Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: microsoft essentials update nicht möglich aufgrund eines Schädlings.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 10.06.2014, 16:13   #1
papsti7
 
microsoft essentials update nicht möglich aufgrund eines Schädlings. - Unglücklich

microsoft essentials update nicht möglich aufgrund eines Schädlings.



Hallo leute.
Ich habe ein problem mit dem Microsoft essentials update und zwar ist es nicht möglich es zu aktualisieren einer angeblichen Zeitüberschreitung der Verbindung. Des Weiteren kann ich Malewarebyte gar nicht auf den neuesten Stand bringen und komme auf gewisse Webseiten wie microsoft nicht. Das Problem tritt seit gestern auf und davor hat das Antiviren programm Essentials ein paar Schädlinge gefunden aber die Logfiles dazu gibt es nicht das ich das programm probiert habe nicht zu installieren. *eigentor*
hier die log files :
defogger_disable :
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 15:45 on 10/06/2014 (stefan)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
FRST.txt :

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-06-2014
Ran by stefan (administrator) on GAMING-PC on 10-06-2014 15:47:13
Running from C:\Users\stefan\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Almico Software (www.almico.com)) C:\Program Files (x86)\SpeedFan\speedfan.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe
() C:\Windows\DAODx.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AsDLNAServerReal.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-19] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2008-06-03] (ASUSTek Computer Inc.)
HKU\S-1-5-21-3958687591-1953258758-244339918-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe [3340288 2012-03-20] ()
HKU\S-1-5-21-3958687591-1953258758-244339918-1000\...\Run: [02HKMQUVfrz] => C:\ProgramData\02HKMQUVfrz.exe
HKU\S-1-5-21-3958687591-1953258758-244339918-1000\...\Run: [179FGNObdtz] => C:\ProgramData\179FGNObdtz.exe
HKU\S-1-5-21-3958687591-1953258758-244339918-1000\...\Run: [4589EOPdjkmswxz] => C:\ProgramData\4589EOPdjkmswxz.exe
HKU\S-1-5-21-3958687591-1953258758-244339918-1000\...\Run: [0468GMNOXaghmoz] => C:\ProgramData\0468GMNOXaghmoz.exe
HKU\S-1-5-21-3958687591-1953258758-244339918-1000\...\MountPoints2: {744791b4-316b-11dd-993f-806e6f6e6963} - D:\.\Bin\ASSETUP.exe

==================== Internet (Whitelisted) ====================

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\dev\java\jdk1.7\jre\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\dev\java\jdk1.7\jre\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{7E80EE2E-1C94-4073-8EB8-E7FA0F1FB41B}: [NameServer]5.39.219.212
Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer]5.39.219.212
Tcpip\..\Interfaces\{D67606F5-D55C-4711-B950-76209C87EDD8}: [NameServer]5.39.219.212

FireFox:
========
FF ProfilePath: C:\Users\stefan\AppData\Roaming\Mozilla\Firefox\Profiles\q8udpxgg.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - E:\dev\java\jdk1.7\jre\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - E:\dev\java\jdk1.7\jre\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome: 
=======
CHR HomePage: hxxp://www.google.at/
CHR StartupUrls: "hxxp://www.google.at/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Norton Confidential) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.0.0.72_0\npcoplgn.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.210.11) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Extension: (YouTube) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2008-06-03]
CHR Extension: (Google-Suche) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2008-06-03]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2014-04-28]
CHR Extension: (Premiumize.me) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lojbjecfjcnaledoelddkcjlifhhfebm [2014-05-16]
CHR Extension: (Google Wallet) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-06]
CHR Extension: (Google Chrome to Phone Extension) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2014-03-06]
CHR Extension: (Google Mail) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2008-06-03]

==================== Services (Whitelisted) =================

S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.) [File not signed]
S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-09-17] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2013-09-17] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
S2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe [1632256 2012-11-09] (ASUSTeK Computer Inc.) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-01] ()
S4 SbieSvc; E:\Programme\Sandboxie\SbieSvc.exe [187592 2014-01-17] (Sandboxie Holdings, LLC)
S4 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16000 2014-02-10] (Seagate Technology LLC)
S4 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [157264 2014-02-10] (Seagate Technology LLC)

==================== Drivers (Whitelisted) ====================

R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2008-06-03] (ASUSTek Computer Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2013-01-15] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-06] (Disc Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 SbieDrv; E:\Programme\Sandboxie\SbieDrv.sys [202600 2014-01-17] (Sandboxie Holdings, LLC)
S3 RTL8192cu; system32\DRIVERS\RTL8192cu.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-10 15:47 - 2014-06-10 15:47 - 00012215 _____ () C:\Users\stefan\Desktop\FRST.txt
2014-06-10 15:47 - 2014-06-10 15:47 - 00000000 ____D () C:\FRST
2014-06-10 15:46 - 2014-06-10 15:46 - 02080768 _____ (Farbar) C:\Users\stefan\Desktop\FRST64.exe
2014-06-10 15:45 - 2014-06-10 15:45 - 00050477 _____ () C:\Users\stefan\Desktop\Defogger.exe
2014-06-10 15:45 - 2014-06-10 15:45 - 00000474 _____ () C:\Users\stefan\Desktop\defogger_disable.log
2014-06-10 15:45 - 2014-06-10 15:45 - 00000000 _____ () C:\Users\stefan\defogger_reenable
2014-06-09 20:49 - 2014-06-09 20:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-06-09 20:49 - 2014-06-09 20:49 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-06-09 15:47 - 2014-06-09 15:47 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-09 15:47 - 2014-06-09 15:47 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-06-09 15:47 - 2014-06-09 15:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-06-09 15:41 - 2014-06-09 15:41 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\Malwarebytes
2014-06-09 12:03 - 2014-06-09 15:41 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-09 10:54 - 2014-06-09 10:54 - 00000000 ____D () C:\Users\stefan\Documents\Tomb raider
2014-06-03 20:56 - 2014-06-03 20:56 - 00000768 _____ () C:\Users\stefan\Desktop\Drucken - Verknüpfung.lnk
2014-06-03 17:07 - 2014-06-03 17:18 - 00000000 ____D () C:\Users\stefan\Documents\FIFA 14
2014-06-02 15:03 - 2014-06-02 15:03 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\IsolatedStorage
2014-06-02 15:03 - 2014-06-02 15:03 - 00000000 ____D () C:\Users\stefan\AppData\Local\FileViewPro
2014-06-02 15:03 - 2014-06-02 15:03 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2014-06-02 15:00 - 2014-06-02 15:00 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\Solvusoft
2014-06-02 14:59 - 2014-06-02 14:59 - 00000000 ____D () C:\Spacekace
2014-06-01 19:50 - 2014-06-01 19:51 - 00000000 ____D () C:\Users\stefan\Documents\Battlefield 3
2014-06-01 19:48 - 2014-06-01 19:48 - 00000000 ____D () C:\Users\stefan\AppData\Local\ESN
2014-06-01 19:48 - 2014-06-01 19:48 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-06-01 16:59 - 2014-06-09 21:56 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-06-01 16:59 - 2014-06-01 19:50 - 00000000 ____D () C:\Users\stefan\AppData\Local\PunkBuster
2014-06-01 16:57 - 2014-06-01 16:57 - 00000000 ____D () C:\Users\stefan\AppData\Local\Ubisoft
2014-06-01 15:18 - 2014-06-09 21:56 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-06-01 15:18 - 2014-06-09 21:56 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-06-01 15:18 - 2014-06-01 16:57 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-01 15:18 - 2014-06-01 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2014-05-31 20:34 - 2014-05-31 20:34 - 00000000 ____D () C:\Users\stefan\AppData\Local\PAYDAY 2
2014-05-31 20:34 - 2014-05-31 20:34 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-05-31 20:34 - 2014-05-31 20:34 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-05-31 18:20 - 2014-06-01 12:23 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-31 17:51 - 2014-05-31 17:51 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-31 17:51 - 2014-05-31 17:51 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-31 17:03 - 2014-05-31 17:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pflanzen gegen Zombies
2014-05-30 21:13 - 2014-05-30 23:52 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\FileZilla
2014-05-30 20:39 - 2014-05-30 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Weaverslave
2014-05-30 20:15 - 2014-05-30 20:15 - 00000188 _____ () C:\Users\stefan\Desktop\siemens job.url
2014-05-29 10:06 - 2014-05-29 18:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-05-29 10:02 - 2014-05-29 10:11 - 00000000 ____D () C:\Program Files (x86)\AviSynth 2.5
2014-05-29 10:01 - 2014-05-29 10:01 - 00000000 ____D () C:\Temp
2014-05-29 10:01 - 2011-01-03 11:07 - 00490496 _____ (www.madshi.net) C:\Windows\SysWOW64\madFlac.ax
2014-05-29 10:01 - 2010-02-15 20:00 - 00439808 _____ (MPC-HC Team) C:\Windows\SysWOW64\RealMediaSplitter.ax
2014-05-29 10:01 - 2009-04-28 15:44 - 00417792 _____ (Gabest) C:\Windows\SysWOW64\FLVSplitter.ax
2014-05-29 10:01 - 2009-03-26 22:33 - 00536652 _____ (ArcSoft Inc.) C:\Windows\SysWOW64\ASAudioHD.ax
2014-05-29 10:01 - 2008-11-28 16:36 - 00285184 _____ (ArcSoft Inc.) C:\Windows\SysWOW64\MagUIEngine.dll
2014-05-29 10:01 - 2008-11-28 16:36 - 00092672 _____ (ArcSoft Inc.) C:\Windows\SysWOW64\MagUIInter.dll
2014-05-29 10:01 - 2008-11-28 16:36 - 00055808 _____ (ArcSoft Inc.) C:\Windows\SysWOW64\MagPCMac.dll
2014-05-29 10:01 - 2008-11-28 16:36 - 00035328 _____ (ArcSoft Inc.) C:\Windows\SysWOW64\MagCore.dll
2014-05-29 10:01 - 2008-04-25 09:50 - 00917504 _____ () C:\Windows\SysWOW64\dtsdecoderdll.dll
2014-05-29 10:01 - 2008-04-15 18:40 - 00106496 _____ (ArcSoft Inc.) C:\Windows\SysWOW64\checkactivate.dll
2014-05-29 10:01 - 2007-10-07 14:36 - 00258048 _____ () C:\Windows\SysWOW64\libFLAC.dll
2014-05-29 10:01 - 2004-01-25 18:18 - 00070656 _____ (www.helixcommunity.org) C:\Windows\SysWOW64\yv12vfw.dll
2014-05-29 10:01 - 2004-01-12 09:00 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-05-24 17:31 - 2014-05-24 17:31 - 00000665 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast.lnk
2014-05-23 18:48 - 2014-05-23 18:49 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\Systweak
2014-05-23 18:47 - 2014-05-23 18:49 - 00000000 ____D () C:\Users\stefan\AppData\Local\Mobogenie
2014-05-23 18:47 - 2014-05-23 18:47 - 00000000 ____D () C:\Users\stefan\Documents\Mobogenie
2014-05-23 18:47 - 2014-05-23 18:47 - 00000000 ____D () C:\Users\stefan\AppData\Local\cache
2014-05-23 18:47 - 2014-05-23 18:47 - 00000000 _____ () C:\Users\stefan\daemonprocess.txt
2014-05-23 18:18 - 2014-05-23 18:18 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-05-23 18:18 - 2014-05-23 18:18 - 00000000 ____D () C:\Users\Gast
2014-05-23 18:18 - 2014-05-23 18:18 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-23 18:18 - 2014-05-23 18:18 - 00000000 ____D () C:\Users\Administrator
2014-05-21 21:19 - 2014-06-03 20:43 - 00001578 _____ () C:\Users\stefan\Desktop\10.0.0.21public.lnk
2014-05-19 19:01 - 2014-05-19 19:06 - 00000000 ____D () C:\ProgramData\BootRacer
2014-05-19 19:00 - 2014-05-19 19:05 - 00008192 ____H () C:\Users\Public\Documents\bootracer.his
2014-05-19 18:59 - 2014-05-19 19:06 - 00053978 ____H () C:\Users\Public\Documents\bootracer.log
2014-05-19 18:59 - 2014-05-19 19:06 - 00001062 ____H () C:\Users\Public\Documents\bootracer.ini
2014-05-16 16:29 - 2014-05-16 16:29 - 00000784 _____ () C:\Users\stefan\Desktop\Downloads.lnk
2014-05-16 16:27 - 2014-05-16 16:27 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2014-05-16 16:25 - 2014-06-09 15:41 - 00000000 ____D () C:\Users\stefan\AppData\Local\JDownloader 2.0
2014-05-16 16:25 - 2014-05-16 16:25 - 00000000 ____D () C:\Program Files\JDownloader
2014-05-15 15:00 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 15:00 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 15:00 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 15:00 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 15:00 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 15:00 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-15 14:11 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-15 14:11 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-15 14:11 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 14:11 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 14:06 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 14:06 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 14:06 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 14:06 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 14:06 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 14:06 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 14:06 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 14:06 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 14:06 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 14:06 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 14:06 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 14:06 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 14:06 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 14:06 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 14:06 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 14:06 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 14:06 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 14:06 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 14:06 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 14:06 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 14:06 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 14:06 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 14:06 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 14:06 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 14:06 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 14:06 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 14:06 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 14:06 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 14:06 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 14:06 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 14:06 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 14:06 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 14:06 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 14:06 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 14:06 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-15 14:06 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 14:06 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 14:06 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 14:06 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 14:06 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 14:06 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-12 17:36 - 2014-05-12 17:36 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\xm1
2014-05-12 16:25 - 2014-05-12 16:25 - 00000000 __SHD () C:\Users\stefan\AppData\Local\EmieUserList
2014-05-12 16:25 - 2014-05-12 16:25 - 00000000 __SHD () C:\Users\stefan\AppData\Local\EmieSiteList
2014-05-12 15:15 - 2014-05-12 15:15 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\MiKTeX
2014-05-12 15:10 - 2014-05-12 15:10 - 00000000 ____D () C:\Users\stefan\Texmaker
2014-05-12 15:10 - 2014-05-12 15:10 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Texmaker
2014-05-12 15:10 - 2014-05-12 15:10 - 00000000 ____D () C:\Users\stefan\AppData\Local\MiKTeX
2014-05-12 15:10 - 2014-05-12 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Texmaker
2014-05-12 15:09 - 2014-05-12 15:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9
2014-05-12 15:08 - 2014-05-12 15:08 - 00000000 ____D () C:\ProgramData\MiKTeX
2014-05-11 22:00 - 2010-04-01 04:37 - 00614400 ____R (Realtek Semiconductor Corp. ) C:\Windows\system32\Rtlihvs.dll
2014-05-11 22:00 - 2010-04-01 04:37 - 00380928 ____R (Realtek) C:\Windows\system32\RtlUI2.exe
2014-05-11 22:00 - 2010-04-01 04:37 - 00188416 ____R (Realtek Semiconductor Corp. ) C:\Windows\system32\RTLExtUI.dll
2014-05-11 22:00 - 2009-02-05 02:49 - 00451072 _____ () C:\Windows\SysWOW64\ISSRemoveSP.exe

