitsgründen blockiert
    Plagegeister aller Art und deren Bekämpfung - 23.09.2011 (40)
  13. Virus blockiert alle Antivirenprogramme !
    Log-Analyse und Auswertung - 26.08.2010 (1)
  14. winmgr.exe ?
    Log-Analyse und Auswertung - 10.05.2010 (16)
  15. Firefox leitet ungewollt um, Antivirenprogramme werden blockiert
    Plagegeister aller Art und deren Bekämpfung - 12.02.2010 (48)
  16. Zugriff auf Taskmanager u. Anwendungen wird blockiert, aufpoppende Alerts u. a.
    Plagegeister aller Art und deren Bekämpfung - 05.02.2010 (17)
  17. avast blockiert Zugriff auf roore.ws/updatet.exe
    Plagegeister aller Art und deren Bekämpfung - 16.11.2009 (15)

Zum Thema winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Hallo ein Prob mein vater hat den Anhang einer mail geöffnet und es wurde was installiert...nun lassen sich meine Antivierenprogramme nicht öffnen.... Vielleicht könnt ihr mir ja helfen.Vielen Dank Code: - winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?...
Archiv
Du betrachtest: winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.