==================== One Month Modified Files and Folders =======

2014-06-10 15:47 - 2014-06-10 15:47 - 00012215 _____ () C:\Users\stefan\Desktop\FRST.txt
2014-06-10 15:47 - 2014-06-10 15:47 - 00000000 ____D () C:\FRST
2014-06-10 15:47 - 2014-03-06 18:13 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\NetSpeedMonitor
2014-06-10 15:47 - 2008-06-03 14:55 - 00000000 ____D () C:\Users\stefan\AppData\Local\Temp
2014-06-10 15:46 - 2014-06-10 15:46 - 02080768 _____ (Farbar) C:\Users\stefan\Desktop\FRST64.exe
2014-06-10 15:45 - 2014-06-10 15:45 - 00050477 _____ () C:\Users\stefan\Desktop\Defogger.exe
2014-06-10 15:45 - 2014-06-10 15:45 - 00000474 _____ () C:\Users\stefan\Desktop\defogger_disable.log
2014-06-10 15:45 - 2014-06-10 15:45 - 00000000 _____ () C:\Users\stefan\defogger_reenable
2014-06-10 15:45 - 2008-06-03 14:55 - 00000000 ____D () C:\Users\stefan
2014-06-10 15:40 - 2008-06-03 14:55 - 01696639 _____ () C:\Windows\WindowsUpdate.log
2014-06-10 15:39 - 2014-04-30 18:36 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-10 15:28 - 2009-07-14 06:51 - 00070022 _____ () C:\Windows\setupact.log
2014-06-10 15:25 - 2008-06-03 15:00 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-10 15:02 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-10 15:02 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-10 15:01 - 2011-04-12 09:43 - 00699092 _____ () C:\Windows\system32\perfh007.dat
2014-06-10 15:01 - 2011-04-12 09:43 - 00149232 _____ () C:\Windows\system32\perfc007.dat
2014-06-10 15:01 - 2009-07-14 07:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-10 14:56 - 2014-03-06 18:34 - 00000000 ____D () C:\Users\stefan\AppData\Local\CrashDumps
2014-06-10 14:55 - 2014-03-06 21:49 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-06-10 14:55 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-10 14:55 - 2008-06-03 15:00 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-09 21:56 - 2014-06-01 16:59 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-06-09 21:56 - 2014-06-01 15:18 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-06-09 21:56 - 2014-06-01 15:18 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-06-09 20:49 - 2014-06-09 20:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-06-09 20:49 - 2014-06-09 20:49 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-06-09 20:17 - 2014-04-07 17:21 - 00000000 ____D () C:\ProgramData\Origin
2014-06-09 15:47 - 2014-06-09 15:47 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-09 15:47 - 2014-06-09 15:47 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-06-09 15:47 - 2014-06-09 15:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-06-09 15:47 - 2014-03-06 18:11 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-06-09 15:41 - 2014-06-09 15:41 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\Malwarebytes
2014-06-09 15:41 - 2014-06-09 12:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-09 15:41 - 2014-05-16 16:25 - 00000000 ____D () C:\Users\stefan\AppData\Local\JDownloader 2.0
2014-06-09 14:11 - 2010-11-21 05:47 - 00467160 _____ () C:\Windows\PFRO.log
2014-06-09 12:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\security
2014-06-09 10:54 - 2014-06-09 10:54 - 00000000 ____D () C:\Users\stefan\Documents\Tomb raider
2014-06-09 10:46 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-03 20:56 - 2014-06-03 20:56 - 00000768 _____ () C:\Users\stefan\Desktop\Drucken - Verknüpfung.lnk
2014-06-03 20:43 - 2014-05-21 21:19 - 00001578 _____ () C:\Users\stefan\Desktop\10.0.0.21public.lnk
2014-06-03 17:18 - 2014-06-03 17:07 - 00000000 ____D () C:\Users\stefan\Documents\FIFA 14
2014-06-03 16:43 - 2014-03-08 17:11 - 00151414 _____ () C:\Windows\DirectX.log
2014-06-02 16:07 - 2008-06-03 15:23 - 00000000 ____D () C:\Program Files\ASUS
2014-06-02 16:07 - 2008-06-03 15:08 - 00047320 _____ () C:\Windows\DPINST.LOG
2014-06-02 15:03 - 2014-06-02 15:03 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\IsolatedStorage
2014-06-02 15:03 - 2014-06-02 15:03 - 00000000 ____D () C:\Users\stefan\AppData\Local\FileViewPro
2014-06-02 15:03 - 2014-06-02 15:03 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2014-06-02 15:00 - 2014-06-02 15:00 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\Solvusoft
2014-06-02 14:59 - 2014-06-02 14:59 - 00000000 ____D () C:\Spacekace
2014-06-01 19:51 - 2014-06-01 19:50 - 00000000 ____D () C:\Users\stefan\Documents\Battlefield 3
2014-06-01 19:50 - 2014-06-01 16:59 - 00000000 ____D () C:\Users\stefan\AppData\Local\PunkBuster
2014-06-01 19:48 - 2014-06-01 19:48 - 00000000 ____D () C:\Users\stefan\AppData\Local\ESN
2014-06-01 19:48 - 2014-06-01 19:48 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-06-01 16:57 - 2014-06-01 16:57 - 00000000 ____D () C:\Users\stefan\AppData\Local\Ubisoft
2014-06-01 16:57 - 2014-06-01 15:18 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-01 15:18 - 2014-06-01 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2014-06-01 12:23 - 2014-05-31 18:20 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-31 20:34 - 2014-05-31 20:34 - 00000000 ____D () C:\Users\stefan\AppData\Local\PAYDAY 2
2014-05-31 20:34 - 2014-05-31 20:34 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-05-31 20:34 - 2014-05-31 20:34 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-05-31 17:51 - 2014-05-31 17:51 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-31 17:51 - 2014-05-31 17:51 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-31 17:03 - 2014-05-31 17:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pflanzen gegen Zombies
2014-05-31 16:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-05-30 23:52 - 2014-05-30 21:13 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\FileZilla
2014-05-30 21:21 - 2014-04-24 22:15 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\vlc
2014-05-30 20:39 - 2014-05-30 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Weaverslave
2014-05-30 20:35 - 2014-03-24 17:09 - 00000000 ____D () C:\Users\stefan\AppData\Local\Eclipse
2014-05-30 20:15 - 2014-05-30 20:15 - 00000188 _____ () C:\Users\stefan\Desktop\siemens job.url
2014-05-29 18:28 - 2014-05-29 10:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-05-29 10:11 - 2014-05-29 10:02 - 00000000 ____D () C:\Program Files (x86)\AviSynth 2.5
2014-05-29 10:01 - 2014-05-29 10:01 - 00000000 ____D () C:\Temp
2014-05-24 17:35 - 2014-03-08 17:11 - 00000000 ____D () C:\Users\stefan\Documents\My Games
2014-05-24 17:31 - 2014-05-24 17:31 - 00000665 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast.lnk
2014-05-23 18:49 - 2014-05-23 18:48 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\Systweak
2014-05-23 18:49 - 2014-05-23 18:47 - 00000000 ____D () C:\Users\stefan\AppData\Local\Mobogenie
2014-05-23 18:49 - 2008-06-03 14:55 - 00000000 ___RD () C:\Users\stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-23 18:47 - 2014-05-23 18:47 - 00000000 ____D () C:\Users\stefan\Documents\Mobogenie
2014-05-23 18:47 - 2014-05-23 18:47 - 00000000 ____D () C:\Users\stefan\AppData\Local\cache
2014-05-23 18:47 - 2014-05-23 18:47 - 00000000 _____ () C:\Users\stefan\daemonprocess.txt
2014-05-23 18:18 - 2014-05-23 18:18 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-05-23 18:18 - 2014-05-23 18:18 - 00000000 ____D () C:\Users\Gast
2014-05-23 18:18 - 2014-05-23 18:18 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-23 18:18 - 2014-05-23 18:18 - 00000000 ____D () C:\Users\Administrator
2014-05-23 17:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-19 22:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-19 19:06 - 2014-05-19 19:01 - 00000000 ____D () C:\ProgramData\BootRacer
2014-05-19 19:06 - 2014-05-19 18:59 - 00053978 ____H () C:\Users\Public\Documents\bootracer.log
2014-05-19 19:06 - 2014-05-19 18:59 - 00001062 ____H () C:\Users\Public\Documents\bootracer.ini
2014-05-19 19:05 - 2014-05-19 19:00 - 00008192 ____H () C:\Users\Public\Documents\bootracer.his
2014-05-19 18:52 - 2008-06-03 15:25 - 01048576 _____ () C:\Windows\PE_Rom.dll
2014-05-16 18:13 - 2009-07-14 06:45 - 00311248 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-16 18:13 - 2008-06-03 15:52 - 00068720 _____ () C:\Users\stefan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-16 16:29 - 2014-05-16 16:29 - 00000784 _____ () C:\Users\stefan\Desktop\Downloads.lnk
2014-05-16 16:27 - 2014-05-16 16:27 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2014-05-16 16:25 - 2014-05-16 16:25 - 00000000 ____D () C:\Program Files\JDownloader
2014-05-15 21:51 - 2014-04-29 19:53 - 00000000 ____D () C:\Users\stefan\Desktop\PH-sa+tests
2014-05-15 21:49 - 2008-06-03 15:27 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-15 21:46 - 2008-06-03 14:55 - 00000000 ___RD () C:\Users\stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 15:02 - 2014-05-06 21:30 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-15 15:00 - 2014-03-08 00:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 15:00 - 2014-03-07 19:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-15 14:59 - 2014-03-08 00:31 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-15 13:50 - 2014-04-30 18:36 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-15 13:50 - 2014-04-30 18:36 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-15 13:50 - 2014-04-30 18:36 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 18:45 - 2014-03-06 18:09 - 00000000 _____ () C:\Windows\Path.idx
2014-05-12 17:36 - 2014-05-12 17:36 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\xm1
2014-05-12 16:25 - 2014-05-12 16:25 - 00000000 __SHD () C:\Users\stefan\AppData\Local\EmieUserList
2014-05-12 16:25 - 2014-05-12 16:25 - 00000000 __SHD () C:\Users\stefan\AppData\Local\EmieSiteList
2014-05-12 15:15 - 2014-05-12 15:15 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\MiKTeX
2014-05-12 15:10 - 2014-05-12 15:10 - 00000000 ____D () C:\Users\stefan\Texmaker
2014-05-12 15:10 - 2014-05-12 15:10 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Texmaker
2014-05-12 15:10 - 2014-05-12 15:10 - 00000000 ____D () C:\Users\stefan\AppData\Local\MiKTeX
2014-05-12 15:10 - 2014-05-12 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Texmaker
2014-05-12 15:09 - 2014-05-12 15:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9
2014-05-12 15:08 - 2014-05-12 15:08 - 00000000 ____D () C:\ProgramData\MiKTeX
2014-05-12 14:20 - 2008-06-03 15:00 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-12 14:20 - 2008-06-03 15:00 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-12 14:10 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-11 22:00 - 2008-06-03 15:05 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-11 21:56 - 2014-05-06 21:31 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-11 21:56 - 2014-05-06 21:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

Some content of TEMP:
====================
C:\Users\stefan\AppData\Local\Temp\5d037a5a_.exe
C:\Users\stefan\AppData\Local\Temp\6_Offer_10.exe
C:\Users\stefan\AppData\Local\Temp\AutoRun.exe
C:\Users\stefan\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\stefan\AppData\Local\Temp\BackupSetup.exe
C:\Users\stefan\AppData\Local\Temp\bassmod.dll
C:\Users\stefan\AppData\Local\Temp\epom2_nationzoom_20131128171912.exe
C:\Users\stefan\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\stefan\AppData\Local\Temp\ICReinstall_malwarebytes-anti-malware-16511000-baixaki-32-bits.exe
C:\Users\stefan\AppData\Local\Temp\instructions.exe
C:\Users\stefan\AppData\Local\Temp\JDSetup130447237883449853.exe
C:\Users\stefan\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\stefan\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\stefan\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
C:\Users\stefan\AppData\Local\Temp\ose00000.exe
C:\Users\stefan\AppData\Local\Temp\proxy_vole792518773185211323.dll
C:\Users\stefan\AppData\Local\Temp\sfamcc00001.dll
C:\Users\stefan\AppData\Local\Temp\sfamcc00002.dll
C:\Users\stefan\AppData\Local\Temp\sfareca00001.dll
C:\Users\stefan\AppData\Local\Temp\sfextra.dll
C:\Users\stefan\AppData\Local\Temp\som_fs.exe
C:\Users\stefan\AppData\Local\Temp\som_mp4_encoder.exe
C:\Users\stefan\AppData\Local\Temp\UNT1C68.exe
C:\Users\stefan\AppData\Local\Temp\UNT1C6A.exe
C:\Users\stefan\AppData\Local\Temp\UNTD0EA.exe
C:\Users\stefan\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-08 13:23

==================== End Of Log ============================
         
--- --- ---


Addition.txt :
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-06-2014
Ran by stefan at 2014-06-10 15:47:33
Running from C:\Users\stefan\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Out of date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Out of date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.04.01 - ASUSTeK Computer Inc.)
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.17 - ASUSTeK Computer Inc.)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.025 - ASUSTek Computer Inc.)
Auto Window Manager (HKLM-x32\...\Auto Window Manager) (Version:  - )
Batman Arkham Origins Blackgate Deluxe Edition (HKLM-x32\...\QmF0bWFuQXJraGFtT3JpZ2luc0JsYWNrZ2F0ZURlbHV4ZUVkaXRpb24=_is1) (Version: 1 - )
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BioShock Infinite (HKLM-x32\...\BioShock Infinite_is1) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CPUID CPU-Z 1.68 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.24 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Dishonored: Game of the Year Edition GERMAN (HKLM-x32\...\RGlzaG9ub3JlZEdhbWVvZnRoZVllYXJFZGl0aW9u_is1) (Version: 1 - )
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170510}) (Version: 1.7.0.510 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Metro 2033 (HKLM-x32\...\Metro 2033_is1) (Version:  - )
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.145.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.3.145.0 - Microsoft Corporation) Hidden
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version:  - )
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
OSCAR Editor (x32 Version: 12.03.0004 - A4TECH) Hidden
Outlast (HKLM-x32\...\T3V0bGFzdA==_is1) (Version: 1 - )
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.1500.0 - SAMSUNG Electronics Co., Ltd.)
Sandboxie 4.08 (64-bit) (HKLM\...\Sandboxie) (Version: 4.08 - Sandboxie Holdings, LLC)
Seagate Dashboard (HKLM-x32\...\{67445E65-3D93-428F-83A5-446F7D02689A}) (Version: 3.0.34.1 - Seagate)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
Texmaker (HKLM-x32\...\Texmaker) (Version:  - )
Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version:  - Ubisoft Singapore)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
X7 Oscar Editor (HKLM-x32\...\InstallShield_{3C2379D2-337A-4FFA-9017-BDFB80EC0931}) (Version: 12.03.0004 - A4TECH)

==================== Restore Points  =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0175EBDA-519E-4848-B751-52C54813FDB6} - System32\Tasks\ASUS\ASUS WiFi GO! Server Execute => C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe [2013-08-26] (ASUSTeK Computer Inc.)
Task: {079F8166-3EA7-4EAD-9C86-E6A816C520EA} - System32\Tasks\Speedfan => C:\Program Files (x86)\SpeedFan\speedfan.exe [2013-03-15] (Almico Software (www.almico.com))
Task: {0C97AB10-3858-4A6E-A8B0-55BACDF46542} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2008-06-03] (Google Inc.)
Task: {331031A4-8FA4-4C17-AF45-401277346C06} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-15] (Adobe Systems Incorporated)
Task: {38F02AC0-9DF3-4ABE-AC11-DC510586F262} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {521B60E7-462B-4402-B762-0200B3457AF6} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2013-08-27] (ASUSTek Computer Inc.)
Task: {540EA798-ABE7-4172-A9EA-57B5A37D306F} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2014-02-10] (Seagate Technology LLC)
Task: {5A285923-81AB-49DD-80BD-5E2AFE5CABBB} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2013-02-07] (ASUSTeK Computer Inc.)
Task: {69F8E048-AE1B-4BC7-A0D8-EBAC2792345C} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-09-04] (Microsoft Corporation)
Task: {78A9FA74-8222-4530-BD1F-D106A0B38D43} - System32\Tasks\stefan DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2014-02-10] (Seagate Technology LLC)
Task: {AD8E5C86-7914-4D86-8B07-405419E27E63} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-09-04] (Microsoft Corporation)
Task: {B3F02EAC-2C82-4C24-AFB1-62A248C80744} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2008-06-03] (Google Inc.)
Task: {B9A72D57-F507-43D8-AD2C-889451CC5085} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {BF6CC9AA-86C3-44DE-9368-84290FBE607A} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {E6D88B6C-259F-49E4-8CD3-A6F17B18F7A5} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-06-01 15:18 - 2014-06-01 16:57 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2009-03-30 08:32 - 2009-03-30 08:32 - 00032768 ____R () C:\Windows\DAODx.exe
2012-03-20 12:59 - 2012-03-20 12:59 - 03340288 _____ () C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe
2014-06-09 14:12 - 2014-06-10 14:55 - 00158720 _____ () C:\Users\stefan\AppData\Local\Temp\sfareca00001.dll
2014-03-06 21:49 - 2014-06-10 14:55 - 00192512 _____ () C:\Users\stefan\AppData\Local\Temp\sfamcc00001.dll
2008-06-03 15:22 - 2012-05-02 18:04 - 00233472 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\AudioProjection.dll
2008-06-03 15:22 - 2010-12-14 17:46 - 00067584 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\CoreAudioCap.dll
2008-06-03 15:22 - 2013-08-05 11:14 - 00176128 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\DLCapPP.dll
2008-06-03 15:22 - 2013-06-11 12:06 - 00425984 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\awiscale.DLL
2008-06-03 15:22 - 2010-10-29 18:58 - 00221184 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\JpegCD.DLL
2008-06-03 15:22 - 2013-08-06 20:04 - 02502656 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\xH264E.DLL
2008-06-03 15:22 - 2012-01-12 16:44 - 00475136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFiGO_HookKey.dll
2008-06-03 15:22 - 2013-06-13 17:37 - 00156160 _____ () C:\Program Files (x86)\InstallShield Installation Information\{104BE4B8-D1DB-4170-977B-364960893DC8}\CloudAPI\CloudAPI.dll
2008-06-03 15:22 - 2013-03-21 19:38 - 00716800 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiMoveHelp.dll
2008-06-03 15:22 - 2012-04-25 14:47 - 00659456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\PhoneCtrlAPI.dll
2008-06-03 15:20 - 2009-08-12 20:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2010-12-02 18:56 - 2010-12-02 18:56 - 00815104 _____ () C:\Program Files (x86)\OSCAR Editor X7\Data\X7\Forms\OSD_Text\OSD_Text.dll
2011-01-09 21:45 - 2011-01-09 21:45 - 00088064 _____ () C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_MouseDeviceManager.dll
2012-02-07 12:20 - 2012-02-07 12:20 - 02413568 _____ () C:\Program Files (x86)\OSCAR Editor X7\Data\X7\Forms\ScreenCapture\ScreenCapture.dll
2011-03-21 20:33 - 2011-03-21 20:33 - 00999424 _____ () C:\Program Files (x86)\OSCAR Editor X7\Data\X7\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll
2010-09-20 15:18 - 2010-09-20 15:18 - 00085504 _____ () C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_ZoomControl.dll
2010-09-20 15:18 - 2010-09-20 15:18 - 00054272 _____ () C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_ScrollbarControl.dll
2011-04-12 16:14 - 2011-04-12 16:14 - 00063488 _____ () C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_AnalyzeGesturesInRight.dll
2010-11-01 21:16 - 2010-11-01 21:16 - 00062976 _____ () C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_AnalyzeGesturesInOne.dll
2011-08-10 14:43 - 2011-08-10 14:43 - 00118272 _____ () C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_Wheel4D.dll
2014-05-25 20:27 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-25 20:27 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-25 20:27 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-25 20:27 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-25 20:27 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2014-05-25 20:27 - 2014-05-14 01:40 - 13695816 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AMD FUEL Service => 2
MSCONFIG\Services: asComSvc => 2
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: defragsvc => 3
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: FontCache => 2
MSCONFIG\Services: IEEtwCollectorService => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: RemoteRegistry => 3
MSCONFIG\Services: SbieSvc => 2
MSCONFIG\Services: SDRSVC => 3
MSCONFIG\Services: Seagate Dashboard Services => 2
MSCONFIG\Services: Seagate MobileBackup Service => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: VSS => 3
MSCONFIG\Services: wercplsupport => 3
MSCONFIG\Services: WerSvc => 3
MSCONFIG\Services: WSearch => 2
MSCONFIG\startupreg: 5689ABELftvwz => C:\ProgramData\5689ABELftvwz.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ASUS WiFi GO! FileTransfer Execute => C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFile\WiFileTransfer.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "E:\Programme\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DBAgent => "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: PolkastLibrary => E:\Programme\polkast\PolkastLibrary.exe "auto"
MSCONFIG\startupreg: SandboxieControl => "E:\Programme\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Uploader => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/10/2014 03:47:33 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
.


Vorgang:
   VSS-Server wird instanziiert

Error: (06/10/2014 03:47:33 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} und dem Namen "IVssCoordinatorEx2" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]


Vorgang:
   VSS-Server wird instanziiert

Error: (06/10/2014 02:57:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/10/2014 02:55:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AI Suite II.exe, Version: 2.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x984
Startzeit der fehlerhaften Anwendung: 0xAI Suite II.exe0
Pfad der fehlerhaften Anwendung: AI Suite II.exe1
Pfad des fehlerhaften Moduls: AI Suite II.exe2
Berichtskennung: AI Suite II.exe3

Error: (06/10/2014 02:55:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: EPUHelp.exe, Version: 1.0.0.31, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x48c
Startzeit der fehlerhaften Anwendung: 0xEPUHelp.exe0
Pfad der fehlerhaften Anwendung: EPUHelp.exe1
Pfad des fehlerhaften Moduls: EPUHelp.exe2
Berichtskennung: EPUHelp.exe3

Error: (06/10/2014 02:55:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TurboVHelp.exe, Version: 1.0.1.36, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0xbe8
Startzeit der fehlerhaften Anwendung: 0xTurboVHelp.exe0
Pfad der fehlerhaften Anwendung: TurboVHelp.exe1
Pfad des fehlerhaften Moduls: TurboVHelp.exe2
Berichtskennung: TurboVHelp.exe3

Error: (06/10/2014 02:55:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AsusFanControlService.exe, Version: 1.0.1.4, Zeitstempel: 0x509cb5e8
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x674
Startzeit der fehlerhaften Anwendung: 0xAsusFanControlService.exe0
Pfad der fehlerhaften Anwendung: AsusFanControlService.exe1
Pfad des fehlerhaften Moduls: AsusFanControlService.exe2
Berichtskennung: AsusFanControlService.exe3

Error: (06/09/2014 08:17:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/09/2014 08:16:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AI Suite II.exe, Version: 2.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0xf20
Startzeit der fehlerhaften Anwendung: 0xAI Suite II.exe0
Pfad der fehlerhaften Anwendung: AI Suite II.exe1
Pfad des fehlerhaften Moduls: AI Suite II.exe2
Berichtskennung: AI Suite II.exe3

Error: (06/09/2014 08:16:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: EPUHelp.exe, Version: 1.0.0.31, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0xeb8
Startzeit der fehlerhaften Anwendung: 0xEPUHelp.exe0
Pfad der fehlerhaften Anwendung: EPUHelp.exe1
Pfad des fehlerhaften Moduls: EPUHelp.exe2
Berichtskennung: EPUHelp.exe3


System errors:
=============
Error: (06/10/2014 03:41:54 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %gaming-PC60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 0.0.0.0

	Aktualisierungsquelle: %gaming-PC51

	Aktualisierungsphase: 4.5.0216.00

	Quellpfad: 4.5.0216.01

	Signaturtyp: %gaming-PC602

	Aktualisierungstyp: %gaming-PC604

	Benutzer: gaming-PC\stefan

	Aktuelle Modulversion: %gaming-PC605

	Vorherige Modulversion: %gaming-PC606

	Fehlercode: %gaming-PC607

	Fehlerbeschreibung: %gaming-PC608

Error: (06/10/2014 03:41:30 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %gaming-PC60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 0.0.0.0

	Aktualisierungsquelle: %gaming-PC51

	Aktualisierungsphase: 4.5.0216.00

	Quellpfad: 4.5.0216.01

	Signaturtyp: %gaming-PC602

	Aktualisierungstyp: %gaming-PC604

	Benutzer: gaming-PC\stefan

	Aktuelle Modulversion: %gaming-PC605

	Vorherige Modulversion: %gaming-PC606

	Fehlercode: %gaming-PC607

	Fehlerbeschreibung: %gaming-PC608

Error: (06/10/2014 03:41:30 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %gaming-PC60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 0.0.0.0

	Aktualisierungsquelle: %gaming-PC51

	Aktualisierungsphase: 4.5.0216.00

	Quellpfad: 4.5.0216.01

	Signaturtyp: %gaming-PC602

	Aktualisierungstyp: %gaming-PC604

	Benutzer: gaming-PC\stefan

	Aktuelle Modulversion: %gaming-PC605

	Vorherige Modulversion: %gaming-PC606

	Fehlercode: %gaming-PC607

	Fehlerbeschreibung: %gaming-PC608

Error: (06/10/2014 03:40:54 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 0.0.0.0

	Aktualisierungsquelle: %NT-AUTORITÄT59

	Aktualisierungsphase: 4.5.0216.00

	Quellpfad: 4.5.0216.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (06/10/2014 03:38:48 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 0.0.0.0

	Aktualisierungsquelle: %NT-AUTORITÄT59

	Aktualisierungsphase: 4.5.0216.00

	Quellpfad: 4.5.0216.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (06/10/2014 03:11:50 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 0.0.0.0

	Aktualisierungsquelle: %NT-AUTORITÄT51

	Aktualisierungsphase: 4.5.0216.00

	Quellpfad: 4.5.0216.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\NETZWERKDIENST

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (06/10/2014 03:11:50 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 0.0.0.0

	Aktualisierungsquelle: %NT-AUTORITÄT51

	Aktualisierungsphase: 4.5.0216.00

	Quellpfad: 4.5.0216.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\NETZWERKDIENST

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (06/10/2014 03:11:28 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 0.0.0.0

	Aktualisierungsquelle: %NT-AUTORITÄT51

	Aktualisierungsphase: 4.5.0216.00

	Quellpfad: 4.5.0216.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\NETZWERKDIENST

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (06/10/2014 03:11:28 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 0.0.0.0

	Aktualisierungsquelle: %NT-AUTORITÄT51

	Aktualisierungsphase: 4.5.0216.00

	Quellpfad: 4.5.0216.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\NETZWERKDIENST

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (06/10/2014 03:11:28 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 0.0.0.0

	Aktualisierungsquelle: %NT-AUTORITÄT51

	Aktualisierungsphase: 4.5.0216.00

	Quellpfad: 4.5.0216.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\NETZWERKDIENST

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-03-07 18:23:31.512
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\stefan\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-07 18:23:31.480
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\stefan\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-07 18:23:31.449
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Programme\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-07 18:23:31.418
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Programme\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-07 18:23:10.052
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\stefan\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-07 18:23:10.021
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\stefan\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-07 18:23:09.990
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Programme\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-07 18:23:09.959
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Programme\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-07 18:19:54.428
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\stefan\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-07 18:19:54.397
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\stefan\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 12%
Total physical RAM: 16281.45 MB
Available physical RAM: 14187.85 MB
Total Pagefile: 32561.09 MB
Available Pagefile: 30122.27 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.02 GB) (Free:52.08 GB) NTFS
Drive e: () (Fixed) (Total:1863.01 GB) (Free:1493.65 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 119 GB) (Disk ID: 6817D464)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: EA68EC76)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)

==================== End Of Log ============================
         
und der gmer.txt (bei dem hat ein paar problem geben, weil manche Dienst gerade gebraucht worden sind)
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-06-10 15:55:04
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\0000006b ADATA_SP rev.2.4_ 119,24GB
Running: Gmer-19357.exe; Driver: C:\Users\stefan\AppData\Local\Temp\awdiapod.sys


---- User code sections - GMER 2.1 ----

.text    C:\Windows\SysWOW64\PnkBstrA.exe[1724] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322                                                                                                                                                                           00000000737c1a22 2 bytes [7C, 73]
.text    C:\Windows\SysWOW64\PnkBstrA.exe[1724] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496                                                                                                                                                                           00000000737c1ad0 2 bytes [7C, 73]
.text    C:\Windows\SysWOW64\PnkBstrA.exe[1724] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552                                                                                                                                                                           00000000737c1b08 2 bytes [7C, 73]
.text    C:\Windows\SysWOW64\PnkBstrA.exe[1724] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730                                                                                                                                                                           00000000737c1bba 2 bytes [7C, 73]
.text    C:\Windows\SysWOW64\PnkBstrA.exe[1724] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762                                                                                                                                                                           00000000737c1bda 2 bytes [7C, 73]
.text    C:\Windows\SysWOW64\PnkBstrA.exe[1724] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                                                                                                    00000000769d1465 2 bytes [9D, 76]
.text    C:\Windows\SysWOW64\PnkBstrA.exe[1724] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                                                                                                   00000000769d14bb 2 bytes [9D, 76]
.text    ...                                                                                                                                                                                                                                                               * 2
.text    C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AsDLNAServerReal.exe[3376] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                                                             00000000769d1465 2 bytes [9D, 76]
.text    C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AsDLNAServerReal.exe[3376] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                                                            00000000769d14bb 2 bytes [9D, 76]
.text    ...                                                                                                                                                                                                                                                               * 2

---- Threads - GMER 2.1 ----

Thread   C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2740:2872]                                                                                                                                                                                        000007fef74f3e0c
Thread   C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2740:2876]                                                                                                                                                                                        000007fef74f3e0c
Thread   C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2740:2880]                                                                                                                                                                                        000007fef6d0b710
---- Processes - GMER 2.1 ----

Library  C:\Users\stefan\AppData\Local\Temp\sfareca00001.dll (*** suspicious ***) @ C:\Program Files (x86)\SpeedFan\speedfan.exe [2680](2014-06                                                                                                                            0000000072770000
Library  C:\Users\stefan\AppData\Local\Temp\sfamcc00001.dll (*** suspicious ***) @ C:\Program Files (x86)\SpeedFan\speedfan.exe [2680](2014-03-0                                                                                                                           0000000010000000
Library  C:\Program Files (x86)\InstallShield Installation Information\{104BE4B8-D1DB-4170-977B-364960893DC8}\CloudAPI\CloudAPI.dll (*** suspicious ***) @ C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe [2768](2008-06-03 13:22:36)  00000000729b0000

---- Disk sectors - GMER 2.1 ----

Disk     \Device\Harddisk0\DR0                                                                                                                                                                                                                                             unknown MBR code

---- EOF - GMER 2.1 ----
         

Bei Informationslücken einfach fragen und ich hoffe das Problem wird gelöst. Danke.

Geändert von papsti7 (10.06.2014 um 16:34 Uhr) Grund: Tippfehler

Alt 10.06.2014, 16:40   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
microsoft essentials update nicht möglich aufgrund eines Schädlings. - Standard

microsoft essentials update nicht möglich aufgrund eines Schädlings.



Hi und

Zitat:
das ich das programm probiert habe nicht zu installieren. *eigentor*
Bitte was war ein Eigentor? Ich versteh diesen Satz nicht
Kommst du denn noch an Log von Malwarebytes ran, sofern es was gefunden hat?
__________________

__________________

Alt 10.06.2014, 19:22   #3
papsti7
 
microsoft essentials update nicht möglich aufgrund eines Schädlings. - Standard

microsoft essentials update nicht möglich aufgrund eines Schädlings.



neu statt nicht und da statt das war ein Tippfehler tut mir leid. Das Problem ist das i Malewarebytes nicht aktualisieren kann also ist die Datenbank um die 600 Tage alt und ich habe das Programm noch nie benutzt an diesem Pc also wird es auch keiner Log- Files tut mir leid, ich hoffe ihr könnt mir so auch helfen.
__________________

Alt 10.06.2014, 22:32   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
microsoft essentials update nicht möglich aufgrund eines Schädlings. - Standard

microsoft essentials update nicht möglich aufgrund eines Schädlings.



Bitte ein Log mit combofix machen:

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 10.06.2014, 23:34   #5
papsti7
 
microsoft essentials update nicht möglich aufgrund eines Schädlings. - Standard

microsoft essentials update nicht möglich aufgrund eines Schädlings.



hier die kombofix text datei :
Code:
ATTFilter
ComboFix 14-06-10.01 - stefan 10.06.2014  23:07:04.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.43.1031.18.16281.14353 [GMT 2:00]
ausgeführt von:: c:\users\stefan\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Outdated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Outdated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnfghlddpanckhbeipjcnnifnkhfham
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnfghlddpanckhbeipjcnnifnkhfham\2.2\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnfghlddpanckhbeipjcnnifnkhfham\2.2\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnfghlddpanckhbeipjcnnifnkhfham\2.2\flcTtBzok.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnfghlddpanckhbeipjcnnifnkhfham\2.2\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnfghlddpanckhbeipjcnnifnkhfham\2.2\manifest.json
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnfghlddpanckhbeipjcnnifnkhfham
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnfghlddpanckhbeipjcnnifnkhfham\2.2\background.html
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnfghlddpanckhbeipjcnnifnkhfham\2.2\content.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnfghlddpanckhbeipjcnnifnkhfham\2.2\flcTtBzok.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnfghlddpanckhbeipjcnnifnkhfham\2.2\lsdb.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnfghlddpanckhbeipjcnnifnkhfham\2.2\manifest.json
c:\users\stefan\AppData\Local\Temp\sfamcc00001.dll
c:\users\stefan\AppData\Local\Temp\sfareca00001.dll
c:\windows\SysWow64\local.txt
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-05-10 bis 2014-06-10  ))))))))))))))))))))))))))))))
.
.
2014-06-10 13:47 . 2014-06-10 13:47	--------	d-----w-	C:\FRST
2014-06-09 18:49 . 2014-06-09 18:49	--------	d-----w-	c:\program files\TeamSpeak 3 Client
2014-06-09 13:47 . 2014-06-09 13:47	--------	d-----w-	c:\program files (x86)\Microsoft Security Client
2014-06-09 13:47 . 2014-06-09 13:47	--------	d-----w-	c:\program files\Microsoft Security Client
2014-06-09 13:41 . 2014-06-09 13:41	--------	d-----w-	c:\users\stefan\AppData\Roaming\Malwarebytes
2014-06-09 10:03 . 2014-06-09 13:41	--------	d-----w-	c:\programdata\Malwarebytes
2014-06-02 13:03 . 2014-06-02 13:03	--------	d-----w-	c:\users\stefan\AppData\Local\FileViewPro
2014-06-02 13:03 . 2014-06-02 13:03	--------	d-----w-	c:\users\stefan\AppData\Roaming\IsolatedStorage
2014-06-02 13:03 . 2014-06-02 13:03	--------	d-----w-	c:\programdata\IsolatedStorage
2014-06-02 13:00 . 2014-06-02 13:00	--------	d-----w-	c:\users\stefan\AppData\Roaming\Solvusoft
2014-06-02 12:59 . 2014-06-02 12:59	--------	d-----w-	C:\Spacekace
2014-06-01 17:48 . 2014-06-01 17:48	--------	d-----w-	c:\users\stefan\AppData\Local\ESN
2014-06-01 17:48 . 2014-06-01 17:48	--------	d-----w-	c:\program files (x86)\Battlelog Web Plugins
2014-06-01 14:59 . 2014-06-10 20:42	290184	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2014-06-01 14:59 . 2014-06-01 17:50	--------	d-----w-	c:\users\stefan\AppData\Local\PunkBuster
2014-06-01 14:57 . 2014-06-01 14:57	--------	d-----w-	c:\users\stefan\AppData\Local\Ubisoft
2014-06-01 13:18 . 2014-06-10 20:42	290184	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2014-06-01 13:18 . 2014-06-10 20:42	280904	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2014-06-01 13:18 . 2014-06-01 14:57	76888	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2014-05-31 18:34 . 2014-05-31 18:34	--------	d-----w-	c:\users\stefan\AppData\Local\PAYDAY 2
2014-05-31 18:34 . 2014-05-31 18:34	--------	d-----w-	c:\program files (x86)\NVIDIA Corporation
2014-05-31 18:34 . 2014-05-31 18:34	--------	d-----w-	c:\program files (x86)\AGEIA Technologies
2014-05-31 15:51 . 2014-05-31 15:51	--------	d-----w-	c:\programdata\PopCap Games
2014-05-31 15:51 . 2014-06-01 20:11	--------	d-----w-	c:\programdata\EA Logs
2014-05-31 15:51 . 2014-05-31 15:51	--------	d-----w-	c:\programdata\EA Core
2014-05-30 19:13 . 2014-05-30 21:52	--------	d-----w-	c:\users\stefan\AppData\Roaming\FileZilla
2014-05-29 08:02 . 2014-05-29 08:11	--------	d-----w-	c:\program files (x86)\AviSynth 2.5
2014-05-23 16:48 . 2014-05-23 16:49	--------	d-----w-	c:\users\stefan\AppData\Roaming\Systweak
2014-05-23 16:47 . 2014-05-23 16:47	--------	d-----w-	c:\users\stefan\AppData\Local\cache
2014-05-23 16:47 . 2014-05-23 16:49	--------	d-----w-	c:\users\stefan\AppData\Local\Mobogenie
2014-05-23 16:18 . 2014-05-23 16:18	--------	d-----w-	c:\users\Gast
2014-05-23 16:18 . 2014-05-23 16:18	--------	d-----w-	c:\users\Administrator
2014-05-19 17:01 . 2014-05-19 17:06	--------	d-----w-	c:\programdata\BootRacer
2014-05-16 14:55 . 2014-05-16 14:55	--------	d-s---w-	c:\windows\SysWow64\Microsoft
2014-05-16 14:25 . 2014-06-09 13:41	--------	d-----w-	c:\users\stefan\AppData\Local\JDownloader 2.0
2014-05-16 14:25 . 2014-05-16 14:25	--------	d-----w-	c:\program files\JDownloader
2014-05-15 13:00 . 2014-05-06 04:40	23544320	----a-w-	c:\windows\system32\mshtml.dll
2014-05-15 13:00 . 2014-05-06 03:00	84992	----a-w-	c:\windows\system32\mshtmled.dll
2014-05-15 13:00 . 2014-05-06 04:17	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2014-05-15 13:00 . 2014-05-06 03:07	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2014-05-15 12:11 . 2014-03-25 02:43	14175744	----a-w-	c:\windows\system32\shell32.dll
2014-05-15 12:11 . 2014-05-09 06:14	477184	----a-w-	c:\windows\system32\aepdu.dll
2014-05-15 12:11 . 2014-05-09 06:11	424448	----a-w-	c:\windows\system32\aeinv.dll
2014-05-12 15:36 . 2014-05-12 15:36	--------	d-----w-	c:\users\stefan\AppData\Roaming\xm1
2014-05-12 14:25 . 2014-05-12 14:25	--------	d-sh--w-	c:\users\stefan\AppData\Local\EmieUserList
2014-05-12 14:25 . 2014-05-12 14:25	--------	d-sh--w-	c:\users\stefan\AppData\Local\EmieSiteList
2014-05-12 13:15 . 2014-05-12 13:15	--------	d-----w-	c:\users\stefan\AppData\Roaming\MiKTeX
2014-05-12 13:10 . 2014-05-12 13:10	--------	d-----w-	c:\users\stefan\AppData\Local\MiKTeX
2014-05-12 13:10 . 2014-05-12 13:10	--------	d-----w-	c:\users\stefan\Texmaker
2014-05-12 13:08 . 2014-05-12 13:08	--------	d-----w-	c:\programdata\MiKTeX
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-19 16:52 . 2008-06-03 13:25	1048576	----a-w-	c:\windows\PE_Rom.dll
2014-05-15 12:59 . 2014-03-07 22:31	93223848	----a-w-	c:\windows\system32\MRT.exe
2014-05-15 11:50 . 2014-04-30 16:36	70832	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-15 11:50 . 2014-04-30 16:36	692400	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-14 18:13 . 2014-03-06 16:35	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-03-31 20:46 . 2014-03-31 20:46	130712	----a-w-	c:\windows\SysWow64\MSSTDFMT.DLL
2014-03-31 20:46 . 2014-03-31 20:46	1070232	----a-w-	c:\windows\SysWow64\MSCOMCTL.OCX
2014-03-24 15:07 . 2014-03-24 15:07	108968	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2014-03-24 15:07 . 2014-03-24 15:07	312744	----a-w-	c:\windows\system32\javaws.exe
2014-03-24 15:07 . 2014-03-24 15:07	189352	----a-w-	c:\windows\system32\javaw.exe
2014-03-24 15:07 . 2014-03-24 15:07	189352	----a-w-	c:\windows\system32\java.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OscarEditor"="c:\program files (x86)\OSCAR Editor X7\OscarEditor.exe" [2012-03-20 3340288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-12-06 766208]
"ASUS AiChargerPlus Execute"="c:\program files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe" [2008-06-03 550272]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe;c:\program files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192cu.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192cu.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R4 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
R4 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [x]
R4 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R4 Seagate Dashboard Services;Seagate Dashboard Services;c:\program files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe;c:\program files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [x]
R4 Seagate MobileBackup Service;Seagate MobileBackup Service;c:\program files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe;c:\program files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [x]
R4 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 ndisrd;WinpkFilter LightWeight Filter;c:\windows\system32\DRIVERS\ndisrd.sys;c:\windows\SYSNATIVE\DRIVERS\ndisrd.sys [x]
S2 AODDriver4.2.0;AODDriver4.2.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [x]
S3 AiChargerPlus;AiChargerPlus;SysWow64\drivers\AiChargerPlus.sys;SysWow64\drivers\AiChargerPlus.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-25 18:26	1091912	----a-w-	c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-06-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-30 11:50]
.
2014-06-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2008-06-03 13:00]
.
2014-06-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2008-06-03 13:00]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-08-19 7202520]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{7E80EE2E-1C94-4073-8EB8-E7FA0F1FB41B}: NameServer = 5.39.219.212
TCP: Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: DhcpNameServer = 5.39.219.212
TCP: Interfaces\{D67606F5-D55C-4711-B950-76209C87EDD8}: NameServer = 5.39.219.212
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-02HKMQUVfrz - c:\programdata\02HKMQUVfrz.exe
Wow6432Node-HKCU-Run-179FGNObdtz - c:\programdata\179FGNObdtz.exe
Wow6432Node-HKCU-Run-4589EOPdjkmswxz - c:\programdata\4589EOPdjkmswxz.exe
Wow6432Node-HKCU-Run-0468GMNOXaghmoz - c:\programdata\0468GMNOXaghmoz.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\SpeedFan\speedfan.exe
c:\windows\DAODx.exe
c:\program files (x86)\ASUS\APRP\aprp.exe
c:\program files (x86)\ASUS\AI Suite II\AsRoutineController.exe
c:\program files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-06-10  23:12:40 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-06-10 21:12
.
Vor Suchlauf: 11 Verzeichnis(se), 62.498.086.912 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 63.027.388.416 Bytes frei
.
- - End Of File - - CD81C7D684B05018EF01033736AEFC57
5FB38429D5D77768867C76DCBDB35194
         


Alt 11.06.2014, 09:23   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
microsoft essentials update nicht möglich aufgrund eines Schädlings. - Standard

microsoft essentials update nicht möglich aufgrund eines Schädlings.



Adware/Junkware/Toolbars entfernen


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
--> microsoft essentials update nicht möglich aufgrund eines Schädlings.

Alt 11.06.2014, 15:20   #7
papsti7
 
microsoft essentials update nicht möglich aufgrund eines Schädlings. - Standard

microsoft essentials update nicht möglich aufgrund eines Schädlings.



adwCleaner log :
Code:
ATTFilter
# AdwCleaner v3.212 - Bericht erstellt am 11/06/2014 um 15:04:54
# Aktualisiert 05/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : stefan - GAMING-PC
# Gestartet von : C:\Users\stefan\Desktop\adwcleaner_3.212.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\stefan\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\stefan\AppData\Roaming\Solvusoft
Ordner Gelöscht : C:\Users\stefan\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\stefan\Documents\Mobogenie
Datei Gelöscht : C:\Users\stefan\daemonprocess.txt

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKLM\Software\systweak

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v

[ Datei : C:\Users\stefan\AppData\Roaming\Mozilla\Firefox\Profiles\q8udpxgg.default\prefs.js ]


-\\ Google Chrome v35.0.1916.114

[ Datei : C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://www.sm.de/?q={searchTerms}
Gelöscht [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1202&cd=2XzuyEtN2Y1L1QzutDtDtCzy0B0ByD0BtB0AyByCyC0F0BzztN0D0Tzu0CyBtCtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=841000956&ir=
Gelöscht [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
Gelöscht [Search Provider] : hxxp://speedial.com/results.php?f=4&q={searchTerms}&a=spd_ir_14_23_ch&cd=2XzuyEtN2Y1L1Qzuzy0C0DtBtC0E0E0D0ByByByE0CtC0ByDtN0D0Tzu0SzzzzyDtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2SyEyDyEtD0A0EyC0BtGtD0FtByCtGyEyCyCyEtG0ByE0CzztGtDtD0F0B0CtC0FzyyCzyyB0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtBzz0ByEtAyC0CtG0B0D0CzztG0CzzyE0EtGzztB0BtAtGyCyEtBtAyDzyyC0A0AyEyEyB2Q&cr=1508220529&ir=

*************************

AdwCleaner[R0].txt - [2678 octets] - [11/06/2014 15:04:00]
AdwCleaner[S0].txt - [2451 octets] - [11/06/2014 15:04:54]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2511 octets] ##########
         
JRT log :
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by stefan on 11.06.2014 at 15:09:49,32
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.06.2014 at 15:13:30,10
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST :

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-06-2014 01
Ran by stefan (administrator) on GAMING-PC on 11-06-2014 15:16:31
Running from C:\Users\stefan\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Almico Software (www.almico.com)) C:\Program Files (x86)\SpeedFan\speedfan.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe
() C:\Windows\DAODx.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AsDLNAServerReal.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-19] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2008-06-03] (ASUSTek Computer Inc.)
HKU\S-1-5-21-3958687591-1953258758-244339918-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe [3340288 2012-03-20] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\dev\java\jdk1.7\jre\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\dev\java\jdk1.7\jre\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{7E80EE2E-1C94-4073-8EB8-E7FA0F1FB41B}: [NameServer]5.39.219.212
Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer]5.39.219.212
Tcpip\..\Interfaces\{D67606F5-D55C-4711-B950-76209C87EDD8}: [NameServer]5.39.219.212

FireFox:
========
FF ProfilePath: C:\Users\stefan\AppData\Roaming\Mozilla\Firefox\Profiles\q8udpxgg.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - E:\dev\java\jdk1.7\jre\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - E:\dev\java\jdk1.7\jre\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome: 
=======
CHR HomePage: hxxp://www.google.at/
CHR StartupUrls: "hxxp://www.google.at/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Norton Confidential) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.0.0.72_0\npcoplgn.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.210.11) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Extension: (YouTube) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2008-06-03]
CHR Extension: (Google-Suche) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2008-06-03]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2014-04-28]
CHR Extension: (Premiumize.me) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lojbjecfjcnaledoelddkcjlifhhfebm [2014-05-16]
CHR Extension: (Google Wallet) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-06]
CHR Extension: (Google Chrome to Phone Extension) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2014-03-06]
CHR Extension: (Google Mail) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2008-06-03]

==================== Services (Whitelisted) =================

S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.) [File not signed]
S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-09-17] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2013-09-17] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
S2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe [1632256 2012-11-09] (ASUSTeK Computer Inc.) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-01] ()
S4 SbieSvc; E:\Programme\Sandboxie\SbieSvc.exe [187592 2014-01-17] (Sandboxie Holdings, LLC)
S4 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16000 2014-02-10] (Seagate Technology LLC)
S4 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [157264 2014-02-10] (Seagate Technology LLC)

==================== Drivers (Whitelisted) ====================

R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2008-06-03] (ASUSTek Computer Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2013-01-15] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-06] (Disc Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 SbieDrv; E:\Programme\Sandboxie\SbieDrv.sys [202600 2014-01-17] (Sandboxie Holdings, LLC)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 RTL8192cu; system32\DRIVERS\RTL8192cu.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-11 15:14 - 2014-06-11 15:17 - 00011689 _____ () C:\Users\stefan\Desktop\FRST.txt
2014-06-11 15:13 - 2014-06-11 15:13 - 00000626 _____ () C:\Users\stefan\Desktop\JRT.txt
2014-06-11 15:09 - 2014-06-11 15:09 - 00000000 ____D () C:\Windows\ERUNT
2014-06-11 15:08 - 2014-06-11 15:08 - 00002591 _____ () C:\Users\stefan\Desktop\AdwCleaner[S0].txt
2014-06-11 15:04 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-11 15:03 - 2014-06-11 15:05 - 00000000 ____D () C:\AdwCleaner
2014-06-11 15:03 - 2014-06-11 15:03 - 01016261 _____ (Thisisu) C:\Users\stefan\Desktop\JRT.exe
2014-06-11 15:02 - 2014-06-11 15:02 - 01333465 _____ () C:\Users\stefan\Desktop\adwcleaner_3.212.exe
2014-06-10 23:12 - 2014-06-10 23:12 - 00021578 _____ () C:\ComboFix.txt
2014-06-10 23:12 - 2014-06-10 23:12 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-10 23:12 - 2014-06-10 23:12 - 00000000 ____D () C:\Users\Gast\AppData\Local\temp
2014-06-10 23:12 - 2014-06-10 23:12 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-10 23:12 - 2014-06-10 23:12 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-10 23:12 - 2014-06-10 23:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\temp
2014-06-10 23:06 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-06-10 23:06 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-06-10 23:06 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-06-10 23:06 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-06-10 23:06 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-06-10 23:06 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-06-10 23:06 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-06-10 23:06 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-06-10 23:05 - 2014-06-10 23:12 - 00000000 ____D () C:\Qoobox
2014-06-10 23:05 - 2014-06-10 23:11 - 00000000 ____D () C:\Windows\erdnt
2014-06-10 19:25 - 2014-06-11 15:13 - 00000000 ____D () C:\Users\stefan\Desktop\Probleme
2014-06-10 16:46 - 2014-06-10 16:46 - 594081497 _____ () C:\Windows\MEMORY.DMP
2014-06-10 16:46 - 2014-06-10 16:46 - 00456536 _____ () C:\Windows\Minidump\061014-7160-01.dmp
2014-06-10 16:46 - 2014-06-10 16:46 - 00000000 ____D () C:\Windows\Minidump
2014-06-10 16:28 - 2014-06-10 16:28 - 00000883 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
2014-06-10 15:47 - 2014-06-11 15:16 - 00000000 ____D () C:\FRST
2014-06-10 15:46 - 2014-06-11 15:14 - 02081792 _____ (Farbar) C:\Users\stefan\Desktop\FRST64.exe
2014-06-10 15:45 - 2014-06-10 15:45 - 00000000 _____ () C:\Users\stefan\defogger_reenable
2014-06-09 20:49 - 2014-06-09 20:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-06-09 20:49 - 2014-06-09 20:49 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-06-09 15:47 - 2014-06-09 15:47 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-09 15:47 - 2014-06-09 15:47 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-06-09 15:47 - 2014-06-09 15:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-06-09 15:41 - 2014-06-09 15:41 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\Malwarebytes
2014-06-09 12:03 - 2014-06-09 15:41 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-09 10:54 - 2014-06-09 10:54 - 00000000 ____D () C:\Users\stefan\Documents\Tomb raider
2014-06-03 20:56 - 2014-06-03 20:56 - 00000768 _____ () C:\Users\stefan\Desktop\Drucken - Verknüpfung.lnk
2014-06-03 17:07 - 2014-06-03 17:18 - 00000000 ____D () C:\Users\stefan\Documents\FIFA 14
2014-06-02 15:03 - 2014-06-02 15:03 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\IsolatedStorage
2014-06-02 15:03 - 2014-06-02 15:03 - 00000000 ____D () C:\Users\stefan\AppData\Local\FileViewPro
2014-06-02 15:03 - 2014-06-02 15:03 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2014-06-02 14:59 - 2014-06-02 14:59 - 00000000 ____D () C:\Spacekace
2014-06-01 19:50 - 2014-06-01 19:51 - 00000000 ____D () C:\Users\stefan\Documents\Battlefield 3
2014-06-01 19:48 - 2014-06-01 19:48 - 00000000 ____D () C:\Users\stefan\AppData\Local\ESN
2014-06-01 19:48 - 2014-06-01 19:48 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-06-01 16:59 - 2014-06-10 22:42 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-06-01 16:59 - 2014-06-01 19:50 - 00000000 ____D () C:\Users\stefan\AppData\Local\PunkBuster
2014-06-01 16:57 - 2014-06-01 16:57 - 00000000 ____D () C:\Users\stefan\AppData\Local\Ubisoft
2014-06-01 15:18 - 2014-06-10 22:42 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-06-01 15:18 - 2014-06-10 22:42 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-06-01 15:18 - 2014-06-01 16:57 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-01 15:18 - 2014-06-01 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2014-05-31 20:34 - 2014-05-31 20:34 - 00000000 ____D () C:\Users\stefan\AppData\Local\PAYDAY 2
2014-05-31 20:34 - 2014-05-31 20:34 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-05-31 20:34 - 2014-05-31 20:34 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-05-31 18:20 - 2014-06-01 12:23 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-31 17:51 - 2014-05-31 17:51 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-31 17:51 - 2014-05-31 17:51 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-31 17:03 - 2014-05-31 17:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pflanzen gegen Zombies
2014-05-30 21:13 - 2014-05-30 23:52 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\FileZilla
2014-05-30 20:39 - 2014-05-30 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Weaverslave
2014-05-30 20:15 - 2014-05-30 20:15 - 00000188 _____ () C:\Users\stefan\Desktop\siemens job.url
2014-05-29 10:06 - 2014-05-29 18:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-05-29 10:02 - 2014-05-29 10:11 - 00000000 ____D () C:\Program Files (x86)\AviSynth 2.5
2014-05-29 10:01 - 2014-05-29 10:01 - 00000000 ____D () C:\Temp
2014-05-29 10:01 - 2011-01-03 11:07 - 00490496 _____ (www.madshi.net) C:\Windows\SysWOW64\madFlac.ax
2014-05-29 10:01 - 2010-02-15 20:00 - 00439808 _____ (MPC-HC Team) C:\Windows\SysWOW64\RealMediaSplitter.ax
2014-05-29 10:01 - 2009-04-28 15:44 - 00417792 _____ (Gabest) C:\Windows\SysWOW64\FLVSplitter.ax
2014-05-29 10:01 - 2009-03-26 22:33 - 00536652 _____ (ArcSoft Inc.) C:\Windows\SysWOW64\ASAudioHD.ax
2014-05-29 10:01 - 2008-11-28 16:36 - 00285184 _____ (ArcSoft Inc.) C:\Windows\SysWOW64\MagUIEngine.dll
2014-05-29 10:01 - 2008-11-28 16:36 - 00092672 _____ (ArcSoft Inc.) C:\Windows\SysWOW64\MagUIInter.dll
2014-05-29 10:01 - 2008-11-28 16:36 - 00055808 _____ (ArcSoft Inc.) C:\Windows\SysWOW64\MagPCMac.dll
2014-05-29 10:01 - 2008-11-28 16:36 - 00035328 _____ (ArcSoft Inc.) C:\Windows\SysWOW64\MagCore.dll
2014-05-29 10:01 - 2008-04-25 09:50 - 00917504 _____ () C:\Windows\SysWOW64\dtsdecoderdll.dll
2014-05-29 10:01 - 2008-04-15 18:40 - 00106496 _____ (ArcSoft Inc.) C:\Windows\SysWOW64\checkactivate.dll
2014-05-29 10:01 - 2007-10-07 14:36 - 00258048 _____ () C:\Windows\SysWOW64\libFLAC.dll
2014-05-29 10:01 - 2004-01-25 18:18 - 00070656 _____ (www.helixcommunity.org) C:\Windows\SysWOW64\yv12vfw.dll
2014-05-29 10:01 - 2004-01-12 09:00 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-05-24 17:31 - 2014-05-24 17:31 - 00000665 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast.lnk
2014-05-23 18:47 - 2014-05-23 18:47 - 00000000 ____D () C:\Users\stefan\AppData\Local\cache
2014-05-23 18:18 - 2014-05-23 18:18 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-05-23 18:18 - 2014-05-23 18:18 - 00000000 ____D () C:\Users\Gast
2014-05-23 18:18 - 2014-05-23 18:18 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-23 18:18 - 2014-05-23 18:18 - 00000000 ____D () C:\Users\Administrator
2014-05-21 21:19 - 2014-06-03 20:43 - 00001578 _____ () C:\Users\stefan\Desktop\10.0.0.21public.lnk
2014-05-19 19:01 - 2014-05-19 19:06 - 00000000 ____D () C:\ProgramData\BootRacer
2014-05-19 19:00 - 2014-05-19 19:05 - 00008192 ____H () C:\Users\Public\Documents\bootracer.his
2014-05-19 18:59 - 2014-05-19 19:06 - 00053978 ____H () C:\Users\Public\Documents\bootracer.log
2014-05-19 18:59 - 2014-05-19 19:06 - 00001062 ____H () C:\Users\Public\Documents\bootracer.ini
2014-05-16 16:29 - 2014-05-16 16:29 - 00000784 _____ () C:\Users\stefan\Desktop\Downloads.lnk
2014-05-16 16:27 - 2014-05-16 16:27 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2014-05-16 16:25 - 2014-06-09 15:41 - 00000000 ____D () C:\Users\stefan\AppData\Local\JDownloader 2.0
2014-05-16 16:25 - 2014-05-16 16:25 - 00000000 ____D () C:\Program Files\JDownloader
2014-05-15 15:00 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 15:00 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 15:00 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 15:00 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 15:00 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 15:00 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-15 14:11 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-15 14:11 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-15 14:11 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 14:11 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 14:06 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 14:06 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 14:06 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 14:06 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 14:06 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 14:06 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 14:06 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 14:06 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 14:06 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 14:06 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 14:06 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 14:06 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 14:06 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 14:06 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 14:06 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 14:06 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 14:06 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 14:06 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 14:06 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 14:06 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 14:06 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 14:06 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 14:06 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 14:06 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 14:06 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 14:06 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 14:06 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 14:06 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 14:06 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 14:06 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 14:06 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 14:06 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 14:06 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 14:06 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 14:06 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-15 14:06 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 14:06 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 14:06 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 14:06 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 14:06 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 14:06 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-12 17:36 - 2014-05-12 17:36 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\xm1
2014-05-12 16:25 - 2014-05-12 16:25 - 00000000 __SHD () C:\Users\stefan\AppData\Local\EmieUserList
2014-05-12 16:25 - 2014-05-12 16:25 - 00000000 __SHD () C:\Users\stefan\AppData\Local\EmieSiteList
2014-05-12 15:15 - 2014-05-12 15:15 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\MiKTeX
2014-05-12 15:10 - 2014-05-12 15:10 - 00000000 ____D () C:\Users\stefan\Texmaker
2014-05-12 15:10 - 2014-05-12 15:10 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Texmaker
2014-05-12 15:10 - 2014-05-12 15:10 - 00000000 ____D () C:\Users\stefan\AppData\Local\MiKTeX
2014-05-12 15:10 - 2014-05-12 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Texmaker
2014-05-12 15:09 - 2014-05-12 15:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9
2014-05-12 15:08 - 2014-05-12 15:08 - 00000000 ____D () C:\ProgramData\MiKTeX

==================== One Month Modified Files and Folders =======

2014-06-11 15:17 - 2014-06-11 15:14 - 00011689 _____ () C:\Users\stefan\Desktop\FRST.txt
2014-06-11 15:17 - 2014-03-06 18:13 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\NetSpeedMonitor
2014-06-11 15:17 - 2008-06-03 14:55 - 01867203 _____ () C:\Windows\WindowsUpdate.log
2014-06-11 15:17 - 2008-06-03 14:55 - 00000000 ____D () C:\Users\stefan\AppData\Local\Temp
2014-06-11 15:16 - 2014-06-10 15:47 - 00000000 ____D () C:\FRST
2014-06-11 15:14 - 2014-06-10 15:46 - 02081792 _____ (Farbar) C:\Users\stefan\Desktop\FRST64.exe
2014-06-11 15:14 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-11 15:14 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-11 15:13 - 2014-06-11 15:13 - 00000626 _____ () C:\Users\stefan\Desktop\JRT.txt
2014-06-11 15:13 - 2014-06-10 19:25 - 00000000 ____D () C:\Users\stefan\Desktop\Probleme
2014-06-11 15:12 - 2011-04-12 09:43 - 00699092 _____ () C:\Windows\system32\perfh007.dat
2014-06-11 15:12 - 2011-04-12 09:43 - 00149232 _____ () C:\Windows\system32\perfc007.dat
2014-06-11 15:12 - 2009-07-14 07:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-11 15:09 - 2014-06-11 15:09 - 00000000 ____D () C:\Windows\ERUNT
2014-06-11 15:08 - 2014-06-11 15:08 - 00002591 _____ () C:\Users\stefan\Desktop\AdwCleaner[S0].txt
2014-06-11 15:08 - 2014-03-06 18:34 - 00000000 ____D () C:\Users\stefan\AppData\Local\CrashDumps
2014-06-11 15:07 - 2014-03-06 21:49 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-06-11 15:07 - 2010-11-21 05:47 - 00468022 _____ () C:\Windows\PFRO.log
2014-06-11 15:07 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-11 15:07 - 2009-07-14 06:51 - 00071310 _____ () C:\Windows\setupact.log
2014-06-11 15:07 - 2008-06-03 15:00 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-11 15:05 - 2014-06-11 15:03 - 00000000 ____D () C:\AdwCleaner
2014-06-11 15:04 - 2008-06-03 14:55 - 00000000 ____D () C:\Users\stefan
2014-06-11 15:03 - 2014-06-11 15:03 - 01016261 _____ (Thisisu) C:\Users\stefan\Desktop\JRT.exe
2014-06-11 15:02 - 2014-06-11 15:02 - 01333465 _____ () C:\Users\stefan\Desktop\adwcleaner_3.212.exe
2014-06-10 23:26 - 2008-06-03 15:00 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-10 23:12 - 2014-06-10 23:12 - 00021578 _____ () C:\ComboFix.txt
2014-06-10 23:12 - 2014-06-10 23:12 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-10 23:12 - 2014-06-10 23:12 - 00000000 ____D () C:\Users\Gast\AppData\Local\temp
2014-06-10 23:12 - 2014-06-10 23:12 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-10 23:12 - 2014-06-10 23:12 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-10 23:12 - 2014-06-10 23:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\temp
2014-06-10 23:12 - 2014-06-10 23:05 - 00000000 ____D () C:\Qoobox
2014-06-10 23:11 - 2014-06-10 23:05 - 00000000 ____D () C:\Windows\erdnt
2014-06-10 23:11 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-06-10 23:02 - 2014-04-07 17:21 - 00000000 ____D () C:\ProgramData\Origin
2014-06-10 22:42 - 2014-06-01 16:59 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-06-10 22:42 - 2014-06-01 15:18 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-06-10 22:42 - 2014-06-01 15:18 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-06-10 22:39 - 2014-04-30 18:36 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-10 16:46 - 2014-06-10 16:46 - 594081497 _____ () C:\Windows\MEMORY.DMP
2014-06-10 16:46 - 2014-06-10 16:46 - 00456536 _____ () C:\Windows\Minidump\061014-7160-01.dmp
2014-06-10 16:46 - 2014-06-10 16:46 - 00000000 ____D () C:\Windows\Minidump
2014-06-10 16:28 - 2014-06-10 16:28 - 00000883 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
2014-06-10 15:45 - 2014-06-10 15:45 - 00000000 _____ () C:\Users\stefan\defogger_reenable
2014-06-09 20:49 - 2014-06-09 20:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-06-09 20:49 - 2014-06-09 20:49 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-06-09 15:47 - 2014-06-09 15:47 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-09 15:47 - 2014-06-09 15:47 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-06-09 15:47 - 2014-06-09 15:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-06-09 15:47 - 2014-03-06 18:11 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-06-09 15:41 - 2014-06-09 15:41 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\Malwarebytes
2014-06-09 15:41 - 2014-06-09 12:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-09 15:41 - 2014-05-16 16:25 - 00000000 ____D () C:\Users\stefan\AppData\Local\JDownloader 2.0
2014-06-09 12:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\security
2014-06-09 10:54 - 2014-06-09 10:54 - 00000000 ____D () C:\Users\stefan\Documents\Tomb raider
2014-06-09 10:46 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-03 20:56 - 2014-06-03 20:56 - 00000768 _____ () C:\Users\stefan\Desktop\Drucken - Verknüpfung.lnk
2014-06-03 20:43 - 2014-05-21 21:19 - 00001578 _____ () C:\Users\stefan\Desktop\10.0.0.21public.lnk
2014-06-03 17:18 - 2014-06-03 17:07 - 00000000 ____D () C:\Users\stefan\Documents\FIFA 14
2014-06-03 16:43 - 2014-03-08 17:11 - 00151414 _____ () C:\Windows\DirectX.log
2014-06-02 16:07 - 2008-06-03 15:23 - 00000000 ____D () C:\Program Files\ASUS
2014-06-02 16:07 - 2008-06-03 15:08 - 00047320 _____ () C:\Windows\DPINST.LOG
2014-06-02 15:03 - 2014-06-02 15:03 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\IsolatedStorage
2014-06-02 15:03 - 2014-06-02 15:03 - 00000000 ____D () C:\Users\stefan\AppData\Local\FileViewPro
2014-06-02 15:03 - 2014-06-02 15:03 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2014-06-02 14:59 - 2014-06-02 14:59 - 00000000 ____D () C:\Spacekace
2014-06-01 19:51 - 2014-06-01 19:50 - 00000000 ____D () C:\Users\stefan\Documents\Battlefield 3
2014-06-01 19:50 - 2014-06-01 16:59 - 00000000 ____D () C:\Users\stefan\AppData\Local\PunkBuster
2014-06-01 19:48 - 2014-06-01 19:48 - 00000000 ____D () C:\Users\stefan\AppData\Local\ESN
2014-06-01 19:48 - 2014-06-01 19:48 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-06-01 16:57 - 2014-06-01 16:57 - 00000000 ____D () C:\Users\stefan\AppData\Local\Ubisoft
2014-06-01 16:57 - 2014-06-01 15:18 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-01 15:18 - 2014-06-01 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2014-06-01 12:23 - 2014-05-31 18:20 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-31 20:34 - 2014-05-31 20:34 - 00000000 ____D () C:\Users\stefan\AppData\Local\PAYDAY 2
2014-05-31 20:34 - 2014-05-31 20:34 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-05-31 20:34 - 2014-05-31 20:34 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-05-31 17:51 - 2014-05-31 17:51 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-31 17:51 - 2014-05-31 17:51 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-31 17:03 - 2014-05-31 17:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pflanzen gegen Zombies
2014-05-31 16:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-05-30 23:52 - 2014-05-30 21:13 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\FileZilla
2014-05-30 21:21 - 2014-04-24 22:15 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\vlc
2014-05-30 20:39 - 2014-05-30 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Weaverslave
2014-05-30 20:35 - 2014-03-24 17:09 - 00000000 ____D () C:\Users\stefan\AppData\Local\Eclipse
2014-05-30 20:15 - 2014-05-30 20:15 - 00000188 _____ () C:\Users\stefan\Desktop\siemens job.url
2014-05-29 18:28 - 2014-05-29 10:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-05-29 10:11 - 2014-05-29 10:02 - 00000000 ____D () C:\Program Files (x86)\AviSynth 2.5
2014-05-29 10:01 - 2014-05-29 10:01 - 00000000 ____D () C:\Temp
2014-05-24 17:35 - 2014-03-08 17:11 - 00000000 ____D () C:\Users\stefan\Documents\My Games
2014-05-24 17:31 - 2014-05-24 17:31 - 00000665 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast.lnk
2014-05-23 18:49 - 2008-06-03 14:55 - 00000000 ___RD () C:\Users\stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-23 18:47 - 2014-05-23 18:47 - 00000000 ____D () C:\Users\stefan\AppData\Local\cache
2014-05-23 18:18 - 2014-05-23 18:18 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-05-23 18:18 - 2014-05-23 18:18 - 00000000 ____D () C:\Users\Gast
2014-05-23 18:18 - 2014-05-23 18:18 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-05-23 18:18 - 2014-05-23 18:18 - 00000000 ____D () C:\Users\Administrator
2014-05-23 17:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-19 22:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-19 19:06 - 2014-05-19 19:01 - 00000000 ____D () C:\ProgramData\BootRacer
2014-05-19 19:06 - 2014-05-19 18:59 - 00053978 ____H () C:\Users\Public\Documents\bootracer.log
2014-05-19 19:06 - 2014-05-19 18:59 - 00001062 ____H () C:\Users\Public\Documents\bootracer.ini
2014-05-19 19:05 - 2014-05-19 19:00 - 00008192 ____H () C:\Users\Public\Documents\bootracer.his
2014-05-19 18:52 - 2008-06-03 15:25 - 01048576 _____ () C:\Windows\PE_Rom.dll
2014-05-16 18:13 - 2009-07-14 06:45 - 00311248 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-16 18:13 - 2008-06-03 15:52 - 00068720 _____ () C:\Users\stefan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-16 16:29 - 2014-05-16 16:29 - 00000784 _____ () C:\Users\stefan\Desktop\Downloads.lnk
2014-05-16 16:27 - 2014-05-16 16:27 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2014-05-16 16:25 - 2014-05-16 16:25 - 00000000 ____D () C:\Program Files\JDownloader
2014-05-15 21:51 - 2014-04-29 19:53 - 00000000 ____D () C:\Users\stefan\Desktop\PH-sa+tests
2014-05-15 21:49 - 2008-06-03 15:27 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-15 21:46 - 2008-06-03 14:55 - 00000000 ___RD () C:\Users\stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 15:02 - 2014-05-06 21:30 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-15 15:00 - 2014-03-08 00:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 15:00 - 2014-03-07 19:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-15 14:59 - 2014-03-08 00:31 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-15 13:50 - 2014-04-30 18:36 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-15 13:50 - 2014-04-30 18:36 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-15 13:50 - 2014-04-30 18:36 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 18:45 - 2014-03-06 18:09 - 00000000 _____ () C:\Windows\Path.idx
2014-05-12 17:36 - 2014-05-12 17:36 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\xm1
2014-05-12 16:25 - 2014-05-12 16:25 - 00000000 __SHD () C:\Users\stefan\AppData\Local\EmieUserList
2014-05-12 16:25 - 2014-05-12 16:25 - 00000000 __SHD () C:\Users\stefan\AppData\Local\EmieSiteList
2014-05-12 15:15 - 2014-05-12 15:15 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\MiKTeX
2014-05-12 15:10 - 2014-05-12 15:10 - 00000000 ____D () C:\Users\stefan\Texmaker
2014-05-12 15:10 - 2014-05-12 15:10 - 00000000 ____D () C:\Users\stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Texmaker
2014-05-12 15:10 - 2014-05-12 15:10 - 00000000 ____D () C:\Users\stefan\AppData\Local\MiKTeX
2014-05-12 15:10 - 2014-05-12 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Texmaker
2014-05-12 15:09 - 2014-05-12 15:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9
2014-05-12 15:08 - 2014-05-12 15:08 - 00000000 ____D () C:\ProgramData\MiKTeX
2014-05-12 14:20 - 2008-06-03 15:00 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-12 14:20 - 2008-06-03 15:00 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-12 14:10 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

Some content of TEMP:
====================
C:\Users\stefan\AppData\Local\Temp\mpam-69adae88.exe
C:\Users\stefan\AppData\Local\Temp\Quarantine.exe
C:\Users\stefan\AppData\Local\Temp\sfamcc00001.dll
C:\Users\stefan\AppData\Local\Temp\sfareca00001.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-08 13:23

==================== End Of Log ============================
         
--- --- ---


Addition log :
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-06-2014 01
Ran by stefan at 2014-06-11 15:17:31
Running from C:\Users\stefan\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Out of date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Out of date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.04.01 - ASUSTeK Computer Inc.)
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.17 - ASUSTeK Computer Inc.)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.025 - ASUSTek Computer Inc.)
Auto Window Manager (HKLM-x32\...\Auto Window Manager) (Version:  - )
Batman Arkham Origins Blackgate Deluxe Edition (HKLM-x32\...\QmF0bWFuQXJraGFtT3JpZ2luc0JsYWNrZ2F0ZURlbHV4ZUVkaXRpb24=_is1) (Version: 1 - )
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BioShock Infinite (HKLM-x32\...\BioShock Infinite_is1) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CPUID CPU-Z 1.68 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.24 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Dishonored: Game of the Year Edition GERMAN (HKLM-x32\...\RGlzaG9ub3JlZEdhbWVvZnRoZVllYXJFZGl0aW9u_is1) (Version: 1 - )
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170510}) (Version: 1.7.0.510 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Metro 2033 (HKLM-x32\...\Metro 2033_is1) (Version:  - )
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.145.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.3.145.0 - Microsoft Corporation) Hidden
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version:  - )
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
OSCAR Editor (x32 Version: 12.03.0004 - A4TECH) Hidden
Outlast (HKLM-x32\...\T3V0bGFzdA==_is1) (Version: 1 - )
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.1500.0 - SAMSUNG Electronics Co., Ltd.)
Sandboxie 4.08 (64-bit) (HKLM\...\Sandboxie) (Version: 4.08 - Sandboxie Holdings, LLC)
Seagate Dashboard (HKLM-x32\...\{67445E65-3D93-428F-83A5-446F7D02689A}) (Version: 3.0.34.1 - Seagate)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
Texmaker (HKLM-x32\...\Texmaker) (Version:  - )
Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version:  - Ubisoft Singapore)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
X7 Oscar Editor (HKLM-x32\...\InstallShield_{3C2379D2-337A-4FFA-9017-BDFB80EC0931}) (Version: 12.03.0004 - A4TECH)

==================== Restore Points  =========================

03-05-2014 20:37:38 Windows Update
05-05-2014 16:04:33 Windows-Sicherung
06-05-2014 19:30:17 Windows Update
07-05-2014 18:57:57 Windows Update
11-05-2014 20:00:31 Installiert Edimax 11n USB Wireless LAN Driver and Utility
11-05-2014 20:03:37 Installiert Edimax 11n USB Wireless LAN Driver and Utility
11-05-2014 20:06:08 Windows-Sicherung
12-05-2014 12:21:56 Windows Update
15-05-2014 12:59:19 Windows Update
16-05-2014 14:49:44 Installed Cisco Network Magic
16-05-2014 14:55:25 Removed Cisco Network Magic
16-05-2014 14:55:32 Removed Pure Networks Platform
18-05-2014 17:00:07 Windows-Sicherung
18-05-2014 17:01:13 Windows Update

==================== Hosts content: ==========================

2014-06-10 23:10 - 2014-06-10 23:11 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0175EBDA-519E-4848-B751-52C54813FDB6} - System32\Tasks\ASUS\ASUS WiFi GO! Server Execute => C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe [2013-08-26] (ASUSTeK Computer Inc.)
Task: {079F8166-3EA7-4EAD-9C86-E6A816C520EA} - System32\Tasks\Speedfan => C:\Program Files (x86)\SpeedFan\speedfan.exe [2013-03-15] (Almico Software (www.almico.com))
Task: {0C97AB10-3858-4A6E-A8B0-55BACDF46542} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2008-06-03] (Google Inc.)
Task: {331031A4-8FA4-4C17-AF45-401277346C06} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-15] (Adobe Systems Incorporated)
Task: {38F02AC0-9DF3-4ABE-AC11-DC510586F262} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {521B60E7-462B-4402-B762-0200B3457AF6} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2013-08-27] (ASUSTek Computer Inc.)
Task: {540EA798-ABE7-4172-A9EA-57B5A37D306F} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2014-02-10] (Seagate Technology LLC)
Task: {5A285923-81AB-49DD-80BD-5E2AFE5CABBB} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2013-02-07] (ASUSTeK Computer Inc.)
Task: {69F8E048-AE1B-4BC7-A0D8-EBAC2792345C} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-09-04] (Microsoft Corporation)
Task: {78A9FA74-8222-4530-BD1F-D106A0B38D43} - System32\Tasks\stefan DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2014-02-10] (Seagate Technology LLC)
Task: {AD8E5C86-7914-4D86-8B07-405419E27E63} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-09-04] (Microsoft Corporation)
Task: {B3F02EAC-2C82-4C24-AFB1-62A248C80744} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2008-06-03] (Google Inc.)
Task: {B9A72D57-F507-43D8-AD2C-889451CC5085} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {BF6CC9AA-86C3-44DE-9368-84290FBE607A} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {E6D88B6C-259F-49E4-8CD3-A6F17B18F7A5} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-06-01 15:18 - 2014-06-01 16:57 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2009-03-30 08:32 - 2009-03-30 08:32 - 00032768 ____R () C:\Windows\DAODx.exe
2012-03-20 12:59 - 2012-03-20 12:59 - 03340288 _____ () C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe
2014-06-11 15:02 - 2014-06-11 15:08 - 00158720 _____ () C:\Users\stefan\AppData\Local\Temp\sfareca00001.dll
2014-06-11 15:02 - 2014-06-11 15:08 - 00192512 _____ () C:\Users\stefan\AppData\Local\Temp\sfamcc00001.dll
2008-06-03 15:22 - 2012-05-02 18:04 - 00233472 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\AudioProjection.dll
2008-06-03 15:22 - 2010-12-14 17:46 - 00067584 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\CoreAudioCap.dll
2008-06-03 15:22 - 2013-08-05 11:14 - 00176128 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\DLCapPP.dll
2008-06-03 15:22 - 2013-06-11 12:06 - 00425984 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\awiscale.DLL
2008-06-03 15:22 - 2010-10-29 18:58 - 00221184 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\JpegCD.DLL
2008-06-03 15:22 - 2013-08-06 20:04 - 02502656 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\xH264E.DLL
2008-06-03 15:22 - 2012-01-12 16:44 - 00475136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFiGO_HookKey.dll
2008-06-03 15:22 - 2013-06-13 17:37 - 00156160 _____ () C:\Program Files (x86)\InstallShield Installation Information\{104BE4B8-D1DB-4170-977B-364960893DC8}\CloudAPI\CloudAPI.dll
2008-06-03 15:22 - 2013-03-21 19:38 - 00716800 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiMoveHelp.dll
2008-06-03 15:22 - 2012-04-25 14:47 - 00659456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\PhoneCtrlAPI.dll
2010-12-02 18:56 - 2010-12-02 18:56 - 00815104 _____ () C:\Program Files (x86)\OSCAR Editor X7\Data\X7\Forms\OSD_Text\OSD_Text.dll
2011-01-09 21:45 - 2011-01-09 21:45 - 00088064 _____ () C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_MouseDeviceManager.dll
2012-02-07 12:20 - 2012-02-07 12:20 - 02413568 _____ () C:\Program Files (x86)\OSCAR Editor X7\Data\X7\Forms\ScreenCapture\ScreenCapture.dll
2011-03-21 20:33 - 2011-03-21 20:33 - 00999424 _____ () C:\Program Files (x86)\OSCAR Editor X7\Data\X7\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll
2010-09-20 15:18 - 2010-09-20 15:18 - 00085504 _____ () C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_ZoomControl.dll
2010-09-20 15:18 - 2010-09-20 15:18 - 00054272 _____ () C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_ScrollbarControl.dll
2011-04-12 16:14 - 2011-04-12 16:14 - 00063488 _____ () C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_AnalyzeGesturesInRight.dll
2010-11-01 21:16 - 2010-11-01 21:16 - 00062976 _____ () C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_AnalyzeGesturesInOne.dll
2011-08-10 14:43 - 2011-08-10 14:43 - 00118272 _____ () C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_Wheel4D.dll
2008-06-03 15:20 - 2009-08-12 20:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AMD FUEL Service => 2
MSCONFIG\Services: asComSvc => 2
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: defragsvc => 3
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: FontCache => 2
MSCONFIG\Services: IEEtwCollectorService => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: RemoteRegistry => 3
MSCONFIG\Services: SbieSvc => 2
MSCONFIG\Services: SDRSVC => 3
MSCONFIG\Services: Seagate Dashboard Services => 2
MSCONFIG\Services: Seagate MobileBackup Service => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: VSS => 3
MSCONFIG\Services: wercplsupport => 3
MSCONFIG\Services: WerSvc => 3
MSCONFIG\Services: WSearch => 2
MSCONFIG\startupreg: 5689ABELftvwz => C:\ProgramData\5689ABELftvwz.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ASUS WiFi GO! FileTransfer Execute => C:\Program Files (x86)\ASUS\AI Suite II\Remote GO!\AssistTools\WiFile\WiFileTransfer.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "E:\Programme\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DBAgent => "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: PolkastLibrary => E:\Programme\polkast\PolkastLibrary.exe "auto"
MSCONFIG\startupreg: SandboxieControl => "E:\Programme\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Uploader => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-06-10 23:09:51.926
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-10 23:09:51.895
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-07 18:23:31.512
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\stefan\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-07 18:23:31.480
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\stefan\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-07 18:23:31.449
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Programme\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-07 18:23:31.418
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Programme\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-07 18:23:10.052
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\stefan\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-07 18:23:10.021
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\stefan\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-07 18:23:09.990
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Programme\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-07 18:23:09.959
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Programme\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 12%
Total physical RAM: 16281.45 MB
Available physical RAM: 14245.29 MB
Total Pagefile: 32561.09 MB
Available Pagefile: 30458.26 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.02 GB) (Free:58.76 GB) NTFS
Drive e: () (Fixed) (Total:1863.01 GB) (Free:1576.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 119 GB) (Disk ID: 6817D464)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: EA68EC76)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 11.06.2014, 15:59   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
microsoft essentials update nicht möglich aufgrund eines Schädlings. - Standard

microsoft essentials update nicht möglich aufgrund eines Schädlings.



Okay, dann jetzt Kontrollscans mit MBAM und ESET bitte:

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 11.06.2014, 16:16   #9
papsti7
 
microsoft essentials update nicht möglich aufgrund eines Schädlings. - Standard

microsoft essentials update nicht möglich aufgrund eines Schädlings.



ich kann beide programm nicht von den links herunterladen. Keine Verbindung zur Seite wenn ich auf download klicke. MBMA konnte ich von chip laden aber das andere Programm kann ich gar nicht herunter laden.

Alt 11.06.2014, 16:27   #10
papsti7
 
microsoft essentials update nicht möglich aufgrund eines Schädlings. - Standard

microsoft essentials update nicht möglich aufgrund eines Schädlings.



habe keine bedrohungen aber ich habe alte Bedrohungen gefunden und alte xml logs aber leider keine txt dateien deswegen hänge ich diese an ich hoffe ich erschwere die arbeit nicht zu sehr .

Alt 11.06.2014, 16:50   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
microsoft essentials update nicht möglich aufgrund eines Schädlings. - Standard

microsoft essentials update nicht möglich aufgrund eines Schädlings.



Dann mach mal mit diesem Tool weiter:

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 11.06.2014, 19:56   #12
papsti7
 
microsoft essentials update nicht möglich aufgrund eines Schädlings. - Standard

microsoft essentials update nicht möglich aufgrund eines Schädlings.



ich kann die dateien nie herunterladen wenn dann nur bei chip. Ich glaube das hat mit einer Maleware zu tun oder weil das war noch nie das fast keine seiten mehr funktionieren.

TDSSKiller log file :
Code:
ATTFilter
19:53:56.0886 0x0b3c  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54
19:53:56.0886 0x0b3c  UEFI system
19:54:05.0687 0x0b3c  ============================================================
19:54:05.0687 0x0b3c  Current date / time: 2014/06/11 19:54:05.0687
19:54:05.0687 0x0b3c  SystemInfo:
19:54:05.0687 0x0b3c  
19:54:05.0687 0x0b3c  OS Version: 6.1.7601 ServicePack: 1.0
19:54:05.0687 0x0b3c  Product type: Workstation
19:54:05.0687 0x0b3c  ComputerName: GAMING-PC
19:54:05.0687 0x0b3c  UserName: stefan
19:54:05.0688 0x0b3c  Windows directory: C:\Windows
19:54:05.0688 0x0b3c  System windows directory: C:\Windows
19:54:05.0688 0x0b3c  Running under WOW64
19:54:05.0688 0x0b3c  Processor architecture: Intel x64
19:54:05.0688 0x0b3c  Number of processors: 8
19:54:05.0688 0x0b3c  Page size: 0x1000
19:54:05.0688 0x0b3c  Boot type: Normal boot
19:54:05.0688 0x0b3c  ============================================================
19:54:05.0782 0x0b3c  KLMD registered as C:\Windows\system32\drivers\76146477.sys
19:54:05.0862 0x0b3c  System UUID: {BDBA9992-1553-C033-62A8-AA210061DB25}
19:54:06.0176 0x0b3c  Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:54:06.0197 0x0b3c  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:54:06.0213 0x0b3c  ============================================================
19:54:06.0213 0x0b3c  \Device\Harddisk0\DR0:
19:54:06.0213 0x0b3c  GPT partitions:
19:54:06.0213 0x0b3c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {71FBF5C3-CE09-451C-9768-710AB1B3EA5B}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
19:54:06.0213 0x0b3c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {2A48424C-1FBB-41C3-BC6C-C71463311552}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
19:54:06.0214 0x0b3c  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C3CC5A0D-6F86-4CCE-9308-B133DB080CCC}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0xEE09800
19:54:06.0214 0x0b3c  MBR partitions:
19:54:06.0214 0x0b3c  \Device\Harddisk1\DR1:
19:54:06.0222 0x0b3c  MBR partitions:
19:54:06.0222 0x0b3c  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
19:54:06.0222 0x0b3c  ============================================================
19:54:06.0223 0x0b3c  C: <-> \Device\Harddisk0\DR0\Partition3
19:54:06.0236 0x0b3c  E: <-> \Device\Harddisk1\DR1\Partition1
19:54:06.0236 0x0b3c  ============================================================
19:54:06.0236 0x0b3c  Initialize success
19:54:06.0236 0x0b3c  ============================================================
19:54:40.0327 0x0544  ============================================================
19:54:40.0327 0x0544  Scan started
19:54:40.0328 0x0544  Mode: Manual; SigCheck; TDLFS; 
19:54:40.0328 0x0544  ============================================================
19:54:40.0328 0x0544  KSN ping started
19:54:55.0598 0x0544  KSN ping finished: true
19:54:55.0748 0x0544  ================ Scan system memory ========================
19:54:55.0748 0x0544  System memory - ok
19:54:55.0748 0x0544  ================ Scan services =============================
19:54:55.0789 0x0544  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:54:55.0832 0x0544  1394ohci - ok
19:54:55.0840 0x0544  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:54:55.0854 0x0544  ACPI - ok
19:54:55.0856 0x0544  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:54:55.0871 0x0544  AcpiPmi - ok
19:54:55.0875 0x0544  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:54:55.0884 0x0544  AdobeARMservice - ok
19:54:55.0913 0x0544  [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:54:55.0924 0x0544  AdobeFlashPlayerUpdateSvc - ok
19:54:55.0934 0x0544  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
19:54:55.0951 0x0544  adp94xx - ok
19:54:55.0959 0x0544  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
19:54:55.0972 0x0544  adpahci - ok
19:54:55.0978 0x0544  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
19:54:55.0988 0x0544  adpu320 - ok
19:54:55.0993 0x0544  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:54:56.0038 0x0544  AeLookupSvc - ok
19:54:56.0048 0x0544  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
19:54:56.0068 0x0544  AFD - ok
19:54:56.0071 0x0544  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
19:54:56.0079 0x0544  agp440 - ok
19:54:56.0083 0x0544  [ 4BFB41025FA1C37205EDEEFDE36F7771, EA171520C0C8DAFA3D656EC4815393F77096C1E22EC9F39756B52D1565483102 ] AiChargerPlus   C:\Windows\syswow64\drivers\AiChargerPlus.sys
19:54:56.0092 0x0544  AiChargerPlus - ok
19:54:56.0096 0x0544  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
19:54:56.0107 0x0544  ALG - ok
19:54:56.0109 0x0544  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:54:56.0116 0x0544  aliide - ok
19:54:56.0122 0x0544  [ 66B54471B5856E314947881E28263A6D, 2D60706B52A2CE98FF806337D62CD010C1DEB2AEDDF899C7B67173928B2D7C4C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:54:56.0142 0x0544  AMD External Events Utility - ok
19:54:56.0144 0x0544  AMD FUEL Service - ok
19:54:56.0147 0x0544  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
19:54:56.0154 0x0544  amdide - ok
19:54:56.0157 0x0544  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
19:54:56.0167 0x0544  AmdK8 - ok
19:54:56.0412 0x0544  [ FBB35875FEFE53D4280259842069ED72, B1A1B5799A6C50C244182CD201A1E9FCB7BE3B5ED4BB2E2E6BCF8E1BF53B75DB ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
19:54:56.0681 0x0544  amdkmdag - ok
19:54:56.0698 0x0544  [ A32BCAD9377E3B75D034CAFBA463A0AE, F504895D9C9CD1B4607806BCAF15A1CBFBAC2E5824903277A1350C9F35045602 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
19:54:56.0719 0x0544  amdkmdap - ok
19:54:56.0722 0x0544  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
19:54:56.0732 0x0544  AmdPPM - ok
19:54:56.0736 0x0544  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:54:56.0745 0x0544  amdsata - ok
19:54:56.0750 0x0544  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
19:54:56.0761 0x0544  amdsbs - ok
19:54:56.0764 0x0544  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:54:56.0770 0x0544  amdxata - ok
19:54:56.0774 0x0544  [ EE4797DFEBBE8ACDB548DD8E80BE0A88, 9D56F835A5A9C045829EDFB546379E3448C9E539E5C2608B559DE4D052FEC769 ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
19:54:56.0781 0x0544  amd_sata - ok
19:54:56.0784 0x0544  [ D56EAD71A86FD2ACAE2DB47D0A6A3A41, 2E5E6D0E00D25765CC8B9997B26DE43F305966BFA518CB72EA7CA77152001726 ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
19:54:56.0790 0x0544  amd_xata - ok
19:54:56.0793 0x0544  [ E8CCB797DAF80779C768BD3A9FC8FCAF, 781BD878CA34D8B6D2FE238439CD173E95449260428859BEA92866D41B1284F4 ] AODDriver4.2.0  C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
19:54:56.0800 0x0544  AODDriver4.2.0 - ok
19:54:56.0803 0x0544  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
19:54:56.0848 0x0544  AppID - ok
19:54:56.0851 0x0544  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:54:56.0873 0x0544  AppIDSvc - ok
19:54:56.0877 0x0544  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
19:54:56.0887 0x0544  Appinfo - ok
19:54:56.0892 0x0544  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
19:54:56.0900 0x0544  arc - ok
19:54:56.0904 0x0544  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:54:56.0912 0x0544  arcsas - ok
19:54:56.0930 0x0544  [ 31E2470E61D5A390405BA41C279D8446, ADA2518DCB78529F716622E45775283CBBB8CA61A4E90B99C2D799C23C8AFCAA ] asComSvc        C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
19:54:56.0953 0x0544  asComSvc - ok
19:54:56.0972 0x0544  [ 0466B91EE5767A769E9F8EDB8EF94DDB, 04A529E57D6F617688B072B3BD281538B6B02BB985EE0AE2E355E685E52BE0C8 ] asHmComSvc      C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
19:54:56.0995 0x0544  asHmComSvc - ok
19:54:56.0998 0x0544  [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
19:54:57.0004 0x0544  AsIO - ok
19:54:57.0008 0x0544  [ 10920CCB66203D7EF48F024B1B35AE6F, 3C97FE6C91076C059E54234F54021F5D74FB42638BE14E2C1E4CF2EFC342C274 ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
19:54:57.0017 0x0544  asmthub3 - ok
19:54:57.0026 0x0544  [ C479BFAF73CF726E01AA0A487B268A5E, D49F7779CD25E098EC9DAF1886C3B3DB8EB22CEC0FEA6FDF4522A2B2D282AE37 ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
19:54:57.0039 0x0544  asmtxhci - ok
19:54:57.0052 0x0544  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:54:57.0063 0x0544  aspnet_state - ok
19:54:57.0067 0x0544  [ AD8947D621FDCA48F1F39F4624B60AA1, D685CD1A378FA411EA11C18615A1EC5D66CEC2F990DB0D4181EE3140B9DF3E8B ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
19:54:57.0075 0x0544  AsSysCtrlService - ok
19:54:57.0078 0x0544  [ 1392B92179B07B672720763D9B1028A5, B4D47EA790920A4531E3DF5A4B4B0721B7FEA6B49A35679F0652F1E590422602 ] AsUpIO          C:\Windows\syswow64\drivers\AsUpIO.sys
19:54:57.0083 0x0544  AsUpIO - ok
19:54:57.0112 0x0544  [ FEB2ED40421C54040BC11380272CADDC, 0B93B4879FDE3E6A8766420B112914D629F8628764AE33612ED87A6891DA63E2 ] AsusFanControlService C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe
19:54:57.0153 0x0544  AsusFanControlService - detected UnsignedFile.Multi.Generic ( 1 )
19:54:57.0213 0x0544  AsusFanControlService ( UnsignedFile.Multi.Generic ) - warning
19:55:00.0449 0x0544  [ A5E4CDB420540095D1293C874B5F89AA, EBC082FF94872537649F00D91AF22E0AFB4D538ACDB4731C9A95D209C7B144FD ] ASUSFILTER      C:\Windows\syswow64\drivers\ASUSFILTER.sys
19:55:00.0466 0x0544  ASUSFILTER - ok
19:55:00.0471 0x0544  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:55:00.0496 0x0544  AsyncMac - ok
19:55:00.0499 0x0544  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
19:55:00.0506 0x0544  atapi - ok
19:55:00.0511 0x0544  [ 770A3B0D78232B0C1054495392A1FBA3, 733BB08BAFE42E848F3A3CDFD80A2C37DB829CAD2E18B3D6299FDEE6EF30C9CD ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
19:55:00.0521 0x0544  AtiHDAudioService - ok
19:55:00.0535 0x0544  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:55:00.0570 0x0544  AudioEndpointBuilder - ok
19:55:00.0583 0x0544  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:55:00.0616 0x0544  AudioSrv - ok
19:55:00.0621 0x0544  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:55:00.0639 0x0544  AxInstSV - ok
19:55:00.0649 0x0544  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
19:55:00.0667 0x0544  b06bdrv - ok
19:55:00.0674 0x0544  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:55:00.0688 0x0544  b57nd60a - ok
19:55:00.0693 0x0544  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:55:00.0703 0x0544  BDESVC - ok
19:55:00.0705 0x0544  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:55:00.0726 0x0544  Beep - ok
19:55:00.0741 0x0544  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
19:55:00.0763 0x0544  BFE - ok
19:55:00.0780 0x0544  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
19:55:00.0817 0x0544  BITS - ok
19:55:00.0821 0x0544  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:55:00.0829 0x0544  blbdrive - ok
19:55:00.0833 0x0544  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:55:00.0843 0x0544  bowser - ok
19:55:00.0845 0x0544  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
19:55:00.0855 0x0544  BrFiltLo - ok
19:55:00.0857 0x0544  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
19:55:00.0866 0x0544  BrFiltUp - ok
19:55:00.0871 0x0544  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
19:55:00.0895 0x0544  BridgeMP - ok
19:55:00.0899 0x0544  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
19:55:00.0910 0x0544  Browser - ok
19:55:00.0917 0x0544  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:55:00.0932 0x0544  Brserid - ok
19:55:00.0935 0x0544  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:55:00.0945 0x0544  BrSerWdm - ok
19:55:00.0948 0x0544  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:55:00.0957 0x0544  BrUsbMdm - ok
19:55:00.0960 0x0544  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:55:00.0968 0x0544  BrUsbSer - ok
19:55:00.0971 0x0544  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:55:00.0982 0x0544  BTHMODEM - ok
19:55:00.0986 0x0544  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
19:55:01.0009 0x0544  bthserv - ok
19:55:01.0011 0x0544  catchme - ok
19:55:01.0015 0x0544  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:55:01.0039 0x0544  cdfs - ok
19:55:01.0043 0x0544  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:55:01.0054 0x0544  cdrom - ok
19:55:01.0058 0x0544  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
19:55:01.0080 0x0544  CertPropSvc - ok
19:55:01.0083 0x0544  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
19:55:01.0094 0x0544  circlass - ok
19:55:01.0102 0x0544  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
19:55:01.0115 0x0544  CLFS - ok
19:55:01.0121 0x0544  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:55:01.0130 0x0544  clr_optimization_v2.0.50727_32 - ok
19:55:01.0135 0x0544  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:55:01.0144 0x0544  clr_optimization_v2.0.50727_64 - ok
19:55:01.0154 0x0544  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:55:01.0169 0x0544  clr_optimization_v4.0.30319_32 - ok
19:55:01.0173 0x0544  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:55:01.0185 0x0544  clr_optimization_v4.0.30319_64 - ok
19:55:01.0188 0x0544  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
19:55:01.0196 0x0544  CmBatt - ok
19:55:01.0199 0x0544  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:55:01.0206 0x0544  cmdide - ok
19:55:01.0216 0x0544  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
19:55:01.0236 0x0544  CNG - ok
19:55:01.0238 0x0544  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
19:55:01.0245 0x0544  Compbatt - ok
19:55:01.0248 0x0544  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
19:55:01.0258 0x0544  CompositeBus - ok
19:55:01.0260 0x0544  COMSysApp - ok
19:55:01.0263 0x0544  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
19:55:01.0271 0x0544  crcdisk - ok
19:55:01.0277 0x0544  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:55:01.0288 0x0544  CryptSvc - ok
19:55:01.0292 0x0544  [ 106838084C284C06D01C6C5370F7C5D3, 977096D7C4218E123306FB191C69F6642505DA17D0AE25D6BFFECD029B055BC1 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
19:55:01.0299 0x0544  dc3d - ok
19:55:01.0311 0x0544  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:55:01.0344 0x0544  DcomLaunch - ok
19:55:01.0351 0x0544  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
19:55:01.0379 0x0544  defragsvc - ok
19:55:01.0383 0x0544  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:55:01.0406 0x0544  DfsC - ok
19:55:01.0410 0x0544  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
19:55:01.0419 0x0544  dg_ssudbus - ok
19:55:01.0426 0x0544  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:55:01.0441 0x0544  Dhcp - ok
19:55:01.0445 0x0544  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
19:55:01.0466 0x0544  discache - ok
19:55:01.0470 0x0544  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
19:55:01.0478 0x0544  Disk - ok
19:55:01.0483 0x0544  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:55:01.0494 0x0544  Dnscache - ok
19:55:01.0502 0x0544  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:55:01.0528 0x0544  dot3svc - ok
19:55:01.0533 0x0544  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
19:55:01.0557 0x0544  DPS - ok
19:55:01.0560 0x0544  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:55:01.0568 0x0544  drmkaud - ok
19:55:01.0575 0x0544  [ 6A0E850DDCB136AA3D2FB7234382DF12, C01863E95F45E1B74AC65C9CD12C8DC769299218255B3C94E3EBF58C4D79FEF3 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
19:55:01.0585 0x0544  dtsoftbus01 - ok
19:55:01.0604 0x0544  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:55:01.0627 0x0544  DXGKrnl - ok
19:55:01.0632 0x0544  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
19:55:01.0657 0x0544  EapHost - ok
19:55:01.0715 0x0544  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
19:55:01.0795 0x0544  ebdrv - ok
19:55:01.0799 0x0544  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
19:55:01.0808 0x0544  EFS - ok
19:55:01.0822 0x0544  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:55:01.0846 0x0544  ehRecvr - ok
19:55:01.0850 0x0544  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
19:55:01.0861 0x0544  ehSched - ok
19:55:01.0872 0x0544  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
19:55:01.0889 0x0544  elxstor - ok
19:55:01.0891 0x0544  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:55:01.0899 0x0544  ErrDev - ok
19:55:01.0911 0x0544  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
19:55:01.0940 0x0544  EventSystem - ok
19:55:01.0946 0x0544  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
19:55:01.0971 0x0544  exfat - ok
19:55:01.0977 0x0544  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:55:02.0003 0x0544  fastfat - ok
19:55:02.0016 0x0544  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
19:55:02.0039 0x0544  Fax - ok
19:55:02.0042 0x0544  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
19:55:02.0050 0x0544  fdc - ok
19:55:02.0053 0x0544  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
19:55:02.0075 0x0544  fdPHost - ok
19:55:02.0078 0x0544  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:55:02.0100 0x0544  FDResPub - ok
19:55:02.0104 0x0544  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:55:02.0111 0x0544  FileInfo - ok
19:55:02.0114 0x0544  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:55:02.0136 0x0544  Filetrace - ok
19:55:02.0139 0x0544  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
19:55:02.0147 0x0544  flpydisk - ok
19:55:02.0154 0x0544  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:55:02.0165 0x0544  FltMgr - ok
19:55:02.0186 0x0544  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
19:55:02.0219 0x0544  FontCache - ok
19:55:02.0222 0x0544  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:55:02.0229 0x0544  FontCache3.0.0.0 - ok
19:55:02.0232 0x0544  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:55:02.0240 0x0544  FsDepends - ok
19:55:02.0243 0x0544  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:55:02.0250 0x0544  Fs_Rec - ok
19:55:02.0256 0x0544  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:55:02.0269 0x0544  fvevol - ok
19:55:02.0272 0x0544  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:55:02.0280 0x0544  gagp30kx - ok
19:55:02.0295 0x0544  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
19:55:02.0333 0x0544  gpsvc - ok
19:55:02.0338 0x0544  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:55:02.0345 0x0544  gupdate - ok
19:55:02.0348 0x0544  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:55:02.0355 0x0544  gupdatem - ok
19:55:02.0358 0x0544  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:55:02.0366 0x0544  hcw85cir - ok
19:55:02.0374 0x0544  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:55:02.0391 0x0544  HdAudAddService - ok
19:55:02.0396 0x0544  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:55:02.0407 0x0544  HDAudBus - ok
19:55:02.0410 0x0544  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
19:55:02.0418 0x0544  HidBatt - ok
19:55:02.0422 0x0544  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:55:02.0433 0x0544  HidBth - ok
19:55:02.0436 0x0544  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
19:55:02.0446 0x0544  HidIr - ok
19:55:02.0449 0x0544  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
19:55:02.0471 0x0544  hidserv - ok
19:55:02.0474 0x0544  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:55:02.0482 0x0544  HidUsb - ok
19:55:02.0485 0x0544  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:55:02.0509 0x0544  hkmsvc - ok
19:55:02.0515 0x0544  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:55:02.0528 0x0544  HomeGroupListener - ok
19:55:02.0533 0x0544  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:55:02.0545 0x0544  HomeGroupProvider - ok
19:55:02.0549 0x0544  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:55:02.0557 0x0544  HpSAMD - ok
19:55:02.0571 0x0544  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:55:02.0609 0x0544  HTTP - ok
19:55:02.0611 0x0544  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:55:02.0618 0x0544  hwpolicy - ok
19:55:02.0622 0x0544  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
19:55:02.0632 0x0544  i8042prt - ok
19:55:02.0641 0x0544  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:55:02.0655 0x0544  iaStorV - ok
19:55:02.0672 0x0544  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:55:02.0694 0x0544  idsvc - ok
19:55:02.0697 0x0544  IEEtwCollectorService - ok
19:55:02.0700 0x0544  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
19:55:02.0708 0x0544  iirsp - ok
19:55:02.0724 0x0544  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
19:55:02.0751 0x0544  IKEEXT - ok
19:55:02.0813 0x0544  [ 2BEE14AC102CF1259AC99ABF53291A8B, 45FAF81302E7A575D378A67F4EF75C89FDDE3B16AC3155BB2803A54D3A7B0DD3 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:55:02.0880 0x0544  IntcAzAudAddService - ok
19:55:02.0884 0x0544  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:55:02.0891 0x0544  intelide - ok
19:55:02.0894 0x0544  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
19:55:02.0904 0x0544  intelppm - ok
19:55:02.0907 0x0544  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:55:02.0931 0x0544  IPBusEnum - ok
19:55:02.0935 0x0544  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:55:02.0957 0x0544  IpFilterDriver - ok
19:55:02.0969 0x0544  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:55:02.0990 0x0544  iphlpsvc - ok
19:55:02.0993 0x0544  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:55:03.0003 0x0544  IPMIDRV - ok
19:55:03.0007 0x0544  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:55:03.0031 0x0544  IPNAT - ok
19:55:03.0034 0x0544  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:55:03.0045 0x0544  IRENUM - ok
19:55:03.0047 0x0544  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:55:03.0054 0x0544  isapnp - ok
19:55:03.0061 0x0544  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:55:03.0073 0x0544  iScsiPrt - ok
19:55:03.0077 0x0544  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:55:03.0084 0x0544  kbdclass - ok
19:55:03.0087 0x0544  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:55:03.0096 0x0544  kbdhid - ok
19:55:03.0098 0x0544  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
19:55:03.0106 0x0544  KeyIso - ok
19:55:03.0110 0x0544  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:55:03.0118 0x0544  KSecDD - ok
19:55:03.0123 0x0544  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:55:03.0133 0x0544  KSecPkg - ok
19:55:03.0135 0x0544  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:55:03.0157 0x0544  ksthunk - ok
19:55:03.0165 0x0544  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:55:03.0195 0x0544  KtmRm - ok
19:55:03.0202 0x0544  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
19:55:03.0228 0x0544  LanmanServer - ok
19:55:03.0233 0x0544  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:55:03.0257 0x0544  LanmanWorkstation - ok
19:55:03.0262 0x0544  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:55:03.0284 0x0544  lltdio - ok
19:55:03.0292 0x0544  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:55:03.0320 0x0544  lltdsvc - ok
19:55:03.0322 0x0544  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:55:03.0345 0x0544  lmhosts - ok
19:55:03.0350 0x0544  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:55:03.0359 0x0544  LSI_FC - ok
19:55:03.0363 0x0544  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:55:03.0372 0x0544  LSI_SAS - ok
19:55:03.0375 0x0544  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
19:55:03.0383 0x0544  LSI_SAS2 - ok
19:55:03.0387 0x0544  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:55:03.0396 0x0544  LSI_SCSI - ok
19:55:03.0400 0x0544  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
19:55:03.0423 0x0544  luafv - ok
19:55:03.0427 0x0544  [ F92B0E478C0FAA6D6661E6E977247E60, 8B26B57C2C60C98CD6273ACA126B2CD0356ADB13A59FEC12882357A6B973123C ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
19:55:03.0433 0x0544  MBAMProtector - ok
19:55:03.0465 0x0544  [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
19:55:03.0506 0x0544  MBAMScheduler - ok
19:55:03.0522 0x0544  [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
19:55:03.0544 0x0544  MBAMService - ok
19:55:03.0549 0x0544  [ 8A50D5304E6AE48664CF5838EC32F647, C76943FABEE1B5E1B641AA610668CCD4227E2C4B191DD30B79D3AB31A9E8B5BE ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
19:55:03.0556 0x0544  MBAMSwissArmy - ok
19:55:03.0560 0x0544  [ 15E8ABC06843672955CE26A009533BAD, E7221B7DE9DB45447C68E79C6BFD064713C5974F7E79925BD7DEEF71F73F3E83 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
19:55:03.0566 0x0544  MBAMWebAccessControl - ok
19:55:03.0570 0x0544  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:55:03.0581 0x0544  Mcx2Svc - ok
19:55:03.0583 0x0544  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
19:55:03.0591 0x0544  megasas - ok
19:55:03.0597 0x0544  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
19:55:03.0610 0x0544  MegaSR - ok
19:55:03.0613 0x0544  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
19:55:03.0637 0x0544  MMCSS - ok
19:55:03.0640 0x0544  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
19:55:03.0662 0x0544  Modem - ok
19:55:03.0665 0x0544  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:55:03.0675 0x0544  monitor - ok
19:55:03.0678 0x0544  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:55:03.0685 0x0544  mouclass - ok
19:55:03.0688 0x0544  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:55:03.0696 0x0544  mouhid - ok
19:55:03.0700 0x0544  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:55:03.0708 0x0544  mountmgr - ok
19:55:03.0715 0x0544  [ 9EB89625A82AC961F25E7C865947BF9A, 91DB9530CDE883DC60BE621AC4210ACD069631D9466E37411D9D6AEE587098D9 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
19:55:03.0727 0x0544  MpFilter - ok
19:55:03.0732 0x0544  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:55:03.0742 0x0544  mpio - ok
19:55:03.0746 0x0544  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:55:03.0768 0x0544  mpsdrv - ok
19:55:03.0784 0x0544  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:55:03.0823 0x0544  MpsSvc - ok
19:55:03.0828 0x0544  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:55:03.0839 0x0544  MRxDAV - ok
19:55:03.0844 0x0544  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:55:03.0855 0x0544  mrxsmb - ok
19:55:03.0862 0x0544  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:55:03.0876 0x0544  mrxsmb10 - ok
19:55:03.0880 0x0544  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:55:03.0892 0x0544  mrxsmb20 - ok
19:55:03.0895 0x0544  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:55:03.0902 0x0544  msahci - ok
19:55:03.0906 0x0544  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:55:03.0916 0x0544  msdsm - ok
19:55:03.0921 0x0544  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
19:55:03.0933 0x0544  MSDTC - ok
19:55:03.0937 0x0544  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:55:03.0959 0x0544  Msfs - ok
19:55:03.0962 0x0544  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:55:03.0983 0x0544  mshidkmdf - ok
19:55:03.0986 0x0544  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:55:03.0993 0x0544  msisadrv - ok
19:55:03.0997 0x0544  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:55:04.0023 0x0544  MSiSCSI - ok
19:55:04.0025 0x0544  msiserver - ok
19:55:04.0028 0x0544  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:55:04.0050 0x0544  MSKSSRV - ok
19:55:04.0053 0x0544  [ 89F2AEDC2788696702141AB82C3E7866, E166CBD8D3C708737C37172221945D8E56C25C2CC750889C3CE14AA2DE750F33 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
19:55:04.0061 0x0544  MsMpSvc - ok
19:55:04.0063 0x0544  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:55:04.0085 0x0544  MSPCLOCK - ok
19:55:04.0087 0x0544  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:55:04.0109 0x0544  MSPQM - ok
19:55:04.0117 0x0544  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:55:04.0131 0x0544  MsRPC - ok
19:55:04.0135 0x0544  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
19:55:04.0141 0x0544  mssmbios - ok
19:55:04.0144 0x0544  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:55:04.0165 0x0544  MSTEE - ok
19:55:04.0168 0x0544  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
19:55:04.0175 0x0544  MTConfig - ok
19:55:04.0179 0x0544  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
19:55:04.0186 0x0544  Mup - ok
19:55:04.0196 0x0544  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
19:55:04.0228 0x0544  napagent - ok
19:55:04.0236 0x0544  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:55:04.0253 0x0544  NativeWifiP - ok
19:55:04.0271 0x0544  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:55:04.0298 0x0544  NDIS - ok
19:55:04.0301 0x0544  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:55:04.0323 0x0544  NdisCap - ok
19:55:04.0326 0x0544  [ 2E7C9CC1DF7F878358C7292D036AFE63, B0B2C55A73FD957D410C2A6C67C6BC93EA477BA905EE5DD074C85DDFAA4B9A68 ] ndisrd          C:\Windows\system32\DRIVERS\ndisrd.sys
19:55:04.0333 0x0544  ndisrd - ok
19:55:04.0335 0x0544  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:55:04.0357 0x0544  NdisTapi - ok
19:55:04.0360 0x0544  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:55:04.0382 0x0544  Ndisuio - ok
19:55:04.0387 0x0544  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:55:04.0411 0x0544  NdisWan - ok
19:55:04.0414 0x0544  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:55:04.0436 0x0544  NDProxy - ok
19:55:04.0439 0x0544  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:55:04.0461 0x0544  NetBIOS - ok
19:55:04.0467 0x0544  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:55:04.0494 0x0544  NetBT - ok
19:55:04.0496 0x0544  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
19:55:04.0505 0x0544  Netlogon - ok
19:55:04.0512 0x0544  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
19:55:04.0542 0x0544  Netman - ok
19:55:04.0547 0x0544  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:55:04.0560 0x0544  NetMsmqActivator - ok
19:55:04.0564 0x0544  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:55:04.0573 0x0544  NetPipeActivator - ok
19:55:04.0583 0x0544  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
19:55:04.0614 0x0544  netprofm - ok
19:55:04.0619 0x0544  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:55:04.0628 0x0544  NetTcpActivator - ok
19:55:04.0632 0x0544  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:55:04.0642 0x0544  NetTcpPortSharing - ok
19:55:04.0645 0x0544  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
19:55:04.0653 0x0544  nfrd960 - ok
19:55:04.0657 0x0544  [ C3E0696C3B42F694C5822776AA6FFFDF, 80C3DEC2C48500F96C9E677450EFC1ADA9FE9FBB70F4CC2D7D9244B1A515418B ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:55:04.0667 0x0544  NisDrv - ok
19:55:04.0675 0x0544  [ DCEE3592299B2229A0DB98CB415059A2, 709AAA095DF44DDCB6159CE1635AB05EC666D845445790E569F56B297DC64AC3 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
19:55:04.0689 0x0544  NisSrv - ok
19:55:04.0696 0x0544  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:55:04.0711 0x0544  NlaSvc - ok
19:55:04.0714 0x0544  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:55:04.0736 0x0544  Npfs - ok
19:55:04.0739 0x0544  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
19:55:04.0761 0x0544  nsi - ok
19:55:04.0763 0x0544  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:55:04.0785 0x0544  nsiproxy - ok
19:55:04.0816 0x0544  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:55:04.0855 0x0544  Ntfs - ok
19:55:04.0858 0x0544  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
19:55:04.0880 0x0544  Null - ok
19:55:04.0884 0x0544  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:55:04.0894 0x0544  nvraid - ok
19:55:04.0899 0x0544  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:55:04.0909 0x0544  nvstor - ok
19:55:04.0913 0x0544  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:55:04.0922 0x0544  nv_agp - ok
19:55:04.0932 0x0544  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:55:04.0947 0x0544  odserv - ok
19:55:04.0951 0x0544  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:55:04.0960 0x0544  ohci1394 - ok
19:55:04.0965 0x0544  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:55:04.0975 0x0544  ose - ok
19:55:04.0982 0x0544  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:55:04.0998 0x0544  p2pimsvc - ok
19:55:05.0008 0x0544  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
19:55:05.0025 0x0544  p2psvc - ok
19:55:05.0029 0x0544  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
19:55:05.0039 0x0544  Parport - ok
19:55:05.0042 0x0544  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:55:05.0050 0x0544  partmgr - ok
19:55:05.0055 0x0544  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:55:05.0071 0x0544  PcaSvc - ok
19:55:05.0076 0x0544  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
19:55:05.0087 0x0544  pci - ok
19:55:05.0090 0x0544  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
19:55:05.0096 0x0544  pciide - ok
19:55:05.0102 0x0544  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:55:05.0114 0x0544  pcmcia - ok
19:55:05.0117 0x0544  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:55:05.0124 0x0544  pcw - ok
19:55:05.0136 0x0544  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:55:05.0172 0x0544  PEAUTH - ok
19:55:05.0197 0x0544  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:55:05.0206 0x0544  PerfHost - ok
19:55:05.0235 0x0544  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
19:55:05.0287 0x0544  pla - ok
19:55:05.0297 0x0544  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:55:05.0314 0x0544  PlugPlay - ok
19:55:05.0316 0x0544  PnkBstrA - ok
19:55:05.0319 0x0544  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:55:05.0328 0x0544  PNRPAutoReg - ok
19:55:05.0335 0x0544  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:55:05.0349 0x0544  PNRPsvc - ok
19:55:05.0353 0x0544  [ 8E0ACA1C5D6516E5E2E7A7AA5D44D704, 9CCE2FCBEDD21E1EA4A0476B4886DC6C6493CCBAB27AF23E83B0B0B646D8C520 ] Point64         C:\Windows\system32\DRIVERS\point64.sys
19:55:05.0360 0x0544  Point64 - ok
19:55:05.0370 0x0544  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:55:05.0402 0x0544  PolicyAgent - ok
19:55:05.0408 0x0544  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
19:55:05.0434 0x0544  Power - ok
19:55:05.0439 0x0544  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:55:05.0462 0x0544  PptpMiniport - ok
19:55:05.0466 0x0544  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
19:55:05.0475 0x0544  Processor - ok
19:55:05.0481 0x0544  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:55:05.0494 0x0544  ProfSvc - ok
19:55:05.0496 0x0544  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:55:05.0504 0x0544  ProtectedStorage - ok
19:55:05.0508 0x0544  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:55:05.0531 0x0544  Psched - ok
19:55:05.0559 0x0544  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:55:05.0595 0x0544  ql2300 - ok
19:55:05.0600 0x0544  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:55:05.0610 0x0544  ql40xx - ok
19:55:05.0616 0x0544  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
19:55:05.0632 0x0544  QWAVE - ok
19:55:05.0635 0x0544  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:55:05.0647 0x0544  QWAVEdrv - ok
19:55:05.0649 0x0544  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:55:05.0671 0x0544  RasAcd - ok
19:55:05.0675 0x0544  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:55:05.0697 0x0544  RasAgileVpn - ok
19:55:05.0701 0x0544  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
19:55:05.0726 0x0544  RasAuto - ok
19:55:05.0730 0x0544  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:55:05.0754 0x0544  Rasl2tp - ok
19:55:05.0762 0x0544  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
19:55:05.0791 0x0544  RasMan - ok
19:55:05.0795 0x0544  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:55:05.0819 0x0544  RasPppoe - ok
19:55:05.0822 0x0544  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:55:05.0846 0x0544  RasSstp - ok
19:55:05.0853 0x0544  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:55:05.0880 0x0544  rdbss - ok
19:55:05.0883 0x0544  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
19:55:05.0893 0x0544  rdpbus - ok
19:55:05.0895 0x0544  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:55:05.0916 0x0544  RDPCDD - ok
19:55:05.0920 0x0544  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:55:05.0941 0x0544  RDPENCDD - ok
19:55:05.0945 0x0544  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:55:05.0966 0x0544  RDPREFMP - ok
19:55:05.0970 0x0544  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:55:05.0978 0x0544  RdpVideoMiniport - ok
19:55:05.0983 0x0544  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:55:05.0995 0x0544  RDPWD - ok
19:55:06.0001 0x0544  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:55:06.0011 0x0544  rdyboost - ok
19:55:06.0015 0x0544  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:55:06.0039 0x0544  RemoteAccess - ok
19:55:06.0044 0x0544  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:55:06.0070 0x0544  RemoteRegistry - ok
19:55:06.0074 0x0544  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:55:06.0098 0x0544  RpcEptMapper - ok
19:55:06.0101 0x0544  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
19:55:06.0110 0x0544  RpcLocator - ok
19:55:06.0120 0x0544  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
19:55:06.0151 0x0544  RpcSs - ok
19:55:06.0155 0x0544  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:55:06.0178 0x0544  rspndr - ok
19:55:06.0194 0x0544  [ 61A04C0C084D560BBEF1D09604608262, 27230BDFB479FBD1B18BB4035059A52F8BE74B19190951EAC95D569E284421B3 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
19:55:06.0213 0x0544  RTL8167 - ok
19:55:06.0216 0x0544  RTL8192cu - ok
19:55:06.0219 0x0544  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
19:55:06.0227 0x0544  SamSs - ok
19:55:06.0320 0x0544  [ E20128053F3F4641A2627ECFA7149ECA, CE5620BC170E76E53FEDCCEE12BBFBEE7C67B96E53E5D9C63FA7773C36699DC6 ] SbieDrv         E:\Programme\Sandboxie\SbieDrv.sys
19:55:06.0340 0x0544  SbieDrv - ok
19:55:06.0349 0x0544  [ 0FA1025D7AC725EEA5EA3076965EEA6B, 80AFCFD77BCE07F34C1276F5F416A156ABB9FEDC2AAF7AE68CEA500A4468D125 ] SbieSvc         E:\Programme\Sandboxie\SbieSvc.exe
19:55:06.0359 0x0544  SbieSvc - ok
19:55:06.0363 0x0544  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:55:06.0371 0x0544  sbp2port - ok
19:55:06.0377 0x0544  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:55:06.0403 0x0544  SCardSvr - ok
19:55:06.0406 0x0544  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:55:06.0427 0x0544  scfilter - ok
19:55:06.0448 0x0544  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
19:55:06.0493 0x0544  Schedule - ok
19:55:06.0497 0x0544  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:55:06.0519 0x0544  SCPolicySvc - ok
19:55:06.0524 0x0544  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:55:06.0537 0x0544  SDRSVC - ok
19:55:06.0542 0x0544  [ FE0B33A0B4DAE656658F02D0D0F970F9, 25CC17569226F0B00BA7F13413BE083E9DB8BF506F4B5BC5C6EC169F0F9C80F0 ] Seagate Dashboard Services C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
19:55:06.0550 0x0544  Seagate Dashboard Services - ok
19:55:06.0555 0x0544  [ 754188438E6EC7953634E6495D4B8D21, 5E404172CA366158EED9FD8DE92F1918B37CB69B7516E453CD12FEE2310E4F3A ] Seagate MobileBackup Service C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
19:55:06.0563 0x0544  Seagate MobileBackup Service - ok
19:55:06.0566 0x0544  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:55:06.0588 0x0544  secdrv - ok
19:55:06.0591 0x0544  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
19:55:06.0613 0x0544  seclogon - ok
19:55:06.0616 0x0544  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
19:55:06.0640 0x0544  SENS - ok
19:55:06.0644 0x0544  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:55:06.0653 0x0544  SensrSvc - ok
19:55:06.0656 0x0544  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
19:55:06.0664 0x0544  Serenum - ok
19:55:06.0668 0x0544  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
19:55:06.0678 0x0544  Serial - ok
19:55:06.0681 0x0544  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:55:06.0689 0x0544  sermouse - ok
19:55:06.0697 0x0544  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
19:55:06.0722 0x0544  SessionEnv - ok
19:55:06.0725 0x0544  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:55:06.0735 0x0544  sffdisk - ok
19:55:06.0737 0x0544  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:55:06.0747 0x0544  sffp_mmc - ok
19:55:06.0749 0x0544  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:55:06.0759 0x0544  sffp_sd - ok
19:55:06.0762 0x0544  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
19:55:06.0770 0x0544  sfloppy - ok
19:55:06.0778 0x0544  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:55:06.0809 0x0544  SharedAccess - ok
19:55:06.0817 0x0544  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:55:06.0849 0x0544  ShellHWDetection - ok
19:55:06.0852 0x0544  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
19:55:06.0860 0x0544  SiSRaid2 - ok
19:55:06.0863 0x0544  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:55:06.0871 0x0544  SiSRaid4 - ok
19:55:06.0875 0x0544  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:55:06.0899 0x0544  Smb - ok
19:55:06.0904 0x0544  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:55:06.0913 0x0544  SNMPTRAP - ok
19:55:06.0916 0x0544  [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan        C:\Windows\syswow64\speedfan.sys
19:55:06.0924 0x0544  speedfan - ok
19:55:06.0927 0x0544  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:55:06.0933 0x0544  spldr - ok
19:55:06.0945 0x0544  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
19:55:06.0965 0x0544  Spooler - ok
19:55:07.0025 0x0544  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
19:55:07.0115 0x0544  sppsvc - ok
19:55:07.0119 0x0544  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:55:07.0143 0x0544  sppuinotify - ok
19:55:07.0153 0x0544  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:55:07.0171 0x0544  srv - ok
19:55:07.0180 0x0544  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:55:07.0196 0x0544  srv2 - ok
19:55:07.0201 0x0544  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:55:07.0212 0x0544  srvnet - ok
19:55:07.0217 0x0544  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:55:07.0243 0x0544  SSDPSRV - ok
19:55:07.0247 0x0544  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:55:07.0271 0x0544  SstpSvc - ok
19:55:07.0277 0x0544  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
19:55:07.0287 0x0544  ssudmdm - ok
19:55:07.0298 0x0544  [ 2F3B5A3567FFB343D8867C3D34C687F1, D01971412506746B2EA1CBB0ACF9472889ABBC23318C1332BEC9C8256011183E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:55:07.0315 0x0544  Steam Client Service - ok
19:55:07.0318 0x0544  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
19:55:07.0325 0x0544  stexstor - ok
19:55:07.0338 0x0544  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
19:55:07.0362 0x0544  stisvc - ok
19:55:07.0365 0x0544  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
19:55:07.0371 0x0544  swenum - ok
19:55:07.0382 0x0544  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
19:55:07.0416 0x0544  swprv - ok
19:55:07.0447 0x0544  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
19:55:07.0497 0x0544  SysMain - ok
19:55:07.0502 0x0544  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:55:07.0516 0x0544  TabletInputService - ok
19:55:07.0523 0x0544  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:55:07.0553 0x0544  TapiSrv - ok
19:55:07.0556 0x0544  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
19:55:07.0581 0x0544  TBS - ok
19:55:07.0615 0x0544  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:55:07.0658 0x0544  Tcpip - ok
19:55:07.0692 0x0544  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:55:07.0731 0x0544  TCPIP6 - ok
19:55:07.0736 0x0544  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:55:07.0744 0x0544  tcpipreg - ok
19:55:07.0747 0x0544  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:55:07.0755 0x0544  TDPIPE - ok
19:55:07.0758 0x0544  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:55:07.0766 0x0544  TDTCP - ok
19:55:07.0770 0x0544  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:55:07.0793 0x0544  tdx - ok
19:55:07.0885 0x0544  [ 97F6FFB8A305A77D25C6C0E07B71D252, 97C5FC73A250FC2016E29148A6A37E54BD74AE983D99AAF4890C059719C93EC2 ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
19:55:07.0991 0x0544  TeamViewer9 - ok
19:55:07.0996 0x0544  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
19:55:08.0004 0x0544  TermDD - ok
19:55:08.0018 0x0544  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
19:55:08.0054 0x0544  TermService - ok
19:55:08.0058 0x0544  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
19:55:08.0070 0x0544  Themes - ok
19:55:08.0074 0x0544  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
19:55:08.0097 0x0544  THREADORDER - ok
19:55:08.0102 0x0544  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
19:55:08.0126 0x0544  TrkWks - ok
19:55:08.0132 0x0544  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:55:08.0156 0x0544  TrustedInstaller - ok
19:55:08.0161 0x0544  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:55:08.0169 0x0544  tssecsrv - ok
19:55:08.0173 0x0544  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:55:08.0181 0x0544  TsUsbFlt - ok
19:55:08.0184 0x0544  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
19:55:08.0193 0x0544  TsUsbGD - ok
19:55:08.0197 0x0544  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:55:08.0221 0x0544  tunnel - ok
19:55:08.0225 0x0544  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:55:08.0233 0x0544  uagp35 - ok
19:55:08.0241 0x0544  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:55:08.0270 0x0544  udfs - ok
19:55:08.0275 0x0544  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:55:08.0285 0x0544  UI0Detect - ok
19:55:08.0289 0x0544  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:55:08.0297 0x0544  uliagpkx - ok
19:55:08.0300 0x0544  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:55:08.0310 0x0544  umbus - ok
19:55:08.0313 0x0544  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
19:55:08.0321 0x0544  UmPass - ok
19:55:08.0330 0x0544  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
19:55:08.0359 0x0544  upnphost - ok
19:55:08.0364 0x0544  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
19:55:08.0374 0x0544  usbaudio - ok
19:55:08.0378 0x0544  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:55:08.0387 0x0544  usbccgp - ok
19:55:08.0391 0x0544  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:55:08.0401 0x0544  usbcir - ok
19:55:08.0405 0x0544  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
19:55:08.0413 0x0544  usbehci - ok
19:55:08.0416 0x0544  [ 504901430B6E03B99EBB6BF26E0868C6, D00C0904B7008305DCA5D1E6FED153DD8875CAD14D80348E59F42A182FA7E832 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
19:55:08.0423 0x0544  usbfilter - ok
19:55:08.0431 0x0544  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:55:08.0446 0x0544  usbhub - ok
19:55:08.0449 0x0544  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
19:55:08.0457 0x0544  usbohci - ok
19:55:08.0460 0x0544  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
19:55:08.0470 0x0544  usbprint - ok
19:55:08.0474 0x0544  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:55:08.0483 0x0544  USBSTOR - ok
19:55:08.0486 0x0544  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
19:55:08.0495 0x0544  usbuhci - ok
19:55:08.0498 0x0544  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
19:55:08.0521 0x0544  UxSms - ok
19:55:08.0524 0x0544  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
19:55:08.0533 0x0544  VaultSvc - ok
19:55:08.0536 0x0544  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:55:08.0543 0x0544  vdrvroot - ok
19:55:08.0554 0x0544  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
19:55:08.0588 0x0544  vds - ok
19:55:08.0591 0x0544  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:55:08.0601 0x0544  vga - ok
19:55:08.0604 0x0544  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:55:08.0627 0x0544  VgaSave - ok
19:55:08.0633 0x0544  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:55:08.0644 0x0544  vhdmp - ok
19:55:08.0647 0x0544  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:55:08.0654 0x0544  viaide - ok
19:55:08.0658 0x0544  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:55:08.0665 0x0544  volmgr - ok
19:55:08.0674 0x0544  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:55:08.0688 0x0544  volmgrx - ok
19:55:08.0695 0x0544  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:55:08.0708 0x0544  volsnap - ok
19:55:08.0713 0x0544  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:55:08.0723 0x0544  vsmraid - ok
19:55:08.0752 0x0544  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
19:55:08.0809 0x0544  VSS - ok
19:55:08.0812 0x0544  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
19:55:08.0822 0x0544  vwifibus - ok
19:55:08.0825 0x0544  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
19:55:08.0837 0x0544  vwififlt - ok
19:55:08.0845 0x0544  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
19:55:08.0876 0x0544  W32Time - ok
19:55:08.0880 0x0544  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:55:08.0889 0x0544  WacomPen - ok
19:55:08.0893 0x0544  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:55:08.0916 0x0544  WANARP - ok
19:55:08.0919 0x0544  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:55:08.0941 0x0544  Wanarpv6 - ok
19:55:08.0965 0x0544  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
19:55:08.0997 0x0544  WatAdminSvc - ok
19:55:09.0025 0x0544  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
19:55:09.0067 0x0544  wbengine - ok
19:55:09.0074 0x0544  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:55:09.0090 0x0544  WbioSrvc - ok
19:55:09.0099 0x0544  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:55:09.0119 0x0544  wcncsvc - ok
19:55:09.0122 0x0544  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:55:09.0132 0x0544  WcsPlugInService - ok
19:55:09.0134 0x0544  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
19:55:09.0142 0x0544  Wd - ok
19:55:09.0157 0x0544  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:55:09.0180 0x0544  Wdf01000 - ok
19:55:09.0184 0x0544  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:55:09.0199 0x0544  WdiServiceHost - ok
19:55:09.0202 0x0544  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:55:09.0215 0x0544  WdiSystemHost - ok
19:55:09.0222 0x0544  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
19:55:09.0236 0x0544  WebClient - ok
19:55:09.0243 0x0544  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:55:09.0272 0x0544  Wecsvc - ok
19:55:09.0276 0x0544  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:55:09.0300 0x0544  wercplsupport - ok
19:55:09.0304 0x0544  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:55:09.0329 0x0544  WerSvc - ok
19:55:09.0333 0x0544  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:55:09.0354 0x0544  WfpLwf - ok
19:55:09.0357 0x0544  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:55:09.0365 0x0544  WIMMount - ok
19:55:09.0367 0x0544  WinDefend - ok
19:55:09.0371 0x0544  WinHttpAutoProxySvc - ok
19:55:09.0381 0x0544  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:55:09.0409 0x0544  Winmgmt - ok
19:55:09.0446 0x0544  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
19:55:09.0513 0x0544  WinRM - ok
19:55:09.0520 0x0544  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:55:09.0531 0x0544  WinUsb - ok
19:55:09.0548 0x0544  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:55:09.0579 0x0544  Wlansvc - ok
19:55:09.0583 0x0544  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
19:55:09.0591 0x0544  WmiAcpi - ok
19:55:09.0598 0x0544  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:55:09.0610 0x0544  wmiApSrv - ok
19:55:09.0613 0x0544  WMPNetworkSvc - ok
19:55:09.0616 0x0544  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:55:09.0625 0x0544  WPCSvc - ok
19:55:09.0629 0x0544  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:55:09.0641 0x0544  WPDBusEnum - ok
19:55:09.0644 0x0544  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:55:09.0667 0x0544  ws2ifsl - ok
19:55:09.0671 0x0544  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
19:55:09.0685 0x0544  wscsvc - ok
19:55:09.0688 0x0544  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
19:55:09.0698 0x0544  WSDPrintDevice - ok
19:55:09.0701 0x0544  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
19:55:09.0709 0x0544  WSDScan - ok
19:55:09.0711 0x0544  WSearch - ok
19:55:09.0756 0x0544  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:55:09.0805 0x0544  wuauserv - ok
19:55:09.0810 0x0544  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:55:09.0819 0x0544  WudfPf - ok
19:55:09.0825 0x0544  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:55:09.0837 0x0544  WUDFRd - ok
19:55:09.0841 0x0544  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:55:09.0851 0x0544  wudfsvc - ok
19:55:09.0857 0x0544  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:55:09.0871 0x0544  WwanSvc - ok
19:55:09.0876 0x0544  [ 2C6BC21B2D5B58D8B1D638C1704CB494, 0AABCEB627E274E338DDD9BA664BAA128D7C00AF04C95C776C2AFFA6BB17F680 ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
19:55:09.0884 0x0544  xusb21 - ok
19:55:09.0886 0x0544  ================ Scan global ===============================
19:55:09.0889 0x0544  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
19:55:09.0895 0x0544  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
19:55:09.0905 0x0544  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
19:55:09.0910 0x0544  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:55:09.0919 0x0544  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
19:55:09.0925 0x0544  [ Global ] - ok
19:55:09.0926 0x0544  ================ Scan MBR ==================================
19:55:09.0927 0x0544  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
19:55:09.0943 0x0544  \Device\Harddisk0\DR0 - ok
19:55:09.0960 0x0544  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:55:10.0025 0x0544  \Device\Harddisk1\DR1 - ok
19:55:10.0026 0x0544  ================ Scan VBR ==================================
19:55:10.0028 0x0544  [ 2E1D6E920BBBEAADC654AD8E5CEE08B1 ] \Device\Harddisk0\DR0\Partition1
19:55:10.0031 0x0544  \Device\Harddisk0\DR0\Partition1 - ok
19:55:10.0036 0x0544  [ A1A1CC4BA4AE1C51FC0245E9B1587FFB ] \Device\Harddisk0\DR0\Partition2
19:55:10.0036 0x0544  \Device\Harddisk0\DR0\Partition2 - ok
19:55:10.0038 0x0544  [ 2E9B94C79D4C00D2A2740AE47F75C8C2 ] \Device\Harddisk0\DR0\Partition3
19:55:10.0039 0x0544  \Device\Harddisk0\DR0\Partition3 - ok
19:55:10.0041 0x0544  [ 4D9274690178462E1842863738C88605 ] \Device\Harddisk1\DR1\Partition1
19:55:10.0093 0x0544  \Device\Harddisk1\DR1\Partition1 - ok
19:55:10.0094 0x0544  ================ Scan generic autorun ======================
19:55:10.0229 0x0544  [ 5BAD798CBAB39F3A56A9CD495320F67E, 668FB3F30DD99CBF9EBDDF4C079636DFD2C7693B3506AC8A6DD1B3CA4B5BAF11 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
19:55:10.0352 0x0544  RTHDVCPL - ok
19:55:10.0375 0x0544  [ 569AC1376B12D4083FC66CC7A304F234, DD209F09573F10A77D710E30EF3D0461D2E8F4E5F18106B18EFB587C88393460 ] C:\Program Files\Microsoft Security Client\msseces.exe
19:55:10.0405 0x0544  MSC - ok
19:55:10.0424 0x0544  [ 16598A9758F386F82D2C447C70C95D10, 0A698135EFC195C359702AA76897B9C67712FDE0A54B51587134B65510B154ED ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
19:55:10.0442 0x0544  StartCCC - ok
19:55:10.0453 0x0544  [ 26443C4332B966C44481D1DE8D1BCBB4, 2407EE6A227D2F52AE0AB270FCBECB00242F715B4A63CE2E0362D388740FB67B ] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
19:55:10.0467 0x0544  ASUS AiChargerPlus Execute - ok
19:55:10.0523 0x0544  [ 2B147884CD8CD85052EEB1D0379504B0, 0B15288FF0EF6FC275FB690A74E1D210CA0143B87F455F9D18BC3AC3EF18B96B ] C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe
19:55:10.0591 0x0544  OscarEditor - detected UnsignedFile.Multi.Generic ( 1 )
19:55:10.0591 0x0544  OscarEditor ( UnsignedFile.Multi.Generic ) - warning
19:55:13.0432 0x0544  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.5.216.0 ), 0x61010 ( enabled : outofdate )
19:55:13.0441 0x0544  Win FW state via NFP2: enabled
19:55:16.0246 0x0544  ============================================================
19:55:16.0246 0x0544  Scan finished
19:55:16.0246 0x0544  ============================================================
19:55:16.0260 0x08d4  Detected object count: 2
19:55:16.0260 0x08d4  Actual detected object count: 2
19:55:30.0947 0x08d4  AsusFanControlService ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:30.0947 0x08d4  AsusFanControlService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:55:30.0949 0x08d4  OscarEditor ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:30.0950 0x08d4  OscarEditor ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:55:42.0466 0x074c  Deinitialize success
         

Alt 11.06.2014, 20:06   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
microsoft essentials update nicht möglich aufgrund eines Schädlings. - Standard

microsoft essentials update nicht möglich aufgrund eines Schädlings.



Ich seh da aber nix an Malware. Erstell dir mal ein neues Profil und teste ob du dann runterladen kannst => http://support.mozilla.com/de/kb/Profile%20verwalten
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 11.06.2014, 20:17   #14
papsti7
 
microsoft essentials update nicht möglich aufgrund eines Schädlings. - Standard

microsoft essentials update nicht möglich aufgrund eines Schädlings.



maleware virus egal irgend etwas. der pc geht auch langsamer ein und lässt weder malewarebytes aktualisieren noch windows defender. Was kann das sein?

hat auch nichts gebracht.

mit neuen Profil tritt das Problem auch auf.

Alt 11.06.2014, 21:01   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
microsoft essentials update nicht möglich aufgrund eines Schädlings. - Standard

microsoft essentials update nicht möglich aufgrund eines Schädlings.



Router mal resetten
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu microsoft essentials update nicht möglich aufgrund eines Schädlings.
0x8007042, association, branding, browser, cpu-z, excel, fehler, flash player, frage, gebraucht, google, helper, home, homepage, icreinstall, installation, maleware, microsoft, mozilla, problem, programm, proxy, realtek, registry, scan, security, software, svchost.exe, system, teamspeak, update, update antivirenprogramm, usb, vcredist, virus, windows



Ähnliche Themen: microsoft essentials update nicht möglich aufgrund eines Schädlings.


  1. Microsoft Security Essentials lässt sich nicht mehr aktivieren.
    Plagegeister aller Art und deren Bekämpfung - 15.11.2015 (43)
  2. Microsoft Security Essentials gesperrt/nicht mehr vorhanden
    Alles rund um Windows - 29.06.2013 (3)
  3. Microsoft Security Essentials scannt nicht mehr
    Antiviren-, Firewall- und andere Schutzprogramme - 08.05.2013 (22)
  4. Avira AntiVir meldet Speicherveränderung, jedoch keinen Fund eines Schädlings
    Log-Analyse und Auswertung - 08.04.2013 (13)
  5. Microsoft Security Essentials kann nicht gestartet werden - Win7 64bit Pro
    Alles rund um Windows - 24.09.2012 (10)
  6. Microsoft Security Essentials sperrt meinen Laptop aufgrund von Virenfunden.
    Plagegeister aller Art und deren Bekämpfung - 09.09.2012 (2)
  7. Rundll32 wird aufgrund eines Problems nicht mehr richtig ausgeführt
    Log-Analyse und Auswertung - 21.08.2012 (2)
  8. Microsoft Essentials lässt sich nicht starten/ Trojaner BCminer
    Plagegeister aller Art und deren Bekämpfung - 19.07.2012 (1)
  9. Zugriff nur auf Gastkonto möglich, aufgrund eines Trojaners
    Log-Analyse und Auswertung - 15.04.2012 (3)
  10. Microsoft Security Essentials total unsicher? (Windows Update exploit)
    Antiviren-, Firewall- und andere Schutzprogramme - 14.08.2011 (9)
  11. Microsoft Security Essentials Alert - rkill lässt sich nicht starten
    Plagegeister aller Art und deren Bekämpfung - 25.09.2010 (1)
  12. Kein update von Microsoft oder Antivirensoftware möglich
    Plagegeister aller Art und deren Bekämpfung - 03.09.2010 (18)
  13. drivers32/midi9 normal oder Rest eines Schädlings?
    Plagegeister aller Art und deren Bekämpfung - 15.03.2010 (14)
  14. Highjack Auswertung aufgrund eines Trojaners
    Log-Analyse und Auswertung - 30.06.2009 (1)
  15. Microsoft Update nicht mehr möglich!
    Log-Analyse und Auswertung - 05.01.2009 (1)
  16. windows-update geht nicht und kein downloads auf microsoft-site möglich
    Plagegeister aller Art und deren Bekämpfung - 28.11.2008 (3)
  17. Pufferüberlauf;System fährt runter, wann es will; microsoft update nicht mehr möglich
    Plagegeister aller Art und deren Bekämpfung - 16.09.2006 (5)

Zum Thema microsoft essentials update nicht möglich aufgrund eines Schädlings. - Hallo leute. Ich habe ein problem mit dem Microsoft essentials update und zwar ist es nicht möglich es zu aktualisieren einer angeblichen Zeitüberschreitung der Verbindung. Des Weiteren kann ich Malewarebyte - microsoft essentials update nicht möglich aufgrund eines Schädlings....
Archiv
Du betrachtest: microsoft essentials update nicht möglich aufgrund eines Schädlings. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